News
Final 1 Grades on CMSWritten on 21.02.25 by Nils Ole Tippenhauer Dear Students, we just released the Final 1 grades on CMS. We also uploaded a solution in the materials collection. Dear Students, we just released the Final 1 grades on CMS. We also uploaded a solution in the materials collection. If you want a scan of your thesis, please register for it here on CMS, we added a new registration option. Registration deadline is next Wednesday 11:59am. Scans will be sent until end of next week. We will create a second registration for on-site inspection afterwards. Regards, Nils |
Exam Seating Released, Additional Content SurveyWritten on 17.02.25 by Nils Ole Tippenhauer Dear students, everyone who signed up for the first final should now see their seating information for the final in CMS. Please remember to bring a student ID and other photo ID for the exam. We will not provide or allow cheat-sheets this iteration. If you are sick on exam day, please get a… Read more Dear students, everyone who signed up for the first final should now see their seating information for the final in CMS. Please remember to bring a student ID and other photo ID for the exam. We will not provide or allow cheat-sheets this iteration. If you are sick on exam day, please get a doctor's note and provide it to the examination office. If you have any other questions, please let us know. For the re-examination/second final, we configured CMS to only allow you to register via LSF/HISPOS. If you have issues with that registration, please contact tippenhauer@cispa.de Lastly, only few of you filled the official evaluation. We prepared an additional short evaluation to get more feedback on topics in lectures and exercises, anonymous via google forms: https://forms.gle/rNAkDqThEfDtcyLf7 All the best for the exam, Nils |
Re: Registration for final exam. LSF DEADLINE TODAYWritten on 12.02.25 by Nils Ole Tippenhauer Dear students, our tutors worked hard to grade all relevant exercise submission, and points should be final by now. In some cases (to speed up grading), we just checked that you have at least 150 points. Let us know if you have specific questions. There is a significant number of students who… Read more Dear students, our tutors worked hard to grade all relevant exercise submission, and points should be final by now. In some cases (to speed up grading), we just checked that you have at least 150 points. Let us know if you have specific questions. There is a significant number of students who qualify for the final, but have not registered on LSF. If you plan to write the first final on 19.2. you MUST register on LSF. We CANNOT allow you to take the exam without prior LSF registration. As announced on 4.2., the LSF deadline is today (I don't know the exact time, I hope it is still possible). Register on LSF ASAP if you plan to take the exam next week. Hope to see you next week in the exam, Nils |
Reminder: Guest Lecture and CTF Contest Award Ceremony, today from 16:15-17:45Written on 11.02.25 by Alexander Ponticello Dear students, This is a gentle reminder to attend our guest lecture today. Preferably in person, but also online via Zoom (use the link below). After the talk, we will honor the best teams of this semester's CTF competition, so be sure to stick around. Finally, I once again ask for your… Read more Dear students, This is a gentle reminder to attend our guest lecture today. Preferably in person, but also online via Zoom (use the link below). After the talk, we will honor the best teams of this semester's CTF competition, so be sure to stick around. Finally, I once again ask for your feedback. The TAs put a lot of effort into preparing interesting challenges for you, and it would be immensely helpful to us if you could provide us with some feedback on what you liked or found most instructive. We prepared a small survey which we would kindly ask all of you to fill out https://cispa.qualtrics.com/jfe/form/SV_3IQCfiUKw6gKrdk Again, thank you very much and see you later! Alexander
https://cispa-de.zoom-x.de/j/65392812580?pwd=nZQjwLKbJQ6NALLocXKBonnanl3FTf.1
|
CTF Contest Award Ceremony on Tuesday, February 11thWritten on 06.02.25 (last change on 07.02.25) by Alexander Ponticello Dear students, as this course is coming to an end, so is our little CTF contest. First of all, thank you very much for everyone who stuck with us throughout the semester, solving challenges till the end. Second, we would like to reward your active participation, therefore, we prepared some small… Read more Dear students, as this course is coming to an end, so is our little CTF contest. First of all, thank you very much for everyone who stuck with us throughout the semester, solving challenges till the end. Second, we would like to reward your active participation, therefore, we prepared some small prices for the top 3 teams in the ranking at the end of the contest. You can still collect points until the deadline of exercise sheet 6, afterwards we will also close the CTF platform for flag submissions. Then, on Tuesday February 11th, at the end of the guest lecture (16:15-17:45), we would like to hold a small award ceremony in the lecture hall, so it would be amazing if you could come by and collect your price and person or applaud your fellow students for their great effort. Of course, if some of the top placed students can not make it, we will see to get their price to them through other means. Finally, I once again ask for your feedback. The TAs put a lot of effort into preparing interesting challenges for you, and it would be immensely helpful to us if you could provide us with some feedback on what you liked or found most instructive. We prepared a small survey which we would kindly ask all of you to fill out https://cispa.qualtrics.com/jfe/form/SV_3IQCfiUKw6gKrdk
Again, thank you very much and see you all on Tuesday! Alexander |
Challenge back onlineWritten on 05.02.25 by Alexander Ponticello Dear Students, The challenge "E6: Cutting Onions" is back online and can be solved again. Best, Alexander |
Exercise sheet 6 Challenge IssuesWritten on 04.02.25 (last change on 04.02.25) by Alexander Ponticello Dear students, unfortunately, we are experiencing issues with the "E6: Cutting Onions" challenge, which is currently unreachable. We are working on it and will update you as soon as possible. Please excuse the inconvenience.
Best, Alexander |
Registration for final examWritten on 04.02.25 by Nils Ole Tippenhauer Dear students of Security, our final is scheduled for 19.2.25. Please make sure to register on LSF until one week before that, as it is not possible to register later. I am importing registrations from LSF into the CMS registration regularly, so it is sufficient to register on LSF. I will also… Read more Dear students of Security, our final is scheduled for 19.2.25. Please make sure to register on LSF until one week before that, as it is not possible to register later. I am importing registrations from LSF into the CMS registration regularly, so it is sufficient to register on LSF. I will also check on everyone's points in the exercises one week before the exam, and ask UdS to unregister anyone from LSF that has less than the required 150 points at that time. If you are still waiting for points from EX5 and/or EX6 to reach this threshold: we will make sure that such exercises are corrected in time, but it will be close to the deadline if you rely on points from EX6. We are currently not planning to have a cheat sheet for the final, in particular not one written by students. Please have a look at the old exam posted in the material collection for reference on the style of questions asked. |
Bonus Lecture on Tuesday, February 11thWritten on 03.02.25 by Alexander Ponticello Dear students, tomorrow marks the last official lecture of this semester, thank you all for sticking with us throughout this course! This means, there will be NO lecture on Wednesday, February 5th! We want to thank you for your collaboration, especially those who regularly joined the lectures… Read more Dear students, tomorrow marks the last official lecture of this semester, thank you all for sticking with us throughout this course! This means, there will be NO lecture on Wednesday, February 5th! We want to thank you for your collaboration, especially those who regularly joined the lectures and participated in an active manner, thank you! For you, and also everyone else who is interested, we have a little present ;) Namely a bonus lecture on February 11th, at the usual time slot, i.e., 16:15-17:45 at GHH. We managed to get a expert from the industry who will give you some insights as to how security is handled in practice in large companies such as Adidas or ÖBB (Austrian Federal Railways). This lecture will NOT be part of the exam, however, we still hope many of you attend as this is a unique opportunity to hear about these topics from someone from industry and of course ask all your questions. Since our speaker is joining us remotely, you can do so as well via the Zoom link below. We will set up the streaming in GHH and moderate the Q&A session from there. So see you all there and here is a TLDR of the bonus lecture:
Title: "Industrial Security Skills and Careers: Some Personal Insights" Dr. Markus Donko-Huber (née Huber) is an expert in the area of Information Security and Privacy. He spent 10 years in academia and organized the Privacy Enhancing Technologies lecture at TU Wien. Markus previously worked to improve the security and privacy of adidas Runtastic. He currently works as a Security Architect at ÖBB. February, 11th 2025, 16:15-17:45, GHH (or online via Zoom)
https://cispa-de.zoom-x.de/j/65392812580?pwd=nZQjwLKbJQ6NALLocXKBonnanl3FTf.1
|
Exercise sheet 6 releaseWritten on 29.01.25 by Alexander Ponticello Dear students, I just released exercise sheet 6, covering the malware, privacy, and today's lecture on threat modeling. I hope you enjoy this final exercise sheet. Remember you need at least 50% of the total exercise points (300) to qualify for the exam. As always, we are very happy about… Read more Dear students, I just released exercise sheet 6, covering the malware, privacy, and today's lecture on threat modeling. I hope you enjoy this final exercise sheet. Remember you need at least 50% of the total exercise points (300) to qualify for the exam. As always, we are very happy about your feedback (also for the lecture), which you can send either directly to me or my colleagues or anonymously via CMS.
Happy hacking! Alexander |
Today's lecture is canceled due to sicknessWritten on 28.01.25 by Katharina Krombholz Dear students, we are very sorry, but unfortunately we have to cancel today's lecture as Katharina is sick. See you tomorrow! |
Exercise 3 PointsWritten on 16.01.25 by Simeon Hoffmann Hi all, we released the grading of exercise 3 Simeon |
Exercise sheet 5 releaseWritten on 15.01.25 by Alexander Ponticello Dear students, I just released exercise sheet 5, covering the topics of today's lecture on authentication as well as usable security. Sorry for the slight delay, on challenge created some issues which we had to get rid of first. I hope you enjoy this slightly different style of practical… Read more Dear students, I just released exercise sheet 5, covering the topics of today's lecture on authentication as well as usable security. Sorry for the slight delay, on challenge created some issues which we had to get rid of first. I hope you enjoy this slightly different style of practical exercises, as always, we are very happy about your feedback (also for the lecture), which you can send either directly to me or my colleagues or anonymously via CMS.
Have a great week! Alexander |
Scoreboard challenges disabled when solutions releasedWritten on 06.01.25 by Till Schlüter Hi all, Just a quick update on the CTF scoreboard: we've decided to disable the challenges for which we already published solutions. This means that flags for these challenges can no longer be submitted. The reason is that we want to reward those students who solve the challenges on their own, but… Read more Hi all, Just a quick update on the CTF scoreboard: we've decided to disable the challenges for which we already published solutions. This means that flags for these challenges can no longer be submitted. The reason is that we want to reward those students who solve the challenges on their own, but we can no longer distinguish flag submissions based on original work from flag submissions based on our solutions once the solutions are out. We've also applied this rule retroactively and invalidated all flag submissions that we received after the solution to a challenge had already been published. The scores on the scoreboard have been recalculated accordingly. We note that you can still test whether a flag is correct or not, even for disabled challenges: go to the flag submission page and insert the flag. If you get the message "Challenge is disabled", the flag was correct. Otherwise, you will see the message "Invalid flag". You will not receive scoreboard points for such submissions though. Naturally, this change only affects the scoreboard and does not have any effect on your exercise sheet points or grades. Happy hacking! |
Points for sheet 2, sample solutions for sheet 3Written on 23.12.24 by Till Schlüter Dear students, We've released the points for sheet 2 and the sample solutions for sheet 3. Till |
All Tasks Back OnlineWritten on 21.12.24 by Lea Gröber Dear all, all tasks are online again. Happy hacking! |
Tasks Online and Additional Hints on Sheet 04Written on 20.12.24 by Lea Gröber Hello everyone, the exercises E4: XSS Attacks and E4: Advanced XSS 1 are active again. Further, we updated exercise sheet 04 with additional hints. We are still working on the remaining two exercises. |
CSRF + XSS Challenges down for maintananceWritten on 19.12.24 by Alexander Ponticello Dear students, due to some technical issues, the CSRF + XSS challenges are currently not working as expected. We are working on the issues, for the time being, these challenges are deactivated in the scoreboard and not exploitable on the website. The affected front-end will still show as usual,… Read more Dear students, due to some technical issues, the CSRF + XSS challenges are currently not working as expected. We are working on the issues, for the time being, these challenges are deactivated in the scoreboard and not exploitable on the website. The affected front-end will still show as usual, however the corresponding back-end services are offline. We apologize for the inconvenience and will release another news once the issues is resolved.
Best, Alexander |
Tutorial 5 cancelled todayWritten on 09.12.24 by Simeon Hoffmann Hi all, unfortunately, Joys is sick today and thus tutorial 5 is cancelled. Roman offered that flexible students can join his tutorial session (tutorial 4, E2 5, SR 3, 10:15) instead today. Simeon |
Update to "canary" challenge, scoreboard prizesWritten on 06.12.24 (last change on 06.12.24) by Simeon Hoffmann Dear students, In addition, let me take this opportunity to… Read more Dear students, In addition, let me take this opportunity to announce that there will be small prizes for the top 3 scoring teams on the scoreboard at the end of the lecture ;) |
Points for sheet 1, sample solution for sheet 2Written on 03.12.24 by Simeon Hoffmann Dear students, we just released the points for sheet 1 and the sample solution for sheet 2. Also, please remember to submit on time as we cannot take any late submissions. You can always upload a preliminary solution early, and reupload in case you make changes. Simeon |
Submissions: No hand-written notes and no LLM-generated content, please.Written on 29.11.24 by Till Schlüter Dear students, We have two more requests regarding the exercise sheet submissions: 1. No hand-written submissions To make our tutor's lifes easier, please do not submit (scans/pictures of) hand-written notes. For exercise sheet E2, we strongly discourage handing in such documents, but will… Read more Dear students, We have two more requests regarding the exercise sheet submissions: 1. No hand-written submissions To make our tutor's lifes easier, please do not submit (scans/pictures of) hand-written notes. For exercise sheet E2, we strongly discourage handing in such documents, but will still accept them (as the deadline is already approaching). Starting from exercise sheet E3, however, we will no longer accept hand-written notes in submissions. 2. No LLM-generated content In addition, we want to remind you of our policy regarding the use of large language models (LLMs) to solve the exercises (as outlined in the intro lecture): you may use LLMs to polish your writing or make your submission more readable, but not to generate any actual content. Keep in mind that one purpose of the exercises is to prepare you for the exam, where no LLMs will be available. Thanks, |
Screenshots in submissionsWritten on 21.11.24 by Till Schlüter Dear students, When you submit code, please only submit it as source files. Do not submit screenshots. You can upload a ZIP file as submission to CMS. |
Tutorial detailsWritten on 31.10.24 (last change on 31.10.24) by Simeon Hoffmann Hey everyone, after manually reassigning the tutorials for some people, tutorial assignments are now fixed. If you want to attend another tutorial, please find someone from your preferred tutorial to swap with. Short reminder that tutorials start on Nov 7th, so there are no tutorials on Monday.… Read more Hey everyone, after manually reassigning the tutorials for some people, tutorial assignments are now fixed. If you want to attend another tutorial, please find someone from your preferred tutorial to swap with. Short reminder that tutorials start on Nov 7th, so there are no tutorials on Monday. The first sheet will be released next week Wednesday, on Nov 6th. Checkout the timetable for the latest details. Simeon |
Tutorials assignedWritten on 29.10.24 by Till Schlüter Dear students, The tutorials have been assigned. You should now see the tutorial slot assigned to you on your personal status page. Till |
Question Sheet 0Written on 15.10.24 (last change on 15.10.24) by Simeon Hoffmann Hey all, we just uploaded question sheet 0. This sheet is not graded, and meant to make you familiar with the tooling. It will be discussed in the tutorials. Simeon |
Introduction and general lecture scheduleWritten on 15.10.24 by Nils Ole Tippenhauer Dear student of Security'24, for this week, we have prepared an introductory lecture as video, as Katharina and Nils are both traveling. You will find the link to the video/slides in the material collection here on CMS. From next week on, all lectures will be in-person, starting with the lecture on… Read more Dear student of Security'24, for this week, we have prepared an introductory lecture as video, as Katharina and Nils are both traveling. You will find the link to the video/slides in the material collection here on CMS. From next week on, all lectures will be in-person, starting with the lecture on October 22nd. We also plan to release an ungraded tutorial exercise (Q0) soon - you will also find it in the material collection. Please use the Askbot feature on CMS if you have any questions after watching the intro video! Regards, Nils |
Security
The Security core lecture ("Stammvorlesung") will be offered in the winter term 2024/2025.
Lectures
We plan to offer the lecture as a in-person class. Note: For the first week of the term (14.-18.10.) we will offer a pre-recorded introduction video as both Katharina and Nils are not in Saarbrücken. The main lecture content starts in the second week, with an in-person lecture on October 22nd. All later classes will be in-person as well.
The schedule for the two lectures per week is as follows:
- Tuesday 16:15-17:45 (GHH)
- Wednesday 12:15-13:45 (GHH)
Registration
Registration in this CMS is required until October 27, 2024. LSF exam registration is required to participate in the exams (and will be possible until ~1 week before the final exam).
Tutorials
Details on tutorials will be announced later
Exams
Final: 19.2.25 10am-12pm
Re-exam: 19.03. 2-4pm.
Location: We will have GHH for both. In addition, for the first date we will have all 3 lecture halls in E1 3, for the re-exam HS002 in E1 3. Room assignment for students will be done via CMS shortly before the exam.
Mental Health
Being a student is challenging and might be very overwhelming. If you need support during times of struggle, reach out to friends, family, or faculty you trust. The student union at UdS also offers a counseling service that you may contact. You do not have to go through this alone! If for whatever reason (e.g., a personal emergency) you cannot attend the lectures or deliver your work in time, please let us know and we will make appropriate arrangements.