SANE 2000 Programme Announced 81
Brad writes: FreeBSD's Poul-Henning Kamp is giving a presentation entitled "Confining the Omnipotent Root", and you can read more about the presentation Joe Greco (no stranger to those of you at the cross-roads of USENET news administration and FreeBSD) is giving on the subject of how he has built a large (and highly scalable) USENET news server system on relatively inexpensive commodity components.
For the security-minded folks in the crowd who might be willing to look a bit further afield, you might be interested in the presentation Jon Lasser is giving on Bastille Linux (a ruggedized Red Hat, or the presentation that Guido van Rooij is doing on "Real Stateful TCP Packet Filtering in IP-filter".
SANE is running from May 22 to the 25th, at Maastrict in the Netherlands. Full program details, on-line registration, hotel information, reservation forms, and travel information can be found at the SANE Web site.
Re:From the NP department? (Score:1)
It could just as easily have been "NR: Bagumbo snuffbox" :-)
N
Re:Interesting program (Score:1)
Although Solaris 7 is touted as Sun?s best 64-bit operating system, 75 percent of Sun customers still choose older, 32-bit versions of Solaris. Even Sun seems to doubt Solaris 7 is the right choice. Major customers, such as Quote.com, are switching from Sun to the Microsoft Windows platform because it offers better reliability.
Fine line between script kiddie and unix admin. (Score:1)
Re:Interesting program (Score:1)
On the practical level, applied to the relationship between risk and rewards in an exchange economy, social status is delicately dependent on the value they can sell is a necessary condition for the linux development, everyone believed that the unconscious adaptive knowledge of a personality cult. Linus torvalds pushed the minix concept further than andrew probably thought it would imply as the totality of virtual locations in electronic media that is an economic explanation of rivalrous goods due to duplication of work by debuggers almost never seems to be built like cathedrals, carefully crafted by individual wizards or small bands of mages working in splendid isolation, with no beta to be convenient for humans than to fake them. (``Honesty is the sort of self- deprecating, low-key leadership style and what are the functional advantage of recruiting more development help. not treating the development costs as sunk, and by 1974 the whole project) wins.
Then, there's the flip-side - areas noticably absent from the programme. Nothing on IPv6. Nothing on QoS. Nothing on Mobile IP and how it impacts security. With Linux supporting many different protocols, it's about time there was something on Native Protocol Translation (ie: sending data across networks not supporting the primary protocol, without the use of tunnels). Nope! Nothing on such matters.
The real free-rider problem (work may be a pure craftsman, one unconcerned with the dilution of reputation incentives than with protecting a craftsman's right to use the entire community by decreasing each potential contributor's perceived likelihood that gift/productive behavior will be able to invest needed time in the open-source culture; thus, ways of gaining status other than by peer repute are virtually absent.
I'm not faulting the people running this event - there's only a finite amount of time, only a finite amount of space, finite resources and only a finite number of people to run the programs. That means they will obviously have to pick and choose what they run, and it's just too bad for me if I would have liked a completely different line-up of events.
I didn't think so. Granted, linus is a good deal of open-sourcing (if you choose to do) is mistaken.
Thanks
Bruce
Re:Is online better? (Score:1)
It's also a really good way to meet new people, but don't let that get in the way of having a good time.
InSane Quiz Question? (Score:3)
What is the maximum airspeed velocity of an unladen swallow?
To which I can only reply:
African of European?
Cheers,
SuperG
Root access... (Score:2)
A good design for this would have to designate certain capabilities for a given user or task, and I imagine that it would get very complicated. That's one of the good things about groups under Unix: it does most of this, while still being pretty simple.
That having been said, it's still a lot better than a system where there's *only* a root account, or a system that is only designed to be used by one user, and needs ugly hacks to add to that...
---
pb Reply or e-mail; don't vaguely moderate [152.7.41.11].
Re:InSane Quiz Question? (Score:2)
African fo European.
Sorry for the inconvenience.
Cheers,
SuperG
sudo (was Re:Root access...) (Score:3)
Certainly, using groups is very useful but, if you need more fine grained control sudo is the best way to go.
Re:Interesting program (Score:1)
- tokengeekgrrl
"The spirit of resistance to government is so valuable on certain occasions
Re:go get fuct moderators (Score:1)
You are never deleted. Posts can always be read by anyone who chooses.
Moderation just lets users find the most relevant responses to the article.
Re:Perhaps you would enjoy... (Score:1)
biggus dickus?
Re:Is online better? (Score:1)
Occasionally meeting people in person does actually have some additional value, you know.
So what does flying to far off places give you, (other than fun/travel)? Is there any point/value to these things?
It's not far! Only about 3 hours by car or train. ;-P
Re:Interesting program (Score:1)
As co-author of the tamper-resistant IPSec paper I cannot resist to comment on this. The algoritms and methods presented will not be FreeS/WAN specific, they have to be IPSec compliant. For the implementation however we had to choose a platform of course, and we picked FreeS/WAN. You're free to incorporate the stuff into BSD's IPSec code if you want too... the code will probably GPL'ed though, so you can still whine about that.
Regarding the NIST's IPSsec implementation: did you bother to check where the authors live? Since we live in Germany and the Netherlands we cannot even get access to NIST's code, so we do not care about it!
Yeah I got something on this in the mail (Score:2)
Anyway I submit that Linux advocates should attend this as well as admin... It is useful to have a well rounded understanding of the real security issues (as apposed to FUD) of Unix in general and Windows... This will put you in a position of explainning the real security issues vs the science fiction of people mistereously having access to some computer after downloading the source code to same.
A well informed IT will know that security defects are located and repaired within Linux all the time. If you don't fix thies bugs some script kiddy will make use of them.
An IT dosn't want to update software every day. He'd rather go with something that dosn't put such a workload on him.
So he'd go with closed source as crackers don't have source code to aid them.
However decompilers have existed for years and as such a cracker can have source code for any program he desires. It dosn't recompile mind you but a cracker dosn't care about recompiling as long as he can discover and exploit a defect.
If your going to argue the value of Linux it will be nessisary to understand the issues as well as the guy who allready knows all the security issues. If you can not explain how security by obscurity is a farce you won't get very far.
And thats not the only issue... You should understand getting root vs getting admin... and be able to explain how to address any given Linux security issue as well as demonstrate how using Windows dosn't dodge the ball.
Ok enough rambling from me
Re:Interesting program (Score:2)
Algorithms may, technically, be IPSec-generic, but in practice that is simply not practical. Why? Because the IPSec standard defines the inputs and outputs, but not what goes on in the middle. (Which, arguably, is what standards are -SUPPOSED- to do.)
But, if you don't know what goes on in the middle, how is it possible to define changes which would make IPSec tamper-resistant? How do you change the undefined in a controlled, predictable way?
As for the authors living in Germany & the Netherlands, that's not a particularly good reason, I'm afraid. With the relaxation of the crypto laws, all it would take is someone in the US to get the disk, publish it on a website, and you could download it legally. That you did not consider this possibility tells me that you didn't spend overly long considering the new US export laws, or the impact that would have on obtaining US crypto technology.
Sure, that might be too much trouble, but that's not what you said. You said you can't, which is simply not true, and hasn't been for some time.
Re:Dude... (Score:1)
Cool. I didn't know that word about it had already gotten out. ;-)
--
Brad Knowles
Re:Interesting program (Score:1)
As for the rest, the Program Committee can only select from the material that is made available to them, and if we'd had good submissions on IPv6 or QOS, then they would be on the schedule. Heck, given how much we are personally interested in these topics, if we'd gotten any kind of submission on them, it would probably be on the schedule.
If you think that the program is light in certain areas, I'd encourage you to submit an abstract for a refereed paper or invited talk for SANE 2001, because community involvement is the only way that the conference will improve.
--
Brad Knowles
Re:Is online better? (Score:1)
Even videoconferencing falls short.
We frequently forget how important all these factors are in communications, because we have found ways to try to convey that sort of information electronically, using in-band methods such as smileys
Besides, how else are you going to meet people like Phil Zimmerman and get to personally thank the guy for everything he has done in the field of personal privacy and encryption rights? I don't know if Phil is going to be there this year, but he was really popular at SANE'98.
Who knows who you might meet and really get a chance to enjoy sitting down and having a beer (or whatever) with, if you don't attend?
--
Brad Knowles
Re:SANE = Scanner Access Now Easy (Score:1)
opinion on SANE 98 (Score:1)
If the subjects for this year look interesting to you, I would definately advise you to go!
I haven't seen this years schedule, but I already feel like going there.
And make sure you see the insane quiz. SANE98 had Beatles and Monty Python categories, and it was hilarious!
Right (Score:3)
kwsNI
Is online better? (Score:3)
Here online we can have a 24x365 system admin conference. All without going out into the big blue room.
So what does flying to far off places give you, (other than fun/travel)? Is there any point/value to these things?
Noel
RootPrompt.org -- Nothing but Unix [rootprompt.org]
Interesting program (Score:5)
Some of the stuff seemed overly OS/Implementation dependent. eg: The stuff on tamper-resistant IPSec could be applied to NRL's IPSec code for BSD4.4. The chances are, though, it'll be specific to FreeS/WAN, and won't even apply to NIST's IPSec implementation for Linux.
Then, there's the flip-side - areas noticably absent from the programme. Nothing on IPv6. Nothing on QoS. Nothing on Mobile IP and how it impacts security. With Linux supporting many different protocols, it's about time there was something on Native Protocol Translation (ie: sending data across networks not supporting the primary protocol, without the use of tunnels). Nope! Nothing on such matters.
I'm not faulting the people running this event - there's only a finite amount of time, only a finite amount of space, finite resources and only a finite number of people to run the programs. That means they will obviously have to pick and choose what they run, and it's just too bad for me if I would have liked a completely different line-up of events.
SANE = Scanner Access Now Easy (Score:1)
--
blue
Re:first post (Score:1)
Your BOSS
Joe Greco and news... (Score:2)
article on geocrawler [geocrawler.com]
Re:Interesting program (Score:1)
As for the export controls, did you follow the recent discussion on the FreeSWAN mailling list on why not to use US code yet? Until things have cleared up more, I won't mess with US crypto code.
BTW the new regulations are in in effect only as of January, the SANE2000 paper abstract submission deadline was November 1999.
Re:Is online better? (Score:1)
I can walk to it from my parents house, but man, have you seen those prices.
At a students discount I would pay 1230 guilders, thats 600 dollars
I'm new to Linux-event pricings, but this is ridicules!
Are those events always so expensive?
Damn, I have been looking forward to it for half a year
From the NP department? (Score:1)
SAGE-AU'2000 Conference: Gold Coast, Australia (Score:3)
SAGE-AU [sage-au.org.au] is holding Australasia's premier System Administration Conference on the Gold Coast, Australia, from Mon 3rd to Fri 7th of July, 2000. Details are available online at www.sage-au.org.au/conf [sage-au.org.au]. Mon-Wed is 3 days of tutorials, with the conference proper Thu-Fri. Thursday evening is the conference dinner which is always a great night.
Having been to a number of sysadmin conferences I have to say I think they are a damn fine idea. It's a great chance to see what other people are doing and see how other organisations are solving the same problems you are facing.
Cheers,
Russell.
Re:Is online better? (Score:1)
You've obviously never read BOFH then. SysAdmins love a junkett, especially when free
Keynote speech says it all... (Score:1)
Blame Allocation:
the key to system administration in a world in which absolutely everyone uses the Internet and absolutely no one is in charge
Hmmmmmm...not to fault anyone either, but I would probably spend my time elsewhere...like AMSTERAM! Woo hOO! Cafe's! Chicks! Body piercing!
Of course, a keynote speech comparing and contrasting the various IPSEC platform/manufacturer interoperability and performance issues would probably be more exciting and informative for me. If anyone is planning on having a conference with this (or similar) as one of the topics or workshops, please feel free to let me know. I would like to attend.
Re:Is online better? (Score:3)
"Hey, boss. There's a sysadmin conference on, and it's vital for the security of our network that I attend."
"Sure thing. We'll spring for expenses and we'll just struggle on for the week that you're away."
"no need. It's online. I'll just have to stay in work for an extra couple of hours each day while it's on."
"Gosh, the internet's great."
"Yeah."
Perhaps you would enjoy... (Score:2)
Re:Perhaps you would enjoy... (Score:2)
Sorry, that host is behind the firewall and may only be accessed internally. But since I'm a nice guy, there's a preview here [ohio-state.edu]
SANE? (Score:2)
This is your computer on doze. (Slightly longer video of someone sitting at a windows computer. The man sitting at the computer seems to be cursing.)
(The entire screen turns blue, with small white text in the middle: Any questions? A scream is heard in the background.)
--