Slides from my Security Subsystem Overview at LinuxCon Japan 2012

Whoops. Looks like I forgot to post my slides from last year’s LinuxCon Japan talk on the Linux kernel security subsystem.

Here they are:

http://namei.org/presentations/kernel-security-state-linuxconjp-2012b.pdf

I’ll be giving an update at the upcoming LinuxCon Japan in Tokyo in a couple of weeks.

Linux Security Summit 2013 (New Orleans) – Call for Participation

The CFP for the 2013 Linux Security Summit has been announced.

The summit will be held across the 19th and 20th of September in New Orleans, co-located again with LinuxCon and Linux Plumbers. Note that presenters and attendees at LSS must be registered as LinuxCon attendees.

We’ll be following a similar format to last year, with a day of refereed presentations, followed by subsystem updates and break-out sessions on the second day. We’ll probably finish up around lunchtime on the Friday for people needing to head home that day, but check the final schedule for details once it’s published.

The CFP is open until 14th June, with speaker notifications to be posted by 21st June.

If you’ve been doing cool and interesting work in Linux security, be sure to submit a proposal!

Linux Security Summit 2012 – Slides published

Slides from the Linux Security Summit 2012 talks are now available via the schedule page.

It seems to have been a very successful event, with the move to a two-day format allowing for a day of refereed presentations, and then a day of more collaborative discussion. We’re aiming for a a similar format next year.

Thanks to everyone who made the event happen: presenters, attendees, the program committee, and of course, the great team at Linux Foundation, who made everything work flawlessly!

ETA: The slides from Matthew Garrett’s keynote on UEFI Secure Boot are now up.

Linux Security Summit 2012 – Schedule update

Just to let folks know who are attending, we’ve added a lightning talks slot to the LSS 2012 schedule, on Friday 31st August at 2pm.

If you have any emerging topics to discuss, come along on the day and contact me to schedule a slot. We have one confirmed talk already: Dave Jones will be discussing his Trinity system call fuzzing work.

Note that this change pushes the LF Linux Security Workgroup BoF back thirty minutes.

Linux Security Summit 2012 – Schedule Published

The schedule for LSS 2012 is now published. See also the email announcement.

As previously mentioned, LSS this year will be a two-day event, co-located with LinuxCon.

On Day 1, we’re privileged to have a keynote by Matthew Garrett. He’s one of the best speakers in the community, and I believe he’ll be discussing secure boot.

Following the keynote, we have eight refereed presentations on new and interesting Linux security development topics.

On Day 2, we’ll have kernel security subsystem updates from maintainers, followed by an afternoon of breakout sessions. The breakout sessions are for deeper dives into specific areas, and may include development discussions and hack sessions. An BoF is planned to discuss an LF Security Workgroup, and attendees may propose more sessions in the leadup to the conference by emailing the program committee.

Thanks to all of the committee members for reviewing the proposals and helping to organize the summit — it’s shaping up as an interesting and productive event!

Kernel Security Talk at LinuxCon Japan

Just to let folk know — I’ll be giving a talk on the state of Linux kernel security development at LinuxCon Japan in Yokohama on June 8th. From the abstract:

In this talk, we’ll examine the current state of the Linux kernel security subsystem. Starting with a brief overview of existing features, we’ll discuss recent developments, current efforts and future directions. We’ll also discuss the evolving threat landscape, and the increasing need for mobile and cloud security. This will be a high-level technical discussion aimed at IT professionals. A good general knowledge of operating system and computer security concepts will be advantageous.

I’ll also likely be in Tokyo briefly — if any kernel security development folk there want to meet up, let me know.

2012 Linux Security Summit (San Diego) – Call for Particpation

The 2012 Linux Security Summit (LSS) has been announced. The CFP is open from now until the 23rd of May.

This year, the summit will be a two-day event, co-located with LinuxCon, Linux Plumbers, and the Kernel Summit. We’re planning on holding developer break-out sessions for much of the second day, and extending the length of the main talks to the more traditional 45 minute + 15 minute break format. There will still be shorter 30 minute talks, and roundtable discussions.

Check out the programs from previous years to see what kind of proposals have been previously accepted:

Send your proposals to the program committee per the announcement.

End of an Era (for me)

I just finished my last day at Red Hat, where I’ve worked as a kernel hacker since 2003.   I’ve been fortunate to work with so many brilliant people there on challenging and rewarding projects—like SELinux.  If someone had told me in 1999 that Linux would by now be fitted with a mandatory access control system from the NSA, which was enabled by default in major distributions, and certified and deployed in the field, I would have been skeptical.  To play a direct role in that would have been a dream come true.  It was.

I’ve also had the opportunity to work extensively within the community, during which time I’ve co-maintained or maintained kernel networking, crypto, SELinux and, currently, the security subsystem.  This work has taken me around the world and allowed me to make many new friends.

It’s been a great adventure.

Recently, I decided to make some changes in my career path and seek out some new challenges.  I’ll be starting in a new role the week after next.  I can’t say much about that now, but I will be continuing with my current upstream commitments.