Thursday, October 1, 2015

Linux Security Summit


Continuing my notes and link references from August....

Before leaving Seattle, I stayed for part of the Linux Security Summit.

Paul Moore gave a great review of the summit.

I have to agree that Konstantin's keynote was exceptional. Check out the Presentation, referenced video, and released policies.

The CC3 talk was fine but just not anything I am remotely working with at the moment.

Stephen Smalley's SELinux on Android talk was informative for me. It gave me some ideas and links to look at before my next talk.

Rethinking Audit went too deep in the kernel source for me but I followed the discussion - or at least most of it.

The afternoon included a nap but I did return for the discussion on the Core Infrastructure Initiative. There is a lot of work to do here but the concept has some promise.

On Friday morning I popped into the Samsung talk before checking out and heading to the airport. I was a bit disappointed as it seems to me they are reinventing the wheel to have a security framework on their platform. I did note a couple of capabilities they are trying to get into the kernel so I do see the relevance of speaking at the summit. It did not seem deep enough - or "source code" enough to interest the kernel developers, and was too much overview to interest my ops side.

-SML

No comments: