Policies
Communication
We will be using Piazza for discussions outside of class. Rather than emailing general questions to a professor or TA, we encourage you to post your questions on Piazza, so everyone can benefit from the answer and any discussions around it.
Grading
For each exam (and only for the exams), we will curve the scores (upward only) to a normal distribution.
We translate your final class percentage into a letter grade as follows:
- 89.5 – 100: A
- 79.5 – 89.4: B
- 69.5 – 79.4: C
- 59.5 – 69.4: D
- < 59.5: F
The total points possible are allocated as follows:
- 30% Homework
- 25% Best exam score
- 25% Second best exam score
- 10% Third best exam score
- 5% Class Participation
- 5% Recitation Participation
Participation
Attendance is required (if not always strictly recorded). Lectures will be held synchronously on Zoom (see the Zoom link on our Canvas site). You will be responsible for all materials presented in lectures and recitations. You should not expect that all lecture or recitation materials will be given to you in written form. We strongly encourage you to be active in class discussions, in recitation, and Piazza, but your actual participation grades will be based on the quantitative measures described below. If you are unable to attend lecture or recitation synchronously, please get in touch via Piazza, and we will arrange alternate assignments.
Recording (audio or video): To accomodate the inevitable technical glitches that might disrupt your attendance over Zoom, we will be recording the lectures. The recordings will be made available via the Panopto link on Canvas. Up to 24 hours may be needed to transcode the videos so they may not be available immediately after the lecture slot.
Students may not independently record lectures or recitations or post the recordings without explicit permission in writing from the instructor. Violations will result in your failing the course. Exceptions will be granted in accordance with university guidelines for accessibility concerns, but even then such recordings may not be shared publicly or privately and must be deleted at the end of the semester.
Class Participation Score: Your class participation score will be based on the use of Zoom polls. Most classes will begin with 1-2 questions about the previous lecture. These will be answered on your own. There will also be questions during the lectures. For these, you will typically be allowed to confer with a partner before answering. Overall, there will typically be 4-5 questions each class. To lower the pressure and to account for inevitable conflicts or technical glitches that cause you to miss class, we will drop the lowest 30% of your answers. In other words, if during the entire course, we have 100 questions, then if you get credit for 70 of the questions, you will receive the full 5% participation score.
Recitation Participation Score: Most recitations will involve a group activity that you should be able to complete during recitation (the goal is not to give you more homework!). If you complete the activity by the end of recitation, you will receive 5 points. If by the end of recitation, you can show us that you made substantial progress on the activity, then you will receive 4 points. Otherwise, you will receive 0 points. We will drop the lowest 25% of your recitation activity scores.
Participation Ethics: Note that class and recitation participation points are meant to provide both you and me with important feedback on how well you are learning the material. In this regard, they serve the same purpose as homeworks or exams, just at a more frequent, lower-stakes level. Hence, just like on homeworks and exams, conferring with others is not permitted (unless otherwise announced) nor should you enter answers on others’ behalf. Violations will be handled in accordance with the Cheating Policy below.
Optional Bonus Participation:
One of the fun/scary parts of computer security is that security problems are
constantly in the news!
One time during the semester, if you choose, you can add a post to Piazza about
such a news item, as long as no one else has already covered that particular bit
of news. In your post, succinctly and in your own words explain how the news
relates to the class, what the underlying security flaw was
(i.e., don’t just say “TwitBook got hacked”, say “An attacker exploited
an XSS vulnerability in a library that TwitBook’s site relies on”),
and how it could have been prevented, ideally using techniques we have covered in class.
Include any relevant links to the news coverage,
and ideally any underlying technical details (e.g., the revelant
entry in a CVE database).
Be sure to tag you post with the “News” folder.
A good news post will be worth 4 participation points,
which will be added to the lowest of your class or recitation participation scores.
Readings
Most lectures will be accompanied by optional and required readings. Optional readings provide further depth and/or explanation which can be quite helpful for improving your understanding or approaching certain homework questions, but the material in optional readings will not be required for exams. Each class with a required reading will be accompanied by a “quiz” on Canvas. The “quiz” will ask you to summarize the key points of the reading and report on any aspects you found confusing. To ensure we can respond to such confusion during lecture, the “quiz” will be due a few hours before the corresponding lecture. Late answers will not be accepted nor can late days be used. Providing reasonable answers to both questions on the quiz will be worth 2 points. Scores from quiz responses will be considered as part of your homework score. To account for the vicissitudes of life, we will drop your two lowest reading scores.
Resources
Many of the lecture slides rely on PowerPoint animation to better convey the concepts. Hence, when reviewing the slides at a later point, they work best if you actually click through the presentation, instead of just looking at the slides statically. CMU provides you with a free, downloadable copy of PowerPoint. If you run into trouble with that, you can also use PowerPoint in a virtual machine, or via Virtual Andrew. You can also view them via a free online viewer or mobile app.
Before each lecture, we provide you with a lecture guide (see the lecture schedule for links). These include a variety of questions you should be able to answer by the end of the lecture. The notes are not a substitute for attending lecture; they are merely intended to help you focus on important topics that the lecture will cover. Note that material that does not appear in the lecture notes is still fair game for homeworks and exams.
Late Days
Late days interfere with the ability of course staff to quickly turn around assignment grades and solutions. The problem is we cannot give out solutions or graded assignments until everyone has turned in their work. However, we understand that unforseen circumstances may arise. Thus, each student has a budget of 3 late days for the semester, of which at most 2 can be used on any single assignment. To use a late day, you must register it via our Google form before the official deadline. If you ask to use a late day after the deadline, it will be too late. Once your budget of late days has been used up, no further days will be granted, and late homework will be marked as a zero.
The only exceptions will be for family emergencies or exceptional circumstances, such as hospitalization. We do not offer exceptions for personal scheduling issues such as interviews, class load, etc.
Ethics, and Cheating
The course staff will treat all students ethically and fairly. We, in turn, expect the same from all students.
Any lapse in ethical behavior will immediately result in −1,000,000 points, as well as be immediately reported to the appropriate university disciplinary unit. Really. No matter what. The course staff looks at students who cheat or plagiarize as far beneath someone who fails the course.
This course will follow CMU’s policy on cheating and plagiarism. Note that the policy gives several examples of what constitutes cheating and plagiarism. If you have any questions, you should contact the instructors.
Students should behave ethically. This means obeying the law, but that is not enough. Behaving ethically means you avoid activities that do harm or may do harm to people, the environment, or other computers. In short, don’t be a nuisance.
Note just because you can do something (or you read about others doing it) does not make it ok. For example, scanning a network may not be illegal (I am not a lawyer, so I shy away from definitive statements). However, scanning can crash computers. For example, we know of several very popular commodity-grade IP cameras that crash when you scan them. Sure, the camera software is buggy. But is there any reason for you, not being a professional, to crash a camera monitoring a baby? Launching exploits, “testing” the security of a system without explicit permission from all necessary parties, and so on are all unethical for the purpose of this course.
Collaboration. Students are encouraged to talk to each other, to the course staff, or to anyone else about any of the assignments. Assistance should be limited to discussion of the problem and sketching general approaches to a solution. Each student must turn in his or her own solution, derived from his or her own thoughts. Course staff may verify a student did the prescribed work by asking for a verbal explanation, and failure to correctly re-explain a submitted solution is considered a strong indication of cheating.
Work Life Balance
Take care of yourself. Do your best to maintain a healthy lifestyle this semester by eating well, exercising, avoiding drugs and alcohol, getting enough sleep and taking some time to relax. This will help you achieve your goals and cope with stress.
All of us benefit from support during times of struggle. You are not alone. There are many helpful resources available on campus and an important part of the college experience is learning how to ask for help. Asking for support sooner rather than later is often helpful.
If you or anyone you know experiences any academic stress, difficult life events, or feelings like anxiety or depression, we strongly encourage you to seek support. Counseling and Psychological Services (CaPS) is here to help: call 412-268-2922 and visit their website. Consider reaching out to a friend, faculty or family member you trust for help getting connected to the support that can help.
If you have questions about this or your coursework, please let us know.
Commitment to Diversity
Every individual must be treated with respect. The ways we are diverse are many and are critical to excellence and an inclusive community. They include but are not limited to: race, color, national origin, sex, disability, age, sexual orientation, gender identity, religion, creed, ancestry, belief, veteran status, or genetic information. We at CMU, will work to promote diversity, equity and inclusion because it is just and necessary for innovation. Therefore, while we are imperfect, we will work inside and outside of our classrooms, to increase our commitment to build and sustain a community that embraces these values.
It is the responsibility of each of us to create a safer and more inclusive environment. Bias incidents, whether intentional or unintentional in their occurrence, contribute to creating an unwelcoming environment for individuals and groups at the university. If you experience or observe unfair or hostile treatment on the basis of identity, we encourage you to speak out for justice and support in the moment and and/or share your experience anonymously using the following resources:
- Center for Student Diversity and Inclusion: Email: csdi@andrew.cmu.edu, Phone: (412) 268-2150
- Report-It online anonymous reporting platform: Username: tartans, Password: plaid
All reports will be acknowledged, documented and a determination will be made regarding a course of action. All experiences shared will be used to transform the campus climate.