Toevoegen talks
This commit is contained in:
parent
fe4a29d0ac
commit
71be58a63a
|
|
@ -104,7 +104,7 @@ event_schedule:
|
|||
talk:
|
||||
speaker: David Venhoek
|
||||
title: Time in the Network
|
||||
link:
|
||||
link: talks/david-venhoek-time-in-the-network/
|
||||
- column:
|
||||
talk:
|
||||
speaker: Jeroen Baten
|
||||
|
|
@ -129,10 +129,12 @@ event_schedule:
|
|||
talk:
|
||||
speaker: Wouter Prins
|
||||
title: The journey to opensource networking with OpenBSD @AS15693
|
||||
link: talks/wouter-prins-the-journey-to-opensource-networking-with-openbsd/
|
||||
- column:
|
||||
talk:
|
||||
speaker: Maja Reissner
|
||||
title: What if hacking were a sport?
|
||||
link: talks/maja-reissner-what-if-hacking-were-a-sport/
|
||||
- column:
|
||||
talk:
|
||||
speaker: Jan Sepp
|
||||
|
|
@ -155,6 +157,7 @@ event_schedule:
|
|||
talk:
|
||||
speaker: Jeroen Janssen
|
||||
title: Defending the Democracy using BSD
|
||||
link: talks/jeroen-janssen-defending-the-democracy-using-bsd/
|
||||
- column:
|
||||
talk:
|
||||
speaker: Koen van Hove
|
||||
|
|
@ -179,10 +182,12 @@ event_schedule:
|
|||
talk:
|
||||
speaker: Eirik Øverby
|
||||
title: On FreeBSD, DDoS, and getting up from under the bus
|
||||
link: talks/eirik-overby-on-freebsd-ddos-and-getting-up-from-under-the-bus/
|
||||
- column:
|
||||
talk:
|
||||
speaker: Fabian Groffen en Kevin Keijzer
|
||||
title: The CPU RootKit you probably don’t know about
|
||||
link: talks/fabian-groffen-kevin-keijzer-the-cpu-rootkit-you-probably-dont-know-about/
|
||||
- column:
|
||||
talk:
|
||||
speaker: Geert Rolf
|
||||
|
|
|
|||
|
|
@ -0,0 +1,25 @@
|
|||
---
|
||||
categories:
|
||||
date: 2023-10-31T11:21:01+02:00
|
||||
description:
|
||||
layout: event-talk
|
||||
slug:
|
||||
tags:
|
||||
- security
|
||||
- time
|
||||
title: "David Venhoek - Time in the Network"
|
||||
speakers:
|
||||
- david-venhoek
|
||||
---
|
||||
|
||||
## Abstract
|
||||
|
||||
Time has become an important underpinning for both security and the enabling of new applications on the internet. Recently discovered security vulnerabilities such as those in TETRA underline this. In this talk, we will dive into the world of time synchronization, why it is important and what it requires from the underlying network.
|
||||
|
||||
During the talk, we will focus on applications of time synchronizations in both security and in distributed systems. Both of the main time synchronization protocols NTP and PTP will be discussed. We will look at what they each have to offer, when to use what, and how they interact with the underlying network architecture.
|
||||
|
||||
## Biografie
|
||||
|
||||
David is technical lead on the ntpd-rs implementation of NTP and the statime implementation of PTP. He has a double masters in both physics and the mathematical foundations of computer science, and has previously worked on the cryptography behind anonymous credentials for Yivi (previously IRMA).
|
||||
|
||||
As part of his work on ntpd-rs, he also participates in the IETF NTP Working Group, contributing to the next version of NTP.
|
||||
|
|
@ -0,0 +1,37 @@
|
|||
---
|
||||
categories:
|
||||
date: 2023-10-31T11:21:01+02:00
|
||||
description:
|
||||
layout: event-talk
|
||||
slug:
|
||||
tags:
|
||||
- bsd
|
||||
- freebsd
|
||||
title: "Eirik Øverby - On FreeBSD, DDoS, and getting up from under the bus"
|
||||
speakers:
|
||||
- eirik-overby
|
||||
---
|
||||
|
||||
## Abstract
|
||||
|
||||
The Blame Game continues (or: Squid Game for sysadmins)
|
||||
The financial and payment industries are dominated by dinosaurs, and those are not known for moving fast. The associated security compliance business is much the same. It should come as no surprise that we are still - three years after my 2019 talk on FreeBSD and the absurdities of security compliance - regularly finding ourselves in puzzling and sometimes nonsensical situations where compliance, security and sanity are a "pick any two" proposition.
|
||||
|
||||
That said: The side effects of dinosaurs trying to turn around too quickly can be quite painful if you're too close. In 2021, we got the rough end of the deal when the dinosaurs got in the way of some of the seedier elements on the Internet, who decided to take it out on us and others like us through a 9-month long wave of denial-of-service attacks.
|
||||
|
||||
We've spent the better part of 20 years building a FreeBSD-based platform - routers, firewalls, servers and all. It was all chugging along nicely until someone decided to paint a big target on our backs and then turn away. The Blame Game just got real.
|
||||
|
||||
What we've put FreeBSD through over the last year and a half is unlike anything we've seen in the previous 20.
|
||||
|
||||
This is both a story of "look what we can do with BSD" and "look what we've put BSD through".
|
||||
|
||||
About Modirum
|
||||
Modirum provides software - both through licensing and as a service - to banks, card issuers, merchants and payment processors that allow them to implement 3-D Secure. 3-D Secure is, very roughly, a protocol defined by the major card brands that allows the bank or card issuer to intervene during an online payment process in order to authenticate the card holder before the purchase is completed.
|
||||
|
||||
## Biografie
|
||||
|
||||
Model '77, Slackware-gone-BSD in the early 00s, escaped the dying world of OS/2 to be doomed to death by Netcraft for another decade. Now managing jailed (but not dead!) systems for a living and as a hobby.
|
||||
|
||||
Mid-life crisis topic: Retro PCs.
|
||||
|
||||
~ love over gold ~
|
||||
|
|
@ -0,0 +1,38 @@
|
|||
---
|
||||
categories:
|
||||
date: 2023-10-31T11:21:01+02:00
|
||||
description:
|
||||
layout: event-talk
|
||||
slug:
|
||||
tags:
|
||||
- coreboot
|
||||
- cpu
|
||||
- firmware
|
||||
- security
|
||||
title: "Fabian Groffen en Kevin Keijzer - The CPU RootKit you probably don’t know about"
|
||||
speakers:
|
||||
- fabian-groffen
|
||||
- kevin-keijzer
|
||||
---
|
||||
|
||||
## Abstract
|
||||
|
||||
Since 2006, Intel CPUs come with a co-processor called the Intel Management Engine (ME). Three years later, AMD followed suit with their very similar Platform Security Processor (PSP). The Management Engine is part of the CPU design. It's an ARC core on the CPU die, with access to everything the CPU has: network, memory, data, keystrokes, and so on. All bypassing the operating system kernel running on the main x86 cores.
|
||||
Not too long ago, developments were made to allow the ME to be (almost) fully disabled on recent Intel CPUs. However, disabling is not the same as removing (most of) the firmware. Only the first generation ME allowed for the firmware to be removed completely, thus preventing it from doing anything, ever.
|
||||
In this talk, we will give a brief history of the ME, followed by some of the work done by people from the coreboot community to disable it, or at least neuter it as much as possible. Next, we will show how Ivy Bridge-era CPUs can be cleansed, by stripping down their ME firmware and replacing the vendor BIOS/UEFI firmware with coreboot for additional security. The two are done in one go, as the firmware for the ME is stored next to the BIOS firmare. coreboot is an open source BIOS replacement that you can compile yourself.
|
||||
|
||||
## Biografie
|
||||
|
||||
### Fabian Groffen
|
||||
|
||||
Fabian Groffen is a Software Developer currently employed as C-developer for the Database division of a large multinational. His scientific background is in data processing, a topic on which he worked at Centrum voor Wiskunde & Informatica and received a PhD for in 2009 from Universiteit van Amsterdam. Between that and now, he worked at systems level for companies with in-house bare-metal clouds, like the once popular Dutch social network Hyves and hotel-reservation site Booking.com. Since 2005 Fabian is a Gentoo Developer, in which capacity he maintains a few packages, but mostly concentrates on porting software to non-Linux platforms, such as OpenIndiana (Solaris) and macOS. Fabian likes Open Source, and has contributed in this area, next to his work at Gentoo, via software he wrote for his employers or for his own needs. He runs his Gentoo-powered servers at home, like at work: fully managed by a software configuration management tool, constantly monitored for trends and alerts, and of course replicated and backed up.
|
||||
|
||||
### Kevin Keijzer
|
||||
|
||||
I have been working as a Senior IT Architect for the Almende Group - an R&D company based in Rotterdam - since 2017. I deal with all infrastructure, security and architecture-related matters for Almende and its subsidiaries. I am responsible for the daily management of all Linux and BSD servers in all kinds of locations, from bare metal to various cloud services. This includes web servers, mail servers, DNS servers, database servers, LDAP servers, VPN servers, file servers, backup servers, and so on, containing the most diverse software; from modern Docker containers to legacy Java code.
|
||||
|
||||
I also provide a lot of internal training to developers on architectural decisions, securing applications and networks and compliance with data processing legislation and modern (open) standards. In particular, the adoption and correct implementation of IPv6 is very important to me. If necessary - and therefore regularly - I audit new projects before they are put into production.
|
||||
|
||||
Before working at Almende, I worked for hosting providers, ISPs, network administrators and in enterprise print management, always in the role of UNIX administrator, network administrator and/or Kubernetes cluster administrator.
|
||||
|
||||
Outside of my work-related tasks, I have been involved in all kinds of open source development since I was a teenager. I have a lot of experience with boot firmware and router distributions in particular. In practice, this means that I work on coreboot for x86 computers, OpenWrt for ARM and MIPS routers, and, among other things, have done some work on the PinePhone software stack and replacement open source firmware for the EG25 LTE modem included in it. I always strive to ensure that all code running on my devices is 100% free and open source, and that the devices in question do not require firmware blobs to function. After all, being able to audit software yourself is the only way to make meaningful statements about security and integrity
|
||||
|
|
@ -0,0 +1,23 @@
|
|||
---
|
||||
categories:
|
||||
date: 2023-10-31T11:21:01+02:00
|
||||
description:
|
||||
layout: event-talk
|
||||
slug:
|
||||
tags:
|
||||
- bsd
|
||||
- openbsd
|
||||
title: "Jeroen Janssen - Defending the Democracy using BSD"
|
||||
speakers:
|
||||
- jeroen-janssen
|
||||
---
|
||||
|
||||
## Abstract
|
||||
|
||||
In het afgelopen decennia heb ik verschillende organisaties geholpen met het ontwerpen en implementeren van veilige infrastructuur, op basis van OpenBSD en HardenedBSD. Dit gaf mij de unieke kans om onder andere de democratie digitaal weerbaarder te maken en te verdedigen; gezien er bij deze organisaties ook politieke partijen en humanitaire missies zitten.
|
||||
|
||||
In deze lichte talk deel ik wat ik gedaan heb en welke lessen daaruit getrokken kunnen worden. Zowel de goede, als de minder handige aspecten komen aan bod.
|
||||
|
||||
## Biografie
|
||||
|
||||
Ethisch hacker, infrastructuur specialist en activist op het gebied van digitale beveiliging en mensenrechten. Zowel werkzaam in de IT sector op deze gebieden als er hobbymatig mee bezig. Halverwege de dertig en trots drager van Puffy; de mascotte van OpenBSD.
|
||||
|
|
@ -0,0 +1,20 @@
|
|||
---
|
||||
categories:
|
||||
date: 2023-10-31T11:21:01+02:00
|
||||
description:
|
||||
layout: event-talk
|
||||
slug:
|
||||
tags:
|
||||
- self-improvement
|
||||
title: "Maja Reissner - What if hacking were a sport?"
|
||||
speakers:
|
||||
- maja-reissner
|
||||
---
|
||||
|
||||
## Abstract
|
||||
|
||||
When you're good at sport you don't just sport. You train specific muscles, specific moves, probably according to a personalized training schedule. Maybe you even have a coach. As a security expert, hacking may be your sport. But do you have a training schedule? Or a coach? It turns out we hardly practice specifically the basics by pure practice but often just learn on the job although pure practice can be very effective. In this talk, we'll look at hacking as a sport and check out how you can best train and live to bring out the best in yourself! After the talk, you'll have a concrete guide what to practice and a template training schedule you can start with.
|
||||
|
||||
## Biografie
|
||||
|
||||
Maja is a curious and ambitious human who enjoys working on complex systems and shows strong perseverance in understanding how things actually work. She has a master's degree in Biochemistry and has been working in IT (focus on security, privacy and cryptography) for the last couple of years.
|
||||
|
|
@ -0,0 +1,21 @@
|
|||
---
|
||||
categories:
|
||||
date: 2023-10-31T11:21:01+02:00
|
||||
description:
|
||||
layout: event-talk
|
||||
slug:
|
||||
tags:
|
||||
- networking
|
||||
- openbsd
|
||||
title: "Wouter Prins - The journey to opensource networking with OpenBSD @AS15693"
|
||||
speakers:
|
||||
- wouter-prins
|
||||
---
|
||||
|
||||
## Abstract
|
||||
|
||||
This talk will outline the journey we made to move towards opensource networking in a service provider production environment (AS15693). Choices we made, practical experience and failures are part of this presentation. The talk contains mostly networking related topics, we also cover some security and hardening that we applied.
|
||||
|
||||
## Biografie
|
||||
|
||||
Wouter zijn passie is het internet, netwerk technologieën en innovaties. Hij is werkzaam bij Routz als Senior Network Designer.
|
||||
Loading…
Reference in a new issue