Welcome!

Sp 2005 - Another security course, CS498CAG (a rant): What a surprise. CS 498 - Fundamentals of Security (by Carl Gunter) was offered this semester as a sequel to CS 498 - Information Assurance (supervised by Campbell, taught by other people) and was almost completely useless. After taking the initial one around 2 years ago (taught by Ken Rowe), I took another. I guess I don't learn from my mistakes.; As far as I can tell this class was just a repeat of Information Assurance with different powerpoint slides (copied directly from the books author). Same topics, same high level no detail no thinking approach to learning about security. Memorization skills were key here for the tests. Topics included: basic security policy (ex. Bell-Lapadula), basic cryptography (why do we STILL study the Caesar cipher?), something that had to do with authentication and certificates, and access control.; There was no mathematical analysis, and common in class questions were of the sort: for crypto - "Why does CBC not appear after RC4 on this chart?", or about an Access Control Matrix - "Can Alice access this file?"; ALL HOPE IS LOST, almost.; In defense of this class, I heard it was improved for the current offering.

Course Material should be public domain: Quality of education is important. Keeping a professors course material hidden behind passwords and logins removes the peer review step that is supposed to be happening at universities. Research papers are reviewed and commented on before being published - there's no reason that professors should not be held accountable for terrible courses, copying notes, or anything else that might come up in a similar peer review of a research paper. It also allows the students that are taking the course to get an idea of the level and value of the course in general.

imchris.org