CS50 2019-閱讀8-資料 (CS50 2019 - Lecture 8 - Information) - VoiceTube: Learn English through videos!

Subtitles section Play video

[MUSIC PLAYING]
DAVID MALAN: All right.
This is CS50.
And just eight weeks ago, 2/3 of you had never
studied any computer science before.
And what we thought we'd begin with today is really a look back of truly
how far you've come over just those several weeks.
In fact, it was just eight weeks ago when you first
started tinkering with Scratch, this graphical programming language
by which you could drag and drop puzzle pieces and make the computer
do what you want.
And then a week later, you might have struggled
with just getting Mario to ascend a pyramid by way of hashes
that you were printing.
Which at the time was perhaps quite non obvious,
but it's ever since has just been what?
A pair of nested four loops.
And then the week after that, you explored cryptography
among other fields.
And you learned how to encrypt and you decrypted information,
like this snippet here.
After that, you explored some electoral processes and the implementation
of algorithms that you might be familiar with from the real world, but perhaps
didn't think about the trade offs in choosing one algorithm or another.
And then ultimately, implementing it in code.
Just a week later did we transition to filters on Instagram,
implementing things like your own sepia filters.
So that moving forward, hopefully, you won't
take for granted when you click that button on the screen on your phone,
you actually know or can presume, or infer,
what's going on underneath the hood as it changes from one setting to another.
And then, of course, Big Board, where we handed you some 140,000 English words
and a really large file.
And you had to implement your own spell check,
or a dictionary so to speak, with using as little amount of time
and as little space as you could, implementing ultimately your own hash
table.
Thankfully since then, we can now take for granted that those things exist.
But you, indeed, built that from scratch.
Just a week later, we started handing you large files like this.
And of all things, you were able to deduce by writing some Python code
that this is lavender's DNA, among others
in the class whose files we handed you.
And then most recently, or perhaps quite soon,
when you learn to apply another language.
In this case, SQL.
To questions like who has starred in films with Kevin Bacon.
And so, a number of tools are now in your toolkit.
And again, I would just emphasize that eight weeks ago, 2/3 of you
had never done any of that before.
So even if it's felt like it has never let up
and each week feels all the more challenging than the last,
consider the delta.
Consider what we promised in the first week of the class.
That what ultimately matters in this course
is not so much where you end up relative to your classmates,
but where you end up relative to yourself when you began.
And it is, indeed, those eight weeks ago that you began.
And it's today and in the courses final weeks that you will ultimately
be able to compare yourself.
So in trying to think today about what we hope your own takeaways are from,
not only the course, but computer science more generally,
I actually pulled up some of my own notes.
You might recall from week zero that I mentioned I took this course myself
back in 1996 and it happened to be the one that turned me from a government
major to a computer science major.
And I didn't take many notes at first, it seems in that first class.
Now, there were a couple of other pages.
And so, I started flipping through these and in fact,
this was my second page of notes.
And if you focus on what's up here at the top, apparently, one of my first
notes to myself that a function, for those unfamiliar today,
are instructions that do the work.
And indeed, if I looked down further on my notes, arguments
we introduced that same first day.
It's info that's passed from one function to another
to have something done by or performed on it.
All right.
So that actually maps wonderfully cleanly to what
it is we indeed started ourselves doing those eight weeks ago.
Just talking about what CS is, problem solving.
And a problem is just something that's got input.
And the goal, of course, is to produce something with output.
And we had to agree from that very first week
how we're going to represent these inputs and outputs.
And so, we might do it symbolically with letters of the alphabet.
We know since then with that we might do it numerically as with decimal digits
or below that, we might just use binary, a different base
system using only zeros and ones.
Or we could even represent that same capital A just using
some pattern of light bulbs or switches that you turn on in some order.
In fact, if you think back then to these first principles
that we introduced those weeks ago, to any of the students
now in the audience, what does this say?
AUDIENCE: Hi.
DAVID MALAN: Hi.
So it indeed says hi.
Why is that?
Well, we just agreed weeks ago on what numbers map to what letters.
And so as long as all of the humans in the world
agree on that when they're sending emails, or text messages, or the like,
our computer systems can all present information
that we ultimately understand.
Another review question from week zero.
What did this say way back when?
If you need a hint, it was it was in decimal 128,514.
A little louder.
AUDIENCE: Emoji.
DAVID MALAN: Emoji.
This was the face with tears of joy, right?
Taking all of the fun out of sending emojis.
Anytime you receive or send an emoji, really all you're sending
is a pattern of zeros and ones, or worse the number 128,514.
But your computer or phone are presenting it to you
in a certain way based on that context.
All based on just how we humans or those before us decided
how to represent this information.
But of course, we don't have just those inputs and outputs.
There is another piece to the puzzle.
And so, I actually looked back at my own third page of notes
here and focused on my first line here back in 1996.
An algorithm is apparently a precise sequence
of steps for getting something done and programming more generally
is a process of taking an algorithm and putting it
into a language a computer can process.
And indeed, that really was the additional puzzle piece
we first focused on in week zero.
It was what was inside the proverbial black box?
The sort of secret sauce that you provide your input to,
you get your output from.
Those are the algorithms that we've been talking about ever since now, not
just in pseudocode or in English.
But in C, and in Python, and now SQL.
And then in the coming weeks, a few other languages as well.
But of course, we used algorithms to solve problems
and one problem is and was rather old school.
And we thought we'd reflect just a bit and perhaps
reinforce that same week zero if by taking a couple of volunteers.
Perhaps a student and one of their family members
voluntarily or forcibly with them.
You have to be comfortable, though, appearing on stage
and in turn, the internet in perpetuity is the catch.
I see-- OK.
I see one volunteer and either mom or dad
finding out who is not going to go up.
OK
[LAUGHTER]
Come on up.
A round of applause if we could for our volunteers.
[APPLAUSE]
DAVID MALAN: Come on over this way.
And what is your name?
DANIELLA: Daniella.
DAVID MALAN: Daniella.
Nice to meet you.
Come on over here.
And what is your name?
MARIANO: Mariano.
DAVID MALAN: Mariano.
And your dad, I presume.
MARIANO: Yes.
DAVID MALAN: All right.
Well, so nice to see you both.
You'll recall from week zero that one of the first problems we solved
was looking up someone in a phone book.
Well, here I have a pretty thick yellow pages wherein
there's a whole bunch of products and services alphabetized from A to Z.
And we can, of course, look up the number for someone in this book.
For instance, suppose today we need a plumber.
Could we ask Mariano to find us a plumber in this phone book?
Flipping through a few pages.
A lot of pages.
Yeah.
OK.
All right.
And we have a page full of plumbers.
And now, could your dad have done better do you think?
DANIELLA: Yes.
DAVID MALAN: I think so.
So would you like to show dad and other parents here
what you might have done instead?
Oh my goodness.
[LAUGHTER]
OK.
Thank you.
[APPLAUSE]
[LAUGHTER]
DAVID MALAN: And for those wondering, let's continue the algorithm,
if you will.
What's your next step?
[LAUGHTER]
Nice.
And why are you doing this, though?
DANIELLA: So I open halfway and then if it's not on the page
and it looks like, for example, if it's n, I know p is afterwards.
So I need to get rid of the first half and just look at the second half.
DAVID MALAN: Well, need to is a little strong.
[LAUGHTER]
But you can get rid of--
yes, indeed.
So if you keep this process going, halving, and halving, and halving,
what should you be left with ultimately?
DANIELLA: Just the letter p.
DAVID MALAN: Just the letter p.
Round of applause would be good for both of our volunteers here.
[APPLAUSE]
DAVID MALAN: Thank you.
A CS50 stress ball for you both.
Thank you so much.
Oh, thank you.
Thanks.
So that was one of the first lessons with which we
began focusing on algorithms.
And the point back then, recall, was to really emphasize the familiar, right?
We might not use that particular technology all that much anymore.
But it really is fundamentally the same thing that's now in our iPhones
and Android devices and the like.
It just so happens that we search for things by scrolling with our finger
up and down.
But consider too, even these days in 2019
when you type into the auto-complete to search
for someone by first name or last name, how
is your phone finding that information?
It's exactly like that.
Not quite as physically as that.
But most likely for efficiency, your phone
is looking roughly in the middle of all of those names then jumping
up or down in the blink of an eye in order to find that person for you
ever so quickly.
And so, all of us might have an intuitive understanding,
just like Mariano did, for finding plumbers by jumping to the p section.
But then, he came close to the p section, but then started flipping.
And I dare say you flipped through far more pages
than you ultimately needed to using our more efficient divide
and conquer if one time only algorithm instead.
So beyond algorithms, I recall that I had just a few other notes.
On my last page of notes, I also had this here.
That what was apparently important then and no less so
now is that in computer science and in turn programming,
precision is important and correctness is important.
And indeed, one of the things you perhaps
gleaned in programming, whether in Scratch or C or Python
or SQL over the past few weeks, is that the computers are really unforgiving.
They can't just infer like we humans do.
And frankly, I'm not sure we would want our computers to just infer sometimes
what we mean if the goal is precision and correctness.
You need to be ever so precise.
So let's see, perhaps, with one more demonstration just how
much this one has perhaps sunk in.
If we can get perhaps two more volunteers, a student and family member
as well.
Student and family member.
Here and I don't see a family member's hand up.
Can you convince one?
OK.
Come on up.
Wonderful.
A round of applause for our other pair of volunteers here.
[APPLAUSE]
So now for this one, not everyone's off the hook.
If all the students in the room, if they have a piece of paper
and/or a pen or pencil could take that out and share with anyone next you
if you don't have.
Emma and Brian are also going to pass out some paper and pens
if you don't have a writing apparatus.
The goal at hand is actually for all of us
to participate, thanks to our two volunteers.
And what's your name?
DAVID: David.
DAVID MALAN: David.
Nice to see you.
SPEAKER: [INAUDIBLE]
DAVID MALAN: [INAUDIBLE] Nice to see you, as well.
Come on over in here.
And this will be a two part exercise as well.
And the first goal at hand is for you to choose.
Do you want to go first or dad, is it?
Would you like your dad to go first?
DAVID: OK.
I'll go first.
DAVID MALAN: You're going to go first.
All right.
So come on over here.
And what I'm going to show David in just a moment is an image on the screen
that I'm going to ask that he program you, the audience,
to draw giving verbal instructions only.
The goal of which is for him to be as precise as possible
and as correct as possible to compel the audience, much like a computer,
to follow his instructions.
And in turn, implement your algorithm.
So in just a moment, David is going to rattle off step
by step instructions for having everyone in the audience draw this.
You are the only one that can see what's on the screen.
Everyone in the audience just about has a piece of paper and a pen or pencil.
And I just need you very confidently, clearly,
to recite step by step instructions by which everyone with their pen or pencil
can draw what you see on the screen here.
Makes sense?
DAVID: Yes.
DAVID MALAN: You may use any verbal instructions you like.
DAVID: OK.
DAVID MALAN: All right.
Just about ready to begin?
The goal, precision correctness.
Begin.
DAVID: OK.
Step 1.
Draw a sideways square.
[LAUGHTER]
Sideways.
45 degrees rotated.
Yeah.
DAVID MALAN: OK.
DAVID: From the bottom three corners, draw a straight line down
that's approximately the length of each side of the square.
DAVID MALAN: Unfortunately, programs cannot ask questions of programmer.
So we continue on with the next step.
DAVID: And finally, between the first and second line,
draw a line connecting the two at the end.
And between the second and third line, draw a line connecting the end.
DAVID MALAN: All right.
How do you feel about your instructions?
Precise and correct?
DAVID: Wishy-washy.
DAVID MALAN: Wishy-washy.
OK.
All right.
So let's go ahead.
Hang on to the mic for just a moment.
I'm going to hop down into the audience with our TFs just
to grab a few representative solutions.
If you wouldn't mind my grabbing a few sheets of paper
from folks who have participated.
Let me take a few over here, just a random sample.
Welcome to volunteer proactively or keep it to yourself.
Let me go in over here.
OK.
Thank you so much.
Any takers over here?
OK.
All right.
Good.
Good.
Good.
Thank you.
And all right.
The TFs are grabbing a couple too.
See some over here.
All right.
That should do.
That should do.
Let me grab these from Brian over here and Emma.
Oh, those are blank.
All right.
So I think we have plenty over here.
So let's take a look before we do part two of two, if I may,
at how well David programmed the audience.
I'm going to go ahead in just a moment and pull up
a projection of some of these drawings here that
are the results of these operations.
So let me flip through.
Get a sample here.
And I see a lot of good options here.
I see this picture here, which perhaps resembles what you drew.
See this one here the top corner, very similar in spirit.
This one left a lot of room for other things but--
[LAUGHTER]
This one was a little more abstract, if I may.
[LAUGHTER]
And so, let me go over to a spoiler to show you what it
is David was programming you to draw.
And with some suspense, he was compelling you
to draw we hope this here.
All right.
So close or not close perhaps.
All right.
Round of applause for David, if we could.
[APPLAUSE]
DAVID MALAN: Thank you.
One moment.
And so, you gave pretty--
you used, if you would, abstractions in discussing this.
You said a sideways square, used 45 degree angles
hoping that folks would presumably know what you mean by that.
Why did you not just say draw a cube, for instance?
DAVID: I thought that would be cheating.
DAVID MALAN: OK.
Well, it would not have been cheating, but it would
have been a wonderful abstraction.
If everyone in the room, assuming, knows what in a cube is,
you might then be compelled to draw it quite quickly.
But that, too, leaves ambiguity and lacks precision.
Well, how is the cube oriented?
Is it this way?
Is it that way?
Is a curved this way?
So sometimes, these abstractions aren't sufficiently helpful.
So I probably would have done what you did as well.
Now let's do one other example here, if we could.
I'm going to go ahead in just a moment and project an image onto the screen
that everyone in the audience can see except you two.
Let me go ahead and re angle this a little bit.
And if father and son would like to get together or solo draw
a picture that the audience is going to tell you how to draw.
So we're going to flip the roles now.
You all will see the drawing on the screen.
We ask that you tell our volunteers what to draw.
You can use any words that you want, but you cannot ask questions and no
physical gestures to explain.
All right.
Unfortunately, it's a little hard technologically here
in that the solution is going to be there.
The solution is going to be there.
So we're going to have to put some visors on you, if we could--
[LAUGHTER]
--so that you can only see straight forward.
And if you don't mind hugging the board as close as possible,
but occasionally back up so that people can see what you're drawing,
but resist the temptation to look up, over left or right.
All right.
So for our audience then, the images.
And if you two could focus only on the board now.
Only on the board and definitely not facing that screen.
OK.
[LAUGHTER]
The audience is about to see the picture in question.
And so, we need a volunteer first from the audience
to call out an instruction.
Any step ones?
Over here.
Make a circle.
[LAUGHTER]
I heard a small--
I heard draw a smaller circle.
I didn't hear use the eraser, but OK.
OK.
OK.
No looking at me.
No looking at me.
All right.
So I'll take a third step.
So let's go to someone else.
Yeah.
AUDIENCE: Draw a vertical line.
DAVID MALAN: Draw a vertical line.
AUDIENCE: From the center of the circle.
DAVID MALAN: From the center of the circle.
AUDIENCE: From the bottom of the circle and down.
DAVID MALAN: From the bottom of the circle and down.
AUDIENCE: Large stick figure that appears to be walking.
[LAUGHTER]
DAVID MALAN: I hear an abstraction.
So we were also given a fourth instruction.
Draw a stick figure that appears to be walking, if that helps.
But I think we're going to need to be more precise here
because I can imagine a stick figure doing multiple things in multiple--
[LAUGHTER]
With--
[LAUGHTER]
OK.
Maybe step five.
Do we want to make any tweaks?
AUDIENCE: It's an almost upside down triangle.
DAVID MALAN: Draw an almost upside down triangle, I heard.
AUDIENCE: For the legs.
DAVID MALAN: Through the legs.
AUDIENCE: For the legs.
DAVID MALAN: For the legs.
AUDIENCE: After the vertical line coming down.
AUDIENCE: You need to erase the legs.
DAVID MALAN: OK.
I heard erase the legs.
AUDIENCE: Get rid of the arms.
DAVID MALAN: And get rid of the arms.
[LAUGHTER]
OK and step five was?
AUDIENCE: From the bottom of the vertical line, the body,
make the two legs are like a triangle without the bottom.
DAVID MALAN: From the bottom of the body,
draw like a triangle to represent the legs.
AUDIENCE: But not--
[LAUGHTER]
DAVID MALAN: But not that way.
That's good.
Let's move on to step six.
Step six.
Someone over here.
AUDIENCE: So once they erase that triangle,
from the bottom of the vertical line, draw
an upside V, where the center of the V is touching
the bottom of that bottom line.
DAVID MALAN: From the bottom of the straight line, draw an upside down V.
I think we did that.
Can you step aside just so the audience can see?
Now we have a tripod.
OK.
[LAUGHTER]
OK.
OK.
So I think we're there.
I think we're there.
One other instruction.
Let's see if we can take this home.
Yes, right here.
AUDIENCE: Draw a less than symbol, starting from the base of the middle
of the circle.
DAVID MALAN: Draw a less than symbol from the base
of the middle of the end of the circle on the left side.
DAVID: Wait, a less than symbol.
DAVID MALAN: Less than symbol.
Yep.
DAVID: Less than.
DAVID MALAN: Yes.
DAVID: Here?
DAVID MALAN: So this is what we call a condition.
So, yes.
AUDIENCE: Correct.
DAVID MALAN: Correct, I hear.
OK.
I think we're close.
Two more steps, maybe.
AUDIENCE: To the top of the circle, write the word Hi
with a capital H and lowercase I.
DAVID MALAN: OK.
From the top left of the head, draw the word hi, capital H lowercase I with--
I think did you say a line to it?
AUDIENCE: Yes, with a line.
DAVID MALAN: With a line to it.
Yeah.
AUDIENCE: [INAUDIBLE]
DAVID MALAN: OK.
And can you step aside, just so the audience can see?
I think we need just one more step.
One more step.
OK.
Back here.
AUDIENCE: From the bottom of the circle on the right hand side--
DAVID MALAN: From the bottom of the circle on the right hand side--
AUDIENCE: --touching the base of the circle and the vertical line going
down--
DAVID MALAN: --touching the base of the circle and the vertical line going
down--
AUDIENCE: --make the letter L--
DAVID MALAN: --make the letter L--
AUDIENCE: --at a 15 degree angle.
DAVID MALAN: I heard at a 15 degree angle?
Sure.
[LAUGHTER]
OK.
I think-- I think could we have you take several steps back and look up?
And round of applause for our volunteers.
[APPLAUSE]
That's pretty good.
Thank you both so much.
Please keep the hats.
Congrats.
So clearly, abstractions can be useful, but they can also be challenging.
Like programming is hard.
And even though this went a bit off the rails here and there verbally,
this really is just programming.
And we're all trying to agree on a common language or common syntax
to use to have the computer, or in this case,
our human volunteers execute those instructions.
And sometimes, these abstractions are great.
Draw a stick figure who appears to be walking.
I think we can all visualize what that is.
Unfortunately, we're all probably visualizing
slightly different stick figures.
And that's, again, where precision comes into play and correctness too.
Of course, sometimes the chalk went off in the wrong direction.
So we might have to undo.
And of course, we've spent also the past eight weeks debugging code as well.
And so, I wish I could say that this gets easier or just gets
absolutely easy.
But it never does because the problems you aspire to solve,
whether it's in the real world or in the world of computer science
and programming, are going to be ever changing.
And your aspirations are going to increase.
And so, this frustration you might feel now never
really goes away, if I can say as much some 20 plus years
after doing this myself.
But the problems you're solving with those same challenges
and those same hurdles get so much more powerful, so much more interesting.
And again, it all started from just a few weeks ago
when Mario's pyramid was perhaps the first problem to solve.
If we go back to where we were here, we had of course our drawings, and then
ultimately this process.
This, I dare say, is computer science.
You have inputs.
You have outputs and algorithms in between.
But really, what are we talking about at the end of the day?
Well, the creation of, the output of, the management of information.
I mean, that really is what we've been talking about for these past eight
weeks is information.
How do you process it?
How do you represent it?
How do you transform it into something more and ultimately, solve
problems with it?
But, with this manipulation of, this creation of,
this storage of information ever more so these days
comes increasing responsibility.
And I daresay one of the things that we encourage
you, as you exit a course like this, is not just what you can do,
but frankly whether you should do it.
And indeed, all the more relevant today in societies of course stories.
Horrifying stories of where our data has ended up
or what has happened to our data, or good intentions
perhaps gone awry because we haven't considered implications.
And what we wanted to do today is to point out
a few examples of opportunities to think harder
about what it is you do in the real world as just a citizen.
And what you do in the keyboard as a programmer,
and how you might solve problems with one's privacy and the security of one's
data in mind.
Consider, for instance, passwords.
These, of course, are perhaps the most familiar thing
that you and I use probably every day to secure our accounts,
and in turn maintain the privacy of our information.
Whether it's our photographs, or financial documents,
or emails, or text messages, or the like.
Unfortunately, passwords really aren't the best mechanism.
And most of us in this room probably should be more thoughtful
when it comes to making these kinds of decisions, as well.
For instance, in 2019 already, based on a very large data breach
and in the analysis thereof, it turns out
that the top 10 passwords in the world as of this year are number one, 123456.
[LAUGHTER]
Apparently, the result of some website or applications
requiring a password of at least six characters.
And this is about the least amount of effort you can do to satisfy that goal.
Number two password was 123456789.
[LAUGHTER]
Slightly better.
Slightly more secure insofar as it's longer.
Number three is qwerty.
And if you don't know what that means, that actually
describes the type of keyboard.
But because if you go to the top left hand corner of your keyboard and type
one, two, three, four, five, six from left to right,
you will end up spelling Q-W-E-R-T-Y.
Easy to remember.
Also, pretty easy for other people to remember as well.
Password is the number four password out there.
And number five is, as of this year, 6 ones.
So another way of satisfying the constraints that these people
did, but with even less effort.
Just hitting the same key again, and again, and again.
12345678.
So, slightly behind the other two.
ABC 123.
Starting to get a little more interesting that we're
combining letters and numbers.
1234567 slips in there as well.
Number nine is password1, clearly satisfying websites
that require that you not use an English word
but you include at least one symbol or letter here too.
Dare say the bare minimum.
And number 10 as of this year is 12345.
So it's easy to poke fun at these and we won't call for a show of hands.
But odds are some of us in this room maybe--
don't make eye contact--
have at least one of these passwords as your own.
It's just all too easy, then, to guess certainly these.
But even if you're practicing adhering to better practices than these,
and you're not as simplistic as I'm going
to pick an easy word or a very simple number.
Suppose you're actually being more thoughtful.
It doesn't really matter these days.
I'm going to go ahead and turn my attention to just a moment to a text
editing program here on my computer.
The students in the room will recognize this is just representative
of a programming environment.
And today, this just happens to be something
called Visual Studio Code, or VS code that you
can download on your own Mac or PC.
And I'm going to go ahead and just save a file called pin.py.
Many of us have not only passwords, but pins.
Personal identification numbers that you're supposed to keep secret and that
are usually, say, six digits long.
Well, even if you've protected your financial account or some other account
with a six digit code, it might take a human quite a while
to guess all of the possible codes that you might have chosen.
But it's not terribly hard for a computer.
In fact, we'll do it even more simply like a lot
of times with a four digit code.
I can simply go in a program like this, if I
know a bit of programming in Python.
And I can say from time import sleep.
I can say something like for I in range.
Well, let's start from 0000 and go all the way up to 9,999.
A four digit number.
But it turns out, we need to iterate up to 10,000
because the students in the room will recall that we iterate up to,
but not through that value.
And then in here, I'm going to go ahead and say something
like, I am checking this value I. So this
is to say I'm proposing to write a program in Python that
will try to crack someone's pin to show how easy it is to generate
as a computer all of the possible PINs in the world that are four digits long.
So and just to demonstrate this, I'm going
to do it a little slowly by sleeping for 1/10
of a second between each iteration.
So I've gone ahead and saved my file.
I'm going to go ahead down here now and run Python of pin.py.
And I'll go ahead and make my screen a little taller here so we can see more.
AUDIENCE: Close the parentheses.
DAVID MALAN: Thank you.
Thank you.
Thank you.
New here.
OK.
So here we go.
We've now written a program that, granted is not cracking anything,
but it is demonstrating how easily and how quickly we can generate numbers
from 0 on up to 9,999.
It's not quite right.
These aren't four digit codes because they're being treated as numbers.
But there's actually syntax with which we can solve this.
And if you've never seen this before, you
can actually just say something like this colon 0 4.
And that's just going to reform my output as being four digits.
And it's going to pat it with zeros instead.
So boom.
I've written a program that generates all possible four digit codes.
Of course, I've been deliberately sleeping, that is pausing,
each time I'm printing something out.
A hacker is not going to do that.
They are going to try to do this as quickly as possible.
No need for sleep whatsoever.
So let me just rerun this code, getting rid of those lines.
Boom.
That's every possible four digit code that you
might have on your bank account or on some email account or the like,
assuming the system allows you to have a relatively short number like that.
You might think.
OK.
Well, what's better than four digits?
Five digits.
Let's just increase it.
But I think that adversary is going to be able to crack that pin as well.
I'm not even over at the screen yet and it's done already.
It is not hard once you know how to program, not
only to use these systems for good, but in this case, for some form of evil.
Now maybe you're off the hook because you're not as simplistic
as I claim as to use only, for instance, an alphabetical
or rather a numeric code.
Maybe you're using a word and not a word as simple as password.
It's a more arcane word from English or perhaps some other language.
That, too, doesn't really matter.
Let me go ahead and copy from our source directory today, which for the students
is available online, that large dictionary that we had from problem
sets five wherein you loaded all of these words
into a dictionary of your own.
There was 140,000 some odd words here.
I'm going to go ahead and create another file, though.
This one called password.py.
And recall from some of our building blocks over the past few weeks
how easy it is to similarly manipulate words from a dictionary.
Let me go ahead and again, initially import sleep
just so that we can see this happening.
I'm then going to say with open.
Large in read mode.
And I'm going to call this as file.
And over here I'm going to go ahead and say now for word in.
I want to say file.
And we've not perhaps seen this one, but it turns out
there's a really easy Python function where you can say file dot read lines.
And it's just going to slurp in all of the 140,000 words from the file
and allow you to iterate over them one at a time.
And if I want to go ahead and print this out, I'll use print again, as before.
And I'm going to go and claim that I'm checking,
for instance, that word dot, dot, dot just as I claim to be checking a pin.
Now again, I'm not checking anything.
I'm just demonstrating that I could be checking this fast as by simply
printing out these words instead.
And I'm going to go ahead and as before, sleep
for a tenth of a second on each iteration.
But I'm also in anticipation going to call this function, which
some students will recall is to strip off
any whitespace at the end of the line.
Recall that in large our big dictionary, there was a new line
character at the end of every word.
So this line of code will we'll get rid of this here.
Yeah.
Question over here.
AUDIENCE: What's the significance of different colors?
DAVID MALAN: What's the significance of the different colors?
This is happening automatically in my text editor
the program I'm using to write code.
Each type of word or blocks of words that I type
have a different semantic meaning to the computer.
And so, the computer is highlighting them
in that way to draw my attention to different types of words here.
For instance, we have this preposition from that does something
like load someone else's code.
Time, though, and sleep are names of things that other humans have actually
invented.
So I'm going to go ahead now and run this as Python of password.py.
We'll see, as the students will recall, all
of the words in that dictionary starting with the A words, then the B
words, then the C words, and so forth all the way down through F.
Now, of course, I'm sleeping unnecessarily.
But if during this demonstration you see your own password fly by the screen,
it's not that hard for an adversary to be writing code like this
and not just printing out the possible passwords,
but trying to log into your account again and again
and again until they gain access to the system.
And in fact, if we deliberately speed this up, let's not bother sleeping.
We'll get rid of all of the sleep related lines as before.
Now, run this code.
Now, I'm not even over at the board and it's already done 140,000 words.
Which is to say if you're choosing a password that's
just a word in the dictionary, whether it's English or some other language,
you're not off the hook.
You're not being so clever because anyone with a computer
can check all of those codes.
Now you might think, well, this is why someone had abc123.
That's not in the dictionary.
That's not just numbers.
That's not just letters.
But, come on.
If you give me a few more minutes, I bet we could write a program together
that starts with letters and ends with numbers or vise versa.
We could try to concoct these patterns.
And granted, it's going to get a little slower.
A little slower, the more complicated it gets.
But it can.
The adversary, if the goal is to get your money, get your data,
might have all the time in the world to actually wage that attack.
And so, I would consider moving forward exactly what the implications are
of putting your data in one place or another
and not thinking to actually secure it because in the best case,
someone nosily might end up getting in.
At worst case, more than that, whether it's financial or personal,
might be compromised.
Well, what other forms does information come
that might hint at potential threats for us too?
Well you've all probably heard of cookies, when it comes to the web.
And indeed, if you pursue our web track in a couple of weeks' time will
you dive in deeper to what these things can do.
But cookies are little pieces of information
that websites plant on your Mac or PC or your phone anytime
you visit the website.
Now, that might seem a little creepy at first glance
and it can be used for creepy purposes.
Advertising and other such tracking applications among them.
But this is actually a very useful primitive and computer science and web
programming, in that if you have the ability
to plant a little file on someone's computer,
it's like the digital version of a hand stamp.
You can remember that you've seen them before.
And that's actually useful because when you log into Gmail
or whatever email account you have, you don't really
want to be typing in your username and password every time
you look at a new message.
Gmail or Google would be a little obnoxious
if they kept asking you wait a minute, who are you?
Wait a minute, who are you?
These cookies are stored on your computer so that, unbeknownst to you,
it's sent from you, the browser, to them, the server,
to just remind them perpetually who you are because you've already logged in.
And we can actually see this.
Let me actually go over to my browser and you, too,
might be in the habit of using Chrome just as I am here.
And I can go in Chrome go to View, Developer, and go to Developer Tools.
And you can do this, too, at home on your own Mac or PC.
You can do this with Firefox, or Edge, or other browsers as well.
And you'll see among the various things that just popped up
are not terribly user friendly.
This is really the domain of indeed developers or programmers.
But I've clicked on this network tab here because on my own Mac or PC,
if I visit some url like www.google.com and hit Enter,
I can actually see inside of Chrome all of the requests my computer has just
made over the internet from me to Google.com.
And I'm going to go ahead and click on the very first of these here.
And this, too, is going to look pretty arcane for today's purposes,
but it's only meant to reveal what it is that's going on here.
Let me scroll down, down, down, down, down.
And you'll see a few things here request headers.
These are little pieces of information that my Mac, and in term Chrome,
just sent to Google.com com simply because I visited the website.
And then if I scroll down here, we'll see response headers.
This is what's coming back from Google.com to my own Mac or PC.
And this is the line that's interesting.
If you've ever heard about a cookie, all it
means when I say a server is planting some information or a file
on your computer, it's really just doing this.
The response you're getting from Google.com
simply says literally in English set dash cookie colon, and then some value.
And to be fair, that value is pretty arcane looking.
It looks a little weird.
It apparently is going to expire in December.
So I can infer from this that Google wants
to be able to remember me at least for a couple
more months to the end of the year.
And this value here collectively would seem to be like a hand stamp
they've put on my computer so that if I now proceed to do searches,
if I proceed to log into Gmail, use Google Calendar, or the like,
they know who I am or they know that it's me again and again.
So what does this mean?
This means that any website you visit can certainly
be tracking what it is you're doing and where it is you're going.
And because big companies like Google have advertising networks
as part of their portfolio, if a website that's not Google.com
is something else dot com, or something even else dot com,
and they are using Google's advertising, well long story short,
these cookies unfortunately are sent.
These digital hand stamps are presented, not just to those individual websites,
but also to Google again, and again, and again because they
are the middleman in this story.
The advertising network that's using ads on all of these different websites.
So here a very fundamentally useful and compelling computer science principle
can be used certainly for wonderfully useful applications,
just remembering that I'm logged in.
But also, if you don't think twice about it
or if you want to make money off of it, can be used for these other purposes
as well.
Now we won't go down this rabbit hole today
of well this is largely advertising what has helped
make the internet become what it is.
So there are trade certainly here, but that too has been thematic.
But again, I would encourage you, as you discover
more and more of these principles these things you can do through code,
that you consider whether indeed you should be doing so as well.
Well, what else might you do to mitigate this?
Well some of you might be in the habit of using at work
or at home incognito mode or private mode, which most browsers today
support.
Well what is that actually doing?
Well, according to Google, it says Chrome
won't save the following information, your browsing history, cookies
and site data, information entered in forms, and so forth.
Well, that means literally that.
Even if Google or Facebook or some other website
sends you a set cookie value saying please
store this, Chrome, in this case, it's just going to throw it away.
It's going to empty the cookie jar, so to speak,
once you close that incognito window.
However, your browser is still sending to Google or Facebook
or whatever website you're visiting those values again,
and again, and again.
You're not private within that window, per se.
You're only private within that window with respect
to everything else you have opened.
So for instance, if I go now here and go to View, Developer, and Developer
Tools.
And I have my network tab open again and I
visit something like https://www.google.com and hit Enter,
you'll see that Google is indeed still planting a cookie.
This time, I got two cookies from Google on my computer.
And those cookies will exist for as long as I have this incognito window open.
So Google might be able to infer who I am
or that I am the same person based on these cookies.
But they know even more than that.
If I scroll back down to where we began to these requests
headers, the information my browser is sending to the server,
you'll notice that among these values is something like this.
This one, too, looks a little arcane.
Let me go ahead and zoom in on it here.
But it's called user agent.
It's formatted in the same way.
User dash agent colon.
And then an arcane string here.
But it looks like for whatever reason, my computer
is telling Google without my even asking it to that I'm using a Mac,
that I'm running Mac OS 10.14.
6 at the moment.
And if I keep scrolling, it's going to tell it
further that this is a specific version of Google Chrome.
And this is just some of the information that is leaked deliberately and often
for good purposes.
But these are the kinds of traces we all leave when we're using the internet.
And we won't even go down this rabbit hole too, but all of our computers
have unique addresses.
You might have heard of things called IP addresses.
You can't just get rid of those much like you can't just
remove your postal address and expect mail to still arrival.
All of us have unique addresses that are still being presented to these servers.
And so, through computer science, through courses like this,
and through reading up on these kinds of topics hereinafter realize
that in understanding these primitives, these things like cookies
and how they are set can you at least then,
we hope, make a more informed decision as to whether to use them
in that way or not or to visit websites in some way
that you know to be using them for some purpose.
Well what do we have besides this to perhaps worry about in the world?
I daresay Snapchat is pretty popular these days.
And of course, with Snapchat there's this notion
that they popularized it being able to delete photos after 1 second or 10
seconds or the like.
And in fact, you all may recall from problems set four.
You implemented recover in a language called C
and you recovered photos that had been deleted.
So clearly already, deleted doesn't necessarily have to mean deleted.
And that's certainly the case even for third party services.
Now to be fair, we can only guess how it is Snapchat works underneath the hood.
They claim to be deleting your photos after some number of seconds,
but let's consider for a moment what that might actually
mean because it's our information we're putting out there,
in this case in pictorial form.
If you've never use Snapchat, when taking a photo,
you're able to see a screen like this and allow your message
to expire either never or infinitely many seconds from now,
or 1 to 10 seconds somewhere in between.
After which, the photo is deleted.
Well what does that mean?
In the context of last week, those of you with now background in SQL
might hope that what Snapchat is doing on their servers
is executing a query like this.
Delete from snaps where ID equals something.
And the question mark represents the idea of the snap you just sent,
the photograph that you just took.
But maybe they're doing that.
We, as outsiders as users, have no way to audit this.
We can only trust what they say.
What if they're instead just doing something like this?
Update snaps, set deleted equals true where
ID equals question mark, where that again is the identifier of your snap.
Now what is this representative of?
Well in the world of computer science, there's
this notion of hard deletion and soft deletion.
Hard delete means truly just delete the data,
like throw the bits away so that they really shouldn't be recoverable.
Soft delete is generally implemented like this, where you literally
change a 0 to a 1, a false to a true in your database to just remember oh
the user deleted this.
But that doesn't mean we have to throw the data away.
This might have value for marketing purposes,
for analytical purposes, business purposes, or the like.
So for all intents and purposes, it's deleted
because you the user can't get it back and no one else can see it.
But perhaps one or more employees at Snap can see that data.
And perhaps, that's the kind of data that's
at risk of being leaked out longer term.
And we've not even discussed things like backups, which too have upsides.
You don't want your data to get lost, but you also
don't want your data to get stuck on some backup in perpetuity as well.
So the lesson here we would propose is just consider.
Don't just trust what some tool or some application or developer
says something does.
Decide for yourself just how much weight to give those claims
and whether or not this kind of risk is worth taking photos
that you might regret, or wish to unsend because there really
is no notion of unsending, no matter what it is these applications
describe it as.
One last one that we saw just a couple of weeks ago.
Photo, the ability to tagged photos using artificial intelligence
and machine learning these days, or just simple pattern matching
was incredibly easy and a few lines of Python code to pick me out,
for instance, out of all of CS50 staff based on relatively little information.
This is enhanced, the closest thereof.
This is a fuzzy picture.
Didn't represent it really just by two eyes, a nose,
and a mouth that apparently resembles my particular face.
This was really easy to do.
And I don't have to tell you these days that if you're on social media,
all of us have probably been uploading or have had upload
on our behalf photographs of us that are then tagged
and we have for better or for worse been just telling the world what
we look like from all sorts of angles.
And here too, can the data perhaps be misused.
Yes, it's wonderfully useful when you upload an album because your friends
can see oh, that was a great night out.
We can now reminisce about those memories.
But someone else can be scraping all that data,
as we have read about having happened in the past.
And someone else might use that data to find you in a crowd
where you don't want to be found.
Or governments could do this too, based on driver's licenses
photos or the like.
Here, too, just because the software can do something
doesn't necessarily mean we should do that.
So we have all of these building blocks underneath our belts
now from week zero on through up eight.
We have a number of languages under our belts.
And for the final weeks of the class is the goal ultimately,
to take off the last of the training wheels.
In fact, the training wheels we literally took off just a few weeks ago
are sitting over there now.
And now, is there an opportunity for you in the weeks
ahead as the students in the room to decide on your follow on tracks.
All toward an end of CS50's final project.
And among the tracks, for instance, that are on the horizon
for your web programming.
This is taking primitives like we just saw there,
using JavaScript, HTML, CSS, plus some more Python and SQL
which you've seen over the past couple of weeks, to build applications.
This particular track will be led by CS50's own Brian.
And among the projects you'll tackle over the coming weeks
are something like this.
CS50 finance, so to speak, which is a web based application
via which you can buy quote unquote and sell quote unquote stocks using
real time data from an actual API, application programming interface,
to get the latest prices for stock symbols in the world.
So you and this track will build this application complete with the ability
to log in, to log out, to buy stocks, sell stocks, all using virtual dollars
and using a SQL database underneath the hood to keep track of that information.
If you pursue the mobile track instead, applying your past eight
weeks of skills and concepts to a domain familiar to you and the phone
you have in your own pocket can you explore programming on iOS
or iPhones with a language called Swift.
Or if you're an Android user exploring that domain instead, using a language
called Java.
In this track, you'll be led by CS50's own Tommy McWilliam, who will guide you
to a number of projects, one of which implementing
your own Pokemon decks, a sort of Rolodex for Pokemon characters,
including all of the native user interface elements that
come with both iOS and Android.
You'll be able to explore an Instagram like application reminiscent of some
of the filters that you did in problem set four.
But this one will be interactive and on your own device or in a simulator
much closer to the app, whether it's Instagram or Snapchat that you yourself
are familiar with.
And then lastly in this track will you implement your own note
taking application.
The ability to add and remove information to keep track of todo's,
whether it's a grocery list, class schedule, or something else altogether.
And then lastly, you have the choice of CS50's games track
using a language called Lua.
This is a language that facilitates implementing games
and many other applications as well.
And CS50's own Colton Ogden will introduce you
to a couple of applications, some of which our parents in the room
might recall.
This was one of the first games ever implemented on a computer,
for instance.
Not to date people in the room.
But this is a game called Pong.
And it's relatively simple mechanically.
You move these white paddles up, down, up, down, on the left and on the right.
And this little ball back in my day was represented with a pixel, if you will.
That ball is going to bounce back and forth against those paddles.
So you have to figure out exactly how to do the reflections
and how to implement that interface.
And then, as is consistent with the CS50's theme of beginning with Mario,
you can end the semester with Mario again,
implementing your own version of Super Mario Brothers, which is representative
of a two dimensional side scrolling game, so to speak,
implementing this on your own Mac or PC using your own computer.
Indeed, for each of these tracks do you no longer need to use CS50 IDE.
And while you're welcome to for at least the web track,
you can now use tools that are freely available and are the types of tools
you'll use after this course, in the real world.
The goal of the final few weeks of the class is indeed this final project.
The goal of which is to apply these lessons
learned now to a project of your own design.
In the coming weeks when you propose and then design, and then
implement your final project inspired perhaps by any of those tracks,
you'll be able, for instance, in the web track to download Python, the language,
and in turn, the interpreter, onto your own Mac or PC and use it.
You can use a popular tool like I used briefly today,
Visual Studio Code, which is a free and open source tool that's
gaining momentum in industry because it's relatively accessible
and has lots of features many more than CS50's own IDE.
Xcode, by contrast, is what you'll use if you're using a Mac
and developing an iOS project for your iPhone because of that
being the software that Apple provides for that.
Or in the worlds of Google's, Android Studio,
a free tool that you can use to build those Android applications as well.
But how are we going to get there and how
will we support you along the the way?
So there's this tradition in CS50 for the past decade of a CS50 hackathon.
This is an event that will begin at 7:00 PM sometime in December
and will end at 7 AM the next night.
But unlike most, for instance, all night affairs,
this one will be entirely focused on building something and creating
something alongside all of your classmates and all of your staff,
including some of our friends from Yale as well.
Upon arrival, we'll all CS50 staff greet you at the top of the stairs
where you check in, get settled for the night,
and ultimately spend those 12 hours working theoretically
on your final project.
Perhaps, even putting the finishing touches on it here.
One of the rooms from across the river where the event is held, this I think
is shortly after a bug was fixed later that night.
But along the way, there will be made several meal times as well.
We're in the habit of providing 100 of burritos from Philippe's around 9 PM.
Domino's kindly brings a few 100 pizzas around 1:00 AM.
And then, if you're still awake at 5:00 AM,
will some Harvard shuttles take us too.
And our therapy dog who will also be in attendance
will take us down the road to Ihop for pancakes at 5 AM
if you would like to join us there.
[LAUGHTER]
And after that is the final, the one final capstone to which everyone
in this room parents and families as well are
invited as are all faculty and staff across campus, is the CS50 fair.
A campus wide exhibition of all students final projects at which you'll
be to which you'll bring your laptop.
We'll have music, and popcorn, and candy, and friends,
and alumni from industry.
And it really is meant to be this exhibition of in celebration
of the final projects you by that point a month hence will have created.
Its at central Harvard Square in the Smith center
and will you be greeted by such visuals as these.
Our friends at Yale will be doing the same in parallel.
And it's just an opportunity to see what you and your friends
have done to invite them as well to see what you've accomplished this term.
And to ultimately share in the kinds of projects
that you've both created with a few passers by here, as well.
And here is where I wanted to thank the staff, not only those who
helped run the show in the room here.
But also a few of the course's heads, literally heads.
This here is CS50 staff here in Cambridge this past year.
All of our teaching fellows, course assistants, producers, and the like.
These are our team members at Yale, where
the course is indeed held in parallel.
And there is a few faces we wanted to call in particular.
Rodrigo, our head teaching fellow who sadly is graduating, but has
been with the course for so many years.
Emma, who is currently our head CA, will take over as head teaching fellow
this coming year.
And of course, Brian, many of whom you know
as the course's preceptor who himself holds
both of those roles over the past couple of years.
But this is where we'll end just as we began.
2/3 of you eight weeks ago had never taken CS before.
And when we surveyed you as to your comfort levels,
you might recall this breakdown.
That over some 49% percent of you described yourselves
as among those less comfortable just with the idea of taking,
shopping, let alone staying in the course like CS50.
16% of you described yourselves as more comfortable.
And 35% described yourselves as somewhere in between.
As you now embark on your final projects of your own choice,
I can officially decree that you are all now more comfortable.
This then, was just the beginning of your journey
toward the end of these final projects.
Thank you all, too, for coming today and for joining us this semester.
This was CS50.
[APPLAUSE]