Printable View
earlier this year I told you about a class many of my friends were taking in which 60% of the grade was to find an x number of holes in a nix system...they even made it to slashdot :) http://it.slashdot.org/article.pl?si...&tid=1&tid=106
and for those who don't know, Bernstein is the guy who won a lawsuit aganist the US government some years back for an incryption algo.
here is a quiz that the professor gave out in the beginning of the semester: http://cr.yp.to/2004-494/0830-quiz.pdf the student had 50minutes for it - prof recommended that students who had less than 10 right should drop the course - many did.
Very interesting reading. Why don't you showboat a little and tell us which discoveries were yours? (There is a question mark there, but I assure you that was a rhetorical question). Thanks for the intriguing info.
I think anyone in a fourth year CS course who can't get ten of them right in 10 minutes is in serious trouble. Most of the vulnerabilities are caused by buffer overruns, including scanf("%s", ...).
>>Very interesting reading. Why don't you showboat a little and tell us which discoveries were yours?<<
non, I wasn't in this class. But I felt like I was, as everyone in it would not shut up about finding holes.
How many did pass the class?