Browse Source

Wednesday

master
Skia 1 year ago
parent
commit
5f4ff441b8
5 changed files with 68 additions and 0 deletions
  1. +19
    -0
      Wednesday/00-Fail_frequently_to_avoid_disaster.md
  2. +11
    -0
      Wednesday/01-The_story_of_Greendale.md
  3. +11
    -0
      Wednesday/02-Internals_of_Landlock.md
  4. +13
    -0
      Wednesday/03-Performance_and_security.md
  5. +14
    -0
      Wednesday/04-Designing_your_system_for_resilience.md

+ 19
- 0
Wednesday/00-Fail_frequently_to_avoid_disaster.md View File

@@ -0,0 +1,19 @@
# Fail frequently to avoid disaster

- A talk about mistakes
- The example of MISP, a software to share threat intelligence and to build internal communities
- Used by wide organizations, like CERTs, military organizations, etc...
- Dictatorship in a democracy works well to build FLOSS, not fake democracies
- Write standards from code, not the other way
- Don't expect perfect implementation at first: build a small part, and improve iteratively
- "Programming, Motherfucker" -> No scrum, Kanban, XP, just code!
- Don't hesitate to code, fail, thus trash the code and write it back differently
- Scoping is important, especially for formats: don't try to build the perfect format, just adapt it to your model, or use other existing ones
- Don't use free-text tagging: humans are too creative
- Their format is well-defined, but not bound to the data it encapsulate, thus can be extended at will
- "Theory and practice sometimes clash. And when that happens, theory loses. Every single time" Linus Torvalds
- Go back to code!

## Personal feeling
A great talk, lot of interesting advices. A fine speaker, dynamic and


+ 11
- 0
Wednesday/01-The_story_of_Greendale.md View File

@@ -0,0 +1,11 @@
# Greendale has been pwnd

- The story of Greendale university doing forensic
- GRR: agent-based artifacts scavenger
- Plaso: timeline everything
- timesketch: timeline visualization
- dfTimewolf: the glue between the other tools: put a "request", then browse the results in a web UI
- turbinia: Automation of forensic analysis tools in the cloud

## Personal feeling
A really cool guy doing story-telling well, with nice tools in virtual real-life cases.

+ 11
- 0
Wednesday/02-Internals_of_Landlock.md View File

@@ -0,0 +1,11 @@
# Internals of Landlock

- Goal: protect users from bug exploitation
- Landlock is a userspace sandbox
- eBPF: in-kernel VM, used to execute code in the kernel at run time
- Fine control upon ACL though BPF filesystem, with evolution capability!

## Personal feeling
As expected, an in-kernel dive into landlock's implementation, but still some
useful demos showing the userland features.


+ 13
- 0
Wednesday/03-Performance_and_security.md View File

@@ -0,0 +1,13 @@
# Performance and security

- The story of the speaker writing fast and secure code for Suricata.
- Goal: write a very secure program.
- Even if you try to be careful, you'll still fail.
- Choose a language: Rust is good choice, but it's slow.
- Need to optimize, and so to benchmark. Lot of tools come at help.
- Don't try to write optimized code, just give hints to compiler.
- Check both the source code and the produced machine code.
- Showing some tricks to write fast code.

## Personal feeling
A nice experience feedback from a guy who needed real-time performance (networking). Many cool tricks and hints.

+ 14
- 0
Wednesday/04-Designing_your_system_for_resilience.md View File

@@ -0,0 +1,14 @@
# Immutable infrastructure and zero trust networking: designing your system for resilience

- Web hosting being pwned, you need resilience.
- The idea is to never touch a running server.
- Automate and standardize everything, so that building a new server is cheap.
- Use very short lived VMs: on update, trash and replace.
- Stateless applications work better.
- Exherbo: a Gentoo based distribution, highly customizable, patchable.
- Big build server, to produce the VM images.
- Share them via bittorrent.
- Specific load-balancer able to update configuration at runtime.

## Personal feeling
Super interesting infrastructure. Those guys are pushing automation and continuous delivery really far!

Loading…
Cancel
Save