CS 4630

I have mixed feelings about this class. Defense isn't supposed to be a super difficult class... sure it's low leveled, but the intent is to introduce undergraduates to computer security in a fun way: Davidson's original objective when he created the course. With Bloomfield, I thought this class would be extra chill since 2150 was a ton of work... WRONG. This class was by far one of the least-chill classes I've ever taken. The assignments and exams were completely different from other instructors. Some of the assignments took upwards of 18 hours. The Obfuscation HW was extremely vague and could've been interpreted in so many ways. Some spent 15+ hours on it while others only spent 7 hours. It was just an utter waste of time. Bloomfield had to change parts of the assignment since it was literally impossible. (if you interpreted the assignment correctly) There was no clear objective of the assignment. The RSA homework was a nightmare. This is a 4000 level CS class... we shouldn't be doing busy work: we should be learning challenging material. Not only were the instructions very unorganized, the RSA homework was busy work and nothing else. It didn't teach me anything about RSA; instead, it taught me how to follow directions and read binary files [which he changed to ascii since so many people couldn't complete it.... but guess who still did it with binary files :) ]. Students probably spent over 15 hours on that as well. The Hashing HW was also a complete waste of time. Why should I implement SHA-1 using C++? Not only is that reinventing the wheel, you're reinventing a broken wheel. (Google cracked SHA-1 like last semester) When I told my friend from CMU that we were implementing SHA-1, he laughed. Apparently his professors said "never try to implement a hashing algorithm, it's a waste of your time. there are better ones written for you" a couple days ago. Debugging that was ridiculous too.... but partial credit was extremely generous.

Although the buffer overflow and format string homeworks took a lot of time, they were actually interesting and taught us a lot about these vulnerabilities. I really wish we could've spent more time on other topics like ROP chains, Wireshark (packet sniffing), and more modern techniques. Instead, we just got ridiculous busy work that should not be given to experienced CS Majors. The exams were 2150 style and complete memorization; however, his grading guidelines were just awful for this class.... so it wasn't as easy as 2150 exams.

Overall, Bloomfield is a chill guy and definitely knows his stuff. I still learned a lot from the course, but I think his curriculum isn't mature yet. The course average ended up being a 69%, but he pulled through with a 10 point curve. He's a chill guy, but I definitely think the course could've been better. We never got our OWL certificates and he never dressed up as Snape/Dumbledore. Take it with Davidson.

I took this class thinking it would be a fun SpinOff Hogwarts class about the world famous fiction series, Harry Potter, written by JK Rowling. Imagine my disappointment when I discovered that I would be learning how to battle the viruses and malware of the cyber world rather than defeating dark wizards and witches unknown! Besides that, the class was alright as long as you kept up with all of your work.