From fb5c7d0bcd2c6460f243b2943e16bdf33470e464 Mon Sep 17 00:00:00 2001 From: surtur Date: Wed, 23 Aug 2023 21:06:25 +0200 Subject: [PATCH] extend, reword intro --- tex/intro.tex | 32 ++++++++++++++++++-------------- 1 file changed, 18 insertions(+), 14 deletions(-) diff --git a/tex/intro.tex b/tex/intro.tex index e0e5c00..84ebf5d 100644 --- a/tex/intro.tex +++ b/tex/intro.tex @@ -37,14 +37,18 @@ gate the access, will likely not stand much of a chance. This thesis tangentially covers user-relating issues like the ones described above, but rather than attempting to remedy them with prevention, it mainly focuses on dealing with the acute consequence of such behaviour: a password -breach. The thesis consists of two parts: a theoretical one, which provides -theoretical background to concepts and processes used in the so called -\emph{practical} part, which describes what exactly has been done and how. -In the theoretical part, password hash functions and hash cracking are mentioned, -and within the browser context a special spotlight is given to Content Security -Policy and Cross-site scripting. Program's configuration schema is conceived, -the choices of local and online data sources are explained, and recommended -deployment set-up is described. +breach. + +The thesis consists of two parts: a theoretical one, which provides theoretical +background to concepts and processes that are used in the so called +\emph{practical} part, where it is further described what exactly has been done +and how. + +In the theoretical part, password hash functions and hash cracking are +mentioned, and within the browser context a special spotlight is given to +Content Security Policy and Cross-site scripting. Program's configuration +schema is conceived, the choices of local and online data sources are +explained, and recommended deployment set-up is described. The practical part discusses application architecture decisions, development process, implementation details and validation methods utilised when building @@ -56,7 +60,7 @@ if they so choose. The purpose of the program is to allow users to learn if they were breached, and the application developed as an integral part of this thesis should enable them to quickly and privately check potential compromise status against -configured local and online data sources. Of course the quality of the +configured local and online data sources. Of course, the quality of the compromise monitoring depends on access to quality data, which is partially in the purview of the application operator. @@ -77,13 +81,13 @@ online and local data sources and initially set up user accounts but should Sensitive user data should be encrypted at rest and not even administrative-level users should be able to read them. -The author has been striving to utilise modern tooling and development -practices in an effort to build a maintainable and long-lasting piece of -software that serves its users well. When deployed, it could provide real -value. - Terminology is located in Appendix~\ref{appendix:terms}, feel free to give it a read. +The author has been striving to utilise modern tooling and development +practices in an effort to build a maintainable and long-lasting piece of +software that serves its users well. When deployed, it could provide a real +value. + % =========================================================================== %