Thanks @voltagex for talking me out of buying a cheap ebay ipkvm! Intel AMT + meshcentral does mostly work for most PCs. More robust than iDRAC7/8 boxen that will hang if you click too fast

Rough edges:
1. "Remote Desktop" seems to need a monitor attached, black screens otherwise
2. Grub won't see the AMT serial port, apparently because UEFI vendors AMT uart support sucks

anyway, bc I try to stay current on RH for work I have fedora-induced miseries but here's the notes https://gist.github.com/csirac2/79164f288c815836b9e1960c24b259d2

Pendulum Career: anyone familiar with @mipsytipsy 's essays/talks [1]/ideas on this in practice ?

Resigned recently from a role that had started out as a principal eng. but morphed into management .. made reference to this and similar things in my rambling announcement, some of the team are interested in me talking about career progression on this before I go

Keen to hear of practical experiences, especially outside of big tech (anyone from .au?)

[1] https://www.usenix.org/conference/srecon23emea/presentation/majors

@bsidescbr CFP is open: https://cfp.bsidescbr.com.au/bsides-canberra-2024/cfp

26-28th September 2023 at the National Convention Centre in Canberra, Australia. Showcase your novel research or discoveries to a large crowd of 3,500+ delegates.

[TRACKS]
Main Track - focusses on novel research in computer security
BSidesCbr101 - introductory topics for newcommers
Careers Village - talks to direct & inspire people looking to move into/around in cyber security
Linux Kernel Hacking - talks focussed on the Linux Kernel

#BSidesCBR

#introduction

I prevent computers from doing things we don't want

Tell me about security, instrumentation (chromatography, any spectroscopy: mass, raman, IR, gamma..), systems or safety engineering, modeling, simulation, statistical methods, experiment design, ICS/SCADA, phylogentics, taxonomy, knowledge graphs, software defined radio, laser communications, electronics

The purpose of a system is what it does

So let's not trust cheap paralyzing sentimental explanations of systemic problems

Had to go through old backups to restore this account after a few years away! Not sure I have the energy to be here any more than twitter

Always loved the core mastodon project, among others. Even donated a tiny amount. Bit disappointing to see it being sold as 1-for-1 twitter replacement, with little regard for what kinds of twitter users that might actually be true for

So, we desperately need more federated tech like this, here's hoping the anti-abuse/privacy etc. stuff evolves

"Trustworthy Whole-System Provenance for the Linux Kernel" - https://www.usenix.org/system/files/conference/usenixsecurity15/sec15-paper-bates.pdf

> .. We present Linux Provenance Modules (LPM), the first general framework for the development of provenance-aware systems. We demonstrate that LPM creates a trusted provenance-aware execution environment, collecting complete whole-system provenance while imposing as little as 2.7% performance overhead on normal system operation...

"Understanding Real-World Concurrency Bugs in Go" - https://songlh.github.io/paper/go-study.pdf

"..we perform the first systematic study on concurrency bugs in real Go programs. We studied six popular Go software including Docker, Kubernetes, and gRPC. We analyzed 171 concurrency bugs in total, with more than half of them caused by non-traditional, Go-specific problems. ... we also studied their fixes, performed experiments to reproduce them, and evaluated them with two publicly-available Go bug detectors.