Browse Source


Skia 3 years ago
  1. 19
  2. 11
  3. 11
  4. 13
  5. 14


@ -0,0 +1,19 @@
# Fail frequently to avoid disaster
- A talk about mistakes
- The example of MISP, a software to share threat intelligence and to build internal communities
- Used by wide organizations, like CERTs, military organizations, etc...
- Dictatorship in a democracy works well to build FLOSS, not fake democracies
- Write standards from code, not the other way
- Don't expect perfect implementation at first: build a small part, and improve iteratively
- "Programming, Motherfucker" -> No scrum, Kanban, XP, just code!
- Don't hesitate to code, fail, thus trash the code and write it back differently
- Scoping is important, especially for formats: don't try to build the perfect format, just adapt it to your model, or use other existing ones
- Don't use free-text tagging: humans are too creative
- Their format is well-defined, but not bound to the data it encapsulate, thus can be extended at will
- "Theory and practice sometimes clash. And when that happens, theory loses. Every single time" Linus Torvalds
- Go back to code!
## Personal feeling
A great talk, lot of interesting advices. A fine speaker, dynamic and


@ -0,0 +1,11 @@
# Greendale has been pwnd
- The story of Greendale university doing forensic
- GRR: agent-based artifacts scavenger
- Plaso: timeline everything
- timesketch: timeline visualization
- dfTimewolf: the glue between the other tools: put a "request", then browse the results in a web UI
- turbinia: Automation of forensic analysis tools in the cloud
## Personal feeling
A really cool guy doing story-telling well, with nice tools in virtual real-life cases.


@ -0,0 +1,11 @@
# Internals of Landlock
- Goal: protect users from bug exploitation
- Landlock is a userspace sandbox
- eBPF: in-kernel VM, used to execute code in the kernel at run time
- Fine control upon ACL though BPF filesystem, with evolution capability!
## Personal feeling
As expected, an in-kernel dive into landlock's implementation, but still some
useful demos showing the userland features.


@ -0,0 +1,13 @@
# Performance and security
- The story of the speaker writing fast and secure code for Suricata.
- Goal: write a very secure program.
- Even if you try to be careful, you'll still fail.
- Choose a language: Rust is good choice, but it's slow.
- Need to optimize, and so to benchmark. Lot of tools come at help.
- Don't try to write optimized code, just give hints to compiler.
- Check both the source code and the produced machine code.
- Showing some tricks to write fast code.
## Personal feeling
A nice experience feedback from a guy who needed real-time performance (networking). Many cool tricks and hints.


@ -0,0 +1,14 @@
# Immutable infrastructure and zero trust networking: designing your system for resilience
- Web hosting being pwned, you need resilience.
- The idea is to never touch a running server.
- Automate and standardize everything, so that building a new server is cheap.
- Use very short lived VMs: on update, trash and replace.
- Stateless applications work better.
- Exherbo: a Gentoo based distribution, highly customizable, patchable.
- Big build server, to produce the VM images.
- Share them via bittorrent.
- Specific load-balancer able to update configuration at runtime.
## Personal feeling
Super interesting infrastructure. Those guys are pushing automation and continuous delivery really far!