 Okay, thanks everyone for coming, it's 10.30. So just to make sure we're all in the right room, this should be the room for CSE 545, Software Security for Spring 2016. If you're in the wrong room, you need to leave, it's totally fine, we won't all look at you and laugh at you leave, it's totally fine. Okay, so today is kind of an introduction to the course. I'm gonna explain what this course is about, what kinds of things you can expect from the course and what I expect from you in this course. So to start off with, I guess some of you I see some familiar faces, this thing is gonna really bother me when I see you and I have to walk around. So for those that don't know me, I am Adam DuPay, you can call me Dr. DuPay, you can call me Professor DuPay, you can also just call me Adam, which I prefer. So whatever makes you happy, it's fine. I, a little bit of background about myself, I did a five year four plus one at UC Santa Barbara, so I got the bachelor's and master's there. After that, I went to go work full time at Microsoft where I did, I was a full time software developer up in the Seattle area, which is reminding me of the weather that we're having today, where it's like so cold, I had to take out sweaters to put on. And then so I thought I would be like, ah, I'm done with academia, I'm done with school, I'm finally gonna go develop software, it's gonna be awesome, and it was, it was very awesome. But I realized that I was really missing doing research, specifically security research. So I left Microsoft after a year and went back to UC Santa Barbara to do a PhD there. So I did my PhD at UC Santa Barbara and I've been here for about three semesters now. See if I can do this without destroying my own computer. So, a little bit of background about myself and my research. My area of expertise is broadly computer security, you could call it system security. What my research focuses on and what I really love is finding vulnerabilities, and specifically using a computer program to find them, right? Because I'm only so good, but I'd rather have a computer program so I can run it on thousands of machines and find all those, or thousands of programs to find vulnerabilities there. So a lot of my research entails this, how can we automate the vulnerability finding process? How can we automatically find exploitable and bad security vulnerabilities before a bad guy is able to use them to compromise the security of your application? So any questions on me, my background, anything? So far, I have a lot to take in for five minutes. Of course, syllabus. Okay, so we're gonna go over the syllabus because like I said, it's gonna be the contract between us, right? Okay, so what this course is gonna be about, at a high level, what we want to study, and it should probably come from the name, is we want to study software security. We want to study how to build secure software. In order to do that though, we've really got to understand how software breaks, right? So we're gonna understand different vulnerability classes. We're gonna understand how to find them, how to exploit them, and specifically, we want to really get an understanding of why do these vulnerabilities exist, right? This specific class of vulnerability, what's that core problem that causes it, and then how can we either, through a development methodology, how can we ensure that we don't introduce this, or how can we try and find it, or how can we try and prevent it, or how can we mitigate it in some way? So those are really what we're gonna be studying. Yeah, so we'll talk about all kinds of actually really cool stuff. I'm pretty excited for this course. Sorry, it's a very large class here when we're trying to figure out where all this stuff goes. Questions on the overall course description? Anything you specifically want to see covered that's not maybe up there? You and I know there's a lot of people, but we're all friends here. And maybe how some zero-day vulnerabilities are stuck to that thing to be? Yeah, we'll study those a bit. Those are a little bit, I see it's almost a little bit more advanced in some way. So here we're gonna study the very beginning there, right, so we need to lay this foundation of what do we mean by vulnerabilities? What are these different classes? So now when you read about, oh, it's stuck to that employee, a zero-day buffer overflow vulnerability in so-and-so software, you actually know what that means, why it happened, and how they could have done that. Right, like this, especially if it's being recorded. I wanna give you the tools so that you can go out and find, so you can apply your security mindset that I'm gonna teach you to a piece of software to be able to find those vulnerabilities with more magnetism. And those are the things that stuck to that and those other types of worms and everything used to be able to propagate. Any other questions? Okay, so pre-reqs, so this is a grad class. So if you're surprised by this, you signed up for the wrong class. So this course is going to be challenging. This is not a typical grad class, you just show up, there's a minimal amount of work, I'm gonna give you a B and we'll go home. If you want that, please, there are plenty of other classes. I heard you go find one of those classes, talk to your fellow classmates, I'm sure they'll be able to direct you to the right ones. This class is going to be challenging. It's going to seriously challenge your coding, your development skills, your thinking skills. You may be exposed to, you may be learning technologies that you have no experience in. This was an undergrad class that had to teach you all that stuff. If you do the grad classes, I can say, oh, here's a web application, it's written in PHP. Go find some vulnerabilities in it. And you're gonna have to learn some PHP to learn enough to go find those. Obviously, we'll cover some of the basic stuff, but the point is that you're really expected to learn whatever things, gaps, prerequisites that you are missing, that you need, you've got to, it's up to you to go find those and to go study those. It's one of my theories that being very good, so part of software security, you need the secure software, but to secure that, we need to know how it goes bad. So in understanding how it goes bad, you need to actually be a fairly strong developer yourself to understand what mistakes can a developer make. You kind of almost have to get yourself in that developer's mindset. And specifically in this course, a lot of the vulnerabilities classes that we're gonna cover are binary based vulnerabilities. So knowledge of C and C++ is going to be critical. And so as I say, that's a prereq in that I will expect you to know this and we'll cover the things you need to know, but if you're in class and you feel like, oh, I don't really understand why is the stack layout like this and why are these certain buffers in this put on the stack in this order? Or if you don't know why we have a stack when you compile our code into C or C++, you have to go find that information out on your own. I mean, obviously if you can help you if you come to us office hours, but this is what I expect. So I'd say you need C, C++ to be very familiar with it, very familiar with it. The first projects will get you familiar with it. And some kind of scripting language, be it Python, Ruby, PHP, I don't really care. And a solid background in operating systems. So why do you care about operating systems? Every, yeah, almost everything runs on an operating system, right? I mean, there is a trend now to try to compile applications such as a need-up operating system. But for all intents and purposes nowadays, everything is gonna run on some kind of operating system, right? And the operating system is a multi-user environment where you have different programs from different users all executing on the same thing. And so the operating systems gotta enforce all these policies about who can access what. And so if you're able to understand how the operating system works, if you're able to understand why it's checking file system permissions and we'll go into a little bit about how those permissions actually work and what they mean from a security perspective, specifically, then this will really help you understand, okay, so what happens if there's a heap overflow in the kernel? What can a background do? What kind of things can they exploit and do? Questions on pre-rex? How's the time time to get them out? You can ask questions about, I need to know this, if I can not know this, what should I be doing? Question like it's ass, I'll make the class easier, but I won't do that. Okay, recommended textbook. So this course does not have a textbook, so it's a grad course, we're kind of on the edge here and really there are okay textbooks, but there's nothing that I feel is really great and honestly a lot of the material will be available online. So I'll give you, you know, presenting material in class, I'll give you pointers to other reading material that'll supplement and will help. So that should be pretty much all you need. If you really, really want a textbook recommendation, email me and I'll be happy to provide one. Course communication. So I'll confess, I absolutely hate Blackboard. I cannot stand it every time I have to use that lovely piece of software. So we're not gonna use it at all for this course, because it's not necessary. So all of our communication for the class is gonna be done on the class mailing list. So please go here, sign up for the class mailing list, it's a Google group. This allows me all the class announcements we made on this Google group. So, you know, test anything I announce on the Google group, you gotta know about. So you gotta sign up for this mailing list. It's also a really great way for you to ask questions, right? Look around this room. How many of you are there? 130, something like that? There's 140, I actually don't remember, but I think it's like 135. So, got a ton of people in the class, right? There's one of me, well, I have two TAs, and you know, but that's still three of us versus all of you. So, the point of this is the class mailing list is an opportunity for you to ask questions and have your fellow students answer them, right? You're struggling with, I don't understand why a buffer overflow works or how do you do a buffer overflow if you can't, like where do you put the code? What do you do about readable rentables, stack, NX fits, all that stuff, right? If you ask that just to me, well, there's other emails, I have another class, so who knows when I'll get to answer your email. But if you put it on the message board, I can answer it, the TAs can answer it, and you all can answer it, right? Yeah, so I think it's proved very helpful in the past before, no, but I expect you to be, I expect everyone near to be an adult and be grown-ups, right? So, somebody says like, I don't know. I can't get programming project one working, like I can't, I don't know, iterate perversely over an array, and you go, oh, here's the code, you exactly need to do that, right? Then we're gonna have problems because you're interfering with your fellow students' learning, right? If you say, oh, there's a great resource over here that I used to iterate perversely over an array, perfect, awesome, they can go there and learn for themselves and do it. Or if you say, oh, you know, the concept of a reverse array is like a, I don't know, I'm making this up, it's like something, this other thing, so if you think about it at a high level of this and you're starting at the end and going backwards and in a for loop, at a high level, that makes sense and I think that's fair, right? You're helping them, you're teaching them, so take that responsibility on for yourself. It should be a lot of fun. Questions, force communication, manless, all that. Okay, some of the topics, I don't think I'm gonna cover it really. It can change, I don't know, it's a great class, we can kind of do fun stuff. But there's something, like I said, there's something you desperately wanna see covered. Let me know, I can think about including it or not, but you know, free to ask is what I've heard. All right, we're becoming all kinds of technologies, I didn't even list them all here, but this is just to help you know what you should be knowing. C, web stuff, networking stuff, that kind of stuff. Questions, I'm gonna need a lot more interaction as we go on, it's fine here with some of this, but no. Focus here, yeah. Would the grade book also be in the Google group or how would that work? No, I can't, I think legally I can't do that, it's like, you know, can't do that, it's great. No, I will be, grades should be very straightforward. Usually what I do in my class is I'll email everyone individually, their grades, whenever we have an update or something. For the projects, it's very simple because you'll know your score right away. So that's very easy. So yeah, and it's a pretty simple formula, so. All right, homework assignments, so it'll be three or four homework assignments, and when I say homework assignments here, I really need programming, large programming assignments or things that are going to help reinforce the things we talk about in class. You may be asked to write vulnerable code, you may be asked to analyze code for vulnerabilities, you may be asked to actually exploit those vulnerabilities, demonstrate how to do that, all that kind of stuff. So that will be really what the homework assignments are for, and these are gonna be big, right? Your grad students, I can give you programming assignments that I would give a semester long things to undergrads, right? And if that scares you, you know? There's plenty of other classes, nice, great classes. Okay, we'll have a midterm, it'll be material we covered in class on the homework assignments. No notes, no outside material, I'm completely close with the exams and my classes. Okay, projects, so the projects for the course, we're gonna get into, it'll kind of more be a second half thing, so we'll do the homework assignments and then the first half of class and then the last half of class will be dedicated pretty much to projects. And the idea with the projects is you're gonna be creating a security library that defends against a common vulnerability class. So you'll get to choose from, I'll give you a list of X amount of security classes, you'll be able to choose, ooh, I want to implement a library that defends against cross-executing vulnerabilities. And it's up to you to actually write that library such that it does what you actually claim it does. We'll go into this in more details as we get closer that TAs and I have to actually create the infrastructure to do this and to find all the projects and we wanna be able to automatically validate these things so we'll probably have to find interfaces for every type of vulnerability class, be it cross-site scripting, SQL injection, buffer overflows, heap overflows, format strings, any of the number of things that we're gonna talk about in class. So you choose one and you'll have to create a defense for it, right? So that's why it's an interesting project. The projects can either be done solo by yourself or in pairs. I really don't wanna do group projects in this class. I wanna want you to think about it on your own or if you know somebody that you work well with, you can do that. But yeah, you'll be creating essentially a security layer on your own from scratch. Just pretty cool. Questions on the project? Is there any language specification on this? There will be depending on the vulnerability class, right? So it doesn't make sense for buffer overflows to be written on PHP or something like that. So yeah, that's part of the thing that when we get closer to it, we'll start defining languages and languages and vulnerability classes. So for the other assignments, for most projects, you can write them in whatever language you want. So we'll see that when the first hardware assignment is listed. But there will be completely automated grading of all of the assignments. So yes, you can choose whatever language you want, but it has to run on our operating system, run against our test cases and it has to have a certain interface, right? Otherwise we can't test everybody's. So this'll be very clear as we get closer to the assignment phase. Okay, and then there'll be a final grading. So the homework projects will be about 50% of the grade, bit your exam 10, final exam 10. And so the product will be 30. Somebody calculate that to make sure it has a few hundred. Otherwise you guys are gonna have problems. Okay, so because the project is 30, this counts as the project portfolio of the master's stuff. So if you have any questions about that, feel free to email me. So homework through dates and exam dates will be posted on the class website and it'll be on the website and on the class discussion on the, sorry, and an asking class. So for every day, so let's say a project is due at midnight on a certain day. For every day that it's late, it's gonna deduct 20% of whatever you would have gotten. So if you submit 100% project a day late, it's gonna be 80 points or 80%. I don't know, I don't really wanna do any make up exams, but if you have extenuating circumstances, please email me, I'll be reasonable. But I have to be fair to everyone else in the class, right? So that's the trick. Okay, now we get to a very serious part of the syllabus. So this is a very typical programming intensive class and it is a grad class, right? I still, what I want you to get out of this class is I want you to struggle to try these things, to try to do things for yourself, right? And so part of that learning process comes in trying something and failing and trying something and failing and then coming to office hours and talking to me and then I can help guide you to the solution and then all of a sudden that light bulb comes up and you go, aha, I know exactly how to exploit this vulnerability. It's amazing. So, or, you know, I know how to write this really complicated piece of C code. And so by plagiarizing or cheating, right? This, you're reducing that and you're taking away from that. So I guess, well, there's a mouse there that's not connected by computer that puts me up. Okay, so what would be some examples of plagiarism and cheating? Submitting, yeah, submitting, well, previously used code, these will all be new, but yeah, submitting, yeah, if you find somebody else's code, right, online of this class and submitting it, that would be a problem. Submitting anyone's code on the GitHub that relates to the project and submitting it. Yeah, so submitting another student's code, right? So if, I don't know, if it's after the deadline, I mean, we'll talk about that specifically in a second, but if it's after the deadline and you submit, you find some other student's code that they submitted on GitHub and you submit it at your home, right, that's plagiarism, what else? Discussion? Working groups for homework assignments. Yeah, working in groups for homework assignments, right? So the whole point is a specific, I mean, so obviously it would be silly of me to restrict it so you can't ever talk with anybody about any of the assignments, right? I think that's, it doesn't make sense. Fine. You can keep the discussion at a high level, you can talk about concepts, you can talk about problems, but once it gets down to the code level where you're actively sharing code or you submit something to me and I go, this matches 80% with another student's code, that's really weird and you say, yeah, we worked on it really closely. Well, that's too close, I'm telling you right now. I'm just saying. How many possible ways could you write even a 300 line piece of code, right? An infinite number of ways, right? If you're doing it independently. So when it comes out the same way back, that's definitely when we have a problem. Obviously this doesn't apply to the project with your group member. But yeah, so that's, so yeah, so collaborating together, taking a prior student's code, what would be some other examples? Yeah. What about using code from Stack Overflow? So that kind of stuff, I think it's totally fine. So if you use, but the important thing is, so just like the whole thing in plagiarism, right? If you're writing an essay and you go to Wikipedia and you take that paragraph and put it in your essay, was that plagiarism, right? You didn't write that, those aren't your ideas. You're claiming that those words as your own and they're not. But if you take a paragraph from Wikipedia, you put it in your paper and you put it in quotes and then you put dash Wikipedia, is that plagiarism? No, because you're using somebody else's words but you're attributing it to them. So nobody thinks, oh, Eric thought of those words, right? We know you got that from Wikipedia. So the same thing applies on the assignments, right? So if you use a standard code from Stack Overflow, absolutely fine, just put it in the comments right above it, hey, I got this from here. And also what this helps prevent is, if there's a lot of people in this class, right? If you're both iterating, trying to figure out how to iterate over an array, you both take code from Stack Overflow. If there's no citations and we don't know where it came from, we just say, this bit of code is identical between the two of you. How could you possibly have not worked together? So it also helps prevent these awkward situations, it helps you, all that kind of stuff. Any questions or questions I was asking? What are some other examples? So we talked about, we've been taking someone else's code, we've talked about working together collaboratively, well, outsourced it. What do you mean by that? Give it a touch to someone else to do it. Yeah, absolutely. Right? I'm not sure if she was. I'm not sure, that's. I think she dissented them. I don't know. Probably cheaper ways, but that's fine. That's all, literally yeah. I'll be here, I'm serious, serious, serious problem. Yes, so it's no notes, no nothing on the exams. Yeah, so if you're compilating that, what is it? What if we find a security vulnerability in the testing assessment? Ah, we get to that in a bit. If you use that, so the short version is if you use that and report it to me, I may have to do extra credit or something, because that's super awesome and it's really the point of the course. But if you use that to then harm, let's say your other students, right, by like crashing the system, or you are malicious and you are stealing the test cases from the system, right? Those are all super bad, very bad things. You're basically exploiting our solution. But we're providing you to help and make grading fair, right, so. Yeah, definitely. But if you find something, let me know, right? Those are the kinds of things I want to know, so. Yeah, what about giving your code to somebody else? In class, yeah. Let's say you gave Eric your code, would you be liable? Yeah, it's the same violation, right? So it works both ways. And the reason why I have to bring this up, I know I don't like talking about this, I hate that I have to take class time to do this. But as you can see here, I've had, I've only taught so far two classes and I've already had 20 violations of the academic type recalls. And a significant amount of these were grad students too, so, and I treat grad students just the same as undergrads and everything. So if you're caught violating this policy, you get a zero on the assignment and we're gonna report the violation to the dean's office. So what happens when it gets reported to the dean's office? And now, can't you sign something and you came here by like academic integrity and what happens? Yeah. And one of the things is that you lose the ability to ever be a TA, RA, or work for the school in any way. I don't know how long it is, but yeah, there's definitely for a period of time, I think you can't be a TA. You get put on a list, the dean's office keeps a list, which is not public and nobody can access. But if it happens again, then you're expelled from the university for a semester, for a suspended first semester. For master students particularly, you basically can't do a CPT, so your internships, you know, get compromised. And these are harsh penalties, but they're not my penalties, right? They're the department's penalties and I'm making you all aware of it. And I have fully prosecuted every single case that I had. So I don't want to do it, but to be fair to all the rest of the students who are trying really hard and maybe aren't getting an A, maybe they get a B, or maybe they got 50% on the assignment, but they tried really hard but they didn't ask a student for another code. Like I have to be fair to everyone else in the class. That's why I really, I really don't want this number to increase at all, right? So let's just keep it at 20. I don't ever want to go up. And now we kind of this discussion and I'm sure it's definitely not. So yeah, so here's some examples, sharing code. So for this class maybe you have to talk. So, so posting your projects online, projects, let's say Fridays homework assignments, really with this thing. So why do you want to do that? None of these ever posted online assignments online? To show it to employers? Yeah, show it to employers, right? I totally get that. I totally understand that. The problem is, so how many other people have done that program assignment? One 35. One 35. Yeah, one 35 in this case. In some of your other classes, it could be literally thousands of people over the years. So from an employer's perspective, I already know you took the class and I know you got a grade on that, right? Because you're sending your CV and your GPA or whatever. So, same code that you did in class for an in class assignment? This doesn't make sense. Every, you know, everybody does it, right? It's like the bare minimum that you're doing to even pass. Right, what employers want to see is you're doing something extra, something different, something that nobody's ever done before. Or not even, sorry, that's a little too much. No, it doesn't need to be that. Just something outside of schoolwork, right? Outside of the norm. Build this stupid little testing script. It can be little tiny things. I once wrote, well, this is actually my PhD, so. I wrote a little Python application to tell me if I could have coffee or not because I was trying not to get addicted. So it would like randomly decide if I could or could not and then it would keep track so it wouldn't do it too many times in a row. I clearly, well, you'll notice I clearly did not follow that anymore. You know, any little thing like that. If there's a script that you write for this class to help you find vulnerabilities to help you do something, right? Those are the things that they want to see online that you're going above and beyond. So it really doesn't help you by posting the assignments online. And it doesn't help the future students, right? Because future students are gonna take this class. It's happened in my other classes where they found prior students' work. We obviously checked for that. And, you know, there's a big problem. So yeah, so, you know, you worked really hard on these assignments. So why make it easier for everyone else that comes after you, right? Make them struggle and learn. Any questions on that? So I think I'm gonna change this. It'll be assignments. I think the projects if you want to post online because those will be kind of you, new and unique, I think that would be cool. So I think that will be, something that would be interesting to people. Any questions? Yeah, the syllabus we can update it. You know, it'll be updated at any point in time. Questions? Of course, content. Anything? Everything's crystal clear. Exceedingly clear. How's the group? Oh, what do you want us to do? A project report or something like that? Say no, say no. Ha ha ha ha ha. Uh, it's a tricky question. I honestly haven't decided. I was gonna decide if we got closer to the projects. Um, I'll say no, thanks. I mean, the only people that really helped, I think are the master's students who have to write project reports anyways. I don't know, believe you guys want to write reports on your projects? No, no, no. Ha ha ha ha. I mean, we could write documentation with them too. Okay, close your eyes and raise your hand if you want project reports. Even if you got me later, you're not great. Ha ha ha ha. You know, they're in a pop situation. Yeah, I mean, I, you know, this is a great class. I'm open to suggestions, feedback, that kind of stuff. For the projects, I mean, really, I just want you to do something really cool, like build some kind of really cool defense for your project. I'd much rather have you focus your time on that and making what you're doing awesome and having low false positives and providing a real tangible security benefit rather than, oh, I don't know, spending time writing up how your project actually works. We could do, maybe do it in class. Well, no, no, we can't do that. There's way too many of them. Anything else? Any questions? Oh, I didn't, I did not hear. So I'm, maybe you saw me playing it quite a time. I'm gonna try to record all the lectures and post them on YouTube. But that's not a guarantee. So you're still responsible for everything that we cover in class. So if like, I forget this little microphone thingy here or if, I don't know, I forget my laptop or the file gets destroyed before I can upload it to YouTube. You guys know, you've dealt with computers, right? Any of a number, Murphy's Law, anything could happen, right? So I'm not guaranteeing that they'll be on there but I'll do my best to try to put them on there. So I think I've heard in other classes that it was very useful and wanted to have time to mid-term review and that kind of stuff. So I'll be posting on the course website, I'll post the slides, I'll post the links to the recorded lectures and I'll post any additional reading or anything like that. Any other questions? Is there an attendance compulsion for the class? No, okay. No, no, I don't know. You guys are panning for this, right? Yeah, so calm, don't calm, I don't care. Can we bring the laptop to the class? You need to bring your laptops to class. I think no, but I will try, whenever there's like a, whenever I'm going through some kind of example or something that I've actually done on my computer or something like that, I'll try to include maybe the kind of on the bottom so you can like follow along on your own or you can decide to do that later if however you want to do it. But you know, it's too many people to mandate that and we don't, unfortunately we don't have like laptops built into the desks yet, that would be kind of cool. Anything else? This side of the room? You can mark it really fine. All right, now let's get into some meat. All right, so will there be any surprise? No, we're done. Okay, any surprise? Is this or anything? The assignments, the program assignments will be difficult enough. So it's recording, go here, I want a slide show, I think it's what it sets up to present or view what it's going to mess up. No, it's fine. It's fine. It's fine, yeah. You saw me hit the button to turn this, yeah. I have no idea. Okay, so what is software security? What do you think? Making software run as it should. Making software run as it should. I think that's good, I think that's good, it's okay. Yeah. Making sure someone has to kind of do something other than intended to do it. Making sure someone else can do something other than what's intended. It's pretty good. What about an application that allows plugins? Does a plugin be allowed or somebody to do something that they shouldn't be allowed to do or intended? They shouldn't be allowed to do it with other plugins, so something like that. I mean, allowing expected use cases, I mean, the use cases that the software was designed for. Only allowing those. Allowing the use cases that the software was designed for? What else? I think that, like that, there's a lot of people. Yeah, that's okay. So, security, looking security, reach, something like a software. That's supposed to be a lot. That's supposed to be hardware or theory. We're on the run. That's supposed to be hardware or theory? No, isn't it hardware or it can be just not? Are you sure that information is secure? It goes with, yeah, so the software that's touching a specific user information. The user's information, so we can do that the user's information is secure? Well, software, you know, which doesn't have any vulnerabilities, you know, which people can, you know, use to extract information or something. So software that's vulnerability free? Maybe a process to prevent the explication of an application or software or hardware or anything like that. So a process to prevent something you plug on after the fact, kind of, or maybe like, I don't know, I think of a castle like a moat. Well, like a moat's not really part of the castle, but it's a security, physical security measure to restrict who can access the castle. A software that doesn't open gate for the destroying the underlying architecture. Whether it's a software or hardware. A software, so is it? A software that doesn't open the gate for like destroying the underlying architectures. I think it's a software that's hardware. Right, so the software, yeah, a software that doesn't, maybe let's say, it goes back to intended use, right? Collect correctly allows people who should be able to access access and people who shouldn't be able to access, they should not be able to access. So what's security? What do we mean when we talk about security? Authorization. Correct authorization, what does that mean? Allowing access only when it's allowed in a particular setting. Allowing access, allowing access only when it's allowed. Yeah, yeah, I guess that's true. It's kind of like part of the definition of access, right, a little bit, okay. Yeah, it's part of it, yeah, yeah. Good question. Oh, sorry, just a second. We, security, try to achieve your goal, your security goals. Whose security goals? My usually the, My security goals? Your universal security goals, and I'll take with me a feeling. Was it a feeling? A feeling? A feeling? Ooh. I'm sorry. I'm sorry. I'm sorry. I'm sorry. I'm sorry. I'd say that's probably true, because it's not really the sense of security we're going on, although I'd say, we actually use the word, we use the word assurance more often than we talk about that, right? So we want to be sure how certain or how much assurance we have that something is secure. That's a good point. It is a feeling. Yeah, yeah, I'm not sure if it is. I don't know. If we could know 100% if something was secure or not, I wouldn't be here teaching you how to do this, right? Because we could just know, right? So part of it actually is a feeling, like you were just saying, hey, I wrote a million lines of C code in this network application. I'm gonna go great, there's probably a ton of vulnerabilities in there. You're like, hey, I have this 100-line Java application. Yeah. So it's a lot less, chances that I have a feeling that that's less vulnerable. It could be just as vulnerable, right? I don't really know, but it's my kind of feeling. What's that? Protection. Protection in what sense? Or what? It's not being able to access. Right, so back to access, right? So you're protecting. What are you protecting, though? The system. It's probably the code of confidence. The code. So we're taking the code, we're gonna take the data maybe, right? I think it's just right. Anything else? Deciding. Protecting society, it's getting a little high level. There's probably aspects of that in there. I would, well, I guess one of them, yeah. Talk about privacy maybe, right? So that could be protecting people from an oppressive government or something like that. Oh, yeah. And that? Yeah, yeah. Any kind of law that you could break, break a lot of them now online as well, so. Merge that a little bit. Yeah, that's interesting, society. So, I don't know, my, so there's three main things we always talk about in security, and we've hit on a couple points, right? About how security people kind of formally think about security as it has three goals. So confidentiality, so what does this mean? What is it? Privacy in what sense? Of not disclosing data. Of not disclosing data, yeah. So you can think of confidentiality as only the people I want to read my data can read my data, right? So if I don't want anybody to read my data, I should have some way to do that. So that's part of the security of the system is what kind of confidentiality claims or what does it want? So from the perspective of business, right? They might want to keep their customer list confidential, or going back to Eric's point, they may want to keep their social security numbers of their customers confidential or their credit cards of their customers confidential. So then I think somebody over here brought up integrity. So what does integrity mean? Does that mean like doing the right thing and not cheating on your programming science? Not the loving data to be quantified. Yeah, so not allowing data. So if we're talking here more specifically kind of about integrity of the data or maybe you could broadly say the system. So we don't want, once again, somebody that we don't know or somebody that we don't allow to change the data, right? You can't see the behavior of the system. The behavior of the system is the integrity? I'd say that, it's at a high level. Okay. What about the availability? The availability of the data should be available. Legitimate availability of the system. Yeah, so legitimate users need to be able to access the system. So is this as important as the other two? Yes. Yes, no, why? Yes. Yes, yes. That is the basic functionality, right? The basic functionality. So without availability, you may as well have a system. Doesn't that affect the other two? Does it affect the other two or what's that? Like once you have the availability of the other two or just it will affect the other two. Well, if you can't access the system, how can you violate the integrity before it's possible? No, it looks like a legality. Like when someone who's not an authorized user is able to, it destroys the other two. What do you mean destroys? So you can't have integrity and confidentiality when someone who's unauthorized is able to access the data that they should. I mean, if your system is in doubt, then the question of confidentiality and liquidity doesn't come into play in the website. Do you guys agree with that? No. I don't. I don't. I don't. There's something else for a few of you and not yourself. That's great. So the system has some mechanism to detect whether there's some event like a denial of service. Then it should have some kind of a phase that it can go down without compromising with the other pillars. What's that? I don't know. I don't know. I don't know. I don't know. I don't know. I don't know. Let's say it isn't right. Let's say I can completely think down your system. What does that have to do with what? How does that affect the confidentiality integrity? You've taken down the system which will not affect that some other party that's dependent on the performance of the system does not gain access. For instance, somebody, suppose I'm a bank and transfer to an account within my bank system is dependent on the performance of the system itself. The bank should come from a basic point that is the bank would come down. So it's like no transfer should occur if the time passes and the denial of service. Great. So that's kind of, I mean, in one sense, right? I would say that the confidentiality integrity kind of have to do with the data that the system manipulates, right? So even if you can't access the system, maybe there's a way to actually... I mean, as long as somebody can't access the data, right? I mean, if you soon, like, so think about, I don't know, my laptop, let's say I have a Bitcoin wallet, I don't know if the laptop's a bad example. If it does stop the machine with a Bitcoin wallet of like $100,000 worth of Bitcoins, right? If I unplug that machine from the internet, right? Take out the internet cord. Is that system available? Not really. But I'd say the integrity is pretty good. It's at least certain that an external attacker is not gonna be able to do it, right? Somebody has to physically break in and get physical access to my machine. Just so possible, right? But the integrity and the confidentiality might make a kind of separate thing, right? Or like, if my data's encrypted, so it's confidential, that only I can see it. Well, now then, I don't care if you tear down my system and steal all my files, right? You still shouldn't be able to access any of that data. So it's still maintaining that confidentiality requirement even though it's completely unavailable. It's all time to go. The classes are so short. Okay, so we'll pick back up here on Wednesday.