Well it’s the conclusion of Day 1 of linux.conf.au. (The official conf doesn’t start till Wednesday – but the mini-confs are just as much value). I hovered between the security mini-conf and a few others. Michael Davies gave a quite informative talk on signing code fragments before they end up in distro repos. Enno Davids talk on self-defending networks was pretty neat. He had some good insight into the issues surroung DDoS attacks – particular he propogates some useful ideas that might make use of ICMP to signal pwned bot hosts operating systems to back off for a little while. (Of course this assumes that the essential integrity of the bot herd’s host operating system is not compromised 😉 . There was a very neat lighting talk from a real white-hat hacker (who seems fairly grey in a lot of his outlook) called Metlstorm. He is a Kiwi his alterego is Adam Boileau. Pretty smart guy working on a lot of projects. ssh-jack allows you to eavesdrop on a ssh session on your host, without letting the user being aware – purportedly to keep an eye on the bad guys.
We also had a pretty long-winded GPG key signing party. Unfortunately I feel pretty deflated after finding about I got duped by one of the attendees with dubious ID – http://madduck.net/blog/2008.01.28:on-the-point-of-keysigning/ . What I am more dissapointed in is that the keysigning herd didn’t protect itself, instead letting everyman fend for themselves. Clearly in my mind a true Web of Trust ought to protect itself when an attack on it’s integrity is observed. I can only blame myself for accepting Martin’s ID (and in hindsight I can remeber even what it looked like), but I do feel there should be an obligation to protect each other.
We have had a pretty good 2 days so far at LCA. As I expected, I flittered between the Virtualisation, Gnome and Debian mini-confs. I learned a lot from Jon Oxer’s talk on Xen Image Manager. Probably most interesting was learning about recent glue tools such as ATA over Ethernet ( a poor man’s iSCSI), drbd ( A Network RAID-1) and Unison (a better rsync). Anyway it certainly has some good ideas for building reasonably sophisticated data centres on a budget.
We also heard a little about the OLPC project from Chris Blizzard’s keynote – and catching up with James Cameron at morning tea meant that we could actually have closeup look at the one he has been testing in the bush.
At lunch I was able take a ride on Geoffrey Bennett’s open source segway clone.
Jono Bacon exemplified the value of open source development, talking about the audio editor Jokosher that spawned as a result of the need to fill a niche for a multi-track editor that mortals could use.
Anyway a pretty good days so far!
I’m getting all revved up for LCA tomorrow. Jez (my son) and his friend Dan will be coming along as well. Having been to Dunedin for ’06, I’m much more aware of what to expect. As I found last year, LCA is definitely a smorgasbord with an overflowing cornucopia to choose from. The difficulty of choice is inevitable – especially seeing that work is paying for my rego – so I have to decide between head (enterprise architectually relevant things) and heart (kewl toys and things to spin my propeller). Anyway I am confident that Sylvia and her team will be trying very hard to get video of the talks available to the masses this year – so I hope I can timeshift those talks that I’ll miss.
LCA is also an incentive pump some life into this blog – hopefully I can get a few posts in during the week.