Fix things suggested by chktex

This commit is contained in:
Kristóf Tóth 2018-12-01 09:54:31 +01:00
parent d1751b0e7c
commit fb08ec81cb
3 changed files with 17 additions and 17 deletions

View File

@ -6,7 +6,7 @@ interactive tutorials running inside Docker containers, semi-automatically showc
IT topics in real time. The user is guided through exercises using real environments with
real software, all with the possibility of interaction at any time.
This technology can supplement/improve the way e-learning is usually done today
-- which is mostly articles and learning videos -- and help users get hands-on experience
--- which is mostly articles and learning videos --- and help users get hands-on experience
on their way of acquiring knowledge.
Currently more than 60 learning exercises based on this framework are available on

View File

@ -17,8 +17,8 @@ The most important feature of the framework is it's messaging system.
Basically what we need is a system where processes running inside a Docker container
would be allowed to communicate with eachother.
This is easy with lots of possible solutions (named pipes, sockets or shared memory to name a few).
The hard part is that frontend components running inside a web browser -- which could be
potentially on the other side of the planet -- would also need to partake in said communication.
The hard part is that frontend components running inside a web browser --- which could be
potentially on the other side of the planet --- would also need to partake in said communication.
So what we need to create is something of a hybrid between an IPC system and something
that can communicate with JavaScript running in a browser connected to it.
The solution the framework uses is a proxy server, which connects to frontend components
@ -74,7 +74,7 @@ RabbitMQ%
ZMQ does not require a daemon (message broker process) and as such
has a much lower memory footprint while still providing various messaging
patterns and bindings for almost any widely used programming language.
An other -- yet untilized -- capability of this solution is that since ZMQ is capable
An other --- yet untilized --- capability of this solution is that since ZMQ is capable
of using simple TCP sockets, we could even communicate with processes running on remote
hosts using the framework.
@ -83,13 +83,13 @@ ZMQ which were also considered during the desing process of the framework at som
A few examples of top contenders and reasons for not using them in the end:
\begin{itemize}
\item The handling of raw TCP sockets would involve lot's of boilerplate logic that
already have quality implementations in messaging libraries: i.e. making sure that
already have quality implementations in messaging libraries: i.e.\ making sure that
all bytes are sent or received both require checking the return values of the
libc \texttt{send()} and \texttt{recv()} system calls, while ZMQ takes care of this
extra logic involved and even provides higher level messaging patterns such as
subscribe-publish, which would need to be implemented on top of raw sockets again.
\item Using something like gRPC%
\footnote{\href{https://grpc.io}{https://grpc.io}} or plain HTTP (both of which
\item Using something like gRPC\footnote{\href{https://grpc.io}{https://grpc.io}}
or plain HTTP (both of which
are considered to be higher level than ZMQ sockets) would require
all processes partaking in the communication to be HTTP servers themselves,
which would make the framework

View File

@ -10,7 +10,7 @@ about the risks involved in relying so much on software in our everyday lives.
When taking a look on recent events, such as a cyber arms race taking place between leading
powers, 50 million Facebook accounts being breached
due to the incorrect handling of access tokens\cite{FacebookBreach},
or how China is building an Orwellian state of total digital surveillance
or how China is building an Orwellian state of total digital surveillance%
\cite{ChinaSurv}\cite{ChinaCredit},
it becomes clear that security and privacy in the IT sector
is more important now than ever.
@ -29,7 +29,7 @@ Often when large and reputable companies in the industry such as
CloudFlare\cite{CloudFlareLeak} or eBay\cite{EBayGit} can fail to get it right at times
is when people start to grasp how difficult it actually is.
This is why unless we want to disconnect all our devices from all networks and ban USB
sticks, the best lines of defense are going to be people -- a new generation
sticks, the best lines of defense are going to be people --- a new generation
of \emph{security conscious} users and developers.
Among many other things outside IT, this is only possible with education\cite{ITSecEdu}.
@ -42,7 +42,7 @@ The only thing we can hope and work for is to become better and better as time
and generations pass.
We \emph{must} do better, and education is the way forward.
The short term goal of this project -- and the goal of this thesis -- is to provide
The short term goal of this project --- and the goal of this thesis --- is to provide
a new angle in the education of software engineering, especially secure software
engineering based on the aspirations above, with the long term goal of bringing
something new to the table in the matter of IT education as a whole
@ -74,7 +74,7 @@ and understand the ways they augment each other.
We often recreate real world scenarios based on incident reports released by companies for
added authenticity and relevance\cite{AkosFacebook}.
Our challenges usually involve some sort of website acting as frontend for the vulnerable
application, or require the user to connect using SSH.
application, or require the user to connect using SSH\@.
\pic{figures/avatao_challenge.png}{An offensive challenge on the Avatao platform}
@ -100,7 +100,7 @@ of challenges for QA\footnote{Quality Assurrance} and demo purposes%
\footnote{I used to record short videos or GIFs to showcase my content to management}.
In a certain scenario I was required to integrate a web based terminal emulator in a
frontend application to improve user experience by making it possible to use a shell
right on the website rather than having to connect through SSH.
right on the website rather than having to connect through SSH\@.
After I got this working I was looking into writing hacky bash scripts to automate the steps
required to complete the challenge in order to make it easier for me to record the solution,
as I have often found myself recording over and over again for a demo without any mistakes.
@ -135,12 +135,12 @@ would help formulate the idea of the project \emph{Tutorial Framework} or just \
\section{Vision of the Tutorial Framework}
The whole ''challenges that solve themselves'' thing seemed like an idea that has great
The whole ``challenges that solve themselves'' thing seemed like an idea that has great
potential if developed further.
We have envisioned something that resembles a learning video, but it is real, actual
software running and interacting with itself to showcase different topics to the user.
Something that would allow the users to stop at any given time, take a breath, interact
with the environment on their own (i.e. take a look a the directory structure or a file,
with the environment on their own (i.e.\ take a look a the directory structure or a file,
try what happens if a command is executed somewhat differently, etc.) and then
continue on with the tutorial.
We wanted to create something that would feel like if an actual teacher was standing
@ -178,7 +178,7 @@ To achieve our goals we would need:
\begin{itemize}
\item a way to keep track of user progress
\item a way to to handle various events (i.e. we can react when
\item a way to to handle various events (i.e.\ we can react when
the user has edited a file, or has executed a command in the terminal)
\item a highly flexible messaging system, in which processes and
frontend components (running in a web browser) could communicate with eachother