Monthly Archives: June 2010

Linux Security Summit 2010 (Boston) – Schedule Published

For those who missed the mailing list announcements and tweets, the schedule for the upcoming Linux Security Summit has now been published: click here for the timetable and links to talk abstracts.

The summit is to be held on Monday, 9th of August in conjunction with LinuxCon.   Remember that you need to be registered for LinuxCon to attend the Security Summit (see my last post for details on a registration discount code).  You do not need to pay anything further for the Security Summit.

We had a very strong field of proposals for the summit, and the voting process was reasonably tough.  Proposals required a minimum average score of 4/5 from the program committee to be accepted as a main talk.  We had to reject several good proposals which did not make this grade, and they now have priority as lighting talks.  (Lightning talks will otherwise to be allocated on a first-come first-served basis on the day).

Here’s a summary of the accepted main talks:

  • Recent Advances in the SELinux Sandbox – Dan Walsh, Red Hat
  • in ur webserver, writin ur logs – Joshua Brindle, Tresys
  • Integrating Security into Vyatta – Stephen Hemminger, Vyatta
  • MSF Security Framework Overview – Elena Reshetova, Nokia
  • Access Control in the MSF Security Framework – Janne Karhunen, Nokia
  • Linux Security in 10 Years – Brad Spengler, grsecurity
  • Using EVM to protect security extended attributes – Mimi Zohar, IBM
  • Secstate: Integrating SCAP and Puppet for System Lockdown – Karl MacMillan, Tresys
  • Widely Used But Out-Of-Tree, Kees Cook – Canonical
  • Linux Security Usability, Z. Cliffe Schreuders – Murdoch University
  • System Security Services Daemon (SSSD) – Stephen Gallagher, Red Hat

These talk sessions are intended to be as collaborative and interactive as possible.  They’re thirty minutes each, with at least ten minutes of discussion included. The pace will be fairly brisk, and hopefully leave people wanting more and generating subsequent discussions.  Many people will be there for the week, and it’s been my experience over the years that much of the best discussion ends up happening after the talks in the various hallway and dinner tracks.

We’ll also have a panel session and, as mentioned, lightning talks.  See the schedule page for more details, and for any updates.

I hoped we’d see more proposals from folk on the operational side of things — we probably need to reach out in that direction better next time.  A significant aim of the summit is to foster collaboration between the development community and those running real systems, so if you’re in the latter group, definitely consider attending.  This will be a great opportunity to catch up on current developments in Linux security, and to provide your input and feedback.

Also, please join the event mailing list if you’re planning on attending in any capacity, so we can get any updates out to you, as well as better estimate attendance.  There’s also a Facebook page (which I don’t seem to be able to make public, ironically).

See you there!

Linux Security Summit 2010 – CFP closing this week

Just a reminder that the CFP for the Linux Security Summit ends this Friday, 4th of June.

If you have something interesting to discuss, send your proposal to the program committee via plain text email per the CFP announcement.

We have some very interesting proposals so far — if you have any interest in Linux security, you should probably try and be there.

Note that you need to be registered for LinuxCon to attend. As a speaker at the main conference, I’ve been given a discount code to hand out to people “in my network”. If you’re reading this, you’re in :-) Using the code, you can save 20%, which is currently $80 USD.

That’s enough to buy a Red Sox ticket and a hot dog.

Boston v. NY, 1912
Boston vs. NY, 1912 World Series (LOC).

Email me directly for the code at