The last presentation of the day was “ Building operating systems optimized for containers, from IoT to desktops and servers” by Timothée Ravier. It must be implemented by developers and is based on only three syscalls! Mickaël explained the system (how to enable it, create rules and populate them) and them applied it to a popular utility, 7zip to add sandboxing capabilities. ![]() ![]() It’s a software sandboxing systems that allows to restrict access to applications. It’s enable by default on many systems like Ubuntu 22.04-LTS. Landlock is not new but not known by many people. Mickaël Salaün presented “ Sandboxing your application with Landlock, illustration with the p7zip case”. The second round of sessions focused on operating systems security. Void / void / void / void / void / Human Content The tool is called dtc.pl, yes, written in Perl! Its purpose is to create SVG files that will represent drawings of complex infrastructure or systems but the file is generated based on descriptions in a text file. Then, another tool was presented by Yves Rutschle: “ Dataflow tabular charts - a presentation tool for security architects”. Another good fact: it requires a low amount of resources. Create application files (docs, presentations, pads, kanban, surveys, code, forms, …Ī good resume could be “Get people out of Google Docs”.Server owners have access to nothing (even recover data). Its key points are encrypted docs that can be edited in real time, E2EE, and key management with secure and private key sharing. Cryptpad helps you to work on many documents and share them with your peers. The situation between the two parties has been widely accepted and let’s sign contracts instead. Today, in most cases, it’s all about trust. Cryptpad tries to solve all privacy issues with data (example: the cloud by definition). This project is already six years old and, even if I’ve heard about it, I never used it. Then, Ludovic Dubost came on stage to present “ CryptPad : a zero knowledge collaboration platform”. The plugin is available here if interested. Adrien & Angèle explained how they implemented this, how they solved some challenges, and ended with a quick demo. ![]() The plugin was not easy to implement due to the Mattermost limitations: notifications, attachments, modification of sent messages, etc. ![]() Encryption is in place between the client and the server but there was a lack of E2EE or “End-2-End Encryption” (so that even administrators of the server can’t see messages and files exchanged). Mattermost is a very popular free chat service (like Slack) but a free version is available and the community around it creates a lot of plugins. But, the talks were interesting anyway! The first one was “ Mattermost End-to-End Encryption plugin” by Adrien Guinet & Angèle Bossuat. The first one was cryptography, hard way to start the conference if, like me, you don’t like this. The first day started in the afternoon and talks are grouped by topic. After the two years break, the formula did not change: same location, free, presentations around security, and free software! And, most important, the same atmosphere. Conferences are back! After Botconf in April, that’s Pass-The-Salt that is organized this week in Lille, France.
0 Comments
Leave a Reply. |