CS 458/658 Blog Task

Students in this course are required to complete a blog task to show that they can keep current with the latest developments in the computer security and privacy community.

Grade distribution:

1. Individual blog post: 36 marks (60%)
2. Comments on others' posts: 24 marks (40%), 4 marks per week, best six weeks (see below)

Description of the blog task:

• Sign up for a timeslot with the scheduling system by the deadline given in assignment 1.
• During your chosen time slot, write and publish a blog post about an issue from the last month that is related to computer security or privacy.
• When to post: We consider a blog task week to begin on Sunday 00:00am and to finish on Saturday 11:59pm of the chosen week. Bear in mind that the earlier you post, the more time your post will have to accrue comments from your peers. Thus, blog post submission early in the week is strongly encouraged (see below).
• Reply to comments made by other students on your blog post.
• Your mark will reflect how involved you are.
• Other than during the week you make a blog post, make at least two comments per week on blog posts from your peers.
• Only comments made on posts for the current week will count; comments on old posts will not be graded.
• Your best six weeks will be tallied for your final comment grade.

Rules:

• Your blog post must be posted on the discussion board in LEARN provided for that purpose during the timeslot you have signed up for.
• No late blog posts will be accepted. The 48-hour grace period for assignments does not apply to the blog post or comments.
• Topics are first come, first served and no issue should be posted by more than one student.
• If someone posts on the same topic, even five minutes before you, you will have to submit a different blog post.
• You can reserve a topic for 24 hours. To reserve a topic, make a blog post whose title includes "RESERVATION: " and a brief description of the incident. Give a link to the incident in the blog post. You must make your actual blog post in a separate blog post within 24 hours of your reservation. After 24 hours, your reservation expires and somebody else can reserve the topic. You cannot renew your expired reservation.
• Posts and comments must be in standard English (proper spelling and capitalization, complete sentences, etc.). "IM Speak" and similar abbreviations are not acceptable.
• References to any sources you used must be provided.
• You may not copy text verbatim from your sources.
• Academic integrity rules apply to blog posts and comments that you make.

If you have questions about the blog task, please post them to Piazza, visible only to instructors if necessary.

Guidance:

Your post should be about a specific security or privacy incident that happened during the last month and not about a security or privacy-related topic in general. For example, a break-in into a Bitcoin exchange would be a valid topic but a discussion of Bitcoin or cryptocurrencies in general would not.

Your post and comments should answer questions about the topic, such as:

• Why is it important?
• Who is affected?
• What impact might it have on people?
• What were the causes?
• How might similar problems be prevented in the future?

Comments should be substantial and have the potential to lead to greater conversation. Examples of standalone comments that will not be marked are:

• "This post is really good!"
• "I found a spelling error, it is here!"
• "Whoa! No way! That really happened?!"

Comments and blog posts that are not made in the weeklong time frame (between Sunday at 00:00 and Saturday at 23:59) will not be marked for that week. This includes any blog posts or comments made even a minute after the deadline as those comments will be considered as being in the week after. Complete the blog posts and comments early if you are worried you might not make the deadline.

If you want to discuss a very important and interesting topic that is older than a month, please ask for approval on Piazza in a private post. Only TA Shufan Zhang or an instructor can approve your request.

Suggested sources:

• Schneier on Security. A blog covering current computer security and privacy issues.
• The RISKS Digest. A forum on risks to the public in computers and related systems.
• BugTraq. A full disclosure moderated mailing list for the detailed discussion and announcement of computer security vulnerabilities.
• Threatpost. A forum on security issues.
• Databreaches.net. A forum on privacy news and data breaches.
• Wired Security. A forum on security issues.

Note that not all items in the above sources are related to computer security or privacy; you are responsible for selecting an appropriate topic. You are also welcome to consider other sources of information.

Rubrics

Blog Post:

Total: 36 marks.

[5 marks] Relevance to the course material

• Is the content of the blog post relevant to the course?

[5 marks] Recency of the topic

• Is the content of the blog post from within the last month?

[8 marks] Detailed description, with technical details as appropriate

• Does the blog post contain unique and clever insights?
• Is the blog post self-contained? (Does the blog post provide enough information that the reader does not necessarily have to read other materials to make sense of the blog post?)
• Is the content of the blog post accurate and well researched?
  • You will lose this mark if there are inaccuracies within your blog post.
• Are technical details presented in a clear manner?
  • If you do not have technical details within your blog post because the topic does not have technical content you will receive this mark.

[8 marks] Presentation and originality of the text

• Does the blog post have a clear and well-formatted presentation style?
• Is the title of the blog post representative of the content?
• Are abbreviations broken down within the text?
  Examples:
  • ..., where the Electronic Frontier Foundation (EFF) ...
  • Last year I received my Certified Information Systems Security Professional (CISSP) designation.
  Note: You do not have to mention the initialism or abbreviation if you only use the long form once or twice throughout your blog post.

[5 marks] Citations

• Is content cited as it is discussed?
  • Putting all the citations at the end of the blog post but not referencing them in the text will result in not receiving this mark.
• Are citations in numerical order and cited (as shown below) throughout the blog post?
  • ... text text text text [1]. Text text text text. Text text text. Text text text text text text [2]. The end.
    
    [1] CITATION
    [2] NEXT CITATION

[5 marks] Quality of the discussion you lead

• Does the blog post contain at least one discussion starting question posed to the reader?
• Does the author address comments on their post as needed?
  • Note: These marks are based on the quality of the discussion led by the author. Engaging with readers is critical to receiving these marks.

Comments:

Total: 24 marks (2 marks per comment, 4 marks per week)

• Comments should provide extra insight on the topic (such as how the information has changed since the time of the post), or answer one of the questions posed to the reader.
  • It is up to you to ensure that answering a question posed by the author will allow you to contribute to the discussion in a constructive way. If you have questions, you can ask the TA on Piazza.
• Comments should be unique from the others that are posted.
• Comment content should be accurate.
• Does the comment contribute a new viewpoint, information, or resources to the conversation?
  • Note: Just posting a link that discusses the same thing is not an acceptable contribution, but posting the link and describing the extra information or perspective contained within does.

Marks are taken away for:

• "IM speak".
• Grammatical and spelling errors.
• Citations are not done properly (as per the blog post rubric).