RSS

CONTACT

GROUP PAGE

PREVIOUS POSTS

• Forge: A Tool to Teach Formal Methods
• Finding and Fixing Standard Misconceptions About Program Behavior
• Privacy-Respecting Type Error Telemetry at Scale
• Profiling Programming Language Learning
• The Examplar Project: A Summary
• A Core Calculus for Documents
• Observations on the Design of Program Planning Notations for Students
• Conceptual Mutation Testing
• Generating Programs Trivially: Student Use of Large Language Models
• A Grounded Conceptual Model for Ownership Types in Rust
• What Happens When Students Switch (Functional) Languages
• Typed-Untyped Interactions: A Comparative Analysis
• Little Tricky Logics
• Identifying Problem Misconceptions
• Performance Preconceptions
• Structural Versus Pipeline Composition of Higher-Order Functions
• Plan Composition Using Higher-Order Functions
• Towards a Notional Machine for Runtime Stacks and Scope
• Gradual Soundness: Lessons from Static Python
• Applying Cognitive Principles to Model-Finding Output
• Automated, Targeted Testing of Property-Based Testing Predicates
• A Benchmark for Tabular Types
• Student Help-Seeking for (Un)Specified Behaviors
• Adding Function Transformers to CODAP
• Developing Behavioral Concepts of Higher-Order Functions
• Adversarial Thinking Early in Post-Secondary Education
• Teaching and Assessing Property-Based Testing
• Students Testing Without Coercion
• Using Design Alternatives to Learn About Data Organizations
• What Help Do Students Seek in TA Office Hours?
• Combating Misconceptions by Encouraging Example-Writing
• The Hidden Perils of Automated Assessment
• Mystery Languages
• Resugaring Type Rules
• Picking Colors for Pyret Error Messages
• Can We Crowdsource Language Design?
• Crowdsourcing User Studies for Formal Methods
• User Studies of Principled Model Finder Output
• A Third Perspective on Hygiene
• Scope Inference, a.k.a. Resugaring Scope Rules
• The PerMission Store
• Examining the Privacy Decisions Facing Users
• The Pyret Programming Language: Why Pyret?
• Resugaring Evaluation Sequences
• Slimming Languages by Reducing Sugar
• In-flow Peer Review: An Overview
• Tierless Programming for SDNs: Differential Analysis
• Tierless Programming for SDNs: Verification
• Tierless Programming for SDNs: Optimality
• Tierless Programming for SDNs: Events
• Tierless Programming for Software-Defined Networks
• CS Student Work/Sleep Habits Revealed As Possibly Dangerously Normal
• Parley: User Studies for Syntax Design
• Typechecking Uses of the jQuery Language
• Verifying Extensions’ Compliance with Firefox's Private Browsing Mode
• From MOOC Students to Researchers
• Social Ratings of Application Permissions (Part 4: The Goal)
• Social Ratings of Application Permissions (Part 3: Permissions Within a Domain)
• Social Ratings of Application Permissions (Part 2: The Effect of Branding)
• Social Ratings of Application Permissions (Part 1: Some Basic Conditions)
• Aluminum: Principled Scenario Exploration Through Minimality
• A Privacy-Affecting Change in Firefox 20
• The New MOOR's Law
• Essentials of Garbage Collection
• (Sub)Typing First Class Field Names
• Typing First Class Field Names
• S5: Engineering Eval
• Progressive Types
• Modeling DOM Events
• Mechanized LambdaJS
• ECMA Announces Official λJS Adoption
• Objects in Scripting Languages
• S5: Wat?
• Belay Lessons: Smarter Web Programming
• S5: Semantics for Accessors
• S5: A Semantics for Today's JavaScript
• The Essence of JavaScript
• ADsafety

Adversarial Thinking Early in Post-Secondary Education

Posted on 18 July 2021.

Adversarial Thinking (AT) is often described as “thinking like a hacker” or as a “security mindset”. These quasi-definitions are not only problematic in their own right (in some cases, they can be outright circular), they are also too narrow. We believe that AT applies in many other settings as well: in finding ways where machine learning can go wrong, for identifying problems with user interfaces, and for that matter even in software testing and verification.

All these are, however, quite sophisticated computer science concepts. Does that mean AT can only be covered in advanced computer science courses—security, machine learning, formal methods, and the like? Put differently, how much technical sophistication do students need before they can start to engage in it?

We believe AT can be covered starting from a fairly early stage. In this work, we’ve studied its use with (accelerated) introductory post-secondary (university) students. We find that they do very well, but also exhibit some weaknesses. We also find that they are able to reckon with the consequences of systems well beyond their technical capability. Finally, we find that they focus heavily on social issues, not just on technical ones.

In addition to these findings, we have also assembled a rich set of materials covering several aspects of computer science. Students generally found these engaging and thought-provoking, and responded to them with enthusiasm. We think educators would benefit greatly from this collection of materials.

Want to Learn More?

If you’re interested in this, and in the outcomes, please see our paper.