Fix things suggested by chktex
This commit is contained in:
Kristóf Tóth
@ -9,8 +9,8 @@ While we are enjoying the comfort that information technology provides us, we of
|
||||
about the risks involved in relying so much on software in our everyday lives.
|
||||
When taking a look on recent events, such as a cyber arms race taking place between leading
|
||||
powers, 50 million Facebook accounts being breached
|
||||
due to the incorrect handling of access tokens \cite{FacebookBreach},
|
||||
or how China is building an Orwellian state of total digital surveillance
|
||||
due to the incorrect handling of access tokens\cite{FacebookBreach},
|
||||
or how China is building an Orwellian state of total digital surveillance%
|
||||
\cite{ChinaSurv}\cite{ChinaCredit},
|
||||
it becomes clear that security and privacy in the IT sector
|
||||
is more important now than ever.
|
||||
@ -29,7 +29,7 @@ Often when large and reputable companies in the industry such as
|
||||
CloudFlare\cite{CloudFlareLeak} or eBay\cite{EBayGit} can fail to get it right at times
|
||||
is when people start to grasp how difficult it actually is.
|
||||
This is why unless we want to disconnect all our devices from all networks and ban USB
|
||||
sticks, the best lines of defense are going to be people -- a new generation
|
||||
sticks, the best lines of defense are going to be people --- a new generation
|
||||
of \emph{security conscious} users and developers.
|
||||
|
||||
Among many other things outside IT, this is only possible with education\cite{ITSecEdu}.
|
||||
@ -42,7 +42,7 @@ The only thing we can hope and work for is to become better and better as time
|
||||
and generations pass.
|
||||
We \emph{must} do better, and education is the way forward.
|
||||
|
||||
The short term goal of this project -- and the goal of this thesis -- is to provide
|
||||
The short term goal of this project --- and the goal of this thesis --- is to provide
|
||||
a new angle in the education of software engineering, especially secure software
|
||||
engineering based on the aspirations above, with the long term goal of bringing
|
||||
something new to the table in the matter of IT education as a whole
|
||||
@ -72,9 +72,9 @@ These kind of exercises offer great flexibility to reflect real world security i
|
||||
more complex challenges users might be required to exploit multiple vulnerabilites for success,
|
||||
and understand the ways they augment each other.
|
||||
We often recreate real world scenarios based on incident reports released by companies for
|
||||
added authenticity and relevance \cite{AkosFacebook}.
|
||||
added authenticity and relevance\cite{AkosFacebook}.
|
||||
Our challenges usually involve some sort of website acting as frontend for the vulnerable
|
||||
application, or require the user to connect using SSH.
|
||||
application, or require the user to connect using SSH\@.
|
||||
|
||||
\pic{figures/avatao_challenge.png}{An offensive challenge on the Avatao platform}
|
||||
|
||||
@ -100,7 +100,7 @@ of challenges for QA\footnote{Quality Assurrance} and demo purposes%
|
||||
\footnote{I used to record short videos or GIFs to showcase my content to management}.
|
||||
In a certain scenario I was required to integrate a web based terminal emulator in a
|
||||
frontend application to improve user experience by making it possible to use a shell
|
||||
right on the website rather than having to connect through SSH.
|
||||
right on the website rather than having to connect through SSH\@.
|
||||
After I got this working I was looking into writing hacky bash scripts to automate the steps
|
||||
required to complete the challenge in order to make it easier for me to record the solution,
|
||||
as I have often found myself recording over and over again for a demo without any mistakes.
|
||||
@ -135,12 +135,12 @@ would help formulate the idea of the project \emph{Tutorial Framework} or just \
|
||||
|
||||
\section{Vision of the Tutorial Framework}
|
||||
|
||||
The whole ''challenges that solve themselves'' thing seemed like an idea that has great
|
||||
The whole ``challenges that solve themselves'' thing seemed like an idea that has great
|
||||
potential if developed further.
|
||||
We have envisioned something that resembles a learning video, but it is real, actual
|
||||
software running and interacting with itself to showcase different topics to the user.
|
||||
Something that would allow the users to stop at any given time, take a breath, interact
|
||||
with the environment on their own (i.e. take a look a the directory structure or a file,
|
||||
with the environment on their own (i.e.\ take a look a the directory structure or a file,
|
||||
try what happens if a command is executed somewhat differently, etc.) and then
|
||||
continue on with the tutorial.
|
||||
We wanted to create something that would feel like if an actual teacher was standing
|
||||
@ -178,7 +178,7 @@ To achieve our goals we would need:
|
||||
|
||||
\begin{itemize}
|
||||
\item a way to keep track of user progress
|
||||
\item a way to to handle various events (i.e. we can react when
|
||||
\item a way to to handle various events (i.e.\ we can react when
|
||||
the user has edited a file, or has executed a command in the terminal)
|
||||
\item a highly flexible messaging system, in which processes and
|
||||
frontend components (running in a web browser) could communicate with eachother
|
||||
|
||||
Reference in New Issue
Block a user