Call for Applications: Cybersecurity Tech Bootcamp for Law & Policy Professionals v1.1 (Austin, October 23-24)

By Robert Chesney
Monday, October 1, 2018, 11:49 AM

Last May, the cybersecurity program at UT-Austin’s Strauss Center hosted a well-received 1.5 day technical bootcamp for law and policy professionals who are interested in cybersecurity but who seek greater fluency with related technical concepts. The idea was to provide a deep dive into a select set of relevant topics, assuming no prior technical knowledge on the part of any attendees (many attendees knew a great deal about the legal and policy aspects of this topic, but not the technical side).

Well, we were thrilled with how it went, and we are going to do it again in just a few weeks! As with the first iteration, version 1.1 will be led by Professor Matt (Pwn All the Things) Tait, the Strauss Center’s senior fellow for cybersecurity. All the details you need appear below (including how to apply). Please note that if you are interested, you must apply by Thursday this week!

What’s the agenda?

Day 1 (Tuesday October 23)

8:30-10:00 Session 1: Foundations and investigations

a. Software

b. Malware

i. How it works

ii. Why it is difficult to eliminate

iii. Command-and-control servers/infrastructure

iv. Attribution

Case study: CitizenLab/Syria

Case study: False flags (Russia/Olympics/DRPK)

10:00-10:30 Break

10:30-12:00 Session 2: Code, Data, and memory corruption attacks

a. How processors work, what is code, data, and how are they stored in system memory?

b. How is text stored in memory, and what is the “stack”?

c. Stack overflow attacks, and how they work

12:00-1:00 Lunch (on site)

1:00-2:30 Session 3: Hacking Websites (I)

a. How do websites work?

b. Which hacks matter most? Distinguishing code running on the server from code running in the browser

c. Upload vulnerabilities

d. Databases (Introduction)

i. Role

ii. SQL and database languages

iii. Practice with a login request scenario

2:30-3:00 Break

3:00-4:30 Session 4: Hacking Websites (II)

a. Databases (hacks and mitigations)

i. SQL injection

ii. Illustrative attacks

Gaining admin privileges

Copying the user database

Controlling the server

iii. Defenses

SQL Parameterization

4:30-6:00 Break

6:00-9:00 Dinner: Franklin Barbecue

Day 2 (Wednesday October 24)

8:00-8:30 Arrive at UT Law (Eidmann Jury Room). Coffee and breakfast tacos await

8:30-10:00 Session 5: Cryptography Foundations

a. Passwords and password-hashes

i. Plaintext, reuse and hash algorithms

ii. Password dumps, brute force attacks and slow hashes

b. Symmetric Cryptography

i. evolution and examples

ii. stream ciphers, pseudo-random numbers, and backdoor vulns

c. Asymmetric Cryptography

i. explanation

ii. trap-door functions and integer factorization

iii. RSA

iv. limits of asymmetric cryptography

10:00-10:30 Break

10:30-12:00 Session 6: Cryptography Applications

a. digital signatures

b. cryptographic envelopes

c. device encryption

d. tamper-proof ledgers

e. end-to-end encryption


g. Applications:

Blockchain & bitcoin

Quantum cryptography breaking

Quantum key distribution

Post-quantum crypto

When does this take place?

The event runs all day on Tuesday, Oct. 23 and the first half of the day on Wednesday, Oct. 24.


Austin. All sessions will take place at the law school at the University of Texas.

How much will this cost?

Nothing. It’s on us, all of it. We’ve got you covered for hotel rooms for two nights (Monday the 21st before the event begins, and Tuesday the 22nd), and we will cover all the meals. And we will reimburse you for reasonable air travel expenses, too.

Hmmm … and what might those meals entail?

Barbecue, for one thing. And not just any barbecue. For the Tuesday night dinner, we’ve rented out the legendary Franklin Barbecue (normally you have to get in line at 9 in the morning if you hope to kick the tires at Franklin). We’ll also provide lunch during the Tuesday session, and naturally will have breakfast tacos to start each day.

How do I claim a spot?

We are going to select up to 15 participants, based on who throws their hat the ring this week. Here is the link to request to participate.

Deadline to apply?

Thursday, Oct. 4, 2018, by the end of the day.

When will I learn if I’ve been selected?

We will announce selections by mid-day this Friday, and will be in touch immediately to begin arranging your travel.

What if I have questions?

Email Bobby Chesney, the director of the Strauss Center, at [email protected].