As part of this, we are seeking one or two more remote speakers to be part of our information security CSides at 4:30pm/16:30 central daylight time (21:30 UTC).
A honorarium is available.
We know this is late notice for a call for presentations, but a talk doesn't need to be long or particularly original. Any live presentation adds value in a new setting. Even 15 minutes including Q&A time would be enjoyed by our diverse attendees.
C-Sides - one layer deeper than the B-Sides security conferences. I personally really find it funny and like it!
It's definitely going to be more low-key than what I've seen from the BSides Winnipeg crew (now The Long Con https://thelongcon.ca ) but I still expect it to be also a lot of fun, especially with the existing talks we've got lined up.
Not only does the government have the right to destroy it, but so does anyone else.
There's no reasonable expectation of recovery when you launch a balloon calibrated to go globe-trotting.
It's basically no different than the person who abandoned a mattress at my apartment block's dumpster. It's littering. They're giving it away, they're not expecting to be able to come back for it later.
Furthermore, nobody has a right to unregistered, unmanned, long duration balloon flight. Such a right would only exist if a state constructed it for its citizens. (and it would end at their boundaries)
I think it's cool that in practice people have been able to do so, but it seems the cool times are coming to an end.
The AMI UEFI firmware behaves like most UEFI firmwares these days and locks out writes to firmware flash after boot and only allows updates by way of efi files being dropped into place and then updated via reboot with signature check.
The coreboot setup leaves writes to the firmware flash open and root can use flashrom at anytime.
This makes for security trade-offs, a choice between freedom to change your own firmware and know what you're running vs a mechanism to reduce the chance of advanced persistent threat at the firmware level.
Also, their build to order model under additional OSes does include Windows 10 as an option at an additional cost, so I imagine a UEFI firmware is required.
It makes sense that planted trees are not thriving in ecosystems where there wasn't already trees naturally. If the conditions were so good for tree growth, you would have a lot of trees there already.
But, this brings to mind that there are places where there once were forests that humans destroyed. Why don't those locations quickly re-forest themselves?
Because, in the process of deforestation, humans destroyed the entire ecosystem that made said forests possible. Nature can't repay that ecosystem debt all that quickly and it's not sped up much by way primates plopping saplings into the soil for money and calling it a day.
Climate change is the mother of all collective action problems and one of our great filters. I dream that one of the descendants of my nieces and nephews will pass through the ensuing population bottleneck.
The solution is to use an HSM such as the Nitrokey/Purism Librem Key (same thing) that has a LED that lights up if boot integrity is fine, including a TPM secret matching (maid can't clone that).
This is essentially the same solution, right? It boils down to having a single device that verifies the integrity of everything and never letting that device out of your sight. It's just marginally easier to do that when the device in question is an HSM rather than a laptop.
One nice thing about the work showcased here is that it bootstraps TCC on its journey to GCC. At some point we could see attempts to bootstrap tccboot as a kind of "escape pod" from other systems, and after booting tccboot, have the bootstrapping work documented here continue from TCC onward.
