Assignment 3, due Feb 11

Part of the homework for 22C:169, Spring 2005
by Douglas W. Jones
THE UNIVERSITY OF IOWA Department of Computer Science

Always, on every assignment, please write your name legibly as it appears on your University ID and on the class list! All assignments will be due at the start of class on the day indicated, and unless there is what insurance companies call "an act of God" - something outside your control; the only exceptions to this rule will be by advance arrangement.

For those taking the course by video link, assignments may be submitted electronically by E-mail to Rajiv Raman. Please do not use obscure attachment formats! Plaintext E-mail is preferred to HTML, Word, RTF or other even more obscure formats! (The following problems have equal weight.)

  1. Look at problem 2 in chapter 3 of the text. Solve problem 2, but only write a brief summary of your answer, a short paragraph describing the idea, with no details at all. Then, and this is the core of the problem, explain to your boss the extent of test coverage. That is, if you assume the microprocessor manufacturer was your adversary, what kinds of attacks from them are you unable to effectively prevent with your testing (or with any testing) regime.

  2. Background: The halting problem is an old one in computer science, the problem is, is it possible to write a program (tester) that takes as input another program (parameter) and its input and outputs either "parameter will halt" or "parameter will go into an infinite loop". The proof that tester cannot be written is simple: Write a parameter program that contains tester as a subroutine, the parameter program goes into an infinite loop if tester returns "parameter will halt" and it halts if tester returns "parameter will go into an infinite loop". Now, pass this parameter to tester, with a copy of this parameter as its input. Whatever result tester returns will be wrong, and therefore, tester cannot exist.

    Given the above, is it possible to write a program to test for the existence of trapdoors?

  3. Do problem 8 from Chapter 3.

  4. Present a design for transmitting data through a covert channel in a Unix or Linux system using the gettimeofday(2) and sleep(3) or setitimer(2) (These are documented in the indicated sections of the Unix Programmer's Reference Manual, available on line on Linux and Unix systems using the man commens. Use man man to find more about this command.)

  5. Unix source code is frequently distributed as shar files, which are shell scripts (frequently with names ending .shar) that, when run, create directories, install files in those directories, and so on. The Unix shar(1) command creates shar files.

    a) Could a new generation of viruses emerge that spreads through shar files?

    b) What defenses could you construct against such viruses.