Information Security for Humans

Information Security for Humans

Duration

4 weeks, 24 hours in total

Times

Two evening classes a week

Team size

Up to 10 people in a group

Price

3,500 ₪

Cool — I'll ping you when it's on!

Curriculum

When people think about cyber security, they imagine hackers in hoodies typing away at a terminal; the truth is a bit more anticlimactic, and much, much more interesting. Cyber warfare is waged from stuffy offices, amidst donut crumbs, by a bunch of people who look more like the IT crowd than Mr. Robot — so in this course, we'll learn information security in its truest form.

We'll start with an introduction to Linux internals and reverse-engineering in IDA, following by low-level vulnerabilities (such as buffer and stack overflows, return-oriented programming and heap metadata corruption), as well as defenses (canaries, DEP and ASLR).

We'll then go over logical vulnerabilities such as shellshock, zip escape, masterkey and metldown, and network vulnerabilities, covering the internet's entire protocol stack: from promiscuous mode and ARP poisoning, through IP spoofing and TCP injections, to stuff like DNS poisoning and amplification, and various distributed denial of service attacks. We'll also talk about the most important application of the internet: the web, and how it can be attacked and defended — SQL injections, through cross-site request forgery, cross-site scripting, and the seemingly invincible HTTPS.

To understand it better, we'll mix in some math: from symmetric encryption as old as time itself, to the miracles of modern cryptography, we'll cover key exchange, hash functions, digital signatures and zero-knowledge proofs.

Last but not least, we'll talk about how hacking is actually done: network operations, malware, and what can be done to stop them. We'll see the never-ending game of cat and mouse between viruses and antiviruses; and with Adleman's theorm and Ken Thompson's hack, we'll reach the inevitable conclusion that resistance is futile — if not for the mindset develops. That philosophy, that world view, can help us not just in information security, but all across the field of computer science — and even life.

Testimonials

One of the best courses I've ever done at Google :-)
Google
Perfect level of detail and pace for a Googler ENG audience. Loved it.
Google
Dan put in an absolutely stellar performance as facilitator of not one but two sessions on information security for startups at Campus. The sessions were engaging, fascinating and beloved by the attendees, with a score of 6.6 / 7 - the highest of any Campus Startup School session in 2018!
Google Campus Startup School, London
The best lecturer I've ever had. This was the hardest course I've taken, but his explanations, patience and charisma made it possible. Thank you!
Tel Aviv University
Cool — I'll ping you when it's on!

Scholarship

Knowledge should be free — that's why I publish a lot of my materials online. But seeing as I can't scale my time, I have to charge money for it; and unfortunately, some people don't have the means to participate. So, every course iteration, one spot will be reserved for someone who couldn't have afforded it otherwise.

If you think you qualify, shoot me an email, tell me a bit about yourself, why you're interested in the course, and your situation — and we'll figure something out.