1 00:00:00,000 --> 00:00:00,500 2 00:00:00,500 --> 00:00:13,514 [THEME MUSIC] 3 00:00:13,514 --> 00:00:32,147 4 00:00:32,147 --> 00:00:34,940 >> DAVID J. MALAN: Can you hear me, world? 5 00:00:34,940 --> 00:00:38,170 So in next week's episode we'll talk about microphone technology. 6 00:00:38,170 --> 00:00:40,460 But for now, let's begin. 7 00:00:40,460 --> 00:00:42,940 Hello, world, we are back, as is my voice. 8 00:00:42,940 --> 00:00:44,980 And this is CS50 Live. 9 00:00:44,980 --> 00:00:47,600 >> And boy, do we have a good show for you this week. 10 00:00:47,600 --> 00:00:49,720 In particular, we've got the Heartbleed bug 11 00:00:49,720 --> 00:00:52,900 that's been all over the news of late, some stories from students, 12 00:00:52,900 --> 00:00:56,356 a trip to Vegas, a behind the scenes tour of Dropbox. 13 00:00:56,356 --> 00:01:00,800 And I'm hearing, yes, CS50's own Ramon Galvin is back. 14 00:01:00,800 --> 00:01:03,880 CS50's Ramon Galvin is in the studio again today. 15 00:01:03,880 --> 00:01:05,650 >> But first, some desk lamps. 16 00:01:05,650 --> 00:01:08,650 Of course desk lamps have been a bit of a thing this semester in CS50. 17 00:01:08,650 --> 00:01:11,410 And you may recall Ahmad, from a previous episode, who 18 00:01:11,410 --> 00:01:13,500 submitted a video making his case for why 19 00:01:13,500 --> 00:01:16,580 he'd like to receive his own CS50 desk lamp. 20 00:01:16,580 --> 00:01:18,630 Well, we sent a desk lamp ultimately to Ahmad. 21 00:01:18,630 --> 00:01:21,000 And he kindly sent us this photo of himself 22 00:01:21,000 --> 00:01:24,020 in Pakistan with a CS50 desk lamp. 23 00:01:24,020 --> 00:01:27,730 >> Meanwhile, you may recall Lamp Story, submitted by Eggers in Latvia. 24 00:01:27,730 --> 00:01:29,870 We sent over a desk lamp to Latvia as well. 25 00:01:29,870 --> 00:01:32,330 And pictured here is that desk lamp. 26 00:01:32,330 --> 00:01:35,690 Finally, you may recall Philip who didn't just submit a photo, 27 00:01:35,690 --> 00:01:38,790 but also submitted a video via which to thank us 28 00:01:38,790 --> 00:01:42,030 for his desk lamp, which we sent all the way to Germany. 29 00:01:42,030 --> 00:01:43,690 Let's take a look. 30 00:01:43,690 --> 00:01:44,540 >> PHILLIP: Hi. 31 00:01:44,540 --> 00:01:47,610 Dear David, and dear all of you amazing people at CS50. 32 00:01:47,610 --> 00:01:52,042 I'm Phil and I want to thank you so much for this incredible gift. 33 00:01:52,042 --> 00:01:54,335 It is unbelievable to me that you actually 34 00:01:54,335 --> 00:01:57,080 sent this all the way over here to Germany. 35 00:01:57,080 --> 00:01:58,290 But you know what? 36 00:01:58,290 --> 00:02:01,742 Why don't I thank you personally? 37 00:02:01,742 --> 00:02:05,580 >> Hey, David, I want to thank you so much for this CS50 desk lamp. 38 00:02:05,580 --> 00:02:08,669 You can not imagine what this means to me. 39 00:02:08,669 --> 00:02:10,000 >> DAVID J. MALAN: Desk lamp? 40 00:02:10,000 --> 00:02:11,200 >> PHILLIP: Right. 41 00:02:11,200 --> 00:02:17,099 OK, I'm going to leave, but, yeah, thanks. 42 00:02:17,099 --> 00:02:19,640 DAVID J. MALAN: Now, two of your classmates actually traveled 43 00:02:19,640 --> 00:02:21,400 to us to have a chat of late. 44 00:02:21,400 --> 00:02:25,420 In particular, Amy from Massachusetts and Jack from Dublin, Ireland, 45 00:02:25,420 --> 00:02:28,940 came all the way to Sanders Theater to sit down and talk about CS50 46 00:02:28,940 --> 00:02:30,270 past and present. 47 00:02:30,270 --> 00:02:33,160 48 00:02:33,160 --> 00:02:34,620 >> This is Sanders Theater. 49 00:02:34,620 --> 00:02:38,410 So this is where CS50's lectures are held. 50 00:02:38,410 --> 00:02:40,197 Thanks so much for coming to campus. 51 00:02:40,197 --> 00:02:41,780 Shall we start with the introductions? 52 00:02:41,780 --> 00:02:42,730 I'm David. 53 00:02:42,730 --> 00:02:43,560 >> AMY: I'm Amy. 54 00:02:43,560 --> 00:02:46,770 I work on the web and I live here in Cambridge. 55 00:02:46,770 --> 00:02:49,244 >> JACK: I'm Jack and I'm from Dublin, Ireland. 56 00:02:49,244 --> 00:02:50,410 I'm a junior in high school. 57 00:02:50,410 --> 00:02:53,659 >> DAVID J. MALAN: And what brings you here today in particular from so far away? 58 00:02:53,659 --> 00:02:55,230 JACK: For a visit to Boston. 59 00:02:55,230 --> 00:02:58,550 >> AMY: How has CS50 evolved as you've been teaching it? 60 00:02:58,550 --> 00:03:02,420 >> DAVID J. MALAN: It's definitely gotten more dramatic over the years. 61 00:03:02,420 --> 00:03:05,290 We've been filming since 2007, so we can literally go back in time 62 00:03:05,290 --> 00:03:08,860 and watch past years, first lectures in particular. 63 00:03:08,860 --> 00:03:11,800 And I think the first lecture in 2007 was pretty much 64 00:03:11,800 --> 00:03:13,640 me, coming out in front of the class. 65 00:03:13,640 --> 00:03:16,550 Saying, hello, this is CS50. 66 00:03:16,550 --> 00:03:18,900 And we dove into the day's material. 67 00:03:18,900 --> 00:03:21,210 >> All right, so welcome to Computer Science 50, 68 00:03:21,210 --> 00:03:23,120 Introduction to Computer Science 1. 69 00:03:23,120 --> 00:03:26,270 My name is David Malin and I will be your instructor this-- 70 00:03:26,270 --> 00:03:28,120 >> Now there's music. 71 00:03:28,120 --> 00:03:29,450 The lights go down. 72 00:03:29,450 --> 00:03:30,910 We drop down a huge screen. 73 00:03:30,910 --> 00:03:33,335 There may or may not be Muppets in a given year. 74 00:03:33,335 --> 00:03:38,915 75 00:03:38,915 --> 00:03:42,680 And it's funny, because this has all happened very gradually 76 00:03:42,680 --> 00:03:44,850 over the years, just a little bit more each year. 77 00:03:44,850 --> 00:03:47,510 But the delta, now, between the first year and the last year 78 00:03:47,510 --> 00:03:51,670 is actually rather atrocious, just how different the first five minutes are. 79 00:03:51,670 --> 00:03:56,700 >> AMY: I'm curious, what do you see as the differences between the edX 80 00:03:56,700 --> 00:03:59,630 version and the live course? 81 00:03:59,630 --> 00:04:02,410 >> DAVID J. MALAN: So curricularly and technologically CS50 82 00:04:02,410 --> 00:04:06,850 on campus and CS50x off campus are fundamentally the same. 83 00:04:06,850 --> 00:04:09,560 What does differ between the two is the level of support 84 00:04:09,560 --> 00:04:11,630 that we're able to provide. 85 00:04:11,630 --> 00:04:15,770 Even though CS50 has a huge team of some 100 teaching fellows, course 86 00:04:15,770 --> 00:04:18,800 assistants, myself, and our production team-- 87 00:04:18,800 --> 00:04:22,025 we can just barely keep up with the 700 students on campus 88 00:04:22,025 --> 00:04:27,610 and the 150 Extension School students who are local or online themselves. 89 00:04:27,610 --> 00:04:30,880 So for CS50x, we simply don't have the support structure of office hours, 90 00:04:30,880 --> 00:04:33,057 for instance, four nights a week for several hours. 91 00:04:33,057 --> 00:04:36,390 JACK: And what do you guys talk about in office hours that will be different to, 92 00:04:36,390 --> 00:04:39,119 say, what you have on lectures, or on sections, or shorts? 93 00:04:39,119 --> 00:04:41,160 DAVID J. MALAN: On campus office hours are really 94 00:04:41,160 --> 00:04:44,740 opportunities for students to pose questions, one on one, 95 00:04:44,740 --> 00:04:48,100 with a member of the teaching staff or even a classmate of theirs nearby. 96 00:04:48,100 --> 00:04:51,810 And generally wrestle with bugs that they're having in their codes. 97 00:04:51,810 --> 00:04:55,350 >> AMY: I think Reddit kind of gives a reasonable facsimile of an office 98 00:04:55,350 --> 00:04:55,980 hours. 99 00:04:55,980 --> 00:04:56,980 >> DAVID J. MALAN: Agreed, agreed. 100 00:04:56,980 --> 00:04:59,521 I've been really impressed, though, with the Reddit community 101 00:04:59,521 --> 00:05:01,430 and the newcomers to the group, too-- just 102 00:05:01,430 --> 00:05:03,700 how eager and hopeful people have been. 103 00:05:03,700 --> 00:05:06,920 And Reddit definitely lends itself better, I think, to posting of code 104 00:05:06,920 --> 00:05:08,800 and having threaded discussions. 105 00:05:08,800 --> 00:05:10,871 >> JACK: And do you think people should try, 106 00:05:10,871 --> 00:05:12,620 if they know they're doing something wrong 107 00:05:12,620 --> 00:05:15,986 or it's like, they've implemented-- spent too much time on it, 108 00:05:15,986 --> 00:05:17,610 think they should stop and start again? 109 00:05:17,610 --> 00:05:18,840 Or look for help? 110 00:05:18,840 --> 00:05:20,260 Or how should they-- 111 00:05:20,260 --> 00:05:22,330 >> DAVID J. MALAN: Take a break, minimally. 112 00:05:22,330 --> 00:05:26,790 Sometimes, especially for me at least, as your stress level starts to rise you 113 00:05:26,790 --> 00:05:29,327 start hacking away and copying and pasting, forgetting 114 00:05:29,327 --> 00:05:30,410 what you've already tried. 115 00:05:30,410 --> 00:05:32,810 It's just time to go to sleep, or go take a jog, 116 00:05:32,810 --> 00:05:35,610 or go shower, and just kind of get some distance. 117 00:05:35,610 --> 00:05:39,030 And this has happened many, many times to me 118 00:05:39,030 --> 00:05:42,190 where I'll be lying there in bed even, or even driving to work, 119 00:05:42,190 --> 00:05:44,500 or walking somewhere, kind of debugging in my head. 120 00:05:44,500 --> 00:05:47,708 >> And only once you have that distance and a lot less stress on your shoulders, 121 00:05:47,708 --> 00:05:49,850 I think, can you realize, like, oh, I'm an idiot. 122 00:05:49,850 --> 00:05:54,450 I forgot to call this function, or initialize some variable. 123 00:05:54,450 --> 00:05:58,530 >> So as a little surprise if you'd like to take a look under your CS50 seat 124 00:05:58,530 --> 00:06:00,490 cushion, a little something awaits you. 125 00:06:00,490 --> 00:06:07,184 126 00:06:07,184 --> 00:06:08,100 Those were good looks. 127 00:06:08,100 --> 00:06:11,280 Did we get those looks? 128 00:06:11,280 --> 00:06:14,550 >> Under their seat cushions, of course, was a bit more Dropbox space. 129 00:06:14,550 --> 00:06:17,470 Now you may recall we recently traveled to Saint Louis, Missouri, 130 00:06:17,470 --> 00:06:20,090 where we had a unique opportunity to actually blow glass 131 00:06:20,090 --> 00:06:22,110 at the Third Degree Glass factory. 132 00:06:22,110 --> 00:06:26,150 Our host for the day made this beautiful bowl of glass 133 00:06:26,150 --> 00:06:29,325 by spinning and spinning it until you got this beautiful wavy effect. 134 00:06:29,325 --> 00:06:32,320 And this now lives in our offices here in Cambridge. 135 00:06:32,320 --> 00:06:35,640 >> I, on the other hand, made this big ball of orange glass 136 00:06:35,640 --> 00:06:37,230 that now sits on my desk. 137 00:06:37,230 --> 00:06:39,860 But we were in Saint Louis, of course, for the CS50 hackathon 138 00:06:39,860 --> 00:06:42,730 in Saint Louis with Launchcode, where we had an opportunity 139 00:06:42,730 --> 00:06:48,230 to sit down with a number of your classmates and hear their CS50 stories. 140 00:06:48,230 --> 00:06:55,337 >> EZRA: Once I saw computer coding and the kind of-- that's 141 00:06:55,337 --> 00:06:56,670 the career that I want to be in. 142 00:06:56,670 --> 00:07:00,050 And I think that I would be very good at it. 143 00:07:00,050 --> 00:07:02,680 >> CHARLES: Well, I've been job hunting for a while. 144 00:07:02,680 --> 00:07:04,770 Bachelor of Science, biomedical engineering. 145 00:07:04,770 --> 00:07:06,950 It hasn't been going too well. 146 00:07:06,950 --> 00:07:09,350 So I thought maybe I'd look into a different field. 147 00:07:09,350 --> 00:07:12,380 >> KIMBERLY: In Green Bay, Wisconsin I was a school counselor. 148 00:07:12,380 --> 00:07:16,130 And I really knew I wanted to change careers. 149 00:07:16,130 --> 00:07:19,040 >> SAM: I've heard a lot of people saying, like, everyone 150 00:07:19,040 --> 00:07:20,190 should learn how to code. 151 00:07:20,190 --> 00:07:22,140 Everyone should be exposed to it. 152 00:07:22,140 --> 00:07:25,450 And before I was just kind of like, eh, whatever. 153 00:07:25,450 --> 00:07:27,790 >> AUSTIN: I had taken a semester off. 154 00:07:27,790 --> 00:07:30,700 And I'm now doing the CS50x program. 155 00:07:30,700 --> 00:07:34,670 >> KELLI: It's very accessible to anyone at all. 156 00:07:34,670 --> 00:07:37,100 >> LEANNE: I've been a developer in the past. 157 00:07:37,100 --> 00:07:41,630 But I had a situation and I wanted to kind of increase my confidence, 158 00:07:41,630 --> 00:07:44,550 and I wanted to learn C, and I wanted to learn 159 00:07:44,550 --> 00:07:47,754 PHP, which I saw that CS50 was teaching. 160 00:07:47,754 --> 00:07:49,170 AUSTIN: People are really helpful. 161 00:07:49,170 --> 00:07:50,900 There's definitely more of a community than you 162 00:07:50,900 --> 00:07:52,510 would think from an online course. 163 00:07:52,510 --> 00:07:55,745 >> KELLI: I'm working on my problem set five, that I just started. 164 00:07:55,745 --> 00:07:59,290 So I get to do a little forensics. 165 00:07:59,290 --> 00:08:01,560 >> CHARLES: It has been challenging. 166 00:08:01,560 --> 00:08:04,470 It's definitely meant to stretch your limits. 167 00:08:04,470 --> 00:08:06,210 I'm working on problem set five. 168 00:08:06,210 --> 00:08:09,150 >> KIMBERLY: My classmate and I are working on our final project. 169 00:08:09,150 --> 00:08:11,760 >> SAM: I'm working on my final project. 170 00:08:11,760 --> 00:08:15,320 I've got two other people working with me, we're the tri-force of power. 171 00:08:15,320 --> 00:08:21,450 >> LEANNE: I'm attempting to work on an iOS app that is a calendar agenda 172 00:08:21,450 --> 00:08:26,100 application that I wanted to create, just for my own use, to start out with. 173 00:08:26,100 --> 00:08:28,700 >> AUSTIN: My final project is going to be a website that 174 00:08:28,700 --> 00:08:31,380 is an image and visual repository. 175 00:08:31,380 --> 00:08:35,820 Basically it's going to have a listing of helpful phrases 176 00:08:35,820 --> 00:08:38,270 and sign language for medical personnel. 177 00:08:38,270 --> 00:08:42,440 >> EZRA: Let's say my final project was a puppet doing a dance, 178 00:08:42,440 --> 00:08:49,060 and they asked me, can you make this puppet to do this dance twice as fast? 179 00:08:49,060 --> 00:08:55,270 I would be able to go to my code, change it, save it, compile it, upload it, 180 00:08:55,270 --> 00:08:58,950 and show them right away that I can-- that not only did I 181 00:08:58,950 --> 00:09:01,190 make this final project, I understand. 182 00:09:01,190 --> 00:09:03,480 I can tweak it however they want me to tweak it. 183 00:09:03,480 --> 00:09:06,400 >> CHARLES: I figure once I get my final project completed 184 00:09:06,400 --> 00:09:08,500 and some potential employers have a chance 185 00:09:08,500 --> 00:09:11,170 to look at that they'll have a better assessment of whether they 186 00:09:11,170 --> 00:09:12,586 think I'll be a good fit for them. 187 00:09:12,586 --> 00:09:17,530 SAM: Now I'm very confident and I'm learning new stuff all the time. 188 00:09:17,530 --> 00:09:18,980 And it's great. 189 00:09:18,980 --> 00:09:20,770 It's changed my life. 190 00:09:20,770 --> 00:09:24,390 >> EZRA: This is really hard material, especially 191 00:09:24,390 --> 00:09:31,110 if you're doing this and also working, and maybe also have a family, 192 00:09:31,110 --> 00:09:35,220 and maybe also have children, and maybe also have a mortgage. 193 00:09:35,220 --> 00:09:41,340 But it's so worth it if you just put the effort in. 194 00:09:41,340 --> 00:09:47,249 What you get out is so much more valuable than the time that you put in. 195 00:09:47,249 --> 00:09:49,040 DAVID J. MALAN: And now, this week in tech. 196 00:09:49,040 --> 00:09:51,180 Odds are you've heard of the so-called Heartbleed 197 00:09:51,180 --> 00:09:53,670 bug, which has affected web servers throughout the world. 198 00:09:53,670 --> 00:09:55,610 But what is this bug, exactly? 199 00:09:55,610 --> 00:09:59,400 Well, turns out that many web servers run software called open 200 00:09:59,400 --> 00:10:02,500 SSL, where SSL of course is Secure Sockets Layer. 201 00:10:02,500 --> 00:10:05,630 And this is the technology that encrypts traffic between a web browser, 202 00:10:05,630 --> 00:10:07,730 or client, and a web server. 203 00:10:07,730 --> 00:10:10,640 Now unfortunately, in December of 2011, a programmer 204 00:10:10,640 --> 00:10:14,000 introduced an accidental bug into the source code for open SSL. 205 00:10:14,000 --> 00:10:17,660 >> And open SSL unfortunately is used in so many other products, 206 00:10:17,660 --> 00:10:20,080 among them the Apache web server, and others, 207 00:10:20,080 --> 00:10:23,260 that are hugely popular on the internet for hosting websites. 208 00:10:23,260 --> 00:10:29,020 The result of this was that the following attack is possible. 209 00:10:29,020 --> 00:10:32,430 As part of open SSL there's a so-called heartbeat feature, 210 00:10:32,430 --> 00:10:36,150 whereby a client like a browser can send a message or a payload, 211 00:10:36,150 --> 00:10:38,630 which is really just a string, like hello, to a server. 212 00:10:38,630 --> 00:10:40,940 And in addition to that payload it sends a number 213 00:10:40,940 --> 00:10:43,400 which should be the length of that payload. 214 00:10:43,400 --> 00:10:45,280 In the case of hello, it should be five. 215 00:10:45,280 --> 00:10:49,060 >> Unfortunately, the bug in open SSL operated as follows. 216 00:10:49,060 --> 00:10:50,910 It ignored that number. 217 00:10:50,910 --> 00:10:55,020 And so if you-- rather, it trusted that number. 218 00:10:55,020 --> 00:10:59,370 So if you, the client, sent a message like hello, and not the number 5 219 00:10:59,370 --> 00:11:03,180 but the number 100, what would happen is that the server would blindly 220 00:11:03,180 --> 00:11:06,200 respond to that payload by echoing back not only hello, 221 00:11:06,200 --> 00:11:10,310 those 5 bytes, but 95 additional bytes thereby trusting 222 00:11:10,310 --> 00:11:14,340 that you were telling the truth when you said that the payload was in fact 100 223 00:11:14,340 --> 00:11:14,860 bytes. 224 00:11:14,860 --> 00:11:16,310 Now why is that problematic? 225 00:11:16,310 --> 00:11:18,370 >> Well, you may recall from CS50, of course, 226 00:11:18,370 --> 00:11:20,610 from memory management that on the stack and the heap 227 00:11:20,610 --> 00:11:24,730 are remnants of data paths, when you've called a function, used a variable, 228 00:11:24,730 --> 00:11:28,580 those values stay in memory even if you're no longer actively using 229 00:11:28,580 --> 00:11:29,760 those chunks of memory. 230 00:11:29,760 --> 00:11:34,890 So when the server responds not with 5 bites but with 100 bytes, 95 of which 231 00:11:34,890 --> 00:11:37,140 are not technically supposed to go back to the client, 232 00:11:37,140 --> 00:11:40,820 those 95 bytes could contain passwords, or the server's 233 00:11:40,820 --> 00:11:45,410 security certificates, or the servers secret keys, so to speak, all of which 234 00:11:45,410 --> 00:11:46,610 are used for encryption. 235 00:11:46,610 --> 00:11:49,380 >> And so ultimately your information could be handed back 236 00:11:49,380 --> 00:11:52,157 to some random adversary on the internet simply 237 00:11:52,157 --> 00:11:54,240 because your password, or credit card information, 238 00:11:54,240 --> 00:11:56,120 or something else that's sensitive happened 239 00:11:56,120 --> 00:11:59,620 to be in the web server's memory at that particular location. 240 00:11:59,620 --> 00:12:01,630 Now this was a big deal, because this bug 241 00:12:01,630 --> 00:12:03,690 affected web servers throughout the world. 242 00:12:03,690 --> 00:12:08,480 Among them Amazon Web Services, Box, Dropbox, Etsy, Flickr, GitHub, Gmail, 243 00:12:08,480 --> 00:12:11,950 Go Daddy, Google, Instagram, Minecraft, Netflix, OKCupid, Pinterest, 244 00:12:11,950 --> 00:12:15,760 SoundCloud, Tumblr, Twitter, Venmo, Wikipedia, WordPress, Yahoo, 245 00:12:15,760 --> 00:12:19,030 YouTube-- and those are just the companies, just some 246 00:12:19,030 --> 00:12:22,720 of the companies that actually disclosed that their servers had been running 247 00:12:22,720 --> 00:12:26,560 the afflicted software and had only recently, as this past week, 248 00:12:26,560 --> 00:12:27,790 been updated. 249 00:12:27,790 --> 00:12:31,450 >> Now it turns out the fix, in source code for, this Heartbleed bug is actually 250 00:12:31,450 --> 00:12:32,530 remarkably simple. 251 00:12:32,530 --> 00:12:35,710 It pretty much boils down to these two lines of code. 252 00:12:35,710 --> 00:12:39,030 If payload is greater than the actual length, return 0. 253 00:12:39,030 --> 00:12:42,680 Do not return some potentially disclosing bits. 254 00:12:42,680 --> 00:12:45,839 Now in reality the lines of code were a little more complex. 255 00:12:45,839 --> 00:12:47,130 It looked a bit more like this. 256 00:12:47,130 --> 00:12:48,720 But this is just some additional arithmetic 257 00:12:48,720 --> 00:12:50,428 and there were a few other lines of code, 258 00:12:50,428 --> 00:12:52,530 but the fix really was that simple. 259 00:12:52,530 --> 00:12:54,470 >> And so if you've never believed in lectures 260 00:12:54,470 --> 00:12:57,660 when we say that you should always check the boundaries of your array 261 00:12:57,660 --> 00:13:00,170 and make sure to check the lengths of any chunk of memory 262 00:13:00,170 --> 00:13:03,880 before blindly traversing through your computer's memory, 263 00:13:03,880 --> 00:13:05,320 this is what can happen. 264 00:13:05,320 --> 00:13:08,954 And truly it's been a globally impactful bug. 265 00:13:08,954 --> 00:13:11,620 Now what can you yourself do to learn more and protect yourself? 266 00:13:11,620 --> 00:13:14,390 Well, head to heartbleed.com, which is a terrific website that 267 00:13:14,390 --> 00:13:18,280 explains in a bit more detail exactly what the threat is, how folks have 268 00:13:18,280 --> 00:13:20,317 responded, what software's been affected, 269 00:13:20,317 --> 00:13:21,650 and how you can defend yourself. 270 00:13:21,650 --> 00:13:25,210 But it pretty much boils down to this-- change your passwords, 271 00:13:25,210 --> 00:13:27,585 arguably on most any website you know if unsure 272 00:13:27,585 --> 00:13:29,460 whether that particular website was affected. 273 00:13:29,460 --> 00:13:31,560 >> Because one of the scariest things about this bug 274 00:13:31,560 --> 00:13:33,530 is that it's not so much auditable. 275 00:13:33,530 --> 00:13:36,580 It's not clear if, even over the past two years, 276 00:13:36,580 --> 00:13:39,890 a server was vulnerable, if your information was indeed compromised. 277 00:13:39,890 --> 00:13:42,120 So as is the case generally with security, 278 00:13:42,120 --> 00:13:45,350 the best approach is paranoia and change any passwords 279 00:13:45,350 --> 00:13:48,320 on websites that are particularly sensitive to you. 280 00:13:48,320 --> 00:13:50,990 But head to that URL there for even more detail. 281 00:13:50,990 --> 00:13:53,750 >> Now in other news, Mark Zuckerberg recently posted this. 282 00:13:53,750 --> 00:13:55,470 I'm excited to announce that we've agreed 283 00:13:55,470 --> 00:13:59,260 to acquire Oculus VR, the leader in virtual reality technology. 284 00:13:59,260 --> 00:14:01,640 Now virtual reality is an interesting thing 285 00:14:01,640 --> 00:14:03,557 that's beginning to gain a bit more traction. 286 00:14:03,557 --> 00:14:05,640 It generally involves putting on a pair of goggles 287 00:14:05,640 --> 00:14:08,960 that might look like these inside of which are a pair of lenses that 288 00:14:08,960 --> 00:14:12,335 allow you to see a computer screen right up close to your face. 289 00:14:12,335 --> 00:14:15,210 And on that computer screen could be anything, the inside of a house, 290 00:14:15,210 --> 00:14:18,540 the outside of the house, a virtual world inside of a game. 291 00:14:18,540 --> 00:14:22,260 And the result is an incredibly immersive opportunity 292 00:14:22,260 --> 00:14:25,594 to feel as though you're actually someplace that you're actually not. 293 00:14:25,594 --> 00:14:27,510 I, for instance, might be in a conference room 294 00:14:27,510 --> 00:14:31,230 when really I think I'm in a Tron-like virtual world. 295 00:14:31,230 --> 00:14:32,790 And indeed, I had an opportunity. 296 00:14:32,790 --> 00:14:35,623 I haven't personally played with Oculus, but I did visit our friends 297 00:14:35,623 --> 00:14:38,270 in Seattle, Washington, recently at Valve software, who 298 00:14:38,270 --> 00:14:40,860 were working on a very similar VR technology. 299 00:14:40,860 --> 00:14:43,140 And I was very fortunate to have the opportunity 300 00:14:43,140 --> 00:14:47,630 to put on their pair of goggles for 60 seconds of this. 301 00:14:47,630 --> 00:15:48,240 >> [MUSIC PLAYING] 302 00:15:48,240 --> 00:15:51,190 >> Now, CS50's own Dan Coffey also had an opportunity 303 00:15:51,190 --> 00:15:53,590 to take a trip recently to Mountain View, California, 304 00:15:53,590 --> 00:15:56,360 where he sat down with our friends at Dropbox, among them 305 00:15:56,360 --> 00:15:59,710 CS50's own former head teaching fellow Thomas Carriero, 306 00:15:59,710 --> 00:16:02,140 who's been responsible for all of that Dropbox space 307 00:16:02,140 --> 00:16:03,740 underneath your seat cushions. 308 00:16:03,740 --> 00:16:07,100 Thomas very kindly opened the doors of Dropbox and gave us an exclusive 309 00:16:07,100 --> 00:16:10,600 behind the scenes of what it's like to work at Dropbox 310 00:16:10,600 --> 00:16:14,685 and daresay live at Dropbox. 311 00:16:14,685 --> 00:16:19,040 >> THOMAS CARRIERO: Hi, I'm Thomas Carriero, former CS50 head TF. 312 00:16:19,040 --> 00:16:21,980 We're here at the Dropbox headquarters in San Francisco, California. 313 00:16:21,980 --> 00:16:22,490 Welcome. 314 00:16:22,490 --> 00:16:23,490 I'm going to show you on a tour. 315 00:16:23,490 --> 00:16:24,031 Come with me. 316 00:16:24,031 --> 00:16:26,700 317 00:16:26,700 --> 00:16:27,200 Cool. 318 00:16:27,200 --> 00:16:30,030 So this balloon right here, this green check mark, 319 00:16:30,030 --> 00:16:34,020 is the balloon that we put on your desk when you first join the company. 320 00:16:34,020 --> 00:16:37,900 And the idea is that the balloon will stay kind of up there as long 321 00:16:37,900 --> 00:16:38,790 as you're a new hire. 322 00:16:38,790 --> 00:16:42,618 So the balloon of course loses helium over time and by the time 323 00:16:42,618 --> 00:16:47,420 the balloon is dead you're no longer a noob. 324 00:16:47,420 --> 00:16:51,460 This takes a couple of months to happen because these are really, really 325 00:16:51,460 --> 00:16:52,560 expensive balloons. 326 00:16:52,560 --> 00:16:57,800 We think we might keep the green check mark balloon business in business. 327 00:16:57,800 --> 00:17:00,230 >> Cool, so this right here is AT&T Park. 328 00:17:00,230 --> 00:17:02,530 This is where the San Francisco Giants play. 329 00:17:02,530 --> 00:17:08,190 We actually have a Dropbox box suite, one of our other awesome amenities, 330 00:17:08,190 --> 00:17:09,170 just across the way. 331 00:17:09,170 --> 00:17:11,479 So I'm standing by this really cool light display. 332 00:17:11,479 --> 00:17:13,770 So what's going on here is we're getting real time data 333 00:17:13,770 --> 00:17:16,950 about what's happening in our Mailbox app. 334 00:17:16,950 --> 00:17:19,960 Each of the colors corresponds to a different action. 335 00:17:19,960 --> 00:17:23,060 >> And so as users are doing these actions, these lights 336 00:17:23,060 --> 00:17:26,619 are lighting up with those colors to kind of let us know what's going on. 337 00:17:26,619 --> 00:17:30,960 Sometimes if stuff is going wrong, the colors will all start to be one color 338 00:17:30,960 --> 00:17:33,219 and we know that something bad is happening. 339 00:17:33,219 --> 00:17:34,968 So this is kind of one of the ways that we 340 00:17:34,968 --> 00:17:36,676 keep track of what's going on in Mailbox. 341 00:17:36,676 --> 00:17:39,500 342 00:17:39,500 --> 00:17:42,250 >> Cool, so let's see what's for dinner tonight. 343 00:17:42,250 --> 00:17:46,750 Looks like we have eight hour smoked beef brisket right here. 344 00:17:46,750 --> 00:17:49,310 And right here is my favorite station, the Indian station. 345 00:17:49,310 --> 00:17:53,500 It's an open face samosa chop today. 346 00:17:53,500 --> 00:17:55,290 Well, I guess that was my favorite station 347 00:17:55,290 --> 00:17:57,150 but this is my other favorite station. 348 00:17:57,150 --> 00:17:58,440 >> This is the pizza station. 349 00:17:58,440 --> 00:18:02,180 So they always make different kinds of pizza with our pizza oven right there. 350 00:18:02,180 --> 00:18:06,330 Looks like they're making a Sicilian pizza, which is one of my favorites. 351 00:18:06,330 --> 00:18:10,210 All right, so the chef told me that they are freshly made Ho Hos. 352 00:18:10,210 --> 00:18:13,100 I told him I was going to wait until after I'd eaten my dinner 353 00:18:13,100 --> 00:18:15,350 but I'm definitely going to have one of those tonight. 354 00:18:15,350 --> 00:18:19,323 OK, I'm going to have mine now. 355 00:18:19,323 --> 00:18:19,823 Real good. 356 00:18:19,823 --> 00:18:23,290 357 00:18:23,290 --> 00:18:26,690 >> So this is kind of the bonus station that's outside of the tech shop. 358 00:18:26,690 --> 00:18:29,850 For lunch we have Mexican food here and sushi here. 359 00:18:29,850 --> 00:18:34,050 And for dinner we have some kind meat delicious. 360 00:18:34,050 --> 00:18:37,340 Looks like roasted pork loin tonight. 361 00:18:37,340 --> 00:18:40,785 Get a close up on that. 362 00:18:40,785 --> 00:18:42,160 Cool, so this is our design area. 363 00:18:42,160 --> 00:18:44,810 This is where we design a bunch of the products. 364 00:18:44,810 --> 00:18:47,480 We have lots of fun poster boards and stuff, 365 00:18:47,480 --> 00:18:50,320 with kind of all the mocks that we're working on. 366 00:18:50,320 --> 00:18:53,380 We also have along the ground a bunch of the mocks 367 00:18:53,380 --> 00:18:56,130 that we've been working on over the years. 368 00:18:56,130 --> 00:18:58,490 So you can get a close up of that in a second. 369 00:18:58,490 --> 00:19:01,550 >> But this sign is one of my favorite things about Dropbox. 370 00:19:01,550 --> 00:19:03,650 So this sign actually came from the old office. 371 00:19:03,650 --> 00:19:05,520 And our slogan is, it just works. 372 00:19:05,520 --> 00:19:10,310 But if you look closely, there's a subliminal message in the sign. 373 00:19:10,310 --> 00:19:14,630 >> So one of my favorite parts about Dropbox are these vending machines. 374 00:19:14,630 --> 00:19:17,630 Instead of having chips or soda or anything like that, 375 00:19:17,630 --> 00:19:19,270 we actually have electronics. 376 00:19:19,270 --> 00:19:24,360 So if you need a new trackpad, or a new keyboard, or some headphones, 377 00:19:24,360 --> 00:19:27,160 all you need to do is swipe your badge right here. 378 00:19:27,160 --> 00:19:30,140 Type in the number and then the out comes your electronics. 379 00:19:30,140 --> 00:19:30,780 Pretty awesome. 380 00:19:30,780 --> 00:19:33,029 Thanks so much for joining me on this tour of Dropbox. 381 00:19:33,029 --> 00:19:35,230 It's been really fun showing you around. 382 00:19:35,230 --> 00:19:37,800 >> I'm going to close this out with the way we close out 383 00:19:37,800 --> 00:19:40,000 all of our all hands meetings. 384 00:19:40,000 --> 00:19:41,690 This is a special chant we do. 385 00:19:41,690 --> 00:19:44,050 Can I get some help here? 386 00:19:44,050 --> 00:19:47,800 One, two, three-- Dropbox! 387 00:19:47,800 --> 00:19:49,370 It's usually much cooler than that. 388 00:19:49,370 --> 00:19:57,986 389 00:19:57,986 --> 00:20:00,110 DAVID J. MALAN: Now if you'd like to visit Dropbox, 390 00:20:00,110 --> 00:20:04,570 head to Mountain View, California, hop on Route 101 north to San Francisco, 391 00:20:04,570 --> 00:20:06,110 where they actually are. 392 00:20:06,110 --> 00:20:07,930 Now we've also had an opportunity recently 393 00:20:07,930 --> 00:20:11,160 to travel to Las Vegas, Nevada for the NAB show, 394 00:20:11,160 --> 00:20:13,390 the National Association for Broadcasters show, 395 00:20:13,390 --> 00:20:16,160 which brings together some 100,000 people interested 396 00:20:16,160 --> 00:20:18,770 in audio and video and technology more generally 397 00:20:18,770 --> 00:20:21,160 to talk about the very latest and greatest. 398 00:20:21,160 --> 00:20:24,175 >> CS50's own Ramon Galvin took this trip and brought with him 399 00:20:24,175 --> 00:20:28,816 a camera crew in order to this footage from the show's floor. 400 00:20:28,816 --> 00:20:29,941 RAMON GALVIN: Hello, world. 401 00:20:29,941 --> 00:20:31,785 OK, I got it. 402 00:20:31,785 --> 00:20:32,710 Hello, world. 403 00:20:32,710 --> 00:20:34,634 Do I have to say my name? 404 00:20:34,634 --> 00:20:37,474 >> CAMERAMAN: Correspondent in the field . 405 00:20:37,474 --> 00:20:39,390 RAMON GALVIN: Can I get a lower third of that? 406 00:20:39,390 --> 00:20:43,329 Correspondent in field. 407 00:20:43,329 --> 00:20:44,689 >> CAMERAMAN: Senior. 408 00:20:44,689 --> 00:20:45,814 RAMON GALVIN: There you go. 409 00:20:45,814 --> 00:20:53,280 410 00:20:53,280 --> 00:20:55,632 I know, but I have to do it. [INAUDIBLE]. 411 00:20:55,632 --> 00:21:08,082 412 00:21:08,082 --> 00:21:09,078 I'm clueless. 413 00:21:09,078 --> 00:21:14,580 414 00:21:14,580 --> 00:21:16,474 >> Now's my prima donna pose. 415 00:21:16,474 --> 00:21:35,397 416 00:21:35,397 --> 00:21:37,230 DAVID J. MALAN: And they keep mentioning 4K. 417 00:21:37,230 --> 00:21:40,080 What is 4K exactly? 418 00:21:40,080 --> 00:21:42,884 >> RAMON GALVIN: That's a really good question. 419 00:21:42,884 --> 00:21:43,550 Very basically-- 420 00:21:43,550 --> 00:21:46,017 >> DAVID J. MALAN: Cut to a clip explaining 4K. 421 00:21:46,017 --> 00:21:53,472 422 00:21:53,472 --> 00:21:54,410 Hello, world. 423 00:21:54,410 --> 00:21:55,749 My name is David Malan. 424 00:21:55,749 --> 00:21:57,040 RAMON GALVIN: I'm Ramon Galvin. 425 00:21:57,040 --> 00:21:59,225 DAVID J. MALAN: And we're here at NAP, the National Association 426 00:21:59,225 --> 00:22:01,620 of Broadcasters conference in Las Vegas, Nevada. 427 00:22:01,620 --> 00:22:02,680 But why are we here? 428 00:22:02,680 --> 00:22:03,804 RAMON GALVIN: I don't know. 429 00:22:03,804 --> 00:22:05,270 I don't know, David. 430 00:22:05,270 --> 00:22:07,040 >> DAVID J. MALAN: That was pretty good. 431 00:22:07,040 --> 00:22:08,270 Is this usable? 432 00:22:08,270 --> 00:22:10,572 >> RAMON GALVIN: Probably not. 433 00:22:10,572 --> 00:22:12,655 DAVID J. MALAN: We're back, as is CS50's own Ramon 434 00:22:12,655 --> 00:22:16,010 Galvin, who you may recall from last week's episode. 435 00:22:16,010 --> 00:22:17,820 Ramon, so glad you are indeed back. 436 00:22:17,820 --> 00:22:19,230 >> RAMON GALVIN: I'm glad I still have a job, David. 437 00:22:19,230 --> 00:22:21,105 >> DAVID J. MALAN: So let's address the elephant 438 00:22:21,105 --> 00:22:22,980 that was in the room in Las Vegas, namely 4K. 439 00:22:22,980 --> 00:22:25,820 I've heard about this in the context of TVs and computer monitors, 440 00:22:25,820 --> 00:22:27,490 but what is 4K? 441 00:22:27,490 --> 00:22:28,970 >> RAMON GALVIN: So it's a resolution. 442 00:22:28,970 --> 00:22:31,570 Whenever you're watching a walk through video or a lecture 443 00:22:31,570 --> 00:22:33,670 you get what we call 1080p video. 444 00:22:33,670 --> 00:22:37,605 What that means that the video is 1,000 pixels tall. 445 00:22:37,605 --> 00:22:38,680 >> DAVID J. MALAN: Or 1080. 446 00:22:38,680 --> 00:22:39,596 >> RAMON GALVIN: Or 1080. 447 00:22:39,596 --> 00:22:42,620 Or roughly 2,000 pixels wide. 448 00:22:42,620 --> 00:22:49,329 Now 4K is 4,000 pixels wide, roughly, and roughly 2,000 pixels tall. 449 00:22:49,329 --> 00:22:50,120 DAVID J. MALAN: OK. 450 00:22:50,120 --> 00:22:53,950 So that's kind of like having a grid of four 1080p monitors 451 00:22:53,950 --> 00:22:55,040 right in front of you. 452 00:22:55,040 --> 00:22:55,956 >> RAMON GALVIN: Exactly. 453 00:22:55,956 --> 00:22:59,310 DAVID J. MALAN: OK, so that's all fine and good but why is this useful? 454 00:22:59,310 --> 00:23:01,325 >> RAMON GALVIN: I'm glad I asked you to ask me that question, David. 455 00:23:01,325 --> 00:23:03,080 >> DAVID J. MALAN: It's on the teleprompter. 456 00:23:03,080 --> 00:23:04,996 >> RAMON GALVIN: So there's a documentarian named 457 00:23:04,996 --> 00:23:08,180 Errol Morris that actually makes use of 4K technology. 458 00:23:08,180 --> 00:23:10,820 Ordinarily to shoot an interview, which he usually does, 459 00:23:10,820 --> 00:23:14,100 he would have to either use multiple cameras to get a zoomed in shot 460 00:23:14,100 --> 00:23:17,290 or a zoomed out shot, or shoot the interview twice 461 00:23:17,290 --> 00:23:19,850 to get the same zoomed in, zoomed out shot. 462 00:23:19,850 --> 00:23:25,890 However, now he's using a 4K camera to shoot one huge 4K shot. 463 00:23:25,890 --> 00:23:30,157 And then when he's editing, artificially cropping that shot. 464 00:23:30,157 --> 00:23:31,990 DAVID J. MALAN: And zooming in, essentially, 465 00:23:31,990 --> 00:23:35,600 to give you still 1080p but only some of the pixels from the 4K image. 466 00:23:35,600 --> 00:23:38,720 >> RAMON GALVIN: Exactly, giving him multiple camera shots 467 00:23:38,720 --> 00:23:40,262 out of that one original camera shot. 468 00:23:40,262 --> 00:23:41,428 DAVID J. MALAN: Interesting. 469 00:23:41,428 --> 00:23:43,370 So how could we make use of this for CS50? 470 00:23:43,370 --> 00:23:46,160 >> RAMON GALVIN: I'm glad you asked me that question, too, David. 471 00:23:46,160 --> 00:23:50,500 Because I shot the walk through videos with Zamyla last semester. 472 00:23:50,500 --> 00:23:53,015 And for those videos we would have to run through the walk 473 00:23:53,015 --> 00:23:55,240 through once with a zoomed out shot. 474 00:23:55,240 --> 00:23:59,390 And then I'd have to adjust the camera to get a zoomed in shot. 475 00:23:59,390 --> 00:24:03,130 And then we'd run through it again, running through it two times. 476 00:24:03,130 --> 00:24:05,484 With a 4K camera we can cut our production time in half. 477 00:24:05,484 --> 00:24:06,400 DAVID J. MALAN: I see. 478 00:24:06,400 --> 00:24:09,244 So that should be quite exciting for us, then, this fall. 479 00:24:09,244 --> 00:24:10,160 RAMON GALVIN: Exactly. 480 00:24:10,160 --> 00:24:11,200 DAVID J. MALAN: Well, from the looks of the video 481 00:24:11,200 --> 00:24:13,660 it sounds like it was a pretty exhausting trip. 482 00:24:13,660 --> 00:24:16,307 It sounds like you didn't really have much time to relax. 483 00:24:16,307 --> 00:24:17,390 RAMON GALVIN: Not one bit. 484 00:24:17,390 --> 00:24:20,084 485 00:24:20,084 --> 00:24:22,000 DAVID J. MALAN: Well, that's it for CS50 Live. 486 00:24:22,000 --> 00:24:23,830 Thanks so much to this week's contributors. 487 00:24:23,830 --> 00:24:25,870 Thanks so much to the team behind the camera. 488 00:24:25,870 --> 00:24:27,880 Thanks so much to our correspondent-- 489 00:24:27,880 --> 00:24:28,755 RAMON GALVIN: Senior. 490 00:24:28,755 --> 00:24:30,880 DAVID J. MALAN: Senior correspondent in the field. 491 00:24:30,880 --> 00:24:32,880 This was CS50. 492 00:24:32,880 --> 00:24:35,480 >> RAMON GALVIN: And this is something, I don't know what. 493 00:24:35,480 --> 00:24:38,030 >> DAVID J. MALAN: It was our dress rehearsal. 494 00:24:38,030 --> 00:24:39,230 So that all sounds great. 495 00:24:39,230 --> 00:24:42,030 Bigger TVs, more pixels, more resolution. 496 00:24:42,030 --> 00:24:43,740 But why is this actually useful? 497 00:24:43,740 --> 00:24:45,240 >> RAMON GALVIN: I'm glad you asked that question, David. 498 00:24:45,240 --> 00:24:48,110 >> DAVID J. MALAN: I'm glad you asked-- I'm glad I asked you to ask me that. 499 00:24:48,110 --> 00:24:50,060 >> RAMON GALVIN: No, I say I'm glad you asked me the question. 500 00:24:50,060 --> 00:24:52,220 And then you say, well it's in the prompter. 501 00:24:52,220 --> 00:24:54,149 I'm glad I asked you to ask me that question. 502 00:24:54,149 --> 00:24:56,190 DAVID J. MALAN: Well, it's in the prompter there. 503 00:24:56,190 --> 00:24:56,870 RAMON GALVIN: I'm glad you-- 504 00:24:56,870 --> 00:24:57,840 DAVID J. MALAN: I think it's funnier if you just say, 505 00:24:57,840 --> 00:24:59,852 I'm glad I asked you to ask me that question. 506 00:24:59,852 --> 00:25:02,060 Because it's kind of a play on what you would expect. 507 00:25:02,060 --> 00:25:02,990 >> RAMON GALVIN: OK. 508 00:25:02,990 --> 00:25:05,750 I'm glad you asked me to ask that question, David. 509 00:25:05,750 --> 00:25:06,780 There's a documentarian. 510 00:25:06,780 --> 00:25:08,738 >> DAVID J. MALAN: I'm glad I asked you to ask me. 511 00:25:08,738 --> 00:25:11,600 RAMON GALVIN: I'm glad I asked you to ask me that question. 512 00:25:11,600 --> 00:25:39,627 >> [MUSIC- CAKE, "THE DISTANCE"]