The paper for Design Project 1 is due today. Hand it in today, since the instructors will be grading during spring break--they might leave by Friday for strange and unknown destinations!
For recitation, read Reading #25 ("Why cryptoystems fail" by Anderson). It is pretty easy reading, but read it with care; he provides many interesting examples and insights.
According to the 6.033-at-a-glance this reading is assigned for after Spring break, but we are rearranging the schedule a little bit so that we have more time to prepare the readings with latest developments on mobile code.
If you have spare time (e.g., over spring break), there is another interesting security reading in the 6.033 readings: reading #22 reports the events around the Internet worm constructed by Robert Morris in 1988. This worm brought large parts of the Internet down and led to a flurry of articles in the national newspapers discussing its ethical and social implications. Morris was fined over $10,000, sentenced to 400 hours of community service, and placed on probation for 3 years. Some people think this punishment was too light, others think it was too heavy. What do you think?
The second lecture on security; read Tanenbaum section 4.4. You can zip through most of it, except for the discussion on access control lists and capabilities; read that material with more care. In addition, read Section I of Reading #26 ("The protection of information in computer systems" by Saltzer and Schroeder").
Read reading #24 (Miller et al., "Kerberos authentication and authorization system"). This is an important paper; read it with care: try to understand the protocols and what the line of reasoning is behind the protocols. Your one-page reading report should address the following question:
Many MIT users are convinced that, because of Kerberos, their files on Athena are "safe." Examine the limitations of Kerberos and, describe some conditions when this may not be true. Address whether or not the sense of security Kerberos gives MIT users is beneficial, or if they would be better off without it (think about the case where "sensitive information" is kept on Athena because it is believed to be safe).
The third lecture on security. Read Tanenbaum section 4.5. In addition, read Section II of Reading 26 ("The protection of information in computer systems" by Saltzer and Schroeder").
System aphorism of the week
Engineering is the art of modeling materials we do not wholly understand, into shapes we cannot precisely analyse so as to withstand forces we cannot properly assess, in such a way that the public has no reason to suspect the extent of our ignorance. (Dr. A. R. Dykes, British Institution of Structural Engineers, 1976)
6.033 Handout 22, issued 3/18/96