Recap from the Pass the SALT 2022 conference
I’ve had the opportunity to talk at the Pass the SALT conference in July 2022. I would like to thank both the organizers for accepting my talk and the Fedora Project for sponsoring me to attend the event.
My talk was about how we build operating systems optimized for containers, from IoT to desktops and servers (see the video and slides). In this talk, I go over what we are doing to build secure by default operating systems, for all form factors, using container technologies and security primitives from the Linux kernel.
This conference was also the first one for me since March 2020 and it was nice to reconnect with old friends and meet new acquaintances.
Here is a list of some the talks that I found the most interesting, in chronological order.
CryptPad : a zero knowledge collaboration platform
To have encypted plain text pads is nice for sure, but most folks need more. It now feels like the CryptPad project has reach the level of functionnality where it’s no longer something for the niche and is ready for more broad usage in associations and collectives where privacy is important.
Dataflow tabular charts – a presentation tool for security architects
This one is definitely oriented towards ingineers that have to write documentation detailing the security of a solution and the layers that have been put in place. I would have likely found it useful in a previous job.
Sandboxing your application with Landlock, illustration with the p7zip case
An in detail view of what’s needed to sandbox an application with Landlock, enableing fined grained sandboxing that is really hard to do with classical LSMs just as SELinux, etc.
Write faster Suricata signatures easier with Suricata Language Server
Eric has made a Language Server implementation for Suricata. It’s a must see if you need to write Suricate rules.
Abusing archive-based file formats
Almost a classic now by Ange Albertini on how to abuse file formats, this time focusing on archives.
TAPIR : Trustable Artifact Parser for Incident Response
Throw files, partitions, disks at TAPIR and it will let you browse them just like if they were on your system, but through a very nice web interface. Cherry on the top: it’s written in Rust.
kdigger: A Context Discovery Tool for Kubernetes Penetration Testing
An interesting tool to learn more about what you can do inside a Pod in a Kubernetes cluster. Running it on OpenShift might be a good challenge given the much more strict constraints applied to workloads there.
That’s it for this year. See you (likely) next year!
You can also contact me directly if you have feedback.