slides/terminology.html

<!DOCTYPE html>
<html lang="en"><head>
<script src="quarto_files/clipboard/clipboard.min.js"></script>
<script src="quarto_files/quarto-html/tabby.min.js"></script>
<script src="quarto_files/quarto-html/popper.min.js"></script>
<script src="quarto_files/quarto-html/tippy.umd.min.js"></script>
<link href="quarto_files/quarto-html/tippy.css" rel="stylesheet">
<link href="quarto_files/quarto-html/light-border.css" rel="stylesheet">
<link href="quarto_files/quarto-html/quarto-html.min.css" rel="stylesheet" data-mode="light">
<link href="quarto_files/quarto-html/quarto-syntax-highlighting-dark.css" rel="stylesheet" id="quarto-text-highlighting-styles"><meta charset="utf-8">
  <meta name="generator" content="quarto-1.5.56">

  <title>Terminology</title>
  <meta name="apple-mobile-web-app-capable" content="yes">
  <meta name="apple-mobile-web-app-status-bar-style" content="black-translucent">
  <meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=no, minimal-ui">
  <link rel="stylesheet" href="quarto_files/revealjs/dist/reset.css">
  <link rel="stylesheet" href="quarto_files/revealjs/dist/reveal.css">
  <style>
    code{white-space: pre-wrap;}
    span.smallcaps{font-variant: small-caps;}
    div.columns{display: flex; gap: min(4vw, 1.5em);}
    div.column{flex: auto; overflow-x: auto;}
    div.hanging-indent{margin-left: 1.5em; text-indent: -1.5em;}
    ul.task-list{list-style: none;}
    ul.task-list li input[type="checkbox"] {
      width: 0.8em;
      margin: 0 0.8em 0.2em -1em; /* quarto-specific, see https://github.com/quarto-dev/quarto-cli/issues/4556 */ 
      vertical-align: middle;
    }
    /* CSS for syntax highlighting */
    pre > code.sourceCode { white-space: pre; position: relative; }
    pre > code.sourceCode > span { line-height: 1.25; }
    pre > code.sourceCode > span:empty { height: 1.2em; }
    .sourceCode { overflow: visible; }
    code.sourceCode > span { color: inherit; text-decoration: inherit; }
    div.sourceCode { margin: 1em 0; }
    pre.sourceCode { margin: 0; }
    @media screen {
    div.sourceCode { overflow: auto; }
    }
    @media print {
    pre > code.sourceCode { white-space: pre-wrap; }
    pre > code.sourceCode > span { display: inline-block; text-indent: -5em; padding-left: 5em; }
    }
    pre.numberSource code
      { counter-reset: source-line 0; }
    pre.numberSource code > span
      { position: relative; left: -4em; counter-increment: source-line; }
    pre.numberSource code > span > a:first-child::before
      { content: counter(source-line);
        position: relative; left: -1em; text-align: right; vertical-align: baseline;
        border: none; display: inline-block;
        -webkit-touch-callout: none; -webkit-user-select: none;
        -khtml-user-select: none; -moz-user-select: none;
        -ms-user-select: none; user-select: none;
        padding: 0 4px; width: 4em;
      }
    pre.numberSource { margin-left: 3em;  padding-left: 4px; }
    div.sourceCode
      { color: #f8f8f2;  }
    @media screen {
    pre > code.sourceCode > span > a:first-child::before { text-decoration: underline; }
    }
    code span { color: #f8f8f2; } /* Normal */
    code span.al { color: #f07178; background-color: #2a0f15; font-weight: bold; } /* Alert */
    code span.an { color: #d4d0ab; } /* Annotation */
    code span.at { color: #00e0e0; } /* Attribute */
    code span.bn { color: #d4d0ab; } /* BaseN */
    code span.bu { color: #abe338; } /* BuiltIn */
    code span.cf { color: #ffa07a; font-weight: bold; } /* ControlFlow */
    code span.ch { color: #abe338; } /* Char */
    code span.cn { color: #ffd700; } /* Constant */
    code span.co { color: #f8f8f2; font-style: italic; } /* Comment */
    code span.cv { color: #ffd700; } /* CommentVar */
    code span.do { color: #f8f8f2; } /* Documentation */
    code span.dt { color: #ffa07a; } /* DataType */
    code span.dv { color: #d4d0ab; } /* DecVal */
    code span.er { color: #f07178; text-decoration: underline; } /* Error */
    code span.ex { color: #00e0e0; font-weight: bold; } /* Extension */
    code span.fl { color: #d4d0ab; } /* Float */
    code span.fu { color: #ffa07a; } /* Function */
    code span.im { color: #abe338; } /* Import */
    code span.in { color: #d4d0ab; } /* Information */
    code span.kw { color: #ffa07a; font-weight: bold; } /* Keyword */
    code span.op { color: #ffa07a; } /* Operator */
    code span.ot { color: #00e0e0; } /* Other */
    code span.pp { color: #dcc6e0; } /* Preprocessor */
    code span.re { color: #00e0e0; background-color: #f8f8f2; } /* RegionMarker */
    code span.sc { color: #abe338; } /* SpecialChar */
    code span.ss { color: #abe338; } /* SpecialString */
    code span.st { color: #abe338; } /* String */
    code span.va { color: #00e0e0; } /* Variable */
    code span.vs { color: #abe338; } /* VerbatimString */
    code span.wa { color: #dcc6e0; } /* Warning */
  </style>
  <link rel="stylesheet" href="quarto_files/revealjs/dist/theme/quarto.css">
  <link rel="stylesheet" href="ics.css">
  <link href="quarto_files/revealjs/plugin/quarto-line-highlight/line-highlight.css" rel="stylesheet">
  <link href="quarto_files/revealjs/plugin/reveal-menu/menu.css" rel="stylesheet">
  <link href="quarto_files/revealjs/plugin/reveal-menu/quarto-menu.css" rel="stylesheet">
  <link href="quarto_files/revealjs/plugin/reveal-chalkboard/font-awesome/css/all.css" rel="stylesheet">
  <link href="quarto_files/revealjs/plugin/reveal-chalkboard/style.css" rel="stylesheet">
  <link href="quarto_files/revealjs/plugin/quarto-support/footer.css" rel="stylesheet">
  <style type="text/css">

  .callout {
    margin-top: 1em;
    margin-bottom: 1em;  
    border-radius: .25rem;
  }

  .callout.callout-style-simple { 
    padding: 0em 0.5em;
    border-left: solid #acacac .3rem;
    border-right: solid 1px silver;
    border-top: solid 1px silver;
    border-bottom: solid 1px silver;
    display: flex;
  }

  .callout.callout-style-default {
    border-left: solid #acacac .3rem;
    border-right: solid 1px silver;
    border-top: solid 1px silver;
    border-bottom: solid 1px silver;
  }

  .callout .callout-body-container {
    flex-grow: 1;
  }

  .callout.callout-style-simple .callout-body {
    font-size: 1rem;
    font-weight: 400;
  }

  .callout.callout-style-default .callout-body {
    font-size: 0.9rem;
    font-weight: 400;
  }

  .callout.callout-titled.callout-style-simple .callout-body {
    margin-top: 0.2em;
  }

  .callout:not(.callout-titled) .callout-body {
      display: flex;
  }

  .callout:not(.no-icon).callout-titled.callout-style-simple .callout-content {
    padding-left: 1.6em;
  }

  .callout.callout-titled .callout-header {
    padding-top: 0.2em;
    margin-bottom: -0.2em;
  }

  .callout.callout-titled .callout-title  p {
    margin-top: 0.5em;
    margin-bottom: 0.5em;
  }
    
  .callout.callout-titled.callout-style-simple .callout-content  p {
    margin-top: 0;
  }

  .callout.callout-titled.callout-style-default .callout-content  p {
    margin-top: 0.7em;
  }

  .callout.callout-style-simple div.callout-title {
    border-bottom: none;
    font-size: .9rem;
    font-weight: 600;
    opacity: 75%;
  }

  .callout.callout-style-default  div.callout-title {
    border-bottom: none;
    font-weight: 600;
    opacity: 85%;
    font-size: 0.9rem;
    padding-left: 0.5em;
    padding-right: 0.5em;
  }

  .callout.callout-style-default div.callout-content {
    padding-left: 0.5em;
    padding-right: 0.5em;
  }

  .callout.callout-style-simple .callout-icon::before {
    height: 1rem;
    width: 1rem;
    display: inline-block;
    content: "";
    background-repeat: no-repeat;
    background-size: 1rem 1rem;
  }

  .callout.callout-style-default .callout-icon::before {
    height: 0.9rem;
    width: 0.9rem;
    display: inline-block;
    content: "";
    background-repeat: no-repeat;
    background-size: 0.9rem 0.9rem;
  }

  .callout-title {
    display: flex
  }
    
  .callout-icon::before {
    margin-top: 1rem;
    padding-right: .5rem;
  }

  .callout.no-icon::before {
    display: none !important;
  }

  .callout.callout-titled .callout-body > .callout-content > :last-child {
    padding-bottom: 0.5rem;
    margin-bottom: 0;
  }

  .callout.callout-titled .callout-icon::before {
    margin-top: .5rem;
    padding-right: .5rem;
  }

  .callout:not(.callout-titled) .callout-icon::before {
    margin-top: 1rem;
    padding-right: .5rem;
  }

  /* Callout Types */

  div.callout-note {
    border-left-color: #4582ec !important;
  }

  div.callout-note .callout-icon::before {
    background-image: url('data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAACAAAAAgCAYAAABzenr0AAAAAXNSR0IArs4c6QAAAERlWElmTU0AKgAAAAgAAYdpAAQAAAABAAAAGgAAAAAAA6ABAAMAAAABAAEAAKACAAQAAAABAAAAIKADAAQAAAABAAAAIAAAAACshmLzAAAEU0lEQVRYCcVXTWhcVRQ+586kSUMMxkyaElstCto2SIhitS5Ek8xUKV2poatCcVHtUlFQk8mbaaziwpWgglJwVaquitBOfhQXFlqlzSJpFSpIYyXNjBNiTCck7x2/8/LeNDOZxDuEkgOXe++553zfefee+/OYLOXFk3+1LLrRdiO81yNqZ6K9cG0P3MeFaMIQjXssE8Z1JzLO9ls20MBZX7oG8w9GxB0goaPrW5aNMp1yOZIa7Wv6o2ykpLtmAPs/vrG14Z+6d4jpbSKuhdcSyq9wGMPXjonwmESXrriLzFGOdDBLB8Y6MNYBu0dRokSygMA/mrun8MGFN3behm6VVAwg4WR3i6FvYK1T7MHo9BK7ydH+1uurECoouk5MPRyVSBrBHMYwVobG2aOXM07sWrn5qgB60rc6mcwIDJtQrnrEr44kmy+UO9r0u9O5/YbkS9juQckLed3DyW2XV/qWBBB3ptvI8EUY3I9p/67OW+g967TNr3Sotn3IuVlfMLVnsBwH4fsnebJvyGm5GeIUA3jljERmrv49SizPYuq+z7c2H/jlGC+Ghhupn/hcapqmcudB9jwJ/3jvnvu6vu5lVzF1fXyZuZZ7U8nRmVzytvT+H3kilYvH09mLWrQdwFSsFEsxFVs5fK7A0g8gMZjbif4ACpKbjv7gNGaD8bUrlk8x+KRflttr22JEMRUbTUwwDQScyzPgedQHZT0xnx7ujw2jfVfExwYHwOsDTjLdJ2ebmeQIlJ7neo41s/DrsL3kl+W2lWvAga0tR3zueGr6GL78M3ifH0rGXrBC2aAR8uYcIA5gwV8zIE8onoh8u0Fca/ciF7j1uOzEnqcIm59sEXoGc0+z6+H45V1CvAvHcD7THztu669cnp+L0okAeIc6zjbM/24LgGM1gZk7jnRu1aQWoU9sfUOuhrmtaPIO3YY1KLLWZaEO5TKUbMY5zx8W9UJ6elpLwKXbsaZ4EFl7B4bMtDv0iRipKoDQT2sNQI9b1utXFdYisi+wzZ/ri/1m7QfDgEuvgUUEIJPq3DhX/5DWNqIXDOweC2wvIR90Oq3lDpdMIgD2r0dXvGdsEW5H6x6HLRJYU7C69VefO1x8Gde1ZFSJLfWS1jbCnhtOPxmpfv2LXOA2Xk2tvnwKKPFuZ/oRmwBwqRQDcKNeVQkYcOjtWVBuM/JuYw5b6isojIkYxyYAFn5K7ZBF10fea52y8QltAg6jnMqNHFBmGkQ1j+U43HMi2xMar1Nv0zGsf1s8nUsmUtPOOrbFIR8bHFDMB5zL13Gmr/kGlCkUzedTzzmzsaJXhYawnA3UmARpiYj5ooJZiUoxFRtK3X6pgNPv+IZVPcnwbOl6f+aBaO1CNvPW9n9LmCp01nuSaTRF2YxHqZ8DYQT6WsXT+RD6eUztwYLZ8rM+rcPxamv1VQzFUkzFXvkiVrySGQgJNvXHJAxiU3/NwiC03rSf05VBaPtu/Z7/B8Yn/w7eguloAAAAAElFTkSuQmCC');
  }

  div.callout-note.callout-style-default .callout-title {
    background-color: #dae6fb
  }

  div.callout-important {
    border-left-color: #d9534f !important;
  }

  div.callout-important .callout-icon::before {
    background-image: url('data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAACAAAAAgCAYAAABzenr0AAAAAXNSR0IArs4c6QAAAERlWElmTU0AKgAAAAgAAYdpAAQAAAABAAAAGgAAAAAAA6ABAAMAAAABAAEAAKACAAQAAAABAAAAIKADAAQAAAABAAAAIAAAAACshmLzAAAEKklEQVRYCcVXTWhcVRS+575MJym48A+hSRFr00ySRQhURRfd2HYjk2SSTokuBCkU2o0LoSKKraKIBTcuFCoidGFD08nkBzdREbpQ1EDNIv8qSGMFUboImMSZd4/f9zJv8ibJMC8xJQfO3HPPPef7zrvvvnvviIkpC9nsw0UttFunbUhpFzFtarSd6WJkStVMw5xyVqYTvkwfzuf/5FgtkVoB0729j1rjXwThS7Vio+Mo6DNnvLfahoZ+i/o32lULuJ3NNiz7q6+pyAUkJaFF6JwaM2lUJlV0MlnQn5aTRbEu0SEqHUa0A4AdiGuB1kFXRfVyg5d87+Dg4DL6m2TLAub60ilj7A1Ec4odSAc8X95sHh7+ZRPCFo6Fnp7HfU/fBng/hi10CjCnWnJjsxvDNxWw0NfV6Rv5GgP3I3jGWXumdTD/3cbEOP2ZbOZp69yniG3FQ9z1jD7bnBu9Fc2tKGC2q+uAJOQHBDRiZX1x36o7fWBs7J9ownbtO+n0/qWkvW7UPIfc37WgT6ZGR++EOJyeQDSb9UB+DZ1G6DdLDzyS+b/kBCYGsYgJbSQHuThGKRcw5xdeQf8YdNHsc6ePXrlSYMBuSIAFTGAtQo+VuALo4BX83N190NWZWbynBjhOHsmNfFWLeL6v+ynsA58zDvvAC8j5PkbOcXCMg2PZFk3q8MjI7WAG/Dp9AwP7jdGBOOQkAvlFUB+irtm16I1Zw9YBcpGTGXYmk3kQIC/Cds55l+iMI3jqhjAuaoe+am2Jw5GT3Nbz3CkE12NavmzN5+erJW7046n/CH1RO/RVa8lBLozXk9uqykkGAyRXLWlLv5jyp4RFsG5vGVzpDLnIjTWgnRy2Rr+tDKvRc7Y8AyZq10jj8DqXdnIRNtFZb+t/ZRtXcDiVnzpqx8mPcDWxgARUqx0W1QB9MeUZiNrV4qP+Ehc+BpNgATsTX8ozYKL2NtFYAHc84fG7ndxUPr+AR/iQSns7uSUufAymwDOb2+NjK27lEFocm/EE2WpyIy/Hi66MWuMKJn8RvxIcj87IM5Vh9663ziW36kR0HNenXuxmfaD8JC7tfKbrhFr7LiZCrMjrzTeGx+PmkosrkNzW94ObzwocJ7A1HokLolY+AvkTiD/q1H0cN48c5EL8Crkttsa/AXQVDmutfyku0E7jShx49XqV3MFK8IryDhYVbj7Sj2P2eBxwcXoe8T8idsKKPRcnZw1b+slFTubwUwhktrfnAt7J++jwQtLZcm3sr9LQrjRzz6cfMv9aLvgmnAGvpoaGLxM4mAEaLV7iAzQ3oU0IvD5x9ix3yF2RAAuYAOO2f7PEFWCXZ4C9Pb2UsgDeVnFSpbFK7/IWu7TPTvBqzbGdCHOJQSxiEjt6IyZmxQyEJHv6xyQsYk//moVFsN2zP6fRImjfq7/n/wFDguUQFNEwugAAAABJRU5ErkJggg==');
  }

  div.callout-important.callout-style-default .callout-title {
    background-color: #f7dddc
  }

  div.callout-warning {
    border-left-color: #f0ad4e !important;
  }

  div.callout-warning .callout-icon::before {
    background-image: url('data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAACAAAAAgCAYAAABzenr0AAAAAXNSR0IArs4c6QAAAERlWElmTU0AKgAAAAgAAYdpAAQAAAABAAAAGgAAAAAAA6ABAAMAAAABAAEAAKACAAQAAAABAAAAIKADAAQAAAABAAAAIAAAAACshmLzAAAETklEQVRYCeVWW2gcVRg+58yaTUnizqbipZeX4uWhBEniBaoUX1Ioze52t7sRq6APio9V9MEaoWlVsFasRq0gltaAPuxms8lu0gcviE/FFOstVbSIxgcv6SU7EZqmdc7v9+9mJtNks51NTUH84ed889/PP+cmxP+d5FIbMJmNbpREu4WUkiTtCicKny0l1pIKmBzovF2S+hIJHX8iEu3hZJ5lNZGqyRrGSIQpq15AzF28jgpeY6yk6GVdrfFqdrD6Iw+QlB8g0YS2g7dyQmXM/IDhBhT0UCiRf59lfqmmDvzRt6kByV/m4JjtzuaujMUM2c5Z2d6JdKrRb3K2q6mA+oYVz8JnDdKPmmNthzkAk/lN63sYPgevrguc72aZX/L9C6x09GYyxBgCX4NlvyGUHOKELlm5rXeR1kchuChJt4SSwyddZRXgvwMGvYo4QSlk3/zkHD8UHxwVJA6zjZZqP8v8kK8OWLnIZtLyCAJagYC4rTGW/9Pqj92N/c+LUaAj27movwbi19tk/whRCIE7Q9vyI6yvRpftAKVTdUjOW40X3h5OXsKCdmFcx0xlLJoSuQngnrJe7Kcjm4OMq9FlC7CMmScQANuNvjfP3PjGXDBaUQmbp296S5L4DrpbrHN1T87ZVEZVCzg1FF0Ft+dKrlLukI+/c9ENo+TvlTDbYFvuKPtQ9+l052rXrgKoWkDAFnvh0wTOmYn8R5f4k/jN/fZiCM1tQx9jQQ4ANhqG4hiL0qIFTGViG9DKB7GYzgubnpofgYRwO+DFjh0Zin2m4b/97EDkXkc+f6xYAPX0KK2I/7fUQuwzuwo/L3AkcjugPNixC8cHf0FyPjWlItmLxWw4Ou9YsQCr5fijMGoD/zpdRy95HRysyXA74MWOnscpO4j2y3HAVisw85hX5+AFBRSHt4ShfLFkIMXTqyKFc46xdzQM6XbAi702a7sy04J0+feReMFKp5q9esYLCqAZYw/k14E/xcLLsFElaornTuJB0svMuJINy8xkIYuL+xPAlWRceH6+HX7THJ0djLUom46zREu7tTkxwmf/FdOZ/sh6Q8qvEAiHpm4PJ4a/doJe0gH1t+aHRgCzOvBvJedEK5OFE5jpm4AGP2a8Dxe3gGJ/pAutug9Gp6he92CsSsWBaEcxGx0FHytmIpuqGkOpldqNYQK8cSoXvd+xLxXADw0kf6UkJNFtdo5MOgaLjiQOQHcn+A6h5NuL2s0qsC2LOM75PcF3yr5STuBSAcGG+meA14K/CI21HcS4LBT6tv0QAh8Dr5l93AhZzG5ZJ4VxAqdZUEl9z7WJ4aN+svMvwHHL21UKTd1mqvChH7/Za5xzXBBKrUcB0TQ+Ulgkfbi/H/YT5EptrGzsEK7tR1B7ln9BBwckYfMiuSqklSznIuoIIOM42MQO+QnduCoFCI0bpkzjCjddHPN/F+2Yu+sd9bKNpVwHhbS3LluK/0zgfwD0xYI5dXuzlQAAAABJRU5ErkJggg==');
  }

  div.callout-warning.callout-style-default .callout-title {
    background-color: #fcefdc
  }

  div.callout-tip {
    border-left-color: #02b875 !important;
  }

  div.callout-tip .callout-icon::before {
    background-image: url('data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAACAAAAAgCAYAAABzenr0AAAAAXNSR0IArs4c6QAAAERlWElmTU0AKgAAAAgAAYdpAAQAAAABAAAAGgAAAAAAA6ABAAMAAAABAAEAAKACAAQAAAABAAAAIKADAAQAAAABAAAAIAAAAACshmLzAAADr0lEQVRYCe1XTWgTQRj9ZjZV8a9SPIkKgj8I1bMHsUWrqYLVg4Ue6v9BwZOxSYsIerFao7UiUryIqJcqgtpimhbBXoSCVxUFe9CTiogUrUp2Pt+3aUI2u5vdNh4dmMzOzHvvezuz8xNFM0mjnbXaNu1MvFWRXkXEyE6aYOYJpdW4IXuA4r0fo8qqSMDBU0v1HJUgVieAXxzCsdE/YJTdFcVIZQNMyhruOMJKXYFoLfIfIvVIMWdsrd+Rpd86ZmyzzjJmLStqRn0v8lzkb4rVIXvnpScOJuAn2ACC65FkPzEdEy4TPWRLJ2h7z4cArXzzaOdKlbOvKKX25Wl00jSnrwVxAg3o4dRxhO13RBSdNvH0xSARv3adTXbBdTf64IWO2vH0LT+cv4GR1DJt+DUItaQogeBX/chhbTBxEiZ6gftlDNXTrvT7co4ub5A6gp9HIcHvzTa46OS5fBeP87Qm0fQkr4FsYgVQ7Qg+ZayaDg9jhg1GkWj8RG6lkeSacrrHgDaxdoBiZPg+NXV/KifMuB6//JmYH4CntVEHy/keA6x4h4CU5oFy8GzrBS18cLJMXcljAKB6INjWsRcuZBWVaS3GDrqB7rdapVIeA+isQ57Eev9eCqzqOa81CY05VLd6SamW2wA2H3SiTbnbSxmzfp7WtKZkqy4mdyAlGx7ennghYf8voqp9cLSgKdqNfa6RdRsAAkPwRuJZNbpByn+RrJi1RXTwdi8RQF6ymDwGMAtZ6TVE+4uoKh+MYkcLsT0Hk8eAienbiGdjJHZTpmNjlbFJNKDVAp2fJlYju6IreQxQ08UJDNYdoLSl6AadO+fFuCQqVMB1NJwPm69T04Wv5WhfcWyfXQB+wXRs1pt+nCknRa0LVzSA/2B+a9+zQJadb7IyyV24YAxKp2Jqs3emZTuNnKxsah+uabKbMk7CbTgJx/zIgQYErIeTKRQ9yD9wxVof5YolPHqaWo7TD6tJlh7jQnK5z2n3+fGdggIOx2kaa2YI9QWarc5Ce1ipNWMKeSG4DysFF52KBmTNMmn5HqCFkwy34rDg05gDwgH3bBi+sgFhN/e8QvRn8kbamCOhgrZ9GJhFDgfcMHzFb6BAtjKpFhzTjwv1KCVuxHvCbsSiEz4CANnj84cwHdFXAbAOJ4LTSAawGWFn5tDhLMYz6nWeU2wJfIhmIJBefcd/A5FWQWGgrWzyORZ3Q6HuV+Jf0Bj+BTX69fm1zWgK7By1YTXchFDORywnfQ7GpzOo6S+qECrsx2ifVQAAAABJRU5ErkJggg==');
  }

  div.callout-tip.callout-style-default .callout-title {
    background-color: #ccf1e3
  }

  div.callout-caution {
    border-left-color: #fd7e14 !important;
  }

  div.callout-caution .callout-icon::before {
    background-image: url('data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAACAAAAAgCAYAAABzenr0AAAAAXNSR0IArs4c6QAAAERlWElmTU0AKgAAAAgAAYdpAAQAAAABAAAAGgAAAAAAA6ABAAMAAAABAAEAAKACAAQAAAABAAAAIKADAAQAAAABAAAAIAAAAACshmLzAAACV0lEQVRYCdVWzWoUQRCuqp2ICBLJXgITZL1EfQDBW/bkzUMUD7klD+ATSHBEfAIfQO+iXsWDxJsHL96EHAwhgzlkg8nBg25XWb0zIb0zs9muYYWkoKeru+vn664fBqElyZNuyh167NXJ8Ut8McjbmEraKHkd7uAnAFku+VWdb3reSmRV8PKSLfZ0Gjn3a6Xlcq9YGb6tADjn+lUfTXtVmaZ1KwBIvFI11rRXlWlatwIAAv2asaa9mlB9wwygiDX26qaw1yYPzFXg2N1GgG0FMF8Oj+VIx7E/03lHx8UhvYyNZLN7BwSPgekXXLribw7w5/c8EF+DBK5idvDVYtEEwMeYefjjLAdEyQ3M9nfOkgnPTEkYU+sxMq0BxNR6jExrAI31H1rzvLEfRIdgcv1XEdj6QTQAS2wtstEALLG1yEZ3QhH6oDX7ExBSFEkFINXH98NTrme5IOaaA7kIfiu2L8A3qhH9zRbukdCqdsA98TdElyeMe5BI8Rs2xHRIsoTSSVFfCFCWGPn9XHb4cdobRIWABNf0add9jakDjQJpJ1bTXOJXnnRXHRf+dNL1ZV1MBRCXhMbaHqGI1JkKIL7+i8uffuP6wVQAzO7+qVEbF6NbS0LJureYcWXUUhH66nLR5rYmva+2tjRFtojkM2aD76HEGAD3tPtKM309FJg5j/K682ywcWJ3PASCcycH/22u+Bh7Aa0ehM2Fu4z0SAE81HF9RkB21c5bEn4Dzw+/qNOyXr3DCTQDMBOdhi4nAgiFDGCinIa2owCEChUwD8qzd03PG+qdW/4fDzjUMcE1ZpIAAAAASUVORK5CYII=');
  }

  div.callout-caution.callout-style-default .callout-title {
    background-color: #ffe5d0
  }

  </style>
  <style type="text/css">
    .reveal div.sourceCode {
      margin: 0;
      overflow: auto;
    }
    .reveal div.hanging-indent {
      margin-left: 1em;
      text-indent: -1em;
    }
    .reveal .slide:not(.center) {
      height: 100%;
    }
    .reveal .slide.scrollable {
      overflow-y: auto;
    }
    .reveal .footnotes {
      height: 100%;
      overflow-y: auto;
    }
    .reveal .slide .absolute {
      position: absolute;
      display: block;
    }
    .reveal .footnotes ol {
      counter-reset: ol;
      list-style-type: none; 
      margin-left: 0;
    }
    .reveal .footnotes ol li:before {
      counter-increment: ol;
      content: counter(ol) ". "; 
    }
    .reveal .footnotes ol li > p:first-child {
      display: inline-block;
    }
    .reveal .slide ul,
    .reveal .slide ol {
      margin-bottom: 0.5em;
    }
    .reveal .slide ul li,
    .reveal .slide ol li {
      margin-top: 0.4em;
      margin-bottom: 0.2em;
    }
    .reveal .slide ul[role="tablist"] li {
      margin-bottom: 0;
    }
    .reveal .slide ul li > *:first-child,
    .reveal .slide ol li > *:first-child {
      margin-block-start: 0;
    }
    .reveal .slide ul li > *:last-child,
    .reveal .slide ol li > *:last-child {
      margin-block-end: 0;
    }
    .reveal .slide .columns:nth-child(3) {
      margin-block-start: 0.8em;
    }
    .reveal blockquote {
      box-shadow: none;
    }
    .reveal .tippy-content>* {
      margin-top: 0.2em;
      margin-bottom: 0.7em;
    }
    .reveal .tippy-content>*:last-child {
      margin-bottom: 0.2em;
    }
    .reveal .slide > img.stretch.quarto-figure-center,
    .reveal .slide > img.r-stretch.quarto-figure-center {
      display: block;
      margin-left: auto;
      margin-right: auto; 
    }
    .reveal .slide > img.stretch.quarto-figure-left,
    .reveal .slide > img.r-stretch.quarto-figure-left  {
      display: block;
      margin-left: 0;
      margin-right: auto; 
    }
    .reveal .slide > img.stretch.quarto-figure-right,
    .reveal .slide > img.r-stretch.quarto-figure-right  {
      display: block;
      margin-left: auto;
      margin-right: 0; 
    }
  </style>
</head>
<body class="quarto-dark">
  <div class="reveal">
    <div class="slides">

<section id="title-slide" class="quarto-title-block center">
  <h1 class="title">CS 3710</h1>
  <h2 class="subtitle">Introduction to Cybersecurity</h2>
  <p class="titlep">&nbsp;</p>
  <div class="titlesmall"><p>
    <a href="http://www.cs.virginia.edu/~asb">Aaron Bloomfield</a> (aaron@virginia.edu)<br>
    <a href="http://github.com/aaronbloomfield/ccc">@github</a> | <a href="index.html">↑</a> | <a href="?print-pdf"><img class="print" width="20" src="../slides/images/print-icon.svg" style="top:0px;vertical-align:middle;background-color:transparent"></a>
  </p></div>
  <p class="titlep">&nbsp;</p>
  <h2 class="subtitle">Terminology</h2>
</section><section id="TOC">
<nav role="doc-toc"> 
<h2 id="toc-title">Contents</h2>
<ul>
<li><a href="#/terms" id="/toc-terms">Terms</a></li>
<li><a href="#/malware-types" id="/toc-malware-types">Malware Types</a></li>
<li><a href="#/vulnerabilities-exploited" id="/toc-vulnerabilities-exploited">Vulnerabilities Exploited</a></li>
</ul>
</nav>
</section>
<section>
<section id="terms" class="title-slide slide level1 center">
<h1>Terms</h1>

</section>
<section id="vulnerability-vs-exploit" class="slide level2">
<h2>Vulnerability vs exploit</h2>
<ul>
<li>A <em>vulnerability</em> is a weakness (or bug) in the security of a program
<ul>
<li>A lock that is easy to pick</li>
</ul></li>
<li>An <em>exploit</em> is an attack that makes use of some vulnerability
<ul>
<li>A “skeleton key” that can open many types of locks</li>
</ul></li>
</ul>
</section>
<section id="authentication-vs-authorization" class="slide level2">
<h2>Authentication vs authorization</h2>
<ul>
<li><em>Authentication</em> is determining who a user is
<ul>
<li>Signing in through netbadge, for example</li>
</ul></li>
<li><em>Authorization</em> is controlling one’s actions based on who they are
<ul>
<li>Normal users can not delete certain things, for example</li>
</ul></li>
</ul>
</section>
<section id="vector-vs-payload" class="slide level2">
<h2>Vector vs payload</h2>
<ul>
<li>The malware’s <em>vector</em> is the means by which it attacked the host
<ul>
<li>Virus, buffer overflow, worm, back door, etc.</li>
</ul></li>
<li>The malware’s <em>payload</em> is what damage or effects it causes
<ul>
<li>File deletion, infection of other files, mailing spam, etc.</li>
<li>Malware may not have a payload</li>
</ul></li>
</ul>
</section>
<section id="hack" class="slide level2">
<h2>Hack</h2>
<p>From <a href="https://www.dictionary.com/browse/hack?s=t">dictionary.com</a>:</p>
<blockquote>
<p>hack (intransitive verb): to modify (a computer program or electronic device) or write (a program) in a skillful or clever way</p>
</blockquote>
<blockquote>
<p>hack (intransitive verb): to circumvent security and break into (a network, computer, file, etc.), usually with malicious intent</p>
</blockquote>
</section>
<section id="hacker" class="slide level2">
<h2>Hacker</h2>
<p>From <a href="https://www.dictionary.com/browse/hack?s=t">dictionary.com</a>:</p>
<blockquote>
<p>hacker (noun): a person who has a high level of skill in computer technology or programming; a computer expert or enthusiast</p>
</blockquote>
<blockquote>
<p>hacker (noun): a person who circumvents security and breaks into a network, computer, file, etc., usually with malicious intent</p>
</blockquote>
</section>
<section id="hack-and-hacker-in-context" class="slide level2">
<h2>‘Hack’ and ‘hacker’ in context</h2>
<ul>
<li>Good contexts:
<ul>
<li>We have all heard of (or participated in) hack-a-thons</li>
<li>One may hack a program together</li>
<li>“That’s a great hack”</li>
</ul></li>
<li>Bad contexts:
<ul>
<li>Any malware is termed to be created by ‘hackers’</li>
<li>One who hacks into a secure system to do something malicious</li>
</ul></li>
</ul>
<!-- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -->
</section></section>
<section>
<section id="malware-types" class="title-slide slide level1 center">
<h1>Malware Types</h1>

</section>
<section id="characteristics-of-malware" class="slide level2">
<h2>Characteristics of malware</h2>
<ul>
<li>Self-replicating: does it reproduce by itself?</li>
<li>Population growth: how does the infected population increase?
<ul>
<li>Zero if it is not self-replicating</li>
<li>But self replicating can have either a zero or positive population growth</li>
</ul></li>
<li>Parasitic: does it need another executable in order to exist?</li>
</ul>
</section>
<section id="logic-bomb" class="slide level2">
<h2>Logic bomb</h2>
<div class="right-float-img img-size-800">
<p><img data-src="https://upload.wikimedia.org/wikipedia/commons/thumb/9/95/Bomb_icon.svg/350px-Bomb_icon.svg.png"></p>
</div>
<ul>
<li>Self-replicating: no</li>
<li>Population growth: zero</li>
<li>Parasitic: possibly &nbsp;</li>
</ul>
<p class="blankline">
&nbsp;
</p>
<ul>
<li>Has a <em>payload</em>, which is an action to perform
<ul>
<li>Delete files, etc. – usually a malicious effect</li>
</ul></li>
<li>Has a <em>trigger</em>, which is a Boolean condition as to when to execute
<ul>
<li>On a given date, when somebody performs some action, etc.</li>
</ul></li>
</ul>
</section>
<section id="trojan-horse" class="slide level2">
<h2>Trojan Horse</h2>
<div class="right-float-img img-size-600">
<p><img data-src="https://s-media-cache-ak0.pinimg.com/originals/98/31/91/983191ca276eb1227fd2f85960215b8c.jpg"></p>
</div>
<ul>
<li>Self-replicating: no</li>
<li>Population growth: zero</li>
<li>Parasitic: yes &nbsp;</li>
</ul>
<p class="blankline">
&nbsp;
</p>
<ul>
<li>A program that looks like a valid program, but has a malicious purpose
<ul>
<li>Stealing passwords, deleting files, etc.</li>
</ul></li>
</ul>
</section>
<section id="back-door" class="slide level2">
<h2>Back door</h2>
<div class="right-float-img img-size-600">
<p><img data-src="http://img11.deviantart.net/8549/i/2012/129/b/b/door_ajar_by_layall-d4z3odw.jpg"></p>
</div>
<ul>
<li>Self-replicating: no</li>
<li>Population growth: zero</li>
<li>Parasitic: possibly &nbsp;</li>
</ul>
<p class="blankline">
&nbsp;
</p>
<ul>
<li>Any mechanism that allows bypassing of the normal security checks
<ul>
<li>If you are logging in from this IP address, or enter a specific username, don’t ask for a password</li>
</ul></li>
</ul>
</section>
<section id="virus" class="slide level2">
<h2>Virus</h2>
<div class="right-float-img img-size-400">
<p><img data-src="https://upload.wikimedia.org/wikipedia/commons/thumb/9/94/Coronavirus._SARS-CoV-2.png/768px-Coronavirus._SARS-CoV-2.png"></p>
</div>
<ul>
<li>Self-replicating: yes</li>
<li>Population growth: positive</li>
<li>Parasitic: yes &nbsp;</li>
</ul>
<p class="blankline">
&nbsp;
</p>
<ul>
<li>Code that <em>modifies</em> an executable program file and inserts itself into it
<ul>
<li>This self-replication into existing executable code is the defining characteristic of a virus</li>
</ul></li>
<li>Often has a destructive payload</li>
<li>Does not <em>propagate</em> using a network, but infected files can be downloaded or emailed by a network</li>
</ul>
<!-- .slide: class="right-float-img .img-size-400" -->
</section>
<section id="worm" class="slide level2">
<h2>Worm</h2>
<div class="right-float-img img-size-500">
<p><img data-src="https://upload.wikimedia.org/wikipedia/commons/3/30/Regenwurm1.jpg"></p>
</div>
<ul>
<li>Self-replicating: yes</li>
<li>Population growth: positive</li>
<li>Parasitic: no &nbsp;</li>
</ul>
<p class="blankline">
&nbsp;
</p>
<ul>
<li>A stand-alone program that propagates via a network
<ul>
<li>Typically exploiting a security hole</li>
</ul></li>
<li>It does <em>not</em> modify an existing binary file</li>
</ul>
<!-- .slide: class="right-float-img .img-size-400" -->
</section>
<section id="rabbit" class="slide level2">
<h2>Rabbit</h2>
<div class="right-float-img img-size-500">
<p><img data-src="https://upload.wikimedia.org/wikipedia/commons/3/37/Oryctolagus_cuniculus_Tasmania_2.jpg"></p>
</div>
<ul>
<li>Self-replicating: yes</li>
<li>Population growth: zero</li>
<li>Parasitic: no &nbsp;</li>
</ul>
<p class="blankline">
&nbsp;
</p>
<ul>
<li>A rapidly reproducing program that consumes all of the available computer resources
<ul>
<li>A fork bomb, for example</li>
</ul></li>
<li>Leaves lots of traces, and doesn’t accomplish much
<ul>
<li>So they aren’t seen very often</li>
</ul></li>
<li>See the <a href="https://en.wikipedia.org/wiki/Fork_bomb">Wikipedia article on “fork bomb”</a> for more</li>
</ul>
</section>
<section id="some-fork-bombs" class="slide level2">
<h2>Some fork bombs</h2>
<p>C++, Python, and Bash shell, respectively:</p>
<div class="sourceCode" id="cb1"><pre class="sourceCode numberSource c number-lines code-with-copy"><code class="sourceCode c"><span id="cb1-1"><a href=""></a><span class="pp">#include </span><span class="im">&lt;stdio.h&gt;</span></span>
<span id="cb1-2"><a href=""></a><span class="pp">#include </span><span class="im">&lt;sys/types.h&gt;</span></span>
<span id="cb1-3"><a href=""></a><span class="dt">int</span> main<span class="op">()</span> <span class="op">{</span></span>
<span id="cb1-4"><a href=""></a>  <span class="cf">while</span><span class="op">(</span><span class="dv">1</span><span class="op">)</span> fork<span class="op">();</span></span>
<span id="cb1-5"><a href=""></a>  <span class="cf">return</span> <span class="dv">0</span><span class="op">;</span></span>
<span id="cb1-6"><a href=""></a><span class="op">}</span></span></code><button title="Copy to Clipboard" class="code-copy-button"><i class="bi"></i></button></pre></div>
<p>
&nbsp;
</p>
<div class="sourceCode" id="cb2"><pre class="sourceCode numberSource py number-lines code-with-copy"><code class="sourceCode python"><span id="cb2-1"><a href=""></a><span class="im">import</span> os</span>
<span id="cb2-2"><a href=""></a><span class="cf">while</span> <span class="va">True</span>:</span>
<span id="cb2-3"><a href=""></a>    os.fork()</span></code><button title="Copy to Clipboard" class="code-copy-button"><i class="bi"></i></button></pre></div>
<p>
&nbsp;
</p>
<div class="sourceCode" id="cb3"><pre class="sourceCode numberSource sh number-lines code-with-copy"><code class="sourceCode bash"><span id="cb3-1"><a href=""></a><span class="co">#!/bin/bash</span></span>
<span id="cb3-2"><a href=""></a><span class="fu">:()</span><span class="kw">{</span> <span class="bu">:</span><span class="kw">|</span><span class="bu">:</span><span class="kw">&amp;</span> <span class="kw">};</span><span class="bu">:</span></span></code><button title="Copy to Clipboard" class="code-copy-button"><i class="bi"></i></button></pre></div>
</section>
<section id="spyware" class="slide level2">
<h2>Spyware</h2>
<div class="right-float-img img-size-600">
<p><img data-src="http://4.bp.blogspot.com/-OdK2rCo-g9s/VGRyT8EwP6I/AAAAAAAAAK0/pSxTUYy699g/s1600/spyware.gif"></p>
</div>
<ul>
<li>Self-replicating: no</li>
<li>Population growth: zero</li>
<li>Parasitic: no &nbsp;</li>
</ul>
<p class="blankline">
&nbsp;
</p>
<ul>
<li>Software that collects information from a computer and transmits it to somebody else
<ul>
<li>Usernames and passwords, e-mail addresses, financial information, software license keys, etc.</li>
</ul></li>
<li>Viruses and worms can do similar things
<ul>
<li>Spyware is software that doesn’t self replicate</li>
</ul></li>
</ul>
</section>
<section id="adware" class="slide level2">
<h2>Adware</h2>
<div class="right-float-img img-size-500">
<p><img data-src="https://cdn.ttgtmedia.com/rms/onlineImages/security-adware.jpg"></p>
</div>
<ul>
<li>Self-replicating: no</li>
<li>Population growth: zero</li>
<li>Parasitic: no &nbsp;</li>
</ul>
<p class="blankline">
&nbsp;
</p>
<ul>
<li>Similar to spyware:
<ul>
<li>Gathers information about the user</li>
</ul></li>
<li>But it has differences:
<ul>
<li>It’s more marketing-focused (pops up ads, redirects a browser, etc.)</li>
</ul></li>
</ul>
</section>
<section id="droppers" class="slide level2">
<h2>Droppers</h2>
<div class="right-float-img img-size-500">
<p><img data-src="https://upload.wikimedia.org/wikipedia/commons/thumb/3/32/Pipette_tip_over_tube.jpg/548px-Pipette_tip_over_tube.jpg"></p>
</div>
<ul>
<li>Self-replicating: n/a</li>
<li>Population growth: n/a</li>
<li>Parasitic: n/a &nbsp;</li>
</ul>
<p class="blankline">
&nbsp;
</p>
<ul>
<li>A dropper is a program that deposits malware on a computer</li>
<li>Many viruses or worms contain a dropper for a larger piece of malware</li>
</ul>
</section>
<section id="hybrids" class="slide level2">
<h2>Hybrids</h2>
<div class="right-float-img img-size-500">
<p><img data-src="https://upload.wikimedia.org/wikipedia/commons/thumb/a/ad/Chimera_d%27arezzo%2C_fi%2C_04.JPG/640px-Chimera_d%27arezzo%2C_fi%2C_04.JPG"></p>
</div>
<ul>
<li>Self-replicating: n/a</li>
<li>Population growth: n/a</li>
<li>Parasitic: n/a &nbsp;</li>
</ul>
<p class="blankline">
&nbsp;
</p>
<ul>
<li>A hybrid is a piece of malware that uses multiple techniques discussed here</li>
<li>Hybrid example: Ken Thompson’s UNIX back door
<ul>
<li>Was a Trojan horse, replicated like a virus, created back doors</li>
</ul></li>
<li>Most malware today is hybrids</li>
</ul>
</section>
<section id="zombies" class="slide level2">
<h2>Zombies</h2>
<div class="right-float-img img-size-500">
<p><img data-src="https://upload.wikimedia.org/wikipedia/commons/thumb/a/ad/Zombie_haiti_ill_artlibre_jnl.png/434px-Zombie_haiti_ill_artlibre_jnl.png"></p>
</div>
<ul>
<li>Self-replicating: ?</li>
<li>Population growth: ?</li>
<li>Parasitic: yes (to a computer) &nbsp;</li>
</ul>
<p class="blankline">
&nbsp;
</p>
<ul>
<li>A zombie is a computer that somebody else can (partially) control
<ul>
<li>Often Windows machines</li>
<li>Can send spam, perform DoS attacks</li>
<li>User is often unaware of the zombie</li>
</ul></li>
<li>A zombie is often a drop of another piece of malware</li>
</ul>
</section>
<section id="botnet" class="slide level2">
<h2>Botnet</h2>
<div class="right-float-img img-size-600">
<p><img data-src="https://upload.wikimedia.org/wikipedia/commons/thumb/c/c0/Botnet2.gif/640px-Botnet2.gif"></p>
</div>
<ul>
<li>Self-replicating: N/A</li>
<li>Population growth: N/A</li>
<li>Parasitic: yes &nbsp;</li>
</ul>
<p class="blankline">
&nbsp;
</p>
<ul>
<li>A number of zombie computers controlled by a single source</li>
<li>Example: <a href="https://en.wikipedia.org/wiki/Bredolab_botnet">Bredolab botnet</a>
<ul>
<li>Dismantled in 2010, but controlled 30 <em>million</em> computers at it’s peak</li>
<li>Owner(s) made over $100k per month</li>
</ul></li>
</ul>
</section>
<section id="ransomware" class="slide level2">
<h2>Ransomware</h2>
<div class="right-float-img img-size-600">
<p><img data-src="https://upload.wikimedia.org/wikipedia/commons/thumb/1/12/Ransomware-pic.jpg/640px-Ransomware-pic.jpg"></p>
</div>
<ul>
<li><p>Very common these days</p>
<ul>
<li>It usually is the payload of<br>another attack</li>
</ul></li>
<li><p>It requires one to pay to<br>“release” resources</p></li>
<li><p>Stats (<a href="http://www.businessinsider.com/doj-and-dhs-ransomware-attacks-government-2016-4">source</a>) from an April 2015 report:</p>
<ul>
<li>The DOJ received 7,700 public complains in the last decade, totaling <span class="math inline">\(57.6 million paid
- Generally `\)</span><code>200 to</code>$`10,000 per “episode”</li>
<li>$24 million in 2,500 cases in 2015 alone</li>
</ul></li>
</ul>
<!-- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -->
</section></section>
<section>
<section id="vulnerabilities-exploited" class="title-slide slide level1 center">
<h1>Vulnerabilities Exploited</h1>

</section>
<section id="what-vulnerabilities-were-exploited" class="slide level2">
<h2>What Vulnerabilities Were Exploited?</h2>
<ul>
<li>“Vulnerability” often refers only to vulnerable code in an OS or applications
<ul>
<li>E.g. Unguarded buffer overflow in OS command allows attacker to run arbitrary command, gain root access, etc.</li>
<li>Failure to validate user input</li>
<li>Allowing ActiveX controls to be run from scripts</li>
</ul></li>
</ul>
</section>
<section id="what-vulnerabilities-were-exploited-1" class="slide level2">
<h2>What Vulnerabilities Were Exploited?</h2>
<ul>
<li>More generally, a vulnerability is whatever weakness in an overall system that makes it open to attack
<ul>
<li>System administration and configuration flaws</li>
<li>Dangerous user behavior</li>
</ul></li>
</ul>
</section>
<section id="code-vulnerabilities" class="slide level2">
<h2>Code Vulnerabilities</h2>
<ul>
<li>Buffer overflow is the most common
<ul>
<li>Array bounds not usually checked at run time (Why not?)</li>
</ul></li>
<li>What comes <em>after</em> the buffer being overflowed determines what can be attacked
<ul>
<li>Return address can be changed to malicious code</li>
<li>Function pointer can point to malicious code</li>
<li>Output file name for a program can be overwritten with file name desired by attacker</li>
</ul></li>
<li>Buffer overflows are simple to guard against, yet they remain the most common code vulnerability</li>
</ul>
</section>
<section id="buffer-overflow-example" class="slide level2">
<h2>Buffer Overflow Example</h2>
<div class="sourceCode" id="cb4"><pre class="sourceCode numberSource c number-lines code-with-copy"><code class="sourceCode c"><span id="cb4-1"><a href=""></a><span class="dt">void</span> bogus<span class="op">(</span><span class="dt">void</span><span class="op">)</span> <span class="op">{</span></span>
<span id="cb4-2"><a href=""></a>   <span class="dt">int</span> i<span class="op">;</span></span>
<span id="cb4-3"><a href=""></a>   <span class="dt">char</span> buffer<span class="op">[</span><span class="dv">256</span><span class="op">];</span>      <span class="co">// Return address follows!</span></span>
<span id="cb4-4"><a href=""></a></span>
<span id="cb4-5"><a href=""></a>   printf<span class="op">(</span><span class="st">"Enter your data as a string.</span><span class="sc">\n</span><span class="st">"</span><span class="op">);</span></span>
<span id="cb4-6"><a href=""></a>   scanf<span class="op">(</span><span class="st">"</span><span class="sc">%s</span><span class="st">"</span><span class="op">,</span> buffer<span class="op">);</span>   <span class="co">// No bounds check!</span></span>
<span id="cb4-7"><a href=""></a></span>
<span id="cb4-8"><a href=""></a>   process_data<span class="op">(</span>buffer<span class="op">);</span></span>
<span id="cb4-9"><a href=""></a>   <span class="cf">return</span><span class="op">;</span></span>
<span id="cb4-10"><a href=""></a></span>
<span id="cb4-11"><a href=""></a>   <span class="co">// Returns to the return address that </span></span>
<span id="cb4-12"><a href=""></a>   <span class="co">// follows buffer[] on the stack frame</span></span>
<span id="cb4-13"><a href=""></a><span class="op">}</span></span></code><button title="Copy to Clipboard" class="code-copy-button"><i class="bi"></i></button></pre></div>
<p>When writing beyond the size of <code>buffer</code> one will (eventually) overwrite the return address</p>
</section>
<section id="buffer-overflow-continued" class="slide level2">
<h2>Buffer Overflow continued</h2>
<ul>
<li>Notice that the program does not check to make sure that the user inputs 255 characters or less</li>
<li>Source code is available for many operating systems and applications
<ul>
<li>OR they can be disassembled and analyzed by the attacker</li>
</ul></li>
<li>Attacker can see that it is possible to overflow the buffer</li>
<li>Buffer is last data item on the stack frame; the return address from this function will be at a defined distance after it</li>
</ul>
</section>
<section id="buffer-overflow-continued-1" class="slide level2">
<h2>Buffer Overflow continued</h2>
<ul>
<li>Attacker can enter a character string representation of his malicious object code, long enough to fill the buffer</li>
<li>At the end of the malicious code, the attacker passes the address of variable “buffer” so that it overwrites the return address of function bogus() on the stack frame</li>
<li>When bogus() returns, it will cause a return to the buffer address, executing the malicious code in it</li>
</ul>
</section>
<section id="user-behavior-vulnerabilities" class="slide level2">
<h2>User Behavior Vulnerabilities</h2>
<ul>
<li>Poor password selection
<ul>
<li>Too short; all alphabetic; common words</li>
<li>1988 Morris worm used a list of only 432 common passwords, and succeeded in cracking many user accounts all over the Internet</li>
<li>This was the main reason the worm spread more than the creator thought it would; he did not realize that password selection was that bad!</li>
</ul></li>
</ul>
</section>
<section id="user-behavior-vulnerabilities-1" class="slide level2">
<h2>User Behavior Vulnerabilities</h2>
<ul>
<li>Opening executable email attachments
<ul>
<li>“This email is from my friend; it must be safe.” But, the friend’s PC has a virus!</li>
<li>Knowing the sender is not enough to make it safe to open</li>
<li>Virus creator can disguise the attachment to look like it is not executable</li>
<li>Remember the “Love Letter” virus!</li>
</ul></li>
<li>So only open the attachment if you know the sender, right?
<ul>
<li>What could be wrong with that?</li>
</ul></li>
</ul>
<div class="quarto-auto-generated-content">
<p><img src="images/quarto.png" class="slide-logo"></p>
<div class="footer footer-default">
<p><a href="https://aaronbloomfield.github.io/ics" class="uri">https://aaronbloomfield.github.io/ics</a></p>
</div>
</div>
</section></section>
    </div>
  </div>

  <script>window.backupDefine = window.define; window.define = undefined;</script>
  <script src="quarto_files/revealjs/dist/reveal.js"></script>
  <!-- reveal.js plugins -->
  <script src="quarto_files/revealjs/plugin/quarto-line-highlight/line-highlight.js"></script>
  <script src="quarto_files/revealjs/plugin/pdf-export/pdfexport.js"></script>
  <script src="quarto_files/revealjs/plugin/reveal-menu/menu.js"></script>
  <script src="quarto_files/revealjs/plugin/reveal-menu/quarto-menu.js"></script>
  <script src="quarto_files/revealjs/plugin/reveal-chalkboard/plugin.js"></script>
  <script src="quarto_files/revealjs/plugin/quarto-support/support.js"></script>
  

  <script src="quarto_files/revealjs/plugin/notes/notes.js"></script>
  <script src="quarto_files/revealjs/plugin/search/search.js"></script>
  <script src="quarto_files/revealjs/plugin/zoom/zoom.js"></script>
  <script src="quarto_files/revealjs/plugin/math/math.js"></script>
  <script>window.define = window.backupDefine; window.backupDefine = undefined;</script>

  <script>

      // Full list of configuration options available at:
      // https://revealjs.com/config/
      Reveal.initialize({
'controlsAuto': false,
'previewLinksAuto': true,
'pdfSeparateFragments': false,
'autoAnimateEasing': "ease",
'autoAnimateDuration': 1,
'autoAnimateUnmatched': true,
'menu': {"side":"left","useTextContentForMissingTitles":true,"markers":false,"loadIcons":false,"custom":[{"title":"Tools","icon":"<i class=\"fas fa-gear\"></i>","content":"<ul class=\"slide-menu-items\">\n<li class=\"slide-tool-item active\" data-item=\"0\"><a href=\"#\" onclick=\"RevealMenuToolHandlers.fullscreen(event)\"><kbd>f</kbd> Fullscreen</a></li>\n<li class=\"slide-tool-item\" data-item=\"1\"><a href=\"#\" onclick=\"RevealMenuToolHandlers.speakerMode(event)\"><kbd>s</kbd> Speaker View</a></li>\n<li class=\"slide-tool-item\" data-item=\"2\"><a href=\"#\" onclick=\"RevealMenuToolHandlers.overview(event)\"><kbd>o</kbd> Slide Overview</a></li>\n<li class=\"slide-tool-item\" data-item=\"3\"><a href=\"#\" onclick=\"RevealMenuToolHandlers.togglePdfExport(event)\"><kbd>e</kbd> PDF Export Mode</a></li>\n<li class=\"slide-tool-item\" data-item=\"4\"><a href=\"#\" onclick=\"RevealMenuToolHandlers.toggleChalkboard(event)\"><kbd>b</kbd> Toggle Chalkboard</a></li>\n<li class=\"slide-tool-item\" data-item=\"5\"><a href=\"#\" onclick=\"RevealMenuToolHandlers.toggleNotesCanvas(event)\"><kbd>c</kbd> Toggle Notes Canvas</a></li>\n<li class=\"slide-tool-item\" data-item=\"6\"><a href=\"#\" onclick=\"RevealMenuToolHandlers.downloadDrawings(event)\"><kbd>d</kbd> Download Drawings</a></li>\n<li class=\"slide-tool-item\" data-item=\"7\"><a href=\"#\" onclick=\"RevealMenuToolHandlers.keyboardHelp(event)\"><kbd>?</kbd> Keyboard Help</a></li>\n</ul>"}],"openButton":true},
'chalkboard': {"buttons":true},
'smaller': false,
 
        // Display controls in the bottom right corner
        controls: false,

        // Help the user learn the controls by providing hints, for example by
        // bouncing the down arrow when they first encounter a vertical slide
        controlsTutorial: false,

        // Determines where controls appear, "edges" or "bottom-right"
        controlsLayout: 'edges',

        // Visibility rule for backwards navigation arrows; "faded", "hidden"
        // or "visible"
        controlsBackArrows: 'faded',

        // Display a presentation progress bar
        progress: true,

        // Display the page number of the current slide
        slideNumber: 'h.v',

        // 'all', 'print', or 'speaker'
        showSlideNumber: 'all',

        // Add the current slide number to the URL hash so that reloading the
        // page/copying the URL will return you to the same slide
        hash: true,

        // Start with 1 for the hash rather than 0
        hashOneBasedIndex: false,

        // Flags if we should monitor the hash and change slides accordingly
        respondToHashChanges: true,

        // Push each slide change to the browser history
        history: true,

        // Enable keyboard shortcuts for navigation
        keyboard: true,

        // Enable the slide overview mode
        overview: true,

        // Disables the default reveal.js slide layout (scaling and centering)
        // so that you can use custom CSS layout
        disableLayout: false,

        // Vertical centering of slides
        center: false,

        // Enables touch navigation on devices with touch input
        touch: true,

        // Loop the presentation
        loop: false,

        // Change the presentation direction to be RTL
        rtl: false,

        // see https://revealjs.com/vertical-slides/#navigation-mode
        navigationMode: 'default',

        // Randomizes the order of slides each time the presentation loads
        shuffle: false,

        // Turns fragments on and off globally
        fragments: true,

        // Flags whether to include the current fragment in the URL,
        // so that reloading brings you to the same fragment position
        fragmentInURL: false,

        // Flags if the presentation is running in an embedded mode,
        // i.e. contained within a limited portion of the screen
        embedded: false,

        // Flags if we should show a help overlay when the questionmark
        // key is pressed
        help: true,

        // Flags if it should be possible to pause the presentation (blackout)
        pause: true,

        // Flags if speaker notes should be visible to all viewers
        showNotes: false,

        // Global override for autoplaying embedded media (null/true/false)
        autoPlayMedia: null,

        // Global override for preloading lazy-loaded iframes (null/true/false)
        preloadIframes: null,

        // Number of milliseconds between automatically proceeding to the
        // next slide, disabled when set to 0, this value can be overwritten
        // by using a data-autoslide attribute on your slides
        autoSlide: 0,

        // Stop auto-sliding after user input
        autoSlideStoppable: true,

        // Use this method for navigation when auto-sliding
        autoSlideMethod: null,

        // Specify the average time in seconds that you think you will spend
        // presenting each slide. This is used to show a pacing timer in the
        // speaker view
        defaultTiming: null,

        // Enable slide navigation via mouse wheel
        mouseWheel: false,

        // The display mode that will be used to show slides
        display: 'block',

        // Hide cursor if inactive
        hideInactiveCursor: true,

        // Time before the cursor is hidden (in ms)
        hideCursorTime: 5000,

        // Opens links in an iframe preview overlay
        previewLinks: false,

        // Transition style (none/fade/slide/convex/concave/zoom)
        transition: 'none',

        // Transition speed (default/fast/slow)
        transitionSpeed: 'default',

        // Transition style for full page slide backgrounds
        // (none/fade/slide/convex/concave/zoom)
        backgroundTransition: 'none',

        // Number of slides away from the current that are visible
        viewDistance: 3,

        // Number of slides away from the current that are visible on mobile
        // devices. It is advisable to set this to a lower number than
        // viewDistance in order to save resources.
        mobileViewDistance: 2,

        // The "normal" size of the presentation, aspect ratio will be preserved
        // when the presentation is scaled to fit different resolutions. Can be
        // specified using percentage units.
        width: 1050,

        height: 700,

        // Factor of the display size that should remain empty around the content
        margin: 0.1,

        math: {
          mathjax: 'https://cdnjs.cloudflare.com/ajax/libs/mathjax/2.7.0/MathJax.js',
          config: 'TeX-AMS_HTML-full',
          tex2jax: {
            inlineMath: [['\\(','\\)']],
            displayMath: [['\\[','\\]']],
            balanceBraces: true,
            processEscapes: false,
            processRefs: true,
            processEnvironments: true,
            preview: 'TeX',
            skipTags: ['script','noscript','style','textarea','pre','code'],
            ignoreClass: 'tex2jax_ignore',
            processClass: 'tex2jax_process'
          },
        },

        // reveal.js plugins
        plugins: [QuartoLineHighlight, PdfExport, RevealMenu, RevealChalkboard, QuartoSupport,

          RevealMath,
          RevealNotes,
          RevealSearch,
          RevealZoom
        ]
      });
    </script>
    <script id="quarto-html-after-body" type="application/javascript">
    window.document.addEventListener("DOMContentLoaded", function (event) {
      const toggleBodyColorMode = (bsSheetEl) => {
        const mode = bsSheetEl.getAttribute("data-mode");
        const bodyEl = window.document.querySelector("body");
        if (mode === "dark") {
          bodyEl.classList.add("quarto-dark");
          bodyEl.classList.remove("quarto-light");
        } else {
          bodyEl.classList.add("quarto-light");
          bodyEl.classList.remove("quarto-dark");
        }
      }
      const toggleBodyColorPrimary = () => {
        const bsSheetEl = window.document.querySelector("link#quarto-bootstrap");
        if (bsSheetEl) {
          toggleBodyColorMode(bsSheetEl);
        }
      }
      toggleBodyColorPrimary();  
      const tabsets =  window.document.querySelectorAll(".panel-tabset-tabby")
      tabsets.forEach(function(tabset) {
        const tabby = new Tabby('#' + tabset.id);
      });
      const isCodeAnnotation = (el) => {
        for (const clz of el.classList) {
          if (clz.startsWith('code-annotation-')) {                     
            return true;
          }
        }
        return false;
      }
      const onCopySuccess = function(e) {
        // button target
        const button = e.trigger;
        // don't keep focus
        button.blur();
        // flash "checked"
        button.classList.add('code-copy-button-checked');
        var currentTitle = button.getAttribute("title");
        button.setAttribute("title", "Copied!");
        let tooltip;
        if (window.bootstrap) {
          button.setAttribute("data-bs-toggle", "tooltip");
          button.setAttribute("data-bs-placement", "left");
          button.setAttribute("data-bs-title", "Copied!");
          tooltip = new bootstrap.Tooltip(button, 
            { trigger: "manual", 
              customClass: "code-copy-button-tooltip",
              offset: [0, -8]});
          tooltip.show();    
        }
        setTimeout(function() {
          if (tooltip) {
            tooltip.hide();
            button.removeAttribute("data-bs-title");
            button.removeAttribute("data-bs-toggle");
            button.removeAttribute("data-bs-placement");
          }
          button.setAttribute("title", currentTitle);
          button.classList.remove('code-copy-button-checked');
        }, 1000);
        // clear code selection
        e.clearSelection();
      }
      const getTextToCopy = function(trigger) {
          const codeEl = trigger.previousElementSibling.cloneNode(true);
          for (const childEl of codeEl.children) {
            if (isCodeAnnotation(childEl)) {
              childEl.remove();
            }
          }
          return codeEl.innerText;
      }
      const clipboard = new window.ClipboardJS('.code-copy-button:not([data-in-quarto-modal])', {
        text: getTextToCopy
      });
      clipboard.on('success', onCopySuccess);
      if (window.document.getElementById('quarto-embedded-source-code-modal')) {
        // For code content inside modals, clipBoardJS needs to be initialized with a container option
        // TODO: Check when it could be a function (https://github.com/zenorocha/clipboard.js/issues/860)
        const clipboardModal = new window.ClipboardJS('.code-copy-button[data-in-quarto-modal]', {
          text: getTextToCopy,
          container: window.document.getElementById('quarto-embedded-source-code-modal')
        });
        clipboardModal.on('success', onCopySuccess);
      }
        var localhostRegex = new RegExp(/^(?:http|https):\/\/localhost\:?[0-9]*\//);
        var mailtoRegex = new RegExp(/^mailto:/);
          var filterRegex = new RegExp('/' + window.location.host + '/');
        var isInternal = (href) => {
            return filterRegex.test(href) || localhostRegex.test(href) || mailtoRegex.test(href);
        }
        // Inspect non-navigation links and adorn them if external
     	var links = window.document.querySelectorAll('a[href]:not(.nav-link):not(.navbar-brand):not(.toc-action):not(.sidebar-link):not(.sidebar-item-toggle):not(.pagination-link):not(.no-external):not([aria-hidden]):not(.dropdown-item):not(.quarto-navigation-tool):not(.about-link)');
        for (var i=0; i<links.length; i++) {
          const link = links[i];
          if (!isInternal(link.href)) {
            // undo the damage that might have been done by quarto-nav.js in the case of
            // links that we want to consider external
            if (link.dataset.originalHref !== undefined) {
              link.href = link.dataset.originalHref;
            }
              // target, if specified
              link.setAttribute("target", "_blank");
              if (link.getAttribute("rel") === null) {
                link.setAttribute("rel", "noopener");
              }
              // default icon
              link.classList.add("external");
          }
        }
      function tippyHover(el, contentFn, onTriggerFn, onUntriggerFn) {
        const config = {
          allowHTML: true,
          maxWidth: 500,
          delay: 100,
          arrow: false,
          appendTo: function(el) {
              return el.closest('section.slide') || el.parentElement;
          },
          interactive: true,
          interactiveBorder: 10,
          theme: 'light-border',
          placement: 'bottom-start',
        };
        if (contentFn) {
          config.content = contentFn;
        }
        if (onTriggerFn) {
          config.onTrigger = onTriggerFn;
        }
        if (onUntriggerFn) {
          config.onUntrigger = onUntriggerFn;
        }
          config['offset'] = [0,0];
          config['maxWidth'] = 700;
        window.tippy(el, config); 
      }
      const noterefs = window.document.querySelectorAll('a[role="doc-noteref"]');
      for (var i=0; i<noterefs.length; i++) {
        const ref = noterefs[i];
        tippyHover(ref, function() {
          // use id or data attribute instead here
          let href = ref.getAttribute('data-footnote-href') || ref.getAttribute('href');
          try { href = new URL(href).hash; } catch {}
          const id = href.replace(/^#\/?/, "");
          const note = window.document.getElementById(id);
          if (note) {
            return note.innerHTML;
          } else {
            return "";
          }
        });
      }
      const findCites = (el) => {
        const parentEl = el.parentElement;
        if (parentEl) {
          const cites = parentEl.dataset.cites;
          if (cites) {
            return {
              el,
              cites: cites.split(' ')
            };
          } else {
            return findCites(el.parentElement)
          }
        } else {
          return undefined;
        }
      };
      var bibliorefs = window.document.querySelectorAll('a[role="doc-biblioref"]');
      for (var i=0; i<bibliorefs.length; i++) {
        const ref = bibliorefs[i];
        const citeInfo = findCites(ref);
        if (citeInfo) {
          tippyHover(citeInfo.el, function() {
            var popup = window.document.createElement('div');
            citeInfo.cites.forEach(function(cite) {
              var citeDiv = window.document.createElement('div');
              citeDiv.classList.add('hanging-indent');
              citeDiv.classList.add('csl-entry');
              var biblioDiv = window.document.getElementById('ref-' + cite);
              if (biblioDiv) {
                citeDiv.innerHTML = biblioDiv.innerHTML;
              }
              popup.appendChild(citeDiv);
            });
            return popup.innerHTML;
          });
        }
      }
    });
    </script>
    

</body></html>