From 18871cdcf64830128d70559dfff790dd7d8df4a0 Mon Sep 17 00:00:00 2001 From: leo Date: Fri, 26 May 2023 07:53:23 +0200 Subject: [PATCH] tex: rework conclusion --- tex/text.tex | 53 +++++++++++++++++++++++++++++----------------------- 1 file changed, 30 insertions(+), 23 deletions(-) diff --git a/tex/text.tex b/tex/text.tex index 9dc9b6c..5e42d70 100644 --- a/tex/text.tex +++ b/tex/text.tex @@ -1727,39 +1727,46 @@ a testing instance; therefore, limits to prevent abuse might be imposed. % =========================================================================== % \nn{Conclusion} -This thesis opened by introducing common terminology and continued with a dive -into cryptography topics such as encryption, mentioned Diffie-Hellman key -distribution scheme and briefly mentioned TLS. Further, it discussed the inner -workings of browsers and the protocols that underpin them. +The objectives of the thesis have been to create the Password Compromise +Monitoring Tool aimed at security-conscious user in order to validate their +assumptions on the security of their credentials. The thesis opened by +introducing common terminology and continued with a dive into cryptography +topics such as encryption, Diffie-Hellman key distribution scheme and briefly +mentioned TLS. Furthermore, it discussed the inner workings of browsers and the +protocols that underpin them. Additionally, security mechanisms such as Site Isolation and Content Security -Policy, that are commonly employed by mainstream browsers of today were +Policy, commonly employed by mainstream browsers of today, were introduced and the reader learnt how Content Security Policy is easily and dynamically configured. -The large part of the thesis then revolved around the practical part, described -everything from tooling used through application high-level-view architecture -to implementation of specific parts of the application across the stack. +An extensive body of the thesis then revolved around the practical part, +describing everything from tooling used through application high-level-view +architecture to implementation of specific parts of the application across the +stack. -Finally, the practical part concluded by extensively describing validation -methods used to verify the application worked correctly. +Finally, the practical part concluded by broadly depicting validation +methods used to verify if the application worked correctly. -Of course, there are things that the author wishes were done differently or -engineered better, but not everything could realistically be realised in the -limited timespan and scope that had to be imposed on the project to prevent -diverging. This constitutes clear candidates for future work that improves on -the existing state, for example accessibility-wise. Author's unfamiliarity with -the accessibility tooling sometimes compromising on the quality in this segment -of the application, but it is a known deficiency. Further, on the list of tasks -for the future also remained adding \emph{fuzzing} tests for the program, -producing Software Bill of Materials, utilising additional immutable database -or unifying the frontend design language across the pages. +The author would like to recognise that there are certain aspects of the thesis +in the need of further development. It is necessary to admit that not +everything could have realistically been realised in the limited timespan and +scope imposed on the project to prevent diverging. The concerns mentioned above +constitute clear candidates for future work of the author who intends to +improve on the existing state, for example accessibility-wise. The author's +unfamiliarity with the accessibility tooling sometimes compromised on the +quality in this segment of the application, but it is a known deficiency. +Furthermore, the list of tasks for the future may also contain adding +\emph{fuzzing} tests for the program, producing Software Bill of Materials, +utilising additional immutable database or unifying the frontend design +language across the pages. The program does have a very solid core that for instance listens for OS signals, handles graceful shutdown and supports structured logging but still -has room for improvements, despite the fact that its creation really was -best-effort. Due to the list of things mentioned earlier, it cannot really be -called a \emph{finished} project yet, but it can already serve a purpose. +has room for improvements, despite the fact that its creation has been +best-effort. Due to a number of reasons mentioned earlier, it should not be +called an utterly \emph{finished} project yet, but it can already serve a clear +purpose. % =========================================================================== %