CS50 Live, Episode 100
Key Takeaways
Celebrates the 100th episode of CS50 Live
Full Transcript
[Music] one year ago in this quiet library in this cozy studio something happened something so frightening something so deadly something so evil we prayed it would never happen again now from the creators of cs50 live Comes cs50 [Music] live hello world this is cs50 Live season 1 zero indexed that's right we've been picked up by Harvard for another season and boy do we have an amazing episode for you today first we'll take a look back at the most popular passwords of this past year we'll look at a nasty bug in a popular gaming platform we'll give you a new definition of the word evil and we'll pay a visit to our friends at Google no relation but first let's take a look back at season [Music] one hello world this is 50 live I'm Ramon Galan and filling in today for David who's lost his voice today he'll be the Andy RoR to my Conan O'Brien [Music] [Music] [Applause] [Music] [Applause] [Music] [Applause] and now for our first bug fix this is of course season Zero's look back and not season 1 but what else is new Well turns out not much in the world of passwords in fact the most popular password of this past year was as before 1 2 3 4 5 6 followed closely in second place by y School password however in third place this year up 17 places is our old favorite 1 2 3 4 5 which you may remember from such films as this one here now in 17th in 25th Place meanwhile is a newcomer Dragon perhaps because of such films as this one now in 25th place and now for our second bug fix of the Season whereas that was in Ninth Place drag and we're now going to take a look at 25th place trust no one now if you think you've been oh so clever by using one the number instead of one the word in your password well rest assured that so have millions of other people now you may recall this expression from such films as this one here and speak speaking of Scully we'd like to welcome aboard to cs50 cs50's newest team member Scully pictured here at a recent field trip to a cs50 ice skating rank in fact can we enhance no can we enhance yes indeed that is our Scully welcome aboard and now a nasty bug in a popular software from our friends at valve software called steam which is a platform for downloading and then playing popular video games Well turns out that a user recently reported to the Linux Community for steam's client the following bug he moved his local share steam directory he ran Steam and it deleted everything on the system owned by user in other words simply by moving one of his folders for this game Steam for this platform gaming for this gaming platform steam he ended up deleting all of the files on his hard drive now what's fascinating if you take a look at this thread on github.com is you'll see that the community chased down the bug to this line here which declares a so-called environment variable on the left assigns it the value here on the right but unfortunately it turns if you do move a certain directory this value can evaluate to just quote unquote or the so-called empty string now unfortunately later in the file it's this very dangerous line here rm-rf and then steam root slst star unfortunately if steam root is itself the empty string this becomes just SL star which of course has the effect of saying remove recursively and forcibly everything in the root of my hard drive now thankfully this particular fellow had backups of all of his data so not all was lost but if you'd like to take a closer look at this bug and the resulting fix therefore go head to github's URL here and now a word from our old friend Cookie Monster who's holding in his hands here Verizon who gives us today our new definition of the word evil you may recall a few months back that Verizon as well as another popular cell phone company in the US AT&T were injecting so-called super cookies into the mobile HTTP traffic from folks like me who are using phones to access the internet specific they were introducing into our uh htdp traffic a header called uid which essentially inserted a unique value Associated somehow to my cell phone and perhaps your cell phone so that any website that receives that value can know that this is me again and again and again of course this effectively allows websites to track me under the premise of serving up more effective advertising but nonetheless a maliciously potentially keeping track of who I am because in fact even if I delete all of my phone's cookies and even if I use my browsers incognito mode this uid header is still being injected by a company like Verizon now thankfully Verizon recently announced that they're going to let us finally opt out of this horrible horrible practice and yet all along they've been assuring us the uid was designed with privacy Protections in place it changes automatically and frequently and does not contain any customer information now the last of those claims might be true but this is ridiculous to claim that by changing it periodically and automatically you're actually protecting us users consider after all how a malicious website can figure out who we still are if this is me here on the left trying to visit a website like this on the right and suppose for the sake of discussion that this website on the right happens to be running PHP and therefore uses session cookies and gives me a value called PHP sesh ID to remember who I am as with one of those digital hand stamps well the next time I make an HTP request to the server I'm going to present that handstamp PHP SES ID and it might equal ABC D but meanwhile Verizon is a so called man in the middle is going to be injecting a little something like this uid datacon 234 which is my unique identifier so long as Verizon is concerned now so long as this website remembers that he can correlate of course AB BC D with 1 2 3 4 but suppose the next time I visit the website I again send that same cookie ABCD but Verizon's now claiming that they're protecting me by changing my value to say 5 6 78 well it doesn't take a particularly sophisticated line of code to realize ABCD used to be 1 2 3 4 now ABCD is 5678 let me update my own database so that I realize that 1 2 3 4 and 5 6 7 8 are and have always been the same person it's not much protection indeed now for more details and to learn more about these kinds of threats head to this URL here and if you'd like to be paranoid and you should now be head to am I being tred.com and now for a new segment altogether you know that depictions of Technology are quite popular in today's films and TV but they're not necessarily always accurate in fact let's take a look at a popular film from yester year Weird Science and pass a little cs50 judgment let's roll film here we have two fellas trying to hack into a computer system using an age-old modem by putting the phone on top of the computer this man is now defending himself against the attack you've ever wondered what it means to hack this of course is what it truly is those are some backup tapes yeah access that's what happens when access is denied now wait for it wait for it bowling alley effect and now we have to choose how are we going to hack this is we're going to hack to the left yeah no that was the wrong choice let's try again back up let's go down the middle here we go all right wait for it wait for it wonder what time it is oh oh and physics of course is relevant we're in no no no we're not in that's that's enough of that but if you'd like to learn a bit more about this Google Weird Science and in fact speaking of Google we recently headed out to Mountain View California to meet with two of our friends from Google to talk with them about what it's like to develop software in the real world in fact we met with them outside of the actual building in which Android software is developed let's take a look my story starts a senior year of college in 2007 I was a chemistry major and planning to go to medical school I signed up for cs50 this was the first year that David was teaching I loved it I loved every minute of it David was nice enough to invite me back uh the next year to to be a TF for uh cs50 i b around a little bit after college I didn't end up going to medical school and I decided to to teach myself more about computer science uh and I ended up getting a job at Google and I'm now on the Android team here at Google I work in the anti abuse engineering department in our product quality operations group uh specifically uh fighting click fraud on our ad networks recently I've been working on uh a website and uh of course at Google developing a website means you want to be able to serve millions of users so we have to uh get things like load balancing in place we have to make sure that the uh static content gets served uh very quickly and uh is optimized for all of our users uh and in order to test this one of the things we do is we write integration tests so we have to bring up all of our servers uh including the login servers uh the static content servers bring those all up and then test that our website loads so we use uh a framework called um selenium which is which is open source and and it allows you to uh fire up a browser and actually load your website in it and then perform actions on it the the interesting challenges are digging into those logs figuring out what's going on uh and that's that's what I've been wrestling with the last week or so actually Rand to an interesting problem where we were dependent on date and time and when you think about date and time you usually only think about your local system because you're coding on it and you compile on it and you run on it but what happens is when you're in a global when you have a global uh footprint with data centers all over the world local time doesn't really mean anything anymore so we realized that local time was actually causing problems because the database that all of our data was stored in uh you know had a time stamp and so time stamps now you know were very time zone dependent which none of the code accounted for and so we ended up realizing was that all of a sudden jobs were running um that they thought were running eight hours in the future uh we actually running presently the end result was to just normalize anytime we're using Day times to make sure there there is in either UTC time stamps so that we normalize the time uh or just double check to make sure that we're running in an environment that is known at the time so that we don't run into these sorts of weird math time calculation problems that we did hello world I'm Andrew celen and this is cs50 and now for a special treat at Harvard there's a tradition of shopping for courses whereby students can take a look at classes for the week at the start of the semester before actually enrolling in those classes we thought we'd honor this tradition by producing cs50's first ever music video toward an end of getting students and hopefully you excited about what awaits in cs50 this is Funk [Music] 50 see that good code I a scrip for that N Gold this one for them undergrads them hackers St Cod and Beast toing while I'm compiling it on stage God hood is on with Robert on got to go with cs50 we can't stop oh yes got a crimson and a bulldog oh yes M Zuck want to come back again he can't stop what the name that H man why not yes a good about the F break it down course easy Hallelujah puzzles be coming to you course easy Hallelujah cuz this man Teach it toach we believe me just [Music] jop don't believe this [Music] don't believe me just sh don't believe me just sh don't believe me just don't believe just hey hey hey c c s come on it up c s come on it up C1 that's it for cs50 live thanks so much to Olean Joe and Patrick into Dan Shelly Colton Ramone and our newest team member Scully this was [Music] cs50 you your
Original Description
In this episode, we look back at Season 0, talk about the news, visit Google, and create a music video!
Watch on YouTube ↗
(saves to browser)
Sign in to unlock AI tutor explanation · ⚡30
Playlist
Uploads from CS50 · CS50 · 38 of 60
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
▶
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
Hello, World: Hadi Partovi
CS50
Content Distribution and Archival in a Digital Age
CS50
CS50 2014 - Week 1
CS50
CS50 2014 - Week 3
CS50
CS50 2014 - Week 0, continued
CS50
CS50 2014 - Week 4
CS50
Week 3, continued
CS50
Quiz 0 Review
CS50
CS50 2014 - Week 3, continued
CS50
CS50 2014 - Week 7
CS50
CS50 2014 - Week 7, continued
CS50
Breaking Through The (Google) Glass Ceiling by Christopher Bartholomew
CS50
Introduction to Amazon Web Services by Leo Zhadanovsky
CS50
CS50 2014 - Week 9
CS50
How to Build Innovative Technologies by Abby Fichtner
CS50
Light Your World (with Hue Bulbs) by Dan Bradley
CS50
Building Dynamic Web Apps with Laravel by Eric Ouyang
CS50
CS50 2014 - CS50 Lecture by Steve Ballmer
CS50
CS50 2014 - Week 10
CS50
This is CS50 with Steve Ballmer?
CS50
Meteor: a better way to build apps by Roger Zurawicki
CS50
Data Analysis in R by Dustin Tran
CS50
Data Visualization and D3 by David Chouinard
CS50
CS50 2014 - Week 6
CS50
Build Tomorrow's Library by Jeffrey Licht
CS50
CS50 2014 - Week 9, continued
CS50
Essential Scale-Out Computing by James Cuff
CS50
iOS App Development with Swift by Dan Armendariz
CS50
Sam Clark Leads Yale Students on Tour to CS50 at Harvard
CS50
3D Modeling and Manufacture by Ansel Duff
CS50
CS50 2014 - Week 5, continued
CS50
hello, world
CS50
CS50 2014 - Deep Thoughts - Hash Table
CS50
CS50 2014 - Deep Thoughts - Binary Tree
CS50
CS50 2014 - Deep Thoughts - Scratch
CS50
CS50 2014 - Deep Thoughts - MySQL
CS50
LaunchCode Visits CS50
CS50
CS50 Live, Episode 100
CS50
CS50 Field Trip to Google
CS50
This is CS50 AP
CS50
Week 4: Monday - CS50 2011 - Harvard University
CS50
Week 2: Wednesday - CS50 2011 - Harvard University
CS50
Week 1: Wednesday - CS50 2011 - Harvard University
CS50
Week 11: Monday - CS50 2011 - Harvard University
CS50
Week 3: Wednesday - CS50 2011 - Harvard University
CS50
Week 12: Monday - CS50 2011 - Harvard University
CS50
Week 1: Friday - CS50 2011 - Harvard University
CS50
Week 3: Monday - CS50 2011 - Harvard University
CS50
Week 10: Wednesday - CS50 2011 - Harvard University
CS50
Week 2: Monday - CS50 2011 - Harvard University
CS50
Week 9: Monday - CS50 2011 - Harvard University
CS50
Week 7: Monday - CS50 2011 - Harvard University
CS50
Week 5: Monday - CS50 2011 - Harvard University
CS50
Week 5: Wednesday - CS50 2011 - Harvard University
CS50
Week 7: Wednesday - CS50 2011 - Harvard University
CS50
Week 8: Monday - CS50 2011 - Harvard University
CS50
Week 9: Wednesday - CS50 2011 - Harvard University
CS50
Week 8: Wednesday - CS50 2011 - Harvard University
CS50
Week 10: Monday - CS50 2011 - Harvard University
CS50
Week 2: Wednesday - CS50 2010 - Harvard University
CS50
Related AI Lessons
⚡
⚡
⚡
⚡
The AI Moat Paradox: The Better Models Become, the Less Models Matter
Medium · AI
170,927 AI Papers Reveal the Biggest Research Shifts of the First Half of 2026
Medium · Machine Learning
170,927 AI Papers Reveal the Biggest Research Shifts of the First Half of 2026
Medium · Data Science
[PoV] When Everyone Is Smart, No One Is
Medium · AI
🎓
Tutor Explanation
DeepCamp AI