"Microsoft Azure Boost: Image-based Linux powering the Azure fleet", a deep dive into a tailored Linux distro focused on security that provides offloading and acceleration. A great talk by @bluca at @allsystemsgo!
A lot of stuff is introduced: Linux hardening, remote attestation, SELinux, dm-verity, IPE, LUKS, fs-verity, overlayfs, systemd portable services, soft reboot, ARM, FPGA, DPDK...
Slides: https://cfp.all-systems-go.io/all-systems-go-2023/talk/7URRNC/
Recording: https://youtu.be/iB-wRdC8zNs

@selzero

Ran a full disk threat scan on my Mac with MS Defender ($work requires it), and it found my archive of Linux malware from 1997, and wants to delete it :(

@mcdanlj I’ve tried a YG-1 spiral flute tap here now and it is working well. It seems to need much lower torque than regular or form taps. I think the form tap is more precise and will provide more strength, but this is not critical in my application.

📢 Save the date! The Linux Security Summit North America (LSS-NA) will be held in APRIL 2024, in Seattle, WA, USA.

👉 Note that the CFP is expected to close before the holidays at the end of 2023.

It will be co-located, as usual, with OSS-NA: https://events.linuxfoundation.org/open-source-summit-north-america/

Specific details for LSS-NA to follow soon.

#linuxsecuritysummit #linux #infosec #linuxfoundation cc @linuxfoundation

"#Landlock Workshop: Sandboxing Application for Fun and Protection" at #linuxsecuritysummit Europe: https://sched.co/1OLAi
A practical sandboxing use case illustrated with the #ImageTragick vulnerability. All you need to build, test and patch: https://github.com/landlock-lsm/workshop-imagemagick

The conference will start soone. You can follow it here:

https://www.youtube.com/watch?v=PSS9VemnSkg

Enjoy!

The Kernel Recipes Live Blog is going at full steam #kr2023 https://kernel-recipes.org/en/2023/live-blog-day-1-morning/

@tracketpacer I hope he does this

Uh oh, I forgot never to fly via CDG.

Evil version: replace the QR code with a link of your choosing.

The 2nd and final day of LSS-EU starting with @mjg59 talking about TPMs and per-process secrets. #linuxsecuritysummit #infosec #linux #opensourcesummit cc. @linuxfoundation

Pro tip ?

We recently added a new document to the systemd website focussing on one specific facet of the service manager: the fdstore. A concept that people should really use more to facilitate "seamless" service restarts and various other things. Please have a look:

https://systemd.io/FILE_DESCRIPTOR_STORE/

I'm very excited to announce that you can now try #Incus online!
The new demo environment uses Incus virtual machines running on a remote Incus cluster with full support for both containers and VMs!
https://linuxcontainers.org/incus/try-it/

The #linuxsecuritysummit Europe conference kicks off in Bilbao, Spain. Program chair Elena Reshetova with opening comments.
#opensourcesummit #linux #infosec #security

If you're here at the #OSSummit, I'll be on a panel about Demonstrating OSPO Value at 11:25 in room 3A - join us! https://sched.co/1OGdq

@pid_eins possible future Outreachy project ?

Reminder: we maintain a kernel feature wishlist here as part of the uapi group:

https://github.com/uapi-group/kernel-features

I just added a bunch of new entries to it (at the bottom). If you are looking for something to hack on (and have some kernel expertise, or would like to acquire it), would be more than excellent to work on those!

Saw a lot of Aurora flying over Greenland on the way to Linux Security Summit EU. This is the best I could do with an older iPhone #linux #linuxsecuritysummit #space #spaceweather #hamradio #amateurradio