231

Modification of the kernel command line has historically been one of the easiest ways to customize system behavior. Bootloaders allow for persistent changes via config-files and on-the-fly changes interactively during system boot. System behavior changes made via the kernel command line are not limited to the kernel itself. Userspace applications from installers to init systems and beyond also take input from /proc/cmdline. It is clear that some kernel command line options are desirable (console=ttyS0 verbose) and possibly even necessary. Others, such as the cromulent 'init=/bin/sh', can allow circumvention of benefits that Secureboot and TPM provide. How to control access to kernel command line modification is a non-trivial subject. A recent pull request to systemd that added "command-line addons" garnered hundreds of comments. This talk will cover: * The stub loader 'stubby' and its allowed-list approach to kernel command line options. * Systemd-stub’s solution for command line customization * System changes that can be made through kernel command line. * Alternative channels such as smbios oem strings, or qemu 'fw_cfg' about this event: https://cfp.all-systems-go.io/all-systems-go-2023/talk/T3QFGS/

Modification of the kernel command line has historically been one of the easiest ways to customize system behavior. Bootloaders allow for persistent changes via config-files and on-the-fly changes interactively during system boot. System behavior changes made via the kernel command line are not limited to the kernel itself. Userspace applications from installers to init systems and beyond also take input from /proc/cmdline. It is clear that some kernel command line options are desirable (console=ttyS0 verbose) and possibly even necessary. Others, such as the cromulent 'init=/bin/sh', can allow circumvention of benefits that Secureboot and TPM provide. How to control access to kernel command line modification is a non-trivial subject. A recent pull request to systemd that added "command-line addons" garnered hundreds of comments. This talk will cover: * The stub loader 'stubby' and its allowed-list approach to kernel command line options. * Systemd-stub’s solution for command line customization * System changes that can be made through kernel command line. * Alternative channels such as smbios oem strings, or qemu 'fw_cfg' about this event: https://cfp.all-systems-go.io/all-systems-go-2023/talk/T3QFGS/

Modification of the kernel command line has historically been one of the easiest ways to customize system behavior. Bootloaders allow for persistent changes via config-files and on-the-fly changes interactively during system boot. System behavior changes made via the kernel command line are not limited to the kernel itself. Userspace applications from installers to init systems and beyond also take input from /proc/cmdline. It is clear that some kernel command line options are desirable (console=ttyS0 verbose) and possibly even necessary. Others, such as the cromulent 'init=/bin/sh', can allow circumvention of benefits that Secureboot and TPM provide. How to control access to kernel command line modification is a non-trivial subject. A recent pull request to systemd that added "command-line addons" garnered hundreds of comments. This talk will cover: * The stub loader 'stubby' and its allowed-list approach to kernel command line options. * Systemd-stub’s solution for command line customization * System changes that can be made through kernel command line. * Alternative channels such as smbios oem strings, or qemu 'fw_cfg' about this event: https://cfp.all-systems-go.io/all-systems-go-2023/talk/T3QFGS/

Modification of the kernel command line has historically been one of the easiest ways to customize system behavior. Bootloaders allow for persistent changes via config-files and on-the-fly changes interactively during system boot. System behavior changes made via the kernel command line are not limited to the kernel itself. Userspace applications from installers to init systems and beyond also take input from /proc/cmdline. It is clear that some kernel command line options are desirable (console=ttyS0 verbose) and possibly even necessary. Others, such as the cromulent 'init=/bin/sh', can allow circumvention of benefits that Secureboot and TPM provide. How to control access to kernel command line modification is a non-trivial subject. A recent pull request to systemd that added "command-line addons" garnered hundreds of comments. This talk will cover: * The stub loader 'stubby' and its allowed-list approach to kernel command line options. * Systemd-stub’s solution for command line customization * System changes that can be made through kernel command line. * Alternative channels such as smbios oem strings, or qemu 'fw_cfg' about this event: https://cfp.all-systems-go.io/all-systems-go-2023/talk/T3QFGS/

Fala, Vagabundo! Neste Papo de Louco, traremos um pouco de nossas vamos falar sobre aqueles artistas que fizeram com um único Hit e sumiram.
Edição - Fabricio Santos, Fabs. Capa - Luciano Munhoz.

Mande seu e-mail de histórias, sugestões e Feedback para: contato@papodelouco.com.
PIX: contato@papodelouco.com
Padrim: padrim.com.br/papodelouco.
Picpay: app.picpay.com/user/papodelouco.
Facebook: facebook.com/papodeloucooficial.
Twitter: twitter.com/papodelouco_.
Instagram: instagram.com/papodelouco_podcast.

Store: papodelouco.com/store.

Using cryptography can give you easy assurances, keep data confidential and keep prying eyes from stuff where they should not be. However it's not magic. This talk is intended for programmers, users and software designers. This talk is about hardcore mathematics while you should not have to understand what the mathematics are but what they do. What does cryptography do: encrypt, decrypt, sign and verify. How are certificates used in cryptogaphy and why are they totally not a magical thing. It covers what cool hardware is available, open design and open source, hardware tokens and how to use TPM for cool features. And last but not least: it contains best practices and warnings. After this talk you might be able to see what's snakeoil and what is real. == NFT's are a scam. If you are into crypto-bullshit please stay away. == Cryptography seems like magic anytime you at first look at it. In the past years I have been helping a lot of projects and customers with my more-than-basic knowledge about applied cryptography. I'll talk about: * What is cryptography (basic math) - encryption - decryption - digital signatures - digital signature verification * What can it do for you? - Deliver security - Deliver privacy - Deliver dataloss * When to use encryption - what cryptography do you want to build (hint: none) - what cryptography do you want to use (a- or symetrical encryption). - how do you do key management - where to find the best practices * About hardware - Provide security - Provide speed - HSM, TPM, processor and other acceleration * Standards - The good, the bad, the ugly - Old ones - New ones - Very special ones * Limitations and workarounds * Software - How to avoid OpenSSL * This all in random() order. Random = 4 about this event: https://program.mch2022.org/mch2022/talk/S7GEZF/

Using cryptography can give you easy assurances, keep data confidential and keep prying eyes from stuff where they should not be. However it's not magic. This talk is intended for programmers, users and software designers. This talk is about hardcore mathematics while you should not have to understand what the mathematics are but what they do. What does cryptography do: encrypt, decrypt, sign and verify. How are certificates used in cryptogaphy and why are they totally not a magical thing. It covers what cool hardware is available, open design and open source, hardware tokens and how to use TPM for cool features. And last but not least: it contains best practices and warnings. After this talk you might be able to see what's snakeoil and what is real. == NFT's are a scam. If you are into crypto-bullshit please stay away. == Cryptography seems like magic anytime you at first look at it. In the past years I have been helping a lot of projects and customers with my more-than-basic knowledge about applied cryptography. I'll talk about: * What is cryptography (basic math) - encryption - decryption - digital signatures - digital signature verification * What can it do for you? - Deliver security - Deliver privacy - Deliver dataloss * When to use encryption - what cryptography do you want to build (hint: none) - what cryptography do you want to use (a- or symetrical encryption). - how do you do key management - where to find the best practices * About hardware - Provide security - Provide speed - HSM, TPM, processor and other acceleration * Standards - The good, the bad, the ugly - Old ones - New ones - Very special ones * Limitations and workarounds * Software - How to avoid OpenSSL * This all in random() order. Random = 4 about this event: https://program.mch2022.org/mch2022/talk/S7GEZF/

Suzie is the creator of Two Tin Cans, a printmaking studio in a telephone box which will be at EMF! Two Tin Cans is a K6 style phonebox... with a difference! Inside the phonebox is a tiny printmaking studio includes printing blocks created by Suzie Devey. Every person who enters the box can make a unique work of art to keep, for free. New artwork is created for every event making the work highly collectable! Established as a way to tackle loneliness across the North York Moors the phonebox is in high demand as a way to make creative conversations happen. Funded by Arts Council England, Suzie worked with Teesside Hackspace to test ideas and make the magic happen! This talk tells the story of my journey as an artist and how I encouraged people from all walks of life to get in touch with their local hackspaces as part of the creative engagement. about this event: https://c3voc.de

Suzie is the creator of Two Tin Cans, a printmaking studio in a telephone box which will be at EMF! Two Tin Cans is a K6 style phonebox... with a difference! Inside the phonebox is a tiny printmaking studio includes printing blocks created by Suzie Devey. Every person who enters the box can make a unique work of art to keep, for free. New artwork is created for every event making the work highly collectable! Established as a way to tackle loneliness across the North York Moors the phonebox is in high demand as a way to make creative conversations happen. Funded by Arts Council England, Suzie worked with Teesside Hackspace to test ideas and make the magic happen! This talk tells the story of my journey as an artist and how I encouraged people from all walks of life to get in touch with their local hackspaces as part of the creative engagement. about this event: https://c3voc.de

Suzie is the creator of Two Tin Cans, a printmaking studio in a telephone box which will be at EMF! Two Tin Cans is a K6 style phonebox... with a difference! Inside the phonebox is a tiny printmaking studio includes printing blocks created by Suzie Devey. Every person who enters the box can make a unique work of art to keep, for free. New artwork is created for every event making the work highly collectable! Established as a way to tackle loneliness across the North York Moors the phonebox is in high demand as a way to make creative conversations happen. Funded by Arts Council England, Suzie worked with Teesside Hackspace to test ideas and make the magic happen! This talk tells the story of my journey as an artist and how I encouraged people from all walks of life to get in touch with their local hackspaces as part of the creative engagement. about this event: https://c3voc.de

Suzie is the creator of Two Tin Cans, a printmaking studio in a telephone box which will be at EMF! Two Tin Cans is a K6 style phonebox... with a difference! Inside the phonebox is a tiny printmaking studio includes printing blocks created by Suzie Devey. Every person who enters the box can make a unique work of art to keep, for free. New artwork is created for every event making the work highly collectable! Established as a way to tackle loneliness across the North York Moors the phonebox is in high demand as a way to make creative conversations happen. Funded by Arts Council England, Suzie worked with Teesside Hackspace to test ideas and make the magic happen! This talk tells the story of my journey as an artist and how I encouraged people from all walks of life to get in touch with their local hackspaces as part of the creative engagement. about this event: https://c3voc.de

A look at the new features in LibreOffice 7.1, and how everyone can contribute to the next release LibreOffice 7.1 arrived in early February, and was full of features thanks to the worldwide community. So, what exactly is new? What was changed? And how can everyone – including non-programmers – get involved and help to make future releases even better? This talk will explain all... about this event: https://pretalx.linuxtage.at//glt21/talk/WAGGEX/

A look at the new features in LibreOffice 7.1, and how everyone can contribute to the next release LibreOffice 7.1 arrived in early February, and was full of features thanks to the worldwide community. So, what exactly is new? What was changed? And how can everyone – including non-programmers – get involved and help to make future releases even better? This talk will explain all... about this event: https://pretalx.linuxtage.at//glt21/talk/WAGGEX/

Hackerspace-Kollektiv in Zürich Raum für Erfahrungsaustausch, Medienarbeit und Hackerspaces in der ehemaligen Zentralwäscherei in Zürich. Im Sommer 2020 entstand eine neue Hackerspace Gemeinschaft im Herzen von Zürich, als kollektives Unterfangen im Zusammenschluss von Chaos Computer Club Zürich, Schweizerische Gesellschaft für Mechatronische Kunst, Digitale Gesellschaft, Linux User Group Schweiz. Im 3. Stock der ehemaligen Zentralwäscherei haben wir einen Raum aufgebaut für den regelmässigen Ausstauch unserer Communities, betreiben eine öffentliche Hardware/Wetware Werkstatt, veranstalten Workshops und Vorträge, wie auch gemütliches gemeinsames Kochen und Essen. An der rC3 sind wir als als Studio und Kanal für Vorträge und Workshops wie auch in unsererem Hackspace-als-Map präsent. Wir bieten (Live-) Musik und haben ein Postamt sowie einen Stickerexchange! about this event: https://pretalx.rc3.studio/rc3-channels-2020/talk/CA7VN9/

Hackerspace-Kollektiv in Zürich Raum für Erfahrungsaustausch, Medienarbeit und Hackerspaces in der ehemaligen Zentralwäscherei in Zürich. Im Sommer 2020 entstand eine neue Hackerspace Gemeinschaft im Herzen von Zürich, als kollektives Unterfangen im Zusammenschluss von Chaos Computer Club Zürich, Schweizerische Gesellschaft für Mechatronische Kunst, Digitale Gesellschaft, Linux User Group Schweiz. Im 3. Stock der ehemaligen Zentralwäscherei haben wir einen Raum aufgebaut für den regelmässigen Ausstauch unserer Communities, betreiben eine öffentliche Hardware/Wetware Werkstatt, veranstalten Workshops und Vorträge, wie auch gemütliches gemeinsames Kochen und Essen. An der rC3 sind wir als als Studio und Kanal für Vorträge und Workshops wie auch in unsererem Hackspace-als-Map präsent. Wir bieten (Live-) Musik und haben ein Postamt sowie einen Stickerexchange! about this event: https://pretalx.rc3.studio/rc3-channels-2020/talk/CA7VN9/

Vom 3.-8. September findet das Camp der Werkkooperative der Technikfreundinnen (WTF) eG i.G. und des VEB IT eV statt ("Hacker eG") Wir haben vor, für die daheimgebliebenen Member in Hybridmanier Dinge zu streamen oder in BBB zu nutzen. Das Camp findet komplett draußen auf einem Berg im Vogtland statt, wohin wir per Richtfunk etwas Netz beamen werden. Wir machen eine Liveschalte zwischen divoc und Camp und wollen ein Gemeinschaftserlebnis schaffen. Inhaltlich könnte es einen Camprundgang mit mobiler Kamera geben, ein Laberfeuer, ein WTF-StateOfTheUnion, ein WTF-AskUsAnything, Onlinewaffeln mit dem WOC, oder oder. Vom 3.-8. September findet das Camp der Werkkooperative der Technikfreundinnen (WTF) eG i.G. und des VEB IT eV statt ("Hacker eG") Wir haben vor, für die daheimgebliebenen Member in Hybridmanier Dinge zu streamen oder in BBB zu nutzen. Das Camp findet komplett draußen auf einem Berg im Vogtland statt, wohin wir per Richtfunk etwas Netz beamen werden. Wir machen eine Liveschalte zwischen divoc und Camp und wollen ein Gemeinschaftserlebnis schaffen. Inhaltlich könnte es einen Camprundgang mit mobiler Kamera geben, ein Laberfeuer, ein WTF-StateOfTheUnion, ein WTF-AskUsAnything, Onlinewaffeln mit dem WOC, oder oder. Infos zu unserem Genossenschaftsprojekt gibt es auf https://vebit.xyz - Aber am besten Ihr kommt zur DivoC-WTF-Schaltkonferenz! *Stell deine Fragen zum Talk [in diesem Pad](https://di.c3voc.de/pad/ptt:talk:ZSZWMT).* about this event: https://talks.mrmcd.net/ptt/talk/ZSZWMT/

Vom 3.-8. September findet das Camp der Werkkooperative der Technikfreundinnen (WTF) eG i.G. und des VEB IT eV statt ("Hacker eG") Wir haben vor, für die daheimgebliebenen Member in Hybridmanier Dinge zu streamen oder in BBB zu nutzen. Das Camp findet komplett draußen auf einem Berg im Vogtland statt, wohin wir per Richtfunk etwas Netz beamen werden. Wir machen eine Liveschalte zwischen divoc und Camp und wollen ein Gemeinschaftserlebnis schaffen. Inhaltlich könnte es einen Camprundgang mit mobiler Kamera geben, ein Laberfeuer, ein WTF-StateOfTheUnion, ein WTF-AskUsAnything, Onlinewaffeln mit dem WOC, oder oder. Vom 3.-8. September findet das Camp der Werkkooperative der Technikfreundinnen (WTF) eG i.G. und des VEB IT eV statt ("Hacker eG") Wir haben vor, für die daheimgebliebenen Member in Hybridmanier Dinge zu streamen oder in BBB zu nutzen. Das Camp findet komplett draußen auf einem Berg im Vogtland statt, wohin wir per Richtfunk etwas Netz beamen werden. Wir machen eine Liveschalte zwischen divoc und Camp und wollen ein Gemeinschaftserlebnis schaffen. Inhaltlich könnte es einen Camprundgang mit mobiler Kamera geben, ein Laberfeuer, ein WTF-StateOfTheUnion, ein WTF-AskUsAnything, Onlinewaffeln mit dem WOC, oder oder. Infos zu unserem Genossenschaftsprojekt gibt es auf https://vebit.xyz - Aber am besten Ihr kommt zur DivoC-WTF-Schaltkonferenz! *Stell deine Fragen zum Talk [in diesem Pad](https://di.c3voc.de/pad/ptt:talk:ZSZWMT).* about this event: https://talks.mrmcd.net/ptt/talk/ZSZWMT/

Aus eigener Erfahrung mit Gesundheitsdaten und am Beispiel von Eschbachs neuem Buch "NSA" wird gezeigt wie einfache, allgemein verfügbare Daten genutzt bzw. missbraucht werden können Aus eigener Erfahrung mit Gesundheitsdaten und am Beispiel von Eschbachs neuem Buch "NSA" wird gezeigt wie einfache, allgemein verfügbare Daten genutzt bzw. missbraucht werden können about this event: https://cfp.privacyweek.at/pw19/talk/BV7FAL/

Aus eigener Erfahrung mit Gesundheitsdaten und am Beispiel von Eschbachs neuem Buch "NSA" wird gezeigt wie einfache, allgemein verfügbare Daten genutzt bzw. missbraucht werden können Aus eigener Erfahrung mit Gesundheitsdaten und am Beispiel von Eschbachs neuem Buch "NSA" wird gezeigt wie einfache, allgemein verfügbare Daten genutzt bzw. missbraucht werden können about this event: https://cfp.privacyweek.at/pw19/talk/BV7FAL/