Topic: Sex, Secret and God: A Brief History of Bad Passwords
When: Tuesday May 9th, 7:30 PM to 9:00 PM
Speaker: Kyle Rankin
Location: O'Reilly Media, Sebastopol CA in the Tarsier conference room
past the metal statue and to the right ( http://nblug.org/locations )
Description:
Most of what we've been told over the years about what makes a good
password has been wrong, so it's no surprise most people pick bad
passwords. This talk will cover the history of password policy and password
cracking starting from the days when Richard Stallman hacked the passwords
forced on his MIT computer lab because he considered passwords an
authoritarian method of control. Next I'll discuss the golden days of
password guessing featured prominently in movies like Hackers and WarGames.
Then I'll move to the tech boom and the introduction of draconian IT
policies like password rotation and password complexity and the dirty
little leet-speak password secrets they led to. As we get closer to the
modern day I'll discuss the "correct horse battery staple" password
renaissance and more modern approaches to password cracking spawned by
tools like oclhashcat and giant password databases dumps like the RockYou
hack.
I'll finish up with modern attempts to fix the password auth problem such
as new approaches to secure password generation in password managers or
schemes such as diceware as well as cover password auth reinforcements like
the different forms of 2FA (including U2F) and Facebook's new approach to
"I forgot my password" workflows. By the end everyone should have plenty of
ammunition to take back to their IT department and get rid of those
horrible password policies.
Greetings,
As President of the North Bay Linux Users' Group I wanted to take an opportunity to get back to sending State of the LUG updates (I did not send a 2016 update). The goal of this E-Mail is to update all members about our current status in all areas of importance and to encourage further discussion about the future of NBLUG in the Talk list. Here are some TL;DR numerical highlights about the state of NBLUG as of 2017-04-20:
454 E-Mail addresses are subscribed to the NBLUG Announce list
259 E-Mail addresses are subscribed to the NBLUG Talk list
IRC activity in #nblug on Freenode remains strong
6 of 6 board seats are filled through November 2017
NBLUG as a non-profit now owns a 720p projector thanks to donations
$165.73 is in the NBLUG cashbox secured by our treasurer
Important information: Please contact us at speakers(a)nblug.org if you know of someone who would be willing to present on a Linux or open-source related topic. NBLUG general meetings are consistently held on the 2nd Tuesday of every month at 7:00 in O'Reilly's Tarsier meeting room at 1005 Gravenstein HW N. in Sebastopol, CA past the metal statue and to the right. O'Reilly (http://oreilly.com) additionally sponsors NBLUG by frequently providing raffle books (in both e-book and physical form) for attendees as well as a free book of of a speaker's choice if they request one. Sonic.net (http://sonic.net) sponsors NBLUG by hosting our racked http://nblug.org server in their Santa Rosa datacenter. On behalf of the board, I would like to again publicly thank our sponsors for their continued support which enables us to operate without ongoing membership dues or donation drives.
NBLUG Board: The current board as elected during the November 2016 general meeting consists of:
Allan Cecil (President)
E. Frank Ball III (Vice-President)
Robert Thille (Scribe)
Matt Da Silva (Treasurer)
Tom Most (Board Member at Large)
Matt Smith (Board Member at Large)
Our next scheduled elections will be during the November 2017 meeting where all 6 1-year term seats will be open for nominations per our bylaws (http://nblug.org/bylaws/).
IRC channel: NBLUG has an IRC channel at #nblug on the Freenode network (http://chat.freenode.net) that now sees daily activity and has grown to exceed the level of activity on the talk mailing list.
Cash balance: The NBLUG cashbox currently contains $165.73 as last audited 2017-02-21 when the balance was confirmed by our Treasurer and holder of the cashbox, Matt Da Silva. Last year we received a number of donations that allowed NBLUG (via our Vice President, Frank Ball) to buy a 720p DVI/HDMI projector and the current cashbox balance reflects what was left over after the purchase. Thank you to everyone who donated to made this possible.
Because O'Reilly generously sponsors NBLUG by providing us with a room to meet in and Sonic.net provides hosting for our website our expenditures are effectively non-existent. There are currently no expenditures the board can foresee in the near future and thus we are not currently seeking donations.
Additional opinion and analysis: I, Allan, feel that the evidence above points to a viable and stable user group that is gaining new members at about the same rate that past members move on. Our best attendance happens when we have outside speakers and I will continue to work with the board to seek out speakers who can present on topics that would interest you, the members of NBLUG. While the board actively pursues this goal independently, I feel the best resource we have is the connections that members of the group have. Please let us know about potential speakers at speakers(a)nblug.org and we will promptly follow up with them.
I encourage everyone to share their thoughts about this State of the LUG 2017 update on the talk list and I look forward to a lively discussion. Thanks,
Allan Cecil
President, North Bay Linux Users' Group
A.C.
******
Topic: Let's Encrypt on an nginx reverse proxy
When: Tuesday April 11th, 7:30 PM to 9:00 PM
Speaker: Allan Cecil
Location: O'Reilly Media, Sebastopol CA in the Tarsier conference room
past the metal statue and to the right ( http://nblug.org/locations )
Description: Let's Encrypt is a way for anyone to enable TLS (as in, HTTPS) support to a webserver at no cost. However, there are many security considerations involved with everything from certificate renewal to safe handling of the various files involved. In this talk and live demo I'll cover how to create a reverse proxy using the nginx webserver that simultaneously allows multiple webservers to exist at one IP address and show how isolating Let's Encrypt to a different system increases security. The talk will also cover more secure (and less risky) methods of automatic key renewal than the official, somewhat invasive renewal tool.
