Wednesday

Wednesday/00-Fail_frequently_to_avoid_disaster.md

@@ -0,0 +1,19 @@
+# Fail frequently to avoid disaster
+
+  - A talk about mistakes
+  - The example of MISP, a software to share threat intelligence and to build internal communities
+  - Used by wide organizations, like CERTs, military organizations, etc...
+  - Dictatorship in a democracy works well to build FLOSS, not fake democracies
+  - Write standards from code, not the other way
+  - Don't expect perfect implementation at first: build a small part, and improve iteratively
+  - "Programming, Motherfucker" -> No scrum, Kanban, XP, just code!
+  - Don't hesitate to code, fail, thus trash the code and write it back differently
+  - Scoping is important, especially for formats: don't try to build the perfect format, just adapt it to your model, or use other existing ones
+  - Don't use free-text tagging: humans are too creative
+  - Their format is well-defined, but not bound to the data it encapsulate, thus can be extended at will
+  - "Theory and practice sometimes clash. And when that happens, theory loses. Every single time" Linus Torvalds
+  - Go back to code!
+
+## Personal feeling
+A great talk, lot of interesting advices. A fine speaker, dynamic and
+

Wednesday/01-The_story_of_Greendale.md

@@ -0,0 +1,11 @@
+# Greendale has been pwnd
+
+  - The story of Greendale university doing forensic
+  - GRR: agent-based artifacts scavenger
+  - Plaso: timeline everything
+  - timesketch: timeline visualization
+  - dfTimewolf: the glue between the other tools: put a "request", then browse the results in a web UI
+  - turbinia: Automation of forensic analysis tools in the cloud
+
+## Personal feeling
+A really cool guy doing story-telling well, with nice tools in virtual real-life cases.

Wednesday/02-Internals_of_Landlock.md

@@ -0,0 +1,11 @@
+# Internals of Landlock
+
+  - Goal: protect users from bug exploitation
+  - Landlock is a userspace sandbox
+  - eBPF: in-kernel VM, used to execute code in the kernel at run time
+  - Fine control upon ACL though BPF filesystem, with evolution capability!
+
+## Personal feeling
+As expected, an in-kernel dive into landlock's implementation, but still some
+useful demos showing the userland features.
+

Wednesday/03-Performance_and_security.md

@@ -0,0 +1,13 @@
+# Performance and security
+
+  - The story of the speaker writing fast and secure code for Suricata.
+  - Goal: write a very secure program.
+  - Even if you try to be careful, you'll still fail.
+  - Choose a language: Rust is good choice, but it's slow.
+  - Need to optimize, and so to benchmark. Lot of tools come at help.
+  - Don't try to write optimized code, just give hints to compiler.
+  - Check both the source code and the produced machine code.
+  - Showing some tricks to write fast code.
+
+## Personal feeling
+A nice experience feedback from a guy who needed real-time performance (networking). Many cool tricks and hints.

Wednesday/04-Designing_your_system_for_resilience.md

@@ -0,0 +1,14 @@
+# Immutable infrastructure and zero trust networking: designing your system for resilience
+
+  - Web hosting being pwned, you need resilience.
+  - The idea is to never touch a running server.
+  - Automate and standardize everything, so that building a new server is cheap.
+  - Use very short lived VMs: on update, trash and replace.
+  - Stateless applications work better.
+  - Exherbo: a Gentoo based distribution, highly customizable, patchable.
+  - Big build server, to produce the VM images.
+  - Share them via bittorrent.
+  - Specific load-balancer able to update configuration at runtime.
+
+## Personal feeling
+Super interesting infrastructure. Those guys are pushing automation and continuous delivery really far!