Lecture 1

Today was just an introduction to the course and an overview of computer security. Hopefully it got you excited about what’s coming! The slides and assigned readings are available on the course syllabus.

As discussed in class today, I would like everyone to post a “hello” comment and answer the question: “what do you hope to get out of this course?” (1 sentence is fine; if you have something interesting to add, more is welcome. Saying you are just taking it to graduate is fine if that’s the truth.) As always, you can also feel free to ask questions about anything covered in class today.

Update (after class): Please sign your real name, so I know who you are.

Also, here is a link to the twitter attack someone mentioned in class today.

Advertisements

41 Responses to “Lecture 1”

  1. kaveiii Says:

    Hello

    I want to learn how to decrypt password encryptions

  2. Calvin Grunewald Says:

    Hi,

    I barely know anything about network security so I figured I’d take it and learn something.

  3. John Silberholz Says:

    Hello!

    I want to learn how to perform / protect against man-in-the-middle attacks.

    As a side note, this is the chocolate survey mentioned in class: http://news.bbc.co.uk/2/hi/technology/3639679.stm

    A reasonable counterargument for the results might be found here:
    http://www.schneier.com/blog/archives/2008/04/giving_up_passw.html

  4. Jonathan Lent Says:

    Hello,

    I went through the Comptia Security+ program at my last college. That process really left a lot of questions unanswered, and as such I would like to fill in the gaps. I don’t even know if that certification is still offered, but it was not very comprehensive, to say the least.

  5. Michael McKenney Says:

    Hello,

    I once worked on a HIPAA project. The Health IT folks were throwing around a lot of security and privacy requirements (non-repudiation, client privacy, integrity, etc.). I was overwhelmed. And I was pretty sure that they were as well… the emperor had no clothes! But I was not sure enough to challenge them. I’d like very much to not be in that position the next time I have the opportunity to work in that environment.

  6. Aaron Sanders Says:

    Hello,

    I have been working in the IT industry for almost 10 years now. Network security is the where I would like to transition myself to next. Many of the topics mentioned in class I am familiar with, but only from a defensive standpoint.

  7. akindred Says:

    Hello,

    I would like to learn about how to program software to be more secure.

    – Austin Kindred

  8. bdsbreezy Says:

    Hello,

    I have some background in cryptography and networking and am interested in learning how these areas, as well as those mentioned during today’s lecture, influence computer and network security.

  9. Ken Yuhas Says:

    Hello all,

    I am new to Computer Security and I am excited to see how this class will change my thinking about it.

    -Ken Yuhas

  10. Bria Smith Says:

    Hello,

    I have some background in cryptography and networking and am interested in learning how these areas, as well as those mentioned during today’s lecture, influence computer and network security.

  11. Dane Boucher Says:

    Hello,

    I don’t have much of a background in Computer Security, and am hoping to gain a greater appreciation for the depth and complexity of this field.

  12. Fernando de Castro Says:

    Hello!

    I am hoping that I will learn something about Network Security in this class even if I don’t have any background in Networking (CMSC417) yet… Hee hee

  13. Matthew Lentz Says:

    Hello,

    I have a bit of background knowledge in computer security but I am interested in learning more (No specific area really).

  14. Danny Kashtan Says:

    I am interested in learning about how computers and networks are protected and attacked. I also hope to pick up some general knowledge about networks and programming related to networks.

  15. bkirz Says:

    Hi,

    I took cmsc456 last semester, and thought this course would be a good follow-up. I expect to learn about applications of these encryption schemes.

  16. Vikas Bector Says:

    Hello,

    I hope to learn exactly what computer and network security are, the different aspects of them, and some of the various issues that come up when trying to protect against attacks.

  17. Michael Evans Says:

    Hey,

    I have read a lot about software vulnerabilities to exploits, and done some personal research on various network attacks (XSS, SQL injection) and would like to learn more about it, as well as ways to prevent such attacks.

  18. Mikey D Says:

    I’m interested in figuring out what I want to do with my Computer Science degree. Over the years, network security has been on my mind and I really want to see what it’s all about. Lately, I’ve been working with security as it deals with creating secure and usable websites and applications. I feel if I can understand the fundamentals than it will help in any field I go into.

  19. Nancy Zheng Says:

    Hi,

    I don’t have any background in computer security. I feel that this is an important topic and am interested in learning more.

  20. jonkatz Says:

    I’m thrilled to see so many fascinating comments!

    @kaveiii: We will discuss password-based authentication, though I won’t specifically tell you how to crack passwords.

    @John Silberholz: We’ll definitely be discussing man-in-the-middle attacks. (And thanks for the links!)

    @Jonathan Lent: CompTIA Security+ is still around. I’d be curious to hear, after the semester, whether this course filled the gaps you found.

    @Michael McKenney: Nice comment! Next time you’re in that situation, I hope this class will come in handy.

    @Aaron Sanders: Your comment (and others) reminds me of something I should point out: this course mainly covers the “academic” side of computer security, i.e., the foundations. Everything we deal with is practically motivated, but the class will not teach you how to be, say, a network administrator. (Case in point: we will learn about firewall rules in general, but I will not tell you how to configure ZoneAlarm!) Nevertheless, I hope you will find this course useful in your transition.

    @akindred: We will talk only briefly about programming techniques for making software more secure. See this book for much more info.

    @bdsbreezy, bkirz: Though you have some crypto background, beware that very often crypto is taught inaccurately (even in CMSC456). As I warned in class, make sure you attend my lectures on cryptography and don’t assume you know it all already!

    @Michael Evans: Sounds great! Hope you’ll still learn something new here.

    @Calvin, Ken Yuhas, Dane Boucher, Fernando de Castro, Matthew Lentz, Danny Kashtan, Vikas Bector, Mikey D, Nancy Zheng: Hope the course lives up to your expectations!

    @Everyone: If you think you might be interested in a “hacking”-type project outside of class, shoot me an email and we can discuss it.

  21. Amanda Says:

    Hi,
    I took 456 last semester, and wanted to continue studying security, because I am interested in getting a job in that area. I thought this course would be a good way to fill in the practical side (vs. the theoretical side) of security which was not covered in 456.

  22. wired010 Says:

    Hi,

    I’m taking this course because I would like to transition into the software security field for my career. Hopefully something along the lines of malware analysis or maybe penetration testing.

    Josh Wright

  23. Kevin M Says:

    Hi,

    I’d like to learn more about applied elements of computer security and how to analyze and protect networks & servers I administrate from attacks.

    Kevin

  24. Brady Law Says:

    I’m looking forward to learning about why we should (or possibly shouldn’t) feel safe about sharing personal information over https, wi-fi, etc… something I pretty much take for granted.

    One topic I am really interested in security issues related cloud computing, similar to the twitter attack you mentioned. How can we ensure that web applications like gmail keep our content secure from attackers and the developers who created it? What can be done to prevent these services from being brought down by DDoS attacks? (Gmail also went down today).

    Looking forward to the class! –Brady Law

  25. Emmanuel Apau Says:

    Hello

    I want to learn how to decrypt password encryptions *resubmit*

  26. Quang Luu Says:

    Hi,

    I don’t have any background in computer security. I hope to learn more how networks are protected

  27. Sebastian Murphy Says:

    Hello,

    I would like to gain a better understanding of networking security that I already have. More importantly what are the best encryption methods to use for various situations.

  28. Tim Reynolds Says:

    Hi,

    I would like to gain a better understanding of network security because I have little to no background knowledge in this subject.

  29. Anthony Gray Says:

    Hi,

    I want to understand and be able to apply knowledge of networking to software engineering.

  30. Jeff Lasser Says:

    Hi,

    I would like to gain a better understanding of the level of security provided by different encryption algorithms. I also hope to learn some of the ways that a network can be designed to prevent attacks.

  31. Justin Blaufeld Says:

    Hi,

    I would like to get some experience with packet sniffers and hopefully find out if I need to change any of my day-to-day computer habits in the interest of my own security/privacy.

  32. Greg Phillips Says:

    Hi,

    I would like to learn how to properly design and implement AES 256 bit encryption.

  33. John Junghans Says:

    Hello!

    I am interested in learning basic principles of computer and network security and get some practice learning the security mindset. I’ve also heard from previous students that the projects are entertaining.

  34. Mark Heneks Says:

    Hello,

    I hope to learn about practical security concerns, and the details of how these security schemes work. Particularly I hope to learn about novel ways of securing communication and other systems.

  35. Polymnia Manessis Says:

    This is one of the few classes that really relate to what I do for a living (IT). I’m well versed in the desktop side, but want to fill in the gap in my knowledge about the network side. =)

  36. Tarek Osman Says:

    I’m hoping to learn more about network security in order to be a more well-rounded programmer, and perhaps peak some interest in the field of network security.

  37. Jonathan Kay Says:

    Hi,

    I took CMSC456 last semester and really enjoyed. At first I figured this would be a nice follow up, but now I realize that this class will also be helpful in relearning some concepts of crypto, since some of the material may have been taught incorrectly.

  38. Deva Ramasubramanian Says:

    I’m taking this class because I want to be a h4xx0r. Taking this class will help me understand the security mechanisms in use. Hopefully I can put this knowledge to good/bad (depends on your perspective) use.

  39. Hieu Nguyen Says:

    Hello,
    I’m taking this course because I want to learn how all the theory from cmsc456 is applied in the practice.

  40. Rishi Muchhala Says:

    hey,
    i wanted to take this course because i’ve never had the chance to learn about network security and i think it’s a pretty important issue.

  41. CompTIA Certification Information Says:

    CompTIA Certification Information…

    […]Lecture 1 « CMSC414: Computer/Network Security[…]…

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s


%d bloggers like this: