Always, on every assignment, please write your name legibly as it appears
on your University ID and on the class list! All assignments will be due
at the start of class on the day indicated, and unless there is what
insurance companies call "an act of God" - something outside your
control; the only exceptions to this rule will be by advance arrangement.
For those taking the course by video link, assignments may be submitted
electronically by E-mail to
Rajiv Raman.
Please do not use obscure attachment formats! Plaintext E-mail is
preferred to HTML, Word, RTF or other even more obscure formats!
(The following problems have equal weight.)
-
Look at problem 2 in chapter 3 of the text.
Solve problem 2, but only write a brief summary of your answer, a short
paragraph describing the idea, with no details at all.
Then, and this is the core of the problem, explain to your boss the
extent of test coverage. That is, if you assume the microprocessor
manufacturer was your adversary, what kinds of attacks from them
are you unable to effectively prevent with your testing (or with any
testing) regime.
-
Background: The halting problem is an old one in computer science,
the problem is, is it possible to write a
program (tester) that takes as input another
program (parameter) and its input and outputs either "parameter will halt"
or "parameter will go into an infinite loop".
The proof that tester cannot be written is simple: Write a parameter program
that contains tester as a subroutine, the parameter program goes into an
infinite loop if tester returns "parameter will halt"
and it halts if tester returns "parameter will go into an infinite loop".
Now, pass this parameter to tester, with a copy of this parameter as its input.
Whatever result tester returns will be wrong, and therefore, tester cannot
exist.
Given the above, is it possible to write a program to test for the existence of
trapdoors?
-
Do problem 8 from Chapter 3.
-
Present a design for transmitting data through a covert channel in a Unix
or Linux system using the gettimeofday(2) and sleep(3) or setitimer(2)
(These are documented in the indicated sections of the Unix Programmer's
Reference Manual, available on line on Linux and Unix systems using the
man commens. Use man man to find more about this command.)
-
Unix source code is frequently distributed as shar files, which are
shell scripts (frequently with names ending .shar) that, when run,
create directories, install files in those directories, and so on.
The Unix shar(1) command creates shar files.
a) Could a new generation of viruses emerge that spreads through shar files?
b) What defenses could you construct against such viruses.