This is a class on the design and implementation of secure computer systems, focusing on threat models, attacks that compromise security, and techniques for achieving security. *Now with better audio!*
Nickolai Zeldovich, James Mickens
In this lecture, Professor Mickens discusses the economics of the spam ecosystem.
In this lecture, Mark Silis and David LaPorte talk about information security and their roles at MIT IS&T.
In this lecture, Professor Mickens discusses the concept of taint tracking, looking at information flow analysis in the context of the Android platform.
In this lecture, Professor Zeldovich discusses the Android platform and its security design.
In this lecture, Nick Mathewson delivers a guest lecture on Tor and Anonymous communication.
In this lecture, Professor Mickens discusses privacy in the context of web browsers and web security.
In this lecture, Professor Mickens discusses authentication schemes and their implementations.
In this lecture, Professor Zeldovich discusses side-channel attacks, specifically timing attacks.
In this lecture, Kevin Fu from the University of Michigan delivers a guest lecture on medical software.
In this lecture, Professor Zeldovich discusses how to cryptographically protect network communications, as well as how to integrate cryptographic protection of network traffic into the web security model.
In this lecture, Professor Zeldovich discusses the Kerberos authentication service.
In this lecture, Professor Zeldovich discusses network security, and how TCP/IP has evolved.
In this lecture, Professor Solar-Lezama from MIT CSAIL presents the concept of symbolic execution.
In this lecture, Professor Mickens continues looking at how to build secure web applications.
In this lecture, Professor Mickens introduces the concept of web security, specifically as it relates to client-side applications and web browser security models.
In this lecture, Professor Zeldovich introduces the Native Client system, and its approach to software fault isolation.
In this lecture, Professor Zeldovich continues the topic of privilege separation, discussing the usage of capabilities with regards to privilege.
In this lecture, Professor Zeldovich introduces the concept of privilege separation in the context of system security.
In this lecture, Professor Mickens discusses topics related to buffer overflow exploits, including baggy bounds handling, mitigation approaches, and return-oriented programming.
In this lecture, Professor Mickens continues the topic of buffer overflows, discussing approaches to such control hijacking attacks.
In this lecture, Professor Chlipala discusses Ur/Web, the programming language he created for modern web applications.
In this lecture, Professor Zeldovich gives a brief overview of the class, summarizing class organization and the concept of threat models.