Notes for October 3, 2000
- Greetings and Felicitations!
- Room change: beginning on Thursday, we meet at 1204 Haring Hall;
it's a bigger room.
- Because of this, we can let about 10 more people into the class;
these will come off the top of the wait list.
- Logs for my system, nob.cs.ucdavis.edu, available at the MyUCDavis
web site and are visible only to registered students, like the Chapter
- Puzzle of the day
- Human Factors
- Principle of Psychological Acceptability (note: illegal violates this)
- Principle of common sense (it's not common; more when we discuss
- Role of trust
- What is trust?
- Who cares?
- Go through handout, emphasizing principles
- Information hiding and abstraction
- Error handling
Puzzle of the Day
A student suspects there is a vulnerability on a system in a university
public access laboratory. She tests this by trying to exploit the
vulnerability. She succeeds, and obtains privileges that she would not
normally have. She reports both the hole and her exploiting it to the
system staff, who in turn report it to the manager of the laboratory.
The manager files charges of breaking into a computer system against
the student. The student is promptly hauled before the Student Judicial
- Did the student act ethically by testing the system for the
security hole before reporting it?
Did the manager act ethically by filing charges against the student?
- The manager told the system staff not to bother fixing the hole,
because the action taken by the SJA would deter any future break-ins
through that hole. Was the manager's action appropriate?
Office: 3059 Engineering Unit II
Phone: +1 (530) 752-8060
Fax: +1 (530) 752-4767
Copyright Matt Bishop, 2000.
All federal and state copyrights reserved for all original material
presented in this course through any medium, including lecture or print.
Page last modified on 10/12/2000