vault backup: 2022-10-10 11:27:45

2025-12-27 23:04:05 -06:00 · 2022-10-10 11:27:45 +13:00 · 2022-10-10 11:27:45 +13:00 · 2c602c058e
commit 2c602c058e
parent 44fa137253
3 changed files with 72 additions and 3 deletions
--- a/content/notes/21-SE-in-IA-2.md
+++ b/content/notes/21-SE-in-IA-2.md
@ -4,6 +4,9 @@ aliases:
 tags: 
 - comp210
 - lecture
+sr-due: 2022-10-13
+sr-interval: 3
+sr-ease: 250
 ---

 # need in all phases
@ -16,19 +19,19 @@ tags:
 more costly to fix bug in development than in design
 - the later we fix it the more costly it is

-from the start
+## from the start
 - hire right people
 - with hacking mindset
 	- so they alwasys think about security
 - invite customers to training and seminars
 	- testing could uncover security issues

-questions during feasability
+## questions during feasability
 - ![](https://i.imgur.com/svo2sIb.png)
 - what are the implications for users if assets are lost
 	- some information is more high risk that other information

-during design
+## during design
 - should be designed in iterative manner
 - threat modelling
 	- ![diagram](https://i.imgur.com/RM6lyC1.png)
@ -61,7 +64,39 @@ responsing to threats
 - remove problem
 - fix problem

+- design choice sto counter threats
+	- ![](https://i.imgur.com/LzIHfdF.png)
+
+## during development
+- techniques vary based on type of software
+- sytem 
+- firmware
+- drive
+- programming software
+
+- common vulnerabilities
+	- ![](https://i.imgur.com/lmU61jd.png)
+
+example connection string
+- ![](https://i.imgur.com/sV6OzCo.png)
+- can provide extraneous parameters to fiind the right ones
+
+example SQL injection
+- ![](https://i.imgur.com/XNNDur9.png)
+
+tips for vailidation and preventing overruns
+- ![](https://i.imgur.com/Mz7edc6.png)


+## during evolution
+- assign security evagelist
+- plan "security days"
+- learn from mistakes
+- minize attack surface
+
+## stack overflow
+- ![examples](https://i.imgur.com/NumPTGn.png)


+# summary
+![](https://i.imgur.com/tTC8jIs.png)
--- a/content/notes/22-digital-preservation.md
+++ b/content/notes/22-digital-preservation.md
@ -0,0 +1,33 @@
+---
+title: "22-digital-preservation"
+aliases: 
+tags: 
+- comp210
+- lecture
+---
+
+how long will data survive?
+
+data rot
+- eveything wears out
+- digital media degrades
+	- unreadable media
+	- damaged files
+	- backups may help
+- hardware and software becomes obsolete
+	- cloud service shut down
+	- os no longer exists
+	- no device to read media
+	- no software to read files
+- format documentation non-existent or missing
+- file system changes - lost metadata
+
+![how long will it survive table](https://i.imgur.com/I8sY6FV.png)
+
+Dark ages 2
+![](https://i.imgur.com/VPOtcgf.png)
+
+
+## preservation of digital material
+- continuous format migration
+	- 
--- a/content/notes/comp-210.md
+++ b/content/notes/comp-210.md
@ -41,4 +41,5 @@ No final exam
 - [18-ML-in-IA-2](notes/18-ML-in-IA-2.md)
 - [19-deepfakes](notes/19-deepfakes.md)
 - [20-SE-in-IA](notes/20-SE-in-IA.md)
+- [21-SE-in-IA-2](notes/21-SE-in-IA-2.md)
 -