Difference between revisions of "VTLUUG:2016-02-04"

From the Linux and Unix Users Group at Virginia Teck Wiki
Jump to: navigation, search
imported>Echarlie
imported>Echarlie
(mr_black giving a remote talk on OpSec)
Line 34: Line 34:
 
== mr_black giving a remote talk on OpSec ==
 
== mr_black giving a remote talk on OpSec ==
  
With remote appearances by [[user:aam|aam]], [[user:mutantmonkey|mutantmonkey]] and [[user:mjh|mhazinsk]].
+
With remote appearances by [[user:andrei|aam]], [[user:mutantmonkey|mutantmonkey]] and [[user:mjh|mhazinsk]].
  
 
OpSec: Operations Security
 
OpSec: Operations Security

Revision as of 02:03, 5 February 2016

Our second meeting of the 2016 Spring semester.

Date, Time, and Location

Announcements

  • #VTLUUG: "No Rules, Just Right™"
  • 2016 is the year of the Linux desktop
  • F20160127 updated lives available: http://tinyurl.com/live-respins (.iso & .torrent).
  • For shell account, contact uncurlhalo
  • Installfest on the weekend of the 13 Feb -- Advertising
  • Milton is being replaced. #vtluug-infra to discuss

Discussion

Hacking

Meeting Happenings

Calvin with Linux news

  • New patchset for BFQ written; may be added to kernel
  • perf tools added support for hierarchy view (perf tools is similar to dtrace)
  • namespacify more of tcp sysctl knobs

mr_black giving a remote talk on OpSec

With remote appearances by aam, mutantmonkey and mhazinsk.

OpSec: Operations Security

Bad OpSec

  • Cardsystems
    • 200,000 credit cards in plain text
  • BNY Mellon
    • 4.2 million social security numbers lost on a tape drive
  • jpo
    • funny red hat
    • likes maple syrup
    • doesn't believe in https
    • likes to be MITM (if you know what I mean)

Good Opsec

  • avoid mutantmonkey
    • If you know him, you will never have good opsec
  • Don't give away trade secrets
  • Don't be jpo
  • Don't leave Computer unattended near a screwdriver during Cyber Security Summit

Exploiting Bad OpSec

  • Breaking opsec
    • hard hat, reflective vest, and clipboard
  • Penetration testing