Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Information-Security-News
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[ISN] What I Learned In Teaching Computer Security, Privacy, and Politic

from [InfoSec News] Network Security [Permanent Link]
Subject: [ISN] What I Learned In Teaching Computer Security, Privacy, and Politics to a General Audience
Date: Tue, 26 Apr 2005 00:49:52 -0500 (CDT) 
http://www.onlamp.com/pub/wlg/6928

Ming Chow
Apr. 24, 2005 
http://www.cs.tufts.edu/~mchow/excollege/

Hard to believe, I am almost finished with teaching a full college
course (one semester) --my course at Tufts University entitled
"Security, Privacy, and Politics in the Computer Age," offered by the
Experimental College. It has certainly been an exhilerating few
months, but it has been a very rewarding, memorable, and flattering
experience.

So what did I learn from teaching computer security, politics, and
privacy to a group of twenty, mainly non-technical, college students?  
Here are some of my thoughts in a nutshell:

* It is difficult to balance technical and non-technical information.
  Many students know what spyware and computer viruses are, but the
  technical workings of them are complicated. If you delve into
  complexities such as the operating system or the kernel, the
  students will be lost. I also recall making my cryptography lecture
  too simplistic, and I saw many students fall asleep.

* Few have knowledge about open source software, and alternatives to
  popular software packages. It is important to discuss the software
  life-cycle development process early in the semester because it will
  provide students insights on where a lot of the problems come from.
  One of the first comments from students that stuck me was that many
  have never heard of open source software, nor have they heard of
  alternatives to popular software packages such as GIMP, GAIM, and
  yes, even Firefox. As much as the technical community read and speak
  about OSS, the general public still don't understand it.

* Few have used Unix or Linux. Unix and Linux are sometimes dubbed as
  the "the most important operating systems you may never use," and I
  found this quite true. That is why I distributed free copies of
  Knoppix to students, and used it for my lectures on occasion.

* News and information evolve and change frequently. Several weeks
  after I gave a demonstration on password cracking, the news of Paris
  Hilton's sidekick cracked via simple password broke out. We had to
  reflect back on our previous lecture. Same issue with the recent
  slew of consumer database breaches. The instructor (myself) have to
  keep up with current events especially when teaching such a course.

* Students enjoy examples. Students love screenshots and hands-on
  examples from the terminal.

* Instructor has to encourage feedback and dialog. Maybe it is because
  of the college environment, most of us have been there, done that. I
  found that students walk into class with very little expectation or
  motivation each day. They just want to go to class and leave, and
  probably forget the information. It is the instructor's job to
  incorporate debate and dialog in the course. You just can't hope
  that all students will be active. I had two debates and two expert
  panel sessions in the class, and they have been most engaging (as
  said by the students). Same goes for the discussions on copyrights,
  electronic voting, and P2P technologies -- no surprise considering
  the topics are controversial and debateable.

* Need a hands-on assignment to show how hard security is. Security is
  hard, we know that. But talk can only do so much. Recently, I gave a
  two-part group project on designing a fictitious state lottery game
  and its secure system. Not only did the students find that designing
  a system is difficult and time-consuming, but also how hard it is
  the accomodate for everything there is. I had to use so much red ink
  on grading the design projects, both phases (the game design and
  the system design)

These are just some highlights of what I learned in my very first
teaching experience. After I submit the course grades, I will sit down
and collect all my thoughts about the course. Would I want to do this
again? Absolutely, in a heartbeat.

Ming Chow is a scholar of science and technology, whose areas of
interests are human-computer interaction, game development, computer
security, and computer science in education.



_________________________________________
InfoSec News v2.0 - Coming Soon!
http://www.infosecnews.org
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • [ISN] What I Learned In Teaching Computer Security, Privacy, and Politics to a General Audience, InfoSec News <=
Previous by Date:  [ISN] Redfaced professor made up scary story, InfoSec News
Next by Date:  [ISN] Get Physical About IT Security, InfoSec News
Previous by Thread:  [ISN] Redfaced professor made up scary story, InfoSec News
Next by Thread:  [ISN] Get Physical About IT Security, InfoSec News
Indexes:  [Date] [Thread] [Top] [All Lists]