Computer Science

Lectures

Announcements
  • Researchers find 85% of Android devices insecure, Chris Brook, Threatpost, 14 October 2015. "Roughly 85 percent of Android devices have been exposed to one of 13 critical vulnerabilities that plague the operating system -- and because of a chronic failure by carriers to issue patches, many linger without getting fixed for far too long, researchers said."
  • How is NSA breaking so much crypto?, Alex Halderman and Nadia Heninger, Freedom to Tinker, 20 October 2015. "There have been rumors for years that the NSA can decrypt a significant fraction of encrypted Internet traffic... The Snowden documents also hint at some extraordinary capabilities... However, the documents do not explain how these breakthroughs work, and speculation about possible backdoors or broken algorithms has been rampant in the technical community. Yesterday at ACM CCS, one of the leading security research venues, we and twelve coauthors presented a paper that we think solves this technical mystery."
  • Compac summer internship, application deadline is 26 October 2015.
  • SHA-1 Hashing Algorithm Could Succumb to $75K Attack, Researchers Say, Peter Sayer, IDG News Service, 8 October 2015. "It's time to retire the SHA-1 hashing algorithm, as it is now cheaper than ever to attack, researchers say..."
  • Thinking of doing further postgraduate studies, like a Masters or PhD? If you have a GPA of 8.0 and over, you're guaranteed an automatic scholarship for your postgraduate studies. Find out more and start applying.
  • A Stanford Professor's Quest to Fix Driverless Cars' Major Flaw, Keith Naughton, Bloomberg Business 8 October 2015. "... as the autonomous car movement barrels ahead, Gerdes has gone from enthusiast to conscience, if not quite scold. He is raising questions about ethical choices that must inevitably be programmed into the robotic minds expected one day soon to be driving along the nation's highways. And since Gerdes, who favors bluejeans and straight talk, is no tweedy Luddite railing against the evils of technology, the industry is paying attention; top executives are pouring into his lab in Palo Alto."
  • So they were little more than script kiddies after all, PZ Myers, Free Thought Blog, 7 July 2015. We'll talk about this ethical argument in the context of Tomlinson's Treatise on the Security of Locks, 1853, in the closing slides of Handout 8.
  • Gender gap widens in cyber security field long dominated by men, Jim Finkle, Reuters US Edition, 28 September 2015. "Women account for just one out of 10 cyber security professionals, as the gender gap widened over two years in a male-dominated field with a drastic workforce shortage, a survey showed. ISC2, the largest organization that certifies cyber professionals, said on Monday that a poll of nearly 14,000 information security professionals in developed countries found that just 10 percent were women. That is down from 11 percent two years ago, ..."
  • What is Professional Ethics? Do we need them? Why are they important especially to Security Practitioners?, presented by John Martin of IBM NZ, NZISF breakfast meeting 8 Oct 2015.
  • Online Voting for NZ local authorities, a poll conducted by the IITP in response to the DIA's regulations for trials of Online Voting during the 2016 local authority elections.
  • Researcher Hacks Self-Driving Car Sensors, Mark Harris, IEEE Spectrum, 4 September 2015. "The multi-thousand-dollar laser ranging (lidar) systems that most self-driving cars rely on to sense obstacles can be hacked by a setup costing just $60, according to a security researcher ..."
  • "So what's really in the TPP for tech?, Paul Matthews, IITP Chief Executive, 19 August 2015. "... We've received absolute assurances that nothing in the TPP will impact New Zealand's current legal and policy position in relation to software patents. Hooray! There is pressure to increase Copyright terms by 20 years, to 70 years after death. Some other copyright changes are currently proposed, but no restriction of copyright exceptions (eg fair use provisions), and parallel importing won't be affected. There could be some significant changes around Technological Protection Measures (TPMs), including criminalising circumvention of TPMs, however circumvention to access legitimate content won't be criminalised..."
  • "Computer scientists at the University of Florida studied seven mobile-money apps from Brazil, India, Indonesia, Thailand and the Philippines, and found what they considered major security flaws in six." (Wall Street Journal, 11 August 2015).
  • Steganography in the news: "Italian police have arrested 11 suspects linked to the fugitive head of the Sicilian Mafia, including a former boss who ran the leader's secret message system using a sheep-based code." (Daily Mail, 3 August 2015).
  • Publicity ramps up for BlackHat USA 2015. A wireless hack on a Chrysler Jeep is currently attracting the most attention in the popular press.
  • Handling absence or illness:
    • If you must leave for family emergencies etc, PLEASE talk to the lecturer, or somehow get a message to the department. Very few problems are so urgent that we cannot be told quite quickly.
    • For problems affecting assignments or tests, see the lecturer (or send email, or call on the telephone).  This must be done as soon as reasonably possible, if we are to make alternative arrangements that will prevent you from getting a poor mark on this test or assignment.
    • For illness during exams (or other problems that affect exam performance) students MUST contact the Examinations Office as soon as possible, and in any event within a week. The time limits and other rules of the University's Aegrotat Policy are strictly enforced.
    • Many students have missed out on a whole semester of study because they just went away.  Many students have failed an examination because they did not report problems until they received the failing grade. In general, if there is a problem that will affect your study you should speak to someone as soon as possible.
    • Students should sit the examination if at all possible, even if they do nothing much more than hand in a script with their name.
    • Students should read the exam instructions and regulations, and they should double-check the examination timetable to make sure they don't miss any of their exams. Other relevant information is available in the academic information webarea for current students.
Schedule (tentative)
  1. Week 1 (20 July - 24 July): Introduction; Basics of Security.
  2. Week 2 (27 July - 31 July): Introduction to Cryptography
  3. Week 3 (3 August - 7 August): Cryptographic Standards and Protocols
  4. Week 4 (10 August - 14 August): Software Law and Ethics
  5. Week 5 (17 August - 21 August): Report writing.
  6. Week 6 (25 August - 29 August): Oral Presentations begin
    • Students who are scheduled to present in Week 8 should make a reservation for a tutorial session in Week 7, to practice their oral presentation.
    • Note: there are no tutorial sessions this week.
    • Tuesday: presentations #1, #2 on [Caliskan-Islam 2015]
    • Wednesday: presentation #3 on [Silver 2014].
    • Thursday: presentation #4 on [Silver 2014].
  7. Mid-semester break (31 August - 12 September)
  8. Week 7 (14 September - 18 September). Identity and access management: Open ID, OAuth, OAuth 2.0, OpenID Connect, SAML, Shibboleth. Three lectures (by Rizwan) will be delivered this week, plus three lectures to be scheduled into weeks 8-12.
  9. Week 8 (21 September - 25 September). Student oral presentations.
  10. Week 9 (28 September - 2 October). Student oral presentations.
    • Students who are scheduled to present in Week 11 should make a reservation for a tutorial session in Week 10, to practice their oral presentation.
    • Tuesday: presentations #9 on [Perito 2011], #10 on [Humbert 2015].
    • Wednesday: presentation #11 on [Humbert 2015].
  11. Week 10 (5 October - 9 October). Student oral presentations.
  12. Week 11 (12 October - 15 October). Student oral presentations.
    • Tuesday: presentations #17 on [Wright 2012], #18 on [Juels 2013]. Completing your written report (Handout 13).
    • Wednesday: presentations #19, #20 on [Juels 2013]. Ethics of cracking (Handout 8).
    • Thursday: presentation #20.5 on [Sun 2011]. Practice final exam (ungraded, anonymous). Rizwan and I will mark a sample of your answers, and we'll discuss our marks on the last day of lectures.
    • Due 5pm Friday: written report, in .pdf or .docx or .odt format (5 MB limit), in Cecil dropbox.
  13. Week 12 (19 October - 23 October). Student oral presentations.
    • Tuesday: presentations #21 on [Sun 2011], #22 on [Polakis 2014].
    • Wednesday: presentations #23, #24 on [Polakis 2014].
    • Thursday: presentation #25 on [Sun 2011]. Discussion of sample answers to practice final exam. Course revision.


Apply now!


Handbook

Postgraduate study options

Computer Science Blog


Please give us your feedback or ask us a question

This message is...


My feedback or question is...


My email address is...

(Only if you need a reply)

A to Z Directory | Site map | Accessibility | Copyright | Privacy | Disclaimer | Feedback on this page