Posts by corsac@mastodon.social
(DIR) Post #AWZm52tfd7Yv7eIBMm by corsac@mastodon.social
2023-06-10T09:57:30Z
0 likes, 0 repeats
Now that #sstic is over, some personal thoughts about my favorite talks and papers (mostly in chronological order).
(DIR) Post #AWZm53oOEEvrxYpTm4 by corsac@mastodon.social
2023-06-10T09:58:56Z
0 likes, 1 repeats
Solar Designer keynote (https://www.sstic.org/2023/presentation/ouverture_2023/) was a bit hard to follow at first, but really interesting for the historical perspective. Some things we take for granted now but back in time we really were struggling at coordinating across distributors and oss-security/distros list (https://oss-security.openwall.org/wiki/mailing-lists) really helped.Nowadays mails (and especially mailing lists) are a pain to handle, but right now I don't think we really have better solutions, unfortunately. So many thanks to Solar!
(DIR) Post #AWZm57FnQndadQfuPQ by corsac@mastodon.social
2023-06-10T10:03:28Z
0 likes, 0 repeats
Ultrablue : contrôle d'intégrité du démarrage d'un PC via Bluetooth (https://www.sstic.org/2023/presentation/ultrablue/) was interesting and fun (and I'm just saying that because I know the presenter and authors). I really need to test the tool (https://github.com/ANSSI-FR/ultrablue) because they made it sound like it was quite easy to setup. Not sure how to handle that on a pure Debian (initramfs-tools instead of dracut) and not sure where to get the app but I guess I'll find outI encourage everyone using a Linux laptop to check.
(DIR) Post #AWZm590ysqyW63l6au by corsac@mastodon.social
2023-06-10T10:05:56Z
0 likes, 0 repeats
Randomness of random in Cisco ASA (https://www.sstic.org/2023/presentation/randomness_of_random_in_cisco_asa/) scared me a little because it's yet another example of things going bad because of the huge complexity of modern software stack and the huge consequences overlooked stuff can have. RNG failures are quite known for a while but it seems hard to fix globally and permanently...
(DIR) Post #AWZm5AloME1rXag1E8 by corsac@mastodon.social
2023-06-10T10:08:13Z
0 likes, 0 repeats
Another tool presentation, Mercator - La cartographie des systèmes d'information (https://www.sstic.org/2023/presentation/mercator_-_la_cartographie_des_systmes_dinformation/) convinced me to test it (available at https://github.com/dbarzin/mercator) for small information systems at least. Because doing everything in a spreadsheet is starting to get old.
(DIR) Post #AWZm5CZpdjdR915Tpg by corsac@mastodon.social
2023-06-10T10:10:32Z
0 likes, 0 repeats
Deep Attack Surfaces, Shallow Bugs (https://www.sstic.org/2023/presentation/deep_attack_surfaces_shallow_bugs/), @chompie1337 invited talk was a nice balance of high level perspective and low level details about vulnerability research. I especially liked the comment about documenting failures and the fact we (the community) need to do better at doing it.So please (properly) document your failures and submit them at #sstic next year.
(DIR) Post #AWZm5EKf76gmaY0OSu by corsac@mastodon.social
2023-06-10T10:13:29Z
0 likes, 0 repeats
Another tool presentation and I'm definitely biased for this one: Reproduction automatisée de vulnérabilités logicielles dans un environnement conteneurisé. DECRET : DEbian Cve REproducer Tool (https://www.sstic.org/2023/presentation/reproduction_automatisee_de_vulnerabilites_logicielles_dans_un_environnement_conteneurise_decret/), a tool (https://github.com/Orange-OpenSource/decret) to create container environment for reproducing past vulnerabilities. Relies heavily on the Debian snapshot infrastructure (https://snapshot.debian.org/) and the security tracker (https://security-tracker.debian.org/tracker/). Some kind of Debian wayback machine.
(DIR) Post #AWZm5Iy9sCeuyCVzaC by corsac@mastodon.social
2023-06-10T10:14:47Z
0 likes, 0 repeats
Sécurité d'un réseau mobile et responsabilité d'un opérateur (https://www.sstic.org/2023/presentation/securite_dun_reseau_mobile_et_responsabilite_dun_operateur/) was a nice and clear explanation about the security, challenges and the internals of a 5G network at a large mobile operator.
(DIR) Post #AWZm5MM1HwWpT4hagy by corsac@mastodon.social
2023-06-10T10:21:12Z
0 likes, 0 repeats
The closing talk (https://www.sstic.org/2023/presentation/cloture_2023/) was another retrospective, this time on the French administration CERT and the whole operations department (by the department head, @MathieuFeuillet). Some anecdotes and some details about the challenges faced by @ANSSI (most of the effort is against spying operations which are not the most publicized ones so there's a discrepancy between internal and external points of view).
(DIR) Post #AWZm5Py3qxjyfvWVu4 by corsac@mastodon.social
2023-06-10T10:25:43Z
0 likes, 0 repeats
I didn't link all the talks but all in all I think it was a nice and balanced edition, thanks to the all the authors, the program committee (and again I might be biased on this).And many thanks to the steering committee (ditto) for all the organization jobs.And yes it was too warm in the Halle Martenot for the social even but it was still a great moment. Hopefully next year we can be back in the cloister at the Couvent des Jacobins (and it'll rain and we'll be forced to be inside anyway ;)
(DIR) Post #AWZm5TFtd6n0s6tIcS by corsac@mastodon.social
2023-06-10T10:26:39Z
0 likes, 0 repeats
That's all! Thanks to all #sstic involved people: CO, CP, authors, attendees, support staff, people on the stream…See you next year!
(DIR) Post #AZYSqhjRQnNu90V5AO by corsac@mastodon.social
2023-09-08T10:48:05Z
0 likes, 0 repeats
@mjg59 considering the number of fruitflies in my kitchen maybe I’d have still benefited from your work in that alternate universe :)
(DIR) Post #AZYT12xRMwSAs2yoTo by corsac@mastodon.social
2023-09-08T10:49:08Z
0 likes, 0 repeats
@mjg59 @neffo and you would like have had to fix Excel then.
(DIR) Post #Ad47NN3olyPUeLU0dk by corsac@mastodon.social
2023-12-22T10:54:36Z
0 likes, 0 repeats
@mjg59 @vathpela And the “universal” Debian installers support made it so much easier for us. Thanks for that...
(DIR) Post #AdVWGvIPMeQf3XU2Oe by corsac@mastodon.social
2024-01-04T16:09:48Z
0 likes, 0 repeats
@mjg59 Ah, I think you really need to check the RER C line in Parishttps://en.wikipedia.org/wiki/RER_C
(DIR) Post #AhoUBPlywJ0Rmk2sIy by corsac@mastodon.social
2024-05-12T11:15:55Z
0 likes, 0 repeats
@foone I really want to disagree with you about IBM designers because "ThinkPad" but I guess it would just prove your point :)
(DIR) Post #AkJgZbunusUQYXMo2S by corsac@mastodon.social
2024-07-26T08:14:33Z
0 likes, 0 repeats
@foone Is there another way? I fly my planes using a Trackpoint
(DIR) Post #AkRpDijOLd0eB0LSEq by corsac@mastodon.social
2024-07-30T06:29:31Z
0 likes, 0 repeats
@foone classic privative prefix Am.
(DIR) Post #AraJrRQViCP6xZp9uK by corsac@mastodon.social
2025-02-28T14:26:19Z
0 likes, 0 repeats
Is there a way for fail2ban to watch/ban IP ranges instead of single IPs?There are often multiple bots in subnets trying to abuse services and these days it doesn't really makes sense to ban IP individually I think.
(DIR) Post #AxezimPiAGASyjSrVw by corsac@mastodon.social
2025-08-29T10:37:57Z
0 likes, 0 repeats
@scarlet nice tip! And now that you mention it I think it also works for windows…