COMP6441 Notices

Exam time and information

Posted by Richard Buckland Wednesday 20 November 2024, 06:19:13 PM.

To all those who came to the exam revision session last night or participated online - I hope you found it helpful and you had your queries answered.

To those who weren't there:

• Exam starts at 2pm.
• 6441 and 3040 students: Finishes at 5pm.
• 6841 students: Parts A and B finish at 5pm, Part C finishes at 6pm.
• We'll post a summary of the exam and exam instructions, likely on Sunday. Do check it out to familiarise yourself with the exam rules and the nature of the questions (this will hopefully relax you).
• You must use a text editor to edit the exam file and insert your answers. You cannot use Word or any editor which saves formatting.
  • For law students do ask if you are not sure about text editors. On Windows you can use NOTEPAD, on MACS you can use the TextEdit app.
• There will be a question which assumes you have seen Dr Strangelove

Week 11 Revision Session with Richard - LIVE LINK!

Posted by Kristian Mansfield Tuesday 19 November 2024, 04:22:24 PM.

Hi everyone, if you'd like to participate online, here is the link.

https://www.youtube.com/watch?v=xLiJ_MeQv6w&list=PLDxcXbiEz9vb1xtzhN4SYd1pfYaAltAZi&index=29

Kris.

Review Session Times

Posted by Kristian Mansfield Tuesday 19 November 2024, 10:21:27 AM.

Hello everyone!

I hope you are all taking a breather before the exam next week and have had a chance to recover and recharge after the submission of the final logbook and Something Awesome Project. The quality so far has been really impressive and all the tutors are amazed at the projects that have come in.

As discussed last week we are holding some (optional) exam revision sessions this week for those who are interested:

• On Tuesday (tonight!) Richard will review and answer questions about the course lecture and activity content. It will be in our usual room, Patricia O’Shane, 4-6pm. We’ll do topics for all students first, engineering topics second, with the aim of letting the law students leave around halfway (5ish).
• On Wednesday, the Security Society will run a revision workshop in the SecLab - K17 G11 - from 2pm to 4pm. More details can be found through the society contacts.
• On Thursday, some of the tutors and I will be in the security lab from midday to run a bit of Q&A. If you’ve got any last minute questions, please come along and we’ll do our best to help you out where we can.

More announcements will be made through the week regarding access to the exam and how to submit, along with the exam skeleton and everything else you’ll need to know for Monday.

Looking forward to seeing you this week.
Kris.

Wrapping up the course

Posted by Richard Buckland Monday 11 November 2024, 02:26:05 PM.

Dear Everyone,

1. I've been hearing fantastic things about your projects. Well done! Congratulations on your efforts (and courage).

2. The final activities of the course, in module "Wrapup", are now released. You have until the end of the upcoming weekend to do them, although you might not need that amount of time as there isn't a huge activity workload for this module. 6441 and 6841 students - you might want to check out some of the activities for the other group - entirely optional but there are some interesting ones you might like.

3. We've released last year's exam as a sample for you to see what exams look like. It has an analysis question in it on the same film (Dr Strangelove) that we are using for the analysis question this year too. In the tutorials this week discuss the exam and attempt the Strangelove question as your case study. Your tutorial participation and contributions in discussing the exam will count as your 7th and final module mark - for the so called "Exam Revision module". Recall your activities result is made from your 5 best modules.

If you can't come along to watch the film on Tuesday night, or you can but you also want to revise it afterwards, you can watch it for free here: https://archive.org/details/DRStrangelove_20130616

Looking forward to seeing you tonight as we start to wrap up the course!

Warm regards,

Richard

Expressions of Interest: Cloud Computing Course (AWS) - 2025

Posted by Caitlin O'Brien Thursday 07 November 2024, 12:25:13 PM, last modified Thursday 07 November 2024, 12:26:01 PM.

Hi all,

I hope everyone is keeping well.

The link below is for the EOI form for COMP6448, which is running as a cloud security course in term 1 2025 (the course Richard mentioned in Monday's lecture) I will keep the form open until Friday the 15th of Nov 9am in case anyone would still like to potentially join us in T1.

EOI form - Cloud Computing Course

if you have any questions, email me at caitlin.obrien@unsw.edu.au

Lecture quizzes not compulsory

Posted by Richard Buckland Saturday 02 November 2024, 06:12:59 AM, last modified Saturday 02 November 2024, 06:13:58 AM.

Hi Everyone,

I’ve been thinking a lot about attendance.

Although it’s important to us that everyone learn at the same speed so the tutorial sessions are higher quality for everyone involved, and we’ve discovered in the past and especially last year that not engaging with the course much along the way and then trying to watch all the lectures as videos at the end of the course leads to disastrous exam performance, I now realise that the mechanism of encouraging / monitoring attendance is having unintended consequences.

I’m aware of students having to stay up late after the lecture to answer the quiz, when really they should be going to sleep. I’m also aware of other students, who I know have attended the lectures because I see them there, forgetting to fill it in and now getting stressed about passing the course.

None of these consequences are good. So we will not be requiring that you complete the lecture quizzes to pass the course this year. Please do keep trying to answer the quiz during or after each lecture if you feel it helpful to consolidate what you are learning in the class (there is lots of research that shows that if you think about the material while you are learning it your recall and understanding is MUCH higher the next day) but please do not feel that you are required to do it, or that you need to do by a deadline - it is now your own choice about what works best for you and how you learn.

Over the remaining weeks of the course we’ll be going over the answers to all the quiz questions from throughout the course in class so if there are some you haven’t done yet you might want to go back and do them (briefly) before we discuss them as a self check and revision.

I’d like to thank the students who have given thoughtful feedback about the quizzes, and have done it in such a helpful and respectful manner. You have helped me and helped make the course better for your peers.

Warm regards,

Richard

Week 8 Case study - The Stargate Ghost Problem

Posted by Richard Buckland Wednesday 30 October 2024, 08:36:13 AM.

It was lovely to see so many of you last night. I noticed some people left before we spoke about the case study scenario for this week - so if you missed it the case situation is linked at the top of the lecture notes, and repeated here to make things easy: https://www.openlearning.com/secedu/courses/security-engineering-lecture-slides-2024/slides/ghost-case-study/

I hope you enjoy it - I find it a fascinating problem. It will help you think about what cryptographic properties are needed in a particular "real world" situation, and how to achieve them using cryptographic primitives like those we have looked at in the course.

A warmup question to get you thinking in advance of the case study - "how is this different to the Houdini problem?" - R

Additional Information On Something Awesome Project

Posted by Nicholas Tandiono Tuesday 29 October 2024, 03:30:12 PM.

To help with any ambiguities, some additional information has been created and released here: https://webcms3.cse.unsw.edu.au/COMP6441/24T3/resources/106807

Electing into Simplified Grading Scheme (SGS)

Posted by Nicholas Tandiono Monday 28 October 2024, 05:39:45 PM.

Simplified Grading Scheme [Only for COMP students]

Some COMP security students may wish to focus their time on learning in this course and wish to be free of the detailed assessment demands of the course on their time and attention – instead preferring to choose where to focus their learning attention and time once they have mastered the simple core content.

Other students may prefer or need to have a more fine-grained (0..100) measurement of how they went in the course.

To support both options in this course adopts a variant of the Princeton model where students may elect to receive a traditional fine-grained mark out of 100 for the course, or a simplified final result similar to Pass/Fail grading. By default students will be given a fine-grained course result, however, students may elect to be given a final grade under the simplified grading scheme option.

Final result under the Simplified Grading Scheme option

• Students who pass each of the three-course components (Logbooks, Something Awesome Project, Final Exam) are awarded 70 for the Course (we expect this to be most/all students)
• Otherwise, students who pass two of the course components are awarded 50,
• Otherwise, students who pass one of the course components are awarded 30,
• Students who do not pass any of the course components are awarded 0

If you want to apply for the Simplified Grading Scheme , you can do so with the link: https://forms.office.com/r/08cLxzJmXy

Additional Information: https://webcms3.cse.unsw.edu.au/COMP6441/24T3/resources/104553

Form will close on Tuesday 5th 23:59 Sydney Time . We will use your last recorded submission before this date. Feel free to reach out to the class account cs6441@cse.unsw.edu.au if you have any questions.

Module 7 Activities are released.

Posted by Richard Buckland Friday 25 October 2024, 07:55:26 AM.

Have fun! Try the Marie Kondo choice activity if you can - it may well change how you think about data custodians.

Case studies and welcome back

Posted by Richard Buckland Wednesday 23 October 2024, 06:41:12 AM, last modified Wednesday 23 October 2024, 08:19:58 AM.

It was lovely to be together again last night after so long, and to see so many of you in person and hear the questions and ideas from those online. I’ve had a bit of a rough last few weeks and being all together again was a shot in the arm.

No prep is needed for the analysis session in tutes this week but I wanted to let you know what you’ll be doing. The theme follows on from last night: incident response, and the planning and thinking you need to do in advance to respond optimally.

For the first time you’ll be looking at two scenarios. Don’t dawdle on the first one (tho it is super interesting) so you have time to have a good go at the second one too.

Scenario 1: Consider the 2018 Hawaii debacle where citizens got an SMS (screenshot below) saying they were about to be struck by a nuclear missile and similar subsequent events in Japan and Canada.

You lead the Australian government nuclear incident citizen response group. Devise how to best inform, protect and manage citizens if we had credible belief that a nuclear missile was on the way to Australia.

What are your top 5 recommendations? (Ranked, of course!)

Let’s not worry too much about the source - It could be from NKorea, China, India, Russia, US, Israel, UK, wherever…

Scenario 2:

Over the past few weeks more adults have drowned in Australian waters trying to rescue children. In most cases the children have not drowned and it has been the intended rescuers who have tragically died. You have been put in charge of coming up with the government response plan to address this situation. Your mission is to reduce or eliminate the number of such tragedies that occur. What are your top 5 recommendations?

Module 4/5 released

Posted by Richard Buckland Saturday 19 October 2024, 07:13:37 PM.

I hope you have had a great quiet week. The activities for module 4/5 are now available - go to the "Module Activities" link on the side navigation bar. I've been quite sick (although I only just realised it) and so we've merged the week 4 and week 5 topics into a single activity module. It's due towards the end of week 7 (finish it before next Saturday) and in keeping with the design of allowing you to not include your lowest two module marks into your final mark we'll take the 5 best module marks (out of the 7 modules).

Kris will be teaching Integrity on Monday and Lyria will be assisting me on Tuesday with the legal aspects of surveillance. She has made a podcast on it which she'll be referring to - please listen to that before the Tuesday Lecture. It's here: https://webcms3.cse.unsw.edu.au/COMP6441/24T3/resources/106582

This week in your tutorial plan to check in with your tutor about your project, to let them know how you are going and your plans for finishing it off.

I'm looking forward to seeing you all. Take care.

Richard

Welcome back from B-Sides + week 3 activities can be done anytime up until the week 4 activities are due in week 5.

Posted by Richard Buckland Monday 30 September 2024, 12:23:31 PM.

I hope those who went to B-sides had a wonderful time! Can't wait to hear all about it when we all get together in the lectures tonight.

Because of B-sides the week 3 activities are much relaxed and also you can have more time to work on them - up until the week 4 activities are due (in week 5.)

However do make sure do you do in advance any prep needed for the case study sessions and law seminar this week. Case study prep for this week has been much reduced too - should not take much time at all.

Warm regards - Richard

No Tutorials and Logbooks Extended

Posted by Kristian Mansfield Tuesday 24 September 2024, 04:37:13 PM, last modified Tuesday 24 September 2024, 04:41:13 PM.

Hi everyone! I hope you're all enjoying the lecture happening right now.

There will be no tutorials are running in week 3 due to BSides Canberra (a security conference). We encourage everyone to come along if they can!

In its place, there will be help sessions running from 9-6 PM on Wednesday, 9-6 PM on Thursday, and 9-4 PM on Friday.

We will also be in Ainsworth Room 113 from 10AM to 2PM.

If you have any questions related to the course, feel free to pop by and ask the tutors running the session. These sessions are mainly for Something Awesome Project feedback but feel free to ask any questions about the course content or security in practice.

Also, feedback for Week 1 will be sent by your tutor sometime on Monday or Tuesday. To give extra time to implement any feedback and give you extra time to finish off the Week 2 activities, the Week 2 logbook will be due on Thursday 10AM.

Kris.

6841 Extended Help Sessions

Posted by Kristian Mansfield Friday 20 September 2024, 10:21:12 AM, last modified Friday 20 September 2024, 10:37:28 AM.

Hi everyone,

If you have any questions you want answered regarding the 6841 extended content, feel free to go to Ainsworth 102 today at 3pm. There will be a couple of tutors ready to help you with the wargames and explain things from another perspective.

Also, the sqli wargames are now live :)

Kris.

Module 2 activities released

Posted by Richard Buckland Thursday 19 September 2024, 08:38:46 PM, last modified Thursday 19 September 2024, 08:39:03 PM.

Posted by Richard Buckland 3 days ago .

Hi Everyone,

The module 2 activities are ready to go - have fun! (they are linked form the left hand menu under "What to do each week")

Warm regards,

Richard

Week 2 Case Study Prep: Doors

Posted by Richard Buckland Monday 16 September 2024, 04:10:23 PM.

Hi Everyone,

The week 2 case study reading has now been released - you can find it on the Week 1 Activities (linked in the left navbar) or directly here .

It's released later than we intended so it is not due along with the rest of the week 1 logbook activities - just make sure you do the prep before your case study in your tutorial this week.

Looking forward to seeing you all at the lecture tonight.

Warm regards,

Richard

Extended Wargames! (and week 1 lecture slides)

Posted by Kristian Mansfield Friday 13 September 2024, 05:08:11 PM.

Hi everyone!

I'm sure you're all keen to put what we've spoken about to the test so we're releasing the wargames now! Head over to https://ctfd.comp6841.xyz and register an account. You'll need to register with your uni email ending in @ad.unsw.edu.au.

Please be mindful of the good faith policy (including what you name yourself). Have fun, but don't interfere with people's learning.

If anything is broken or crashes, just send us an email at cs6441@cse.unsw.edu.au. These challenges are deliberately fragile so things could go down.

The extended lecture slides are now linked under the lecture link so you can find the recording and the slides themselves in the "Lecture Links" tab on the sidebar.

Enjoy your weekend!
Kris.

Extended Stream and Week 1 Activities are now LIVE

Posted by Kristian Mansfield Thursday 12 September 2024, 04:50:03 PM.

Hi everyone!

Here's the link to the stream for tonight: https://youtube.com/live/xCxKNCB5ChE . This won't be live until 6 when we get started.

Additionally, the week 1 activities are live! They can be found on the sidebar on the left.

I hope everyone has been thinking hard about their something awesome projects and are already diving in to security in their day to day :)

Kris.

Tuesday Week 1 Lecture Stream Location

Posted by Nicholas Tandiono Tuesday 10 September 2024, 04:03:26 PM, last modified Friday 13 September 2024, 10:38:36 AM.

Hello everyone!

The online lecture stream tonight will be located here:

www.youtube.com/watch?v=ptdTwprfOcI&list=PLDxcXbiE...

Monday Week 1 Lecture Stream Location

Posted by Kristian Mansfield Monday 09 September 2024, 05:05:15 PM.

Hi everyone!

Welcome aboard! You should have gotten an email detailing some of the administration, but we'll go through everything you need to know in the lecture tonight.

The online lecture stream will be located here:
https://youtube.com/live/Ttwp_mUEHYA?feature=share

For those of you coming in person, we'll see you in Keith Burrows at 6pm!

Kris.