First page
Thank you all for participating in this year's course. Hope it gave you some useful insights in applying security and particularly in trusted computing. ICT security is a great and interesting area with many challenges and opportunities.
2015-11-14: Results are avaliable
2015-11-04: Grading will be done according the document found under examination.
2015-11-03: Results for project 5 are available here.
2015-11-02: Invitations for an oral questioning sessions for selection of those with Quiz score of 51 or higher have been send out. Results of project 5 will be available the next few days.
2015-10-24: Results of Project 4 ready. On the group list (under Projects-> grouping and clustering) you can track the overall status.
2015-10-19: Students are still having problems downloading the installationprogram for the vulnerable application for project 5. Therefore I include a link to the same file from EITs server to see if it works better. If you still cannot get it to work, get a hold of me during my office hours and I will help you out. Link to installationprogram
2015-10-19: Because we do not need a full hour the Presentations on Tuesday and Wednesday start 15 min past the hour.
2015-10-17: Now in the morning it was not possible to login on Moodle. It seems to work again (after 12.15).
2015-10-16: Regarding project 5: Some computers in the lab don't seem to allow downloading the vulnerable app installationsprogram because it identifies it as a virus. To get around this click
- start->all programs->accesories->run
- type inetcpl.cpl <enter>
- Click the security tab and select internet (the global symbol) and then click custom level
- Find the download option and click disable for files
Now you should be able to download and install the vulnerable application. Note that not all computer suffers from this problem, so try to download without making any changes at first.
2015-10-15: To avoid confusion the second version of project 4 report should contain the received reviews (and not your own). Project 4 text corrected.
v2015-10-14:Project5 update is published. There is an extra question compared to the old version. Links to resources are also updated.
2015-10-12: Thank you all for working hard to get all the reports in. All groups should also have received now two reports for review. Recall that you submit version to of your report with the review and approvement sheet, and that the pdf file should have the naming adsecxy_project4_V2.pdf, xy= your group number.
2015-10-10: Project 4. Session bookings (NOT FINAL) and contact addresses: here
Check the contact addresses. If you find any error in the contact address list let me know ASAP.
I may make small changes in the session bookings as to have sessions with at least 3 groups. If you want move your session booking that is possible but not to empty sessions and of course not to sessions which are already full. Last day to request/do changes is Oct 16.
2015-10-09: Project 4:
Note 1: Email addresses for distribution of the reports will be made available Sat Oct 10 after 12.00. I want to wait as long as possible to allow as many groups to join the presentation cycle of Oct 19 through Oct21. Groups that have not selected a slot or marked their presence during one of the session in the presentation cycle will not be in the review process either.
Note 2: Regarding threat "Factory loading of a foreign key into the camera device." . If you have not been able to give this a meaning you can think of the follwing. In the factory one like puts keys into the device (e.g. pub key for code verification). The tools used by the factory may leak into the wild. If such tool then can be used to (re)program other (foreign) keys into the device the desired protection may be at risk. In case you have given this another meaning than the example above that is fine too and there is no need to change your assumptions to allign it with the above.
2015-10-07: Project 2 results can be found here.
2015-10-06: Project 4 text updated
2015-10-05: Requirement in project 3 to have done quiz on TPM12 is removed.
2015-10-04: Project 3 reports received before today 12.00 are graded.
2015-10-02: It is important that you register for a presentation session for the Project 4 report see. If you do not do that your group is not considered to be active for this part.
2015-10-02: Added some helpfull instructions in the Project 3 description. The Project3 text is updated, download a new copy!
2015-10-01: Christopher will not be available to answer project questions today so please send your questions to Ben.
2015-10-01: In project 3, when running the quote command use the -v option to see the signature. In Assignment 3.9 it is better to reset the TPM emulator. This means removing the state and restart. On the TSS machine createek and tpm_takeownership.
2015-09-29: In Project 3 ignore any instruction to install TrouSers. On the TSS machine everything is ready for use. Installing is possible but only needed if you want to do the project in an own environment. The Project3 text is updated, download a new copy!
2015-09-24: Results for the first project can be found here.
2015-09-22: Correction to project 3 text made and project pdf updated. When looking for the commands to get SRK pub look among all commands not only tpm_tools. Consult the TCG command spec for TPMv1.2.
2015-09-21: Latest by Friday the results of Project1 will be available.
2015-09-17: A few people have asked about instructions for the quizzes. For that reason I delayed the opening of quiz 3 and will write a brief additional instruction that will be posted on the "Quizes" pages of this course latest tomorrow evening.
2015-09-16:If you want to have the course slides in the format of one slide per page you can find these by using the existing links modified as follows replace .../Lectures/Lectn_slides.pdf by .../Lectures/oneperpage/Lectn_slides_1P.pdf where n is the lecture number.
2015-09-16: Project 2: When selecting the interface on some computers the program does not pick the right interface that you slected on the command line. In that case try the other ones as somehow things get garbeled. For more info see
2015-09-14: When doing project 2 check if the lab computer has still disk space. It should have plenty but we got a report that the a machine had a essentially full disk which made the apache server work poorly. Also remove your files after you finished.
2015-09-13: Draft of Project 4 is avialable (there will be some updates during this week). have a brief look at it, especially make you familiar with the time schedules and the deliverables and plan your work.
2015-09-10: Added meny for Presentations/Redovisning of project 4.
2015-09-09: Corrected links in lecture slides
2015-09-08: Moodle incorrectly tells you that you haved passed the test even if you have less than 8 out of 10 correct. This is wrong, debugging is ongoing. You passed if you have 8,9, or 10 answers correct.
2015-09-05: Students report login/enrollment problems. I cannot reconstruct the problem from my account or guest accounts and passed the issue further to the department Moodle experts. 22.49: It looks that the problem is solved
2015-09-04: Johan send me a link to a nice video on steganography using images. https://youtu.be/TWEXCYQKyDc. It also discusses how detection may be done. Thanks Johan.
2015-09-03: As was explained yesterday during the lecture. Access to the lab space is given 24 hours after we registered you on the course. This morning we registered 63 students and 4 we could not register because they either did not have "teminsregistrerad" or other admin problems.
2015-09-02: Group list is available now. Check your name as I may have got it wrong when copying so we can correct it tomorrow.
Welcome to EIN50 Advanced Computer Security.
The course starts with the first lecture on Wednesday 2/9 in E1406. 15.15-17.00.On this pages we publish short notice messages, info about corrections etc. So it might be good idea to have a link to this page.