From 2c602c058eb5316a6a2407c8ab19fc212ee9e333 Mon Sep 17 00:00:00 2001 From: Jet Hughes Date: Mon, 10 Oct 2022 11:27:45 +1300 Subject: [PATCH] vault backup: 2022-10-10 11:27:45 --- content/notes/21-SE-in-IA-2.md | 41 ++++++++++++++++++++++-- content/notes/22-digital-preservation.md | 33 +++++++++++++++++++ content/notes/comp-210.md | 1 + 3 files changed, 72 insertions(+), 3 deletions(-) create mode 100644 content/notes/22-digital-preservation.md diff --git a/content/notes/21-SE-in-IA-2.md b/content/notes/21-SE-in-IA-2.md index 74167abe1..1fa102723 100644 --- a/content/notes/21-SE-in-IA-2.md +++ b/content/notes/21-SE-in-IA-2.md @@ -4,6 +4,9 @@ aliases: tags: - comp210 - lecture +sr-due: 2022-10-13 +sr-interval: 3 +sr-ease: 250 --- # need in all phases @@ -16,19 +19,19 @@ tags: more costly to fix bug in development than in design - the later we fix it the more costly it is -from the start +## from the start - hire right people - with hacking mindset - so they alwasys think about security - invite customers to training and seminars - testing could uncover security issues -questions during feasability +## questions during feasability - ![](https://i.imgur.com/svo2sIb.png) - what are the implications for users if assets are lost - some information is more high risk that other information -during design +## during design - should be designed in iterative manner - threat modelling - ![diagram](https://i.imgur.com/RM6lyC1.png) @@ -61,7 +64,39 @@ responsing to threats - remove problem - fix problem +- design choice sto counter threats + - ![](https://i.imgur.com/LzIHfdF.png) + +## during development +- techniques vary based on type of software +- sytem +- firmware +- drive +- programming software + +- common vulnerabilities + - ![](https://i.imgur.com/lmU61jd.png) + +example connection string +- ![](https://i.imgur.com/sV6OzCo.png) +- can provide extraneous parameters to fiind the right ones + +example SQL injection +- ![](https://i.imgur.com/XNNDur9.png) + +tips for vailidation and preventing overruns +- ![](https://i.imgur.com/Mz7edc6.png) +## during evolution +- assign security evagelist +- plan "security days" +- learn from mistakes +- minize attack surface + +## stack overflow +- ![examples](https://i.imgur.com/NumPTGn.png) +# summary +![](https://i.imgur.com/tTC8jIs.png) diff --git a/content/notes/22-digital-preservation.md b/content/notes/22-digital-preservation.md new file mode 100644 index 000000000..f967052e1 --- /dev/null +++ b/content/notes/22-digital-preservation.md @@ -0,0 +1,33 @@ +--- +title: "22-digital-preservation" +aliases: +tags: +- comp210 +- lecture +--- + +how long will data survive? + +data rot +- eveything wears out +- digital media degrades + - unreadable media + - damaged files + - backups may help +- hardware and software becomes obsolete + - cloud service shut down + - os no longer exists + - no device to read media + - no software to read files +- format documentation non-existent or missing +- file system changes - lost metadata + +![how long will it survive table](https://i.imgur.com/I8sY6FV.png) + +Dark ages 2 +![](https://i.imgur.com/VPOtcgf.png) + + +## preservation of digital material +- continuous format migration + - \ No newline at end of file diff --git a/content/notes/comp-210.md b/content/notes/comp-210.md index 319fa2528..d7230437d 100644 --- a/content/notes/comp-210.md +++ b/content/notes/comp-210.md @@ -41,4 +41,5 @@ No final exam - [18-ML-in-IA-2](notes/18-ML-in-IA-2.md) - [19-deepfakes](notes/19-deepfakes.md) - [20-SE-in-IA](notes/20-SE-in-IA.md) +- [21-SE-in-IA-2](notes/21-SE-in-IA-2.md) - \ No newline at end of file