M.I.T. DEPARTMENT OF EECS | |
---|---|
6.033 - Computer System Engineering | Recitation 15 - Thursday, April 1, 2004 |
Read appendix A of chapter 6. This appendix provides a collection of war stories about security holes in supposedly-secure systems. Some of the security problems are due to stupidity, but many emerged even though the designers were smart and had the best intentions. Read them all through. Then, reread 5.2 (Nonobvious Trust (TOCTTOU)), 11.1 (But I Thought It Was Secure), and 16 (Framing Enigma) and identify the principles from section A of chapter 6 that were violated in these three case studies.
Go to 6.033 Home Page