While Linux users have spent a lot of time using free software on their
computers, usually that stops at the operating system. Being able to view
and modify your source code not only gives you more freedom, it gives you
more security, in particular from back doors. What’s good for the OS is
good for the BIOS, which malware hackers, Lenovo, and state-sponsored
attackers have all used to persist their exploits.
In this talk Kyle will cover Libreboot, a completely free software
distribution of the open source Coreboot BIOS and discuss the current state
of hardware support for Libreboot and how to install it, including a brief
description of how to turn a Raspberry Pi into a flashrom BIOS-flashing platform.
In this talk, Nick Bolton will describe how he took a largely abandoned open source project (Synergy) and grew a stable and profitable business around the software. The talk will cover the impact that money had on the technology, the users, and the developer community.
There is general concensus that systemd is an important topic but we haven’t found a speaker to specifically present on systemd so instead we’ll be doing a systemd roundtable. The format will be a friendly discussion about the pros and cons of systemd and its political and technical impact on distributions that have migrated to it for the enlightenment of all. I’ll bring the projector along just in case someone needs it.
OpenStack is a set of tools to create a “cloud” infrastructure similar to Amazon’s cloud services to manage virtual machines (called instances) across multiple Compute servers in a cluster managed by one or more Controllers. In this talk I’ll introduce the general concepts of what OpenStack can be used for in an approachable way. I’ll provide an overview OpenStack’s Controller and Compute node model, how instances work, block and image storage, and a general overview of bridged networking into virtual machines. The majority of the talk will be devoted to a live demo of spinning up instances with plenty of time for interactive Q and A.
Window management: it’s one of the places where desktop Linux shines,
with an almost overwhelming amount of choice for a newcomer. For those
wishing to improve their day-to-day productivity or stop reaching for
the mouse all the time, however, venturing into this world is well
worthwhile. This talk will provide an overview of the landscape,
details on the tiling window manager i3, and some tips on setting up a
In this talk, Jordan Erickson will show you how to build your own online radio station using the open source software Icecast.
The talk will include installation and configuration of Icecast and compatible source clients, as well as examples of different listening clients.
There will also be discussion around Jordan’s efforts in creating a new Android source client that focuses on open codecs and a Creative Commons broadcast network called Echonet.
Linux bridging is one of the seven mysteries of Linux.
What is the br0 device and how does it use the NIC?
What is virbr0?
The answers to these and many other questions will be answered including how virtual instance use bridges and how they interact with the host’s IPtables.
The goal of this talk is to give the Linux Sysadmin the understanding needed to configure, use and trouble-shoot Linux bridges.
Robert Harker is a [Linux|UNIX] greybeard sysadmin and one of the first Sun sysadmins.
His interests include OS/application configuration management of scaling of server farms with a particular interest in verification of deployments: “How do you know it is correct and running?”
This talk is all about dissecting exactly what happens when a program stops doing what the designers designed it to do and starts doing what an attacker (or in this case, the presenter) wants it to do.
I’ll cover using a virtual machine environment of a simple system under Linux to step through all phases of an arbitrary code execution (ACE) exploit, including corrupting a data structure, out-of-bounds memory manipulation, pointer manipulation, and ultimately execution of arbitrary code.
I’ll be demonstrating memory viewer and disassembly tools to show the exact instructions being processed as they happen.
The simple system in question?
A Zilog Z80 processor, running inside of a Super Game Boy.
Come for the dissection, stay for some entertaining abuse of a live SNES console.
This will largely be a no slides, full demo presentation and should have something of interest for everyone.
See you there!
It’s easy to secure your servers when they are in the safe confines of your
own data center, but deploying servers in the cloud is like dropping them
from a helicopter into a jungle across enemy lines without so much as an IP
address. This talk will cover how to use Puppet to harden cloud servers
including certificate and key management, protecting secrets on your hosts,
managing dynamic IPs, and overall security best practices. While a few tips
will be specific to Puppet and Amazon AWS, most of the techniques would
apply in just about any environment.