gmane.linux.gentoo.security

Breakpoint 2012 Call For Papers

2012-05-10T11:48:16

                 . ______________________________________
                 ._\\.         Breakpoint 2012           (___.
                 :          Intercontinental Rialto          :
                 :           Melbourne,  Australia           :
                 :             October 17th-18th             :
                 :__                                    . ___:
                    )____________________________________\\
                                                            .
                          www.ruxconbreakpoint.com
                          www.twitter.com/ruxconbpx



Introduction
------------

 Breakpoint is a new security conference to be held on the 17th and 18th of
 October, in Melbourne Australia. The event will show case the work of expert
 security researchers from around the world on a wide range of topics.
 Breakpoint is organised by the Ruxcon conference team and will offer a
 specialised and more professional security conference to complement and lead
 into the larger and more casual Ruxcon weekend conference. Breakpoint will
 cater towards security researchers and industry professionals alike, with a
 focus on cutting edge security research.

 With just one day separating both conferences, Breakpoint presents a great
 opportunity for our selected speakers to receive a complimentary trip to
 Australia and experience both the Breakpoint and Ruxcon conferences, not to
 mention the great weather, awesome parties, and friendly people.

 Melbourne is Australia's cultural capital, with Victorian-era architecture,
 extensive shopping, museums, galleries, theatres, and large parks and gardens.
 It is a city of many subcultures, personalities and styles, and it is these
 layers that make it so interesting. Melbourne has a vibrant arts and music
 scene, eccentric cafes, cobbled lane-ways, quirky shops, intimate bars and
 restaurants, and is known as one of the world's great streetart capitals.


Important Dates
---------------

 * May     10        Call For Presentations Open
 * July    30        Call For Presentations Close
 * October 15-16     BreakPoint Training
 * October 17-18     BreakPoint Conference
 * October 20-21     Ruxcon Conference


Topic Scope
-----------

Topics of interest include, but are not limited to:


 o Mobile Device Security
 o Exploitation Techniques
 o Reverse Engineering
 o Vulnerability Discovery
 o Rootkit Development
 o Malware Analysis
 o Code Analysis
 o Virtualization, Hypervisor Security
 o Cloud Security
 o Embedded Device Security
 o Hardware Security
 o Telecommunications Security
 o Wireless Network Security
 o Web Application Security
 o Law Enforcement Activities
 o Forensics
 o Threat Intelligence
 o You get the idea


Submission Guidelines
---------------------

 In order for us to process your submission we will require the following
 information:


 1. Presentation title
 2. Detailed summary of your presentation material
 3. Name/Nickname
 4. Mobile phone number
 5. Brief personal biography
 6. Description of any demonstrations involved in the presentation
 7. Information on where the presentation material has or will be presented
    before Breakpoint

 * Preference will be given to presentations that contain original research
   that will be first presented at Breakpoint.
 * As a general guideline, BreakPoint presentations are between
   45 and 60 minutes, including question time.


 If you have any enquiries about submissions, or would like to make a
 submission, please send an email to bpx< at >ruxconbreakpoint.com


Speaker Benefits
----------------

 Speakers at BreakPoint will be entitled to the following benefits:                                                    

 - A round trip economy airfare to Melbourne (total cost limit applies)
 - Three nights accommodation at the Intercontinental Rialto
 - Complementary registration for Breakpoint and Ruxcon conferences
 - Invitation to all BreakPoint and Ruxcon parties
 - Unlock 'Presented on world's smallest continent' achievement

 * All speaker benefits apply to a single speaker per submission.


Contact
-------

 If you have any questions or queries, contact us at:

 * Email:            bpx< at >ruxconbreakpoint.com
 * Twitter           < at >ruxconbpx

Ruxcon 2012 Call For Papers

2012-04-19T05:04:06

Ruxcon 2012 Call For Papers

The Ruxcon team is pleased to announce the call for papers for the 2012 annual Ruxcon conference.

This year the conference will take place over the weekend of 20th and 21st of October at the CQ Function Centre, Melbourne, Australia.

The deadline for submissions is the 15th of July.

* What is Ruxcon?

Ruxcon is the premier technical computer security conference in the Australia. The conference aims to bring together the individual talents of the best and brightest security folk in the region, through live presentations, activities and demonstrations.

The conference is held over two days in a relaxed atmosphere, allowing attendees to enjoy themselves whilst networking within the community and expanding their knowledge of security.

Live presentations and activities will cover a full range of defensive and offensive security topics, varying from previously unpublished research to required reading for the security community.

For more information, please visit http://www.ruxcon.org.au

* Presentation Information

Presentations are set to run for 40 to 50 minutes, and will be of a formal nature, with slides and a speech.

* Topics

Topics of interest include, but are not limited to:

o Mobile Device Security
o Virtualization, Hypervisor, and Cloud Security
o Malware Analysis
o Reverse Engineering
o Exploitation Techniques
o Rootkit Development
o Code Analysis
o Forensics and Anti-Forensics
o Embedded Device Security
o Web Application Security
o Network Traffic Analysis
o Wireless Network Security
o Cryptography and Cryptanalysis
o Social Engineering
o Law Enforcement Activities
o Telecommunications Security (SS7, 3G/4G, GSM, VOIP, etc)

* Submissions

Submissions should thoroughly outline your desired presentation subject.

If you have any enquiries about submissions, or would like to make a submission, please send an e-mail to presentations< at >ruxcon.org.au

The deadline for submissions is the 15th of July.

If approved we will additionally require:

i. A brief personal biography (between 2-5 paragraphs in length).
ii. A description on your presentation (between 2-5 paragraphs in length).

* Contacts

Email: presentations< at >ruxcon.org.au
Twitter: ruxcon

(unknown)

qubin — 2011-12-09T06:21:59

CVE-2011-4313 - BIND 9 Resolver crashes after logging an error in query.c

David Sommerseth — 2011-11-17T07:30:03

Hi,

This is a very fresh CVE, and I wondered if this has caught your attention?
 When would it be reasonable to expect an update for this issue?  ISC have
already released patches fixing this issue.

https://www.isc.org/software/bind/advisories/cve-2011-4313


kind regards,

David Sommerseth

No GLSA since January?!?

Christian Kauhaus — 2011-08-26T16:12:00

Hi,

I'm wondering that may favorite Linux distro hasn't had any security 
announcements since January. In my opinion this is really problematic. At our 
company we try to convince prospective customers to host their applications on 
our Gentoo servers. When asked about security incident handling, I have to 
say: "They state 'Security is a primary focus' on their website, but they 
don't inform their users." Not very convincing.

So what is the roadblock that hinders GLSA creation? Is there any way to get 
the GLSAs into working order again?

Regards

Christian

Ruxcon 2011 Final Call For Papers

2011-08-15T10:53:08

Ruxcon 2011 Final Call For Papers

The Ruxcon team is pleased to announce the final call for papers for the seventh annual Ruxcon conference.

This year the conference will take place over the weekend of 19th and 20th of November at the CQ Function Centre, Melbourne, Australia.

The deadline for submissions is the 15th of October.

* What is Ruxcon?

Ruxcon is the premier technical computer security conference in the Australia-Pacific region. The conference aims to bring together the individual talents of the best and brightest security folk in the region, through live presentations, activities and demonstrations.

The conference is held over two days in a relaxed atmosphere, allowing attendees to enjoy themselves whilst networking within the community and expanding their knowledge of security.

Live presentations and activities will cover a full range of defensive and offensive security topics, varying from previously unpublished research to required reading for the security community.

For more information, please visit http://www.ruxcon.org.au

* Presentation Information

Presentations are set to run for 50 minutes, and will be of a formal nature, with slides and a speech.

* Presentation Submissions

Ruxcon would like to invite people who are interested in security to submit a presentation.

Topics of interest include, but are not limited to:

Submissions should thoroughly outline your desired presentation subject.

If you have any enquiries about submissions, or would like to make a submission, please send an e-mail to presentations () ruxcon org au

The deadline for submissions is the 15th of October.

If approved we will additionally require:

i. A brief personal biography (between 2-5 paragraphs in length).
ii. A description on your presentation (between 2-5 paragraphs in length).

* Contact Details

Presentation Submissions: presentations () ruxcon org au

Invitation to connect on LinkedIn

Wojciech Ziniewicz — 2011-08-09T22:10:09

LinkedIn
------------



   
I'd like to add you to my professional network on LinkedIn.

- Wojciech

Wojciech Ziniewicz
Lead System Engineer at 314 Technologies 
Warsaw Area, Poland

Confirm that you know Wojciech Ziniewicz
https://www.linkedin.com/e/uj28h6-gr5fbh34-4d/isd/3810443428/xH43NAZJ/

Ruxcon 2011 Call For Papers

2011-05-17T06:37:08

Ruxcon 2011 Call For Papers

The Ruxcon team is pleased to announce the call for papers for the seventh annual Ruxcon conference.

This year the conference will take place over the weekend of 19th and 20th of November at the CQ Function Centre, Melbourne, Australia.

The deadline for submissions is the 30th of July.

* What is Ruxcon?

The conference is held over two days in a relaxed atmosphere, allowing attendees to enjoy themselves whilst networking within the community and expanding their knowledge of security.

Live presentations and activities will cover a full range of defensive and offensive security topics, varying from previously unpublished research to required reading for the security community.

For more information, please visit http://www.ruxcon.org.au

* Presentation Information

Presentations are set to run for 50 minutes, and will be of a formal nature, with slides and a speech.

* Presentation Submissions

Ruxcon would like to invite people who are interested in security to submit a presentation.

Topics of interest include, but are not limited to:

Submissions should thoroughly outline your desired presentation subject.

If you have any enquiries about submissions, or would like to make a submission, please send an e-mail to presentations () ruxcon org au

The deadline for submissions is the 30th of July.

If approved we will additionally require:

i. A brief personal biography (between 2-5 paragraphs in length).
ii. A description on your presentation (between 2-5 paragraphs in length).

* Contact Details

Presentation Submissions: presentations () ruxcon org au

(unknown)

Philipp Günther | Corpex Internet GmbH — 2011-01-05T10:40:39

#342619 RESOLVED WONTFIX

2010-10-26T19:15:42

#342619 [http://bugs.gentoo.org/342619]
RESOLVED WONTFIX

Are you intentionally leaving security hole in system?

Kernel Security Update Target Delay?

Richard Freeman — 2010-09-26T10:31:47

Gentoo has been vulnerable to a highly-publicized (Guardian, Slashdot,
the works) local privilege escalation for almost two weeks now.  (Well,
it has been vulnerable for years, but of course we didn't know about it
until two weeks ago.)

In the bugzilla thread tracking the problem it has been mentioned a few
times that the kernel does not receive GLSA support:
http://bugs.gentoo.org/show_bug.cgi?id=337645

Looking at the security webpage, it seems to me that while we don't
PUBLISH GLSAs for the kernel, the intent is to still fix problems (to do
otherwise would seem quite insane).

Looking at the normal GLSA process, this would rate as a A1 criticality
problem (local escalation in a system component), with a target
resolution of 3 days.  We're going on 10 days now on bug 337645 with no
mention of even targeting any particular release for stabilization.

Obviously the current bug will get done when it gets done, and it isn't
any skin off my back as I've upgraded (and in the likely event that
34-r10 gets called for stable I can keyword it without further testing).
 However, for the longer term it seems like something needs to change in
the process.  I don't see how kernel vulnerabilities can sit around for
days.  Most distros pushed out patches to stable users same-day or
within a day or two.

Perhaps a mitigating solution might be to open a security bug as soon as
Gentoo hears about a problem, and notify the package maintainers.  Then
the maintainers must either call for stabilization within 48 hours, or
publish a plan for how they will get the fix stabilized within the
target period.  That is, we don't need to fix every problem in 48 hours,
but there needs to be a strategy for an on-time fix within 48 hours.  If
a plan isn't available at the end of 48 hours, we publish to the GLSA
mailing list a notice that Gentoo contains a known vulnerability that
may not be resolved in accordance with our security targets, and provide
what we know and a link to the bug.  For confidential issues we
obviously can't broadcast that to the world, but we should do so as soon
as we can (unless we're back on track by then).  Internally, the plan
should still exist within 48 hours whether confidential or not.

The council should monitor incidents that run late to determine if some
teams need additional support.

This is of course an idealized target.  I realize we aren't paid to be
here.  Nobody should be put in the stocks anytime soon, as we probably
aren't performing nearly to this level.  However, there is no reason
that we should just accept security vulnerabilities in the distro.  Or,
if we intend to do that we should at least be responsible and state that
clearly so that users realize that we do not intend to support use of
the distribution in situations where security matters (such as on the
desktop, or in a server room, or on any system attached to the Internet).

In any case, this is really just food for thought - no doubt other
solutions exist.  It just seems like we need to step it up a bit with
regard to security problems.  I don't want to single out the kernel team
either, as no doubt they're not the only ones with delays.

Rich

Security team meeting - September 1 at 18:30 UTC (20:30 CEST)

Matthias Geerdsen — 2010-08-30T20:10:51

Hi everyone,

the security project will hold a public meeting in #gentoo-security on freenode
this wednesday, 2010-09-01 at 18:30 UTC (20:30 CEST).

The tentative agenda looks as follows:

1) project status
2) lead elections
3) population of several mail aliases, bugzilla groups etc.
4) handling of the current GLSA and bug queues
   and how to avoid such situations in the future
5) any other topic

Any changes to the agenda as well as related info can be found at [1].

Matthias

[1] <http://dev.gentoo.org/~vorlon/security/meeting-20100901.xml>

Ruxcon 2010 Final Call For Papers

2010-08-20T02:13:21

RUXCON 2010 FINAL CALL FOR PAPERS

Ruxcon would like to announce the final call for papers for the sixth annual Ruxcon conference.

This year the conference will take place over the weekend of 20th and 21st of November.

Ruxcon will be held at CQ, Melbourne, Australia.

The deadline for submissions is the 10th of October.

What is Ruxcon?

Ruxcon is the premiere technical computer security conference within Australia. Ruxcon aspires to bring together the individual talents of the best and the brightest security folk within the Aus-Pacific region, through live presentations, activities, and demonstrations.

Ruxcon's unique approach to running a security conference ensures that the conference is accessible to all levels of the security industry. Ruxcon aims to be the most interesting, thought provoking, and relevant information security conference in Australia.

The conference is held over two days in a relaxed atmosphere, allowing attendees to enjoy themselves whilst networking within the community and expanding their knowledge of security.

Live presentations and activities will cover a full range of defensive and offensive security topics, varying from previously unpublished research to required reading for the security community.

For more information, please visit http://www.ruxcon.org.au

Presentation Information

Presentations will be 50 minutes in length, and should be fully supplemented with slides and any other relevant material.

Presentation Submissions

Ruxcon would like to invite people who are interested to submit a presentation.

Topics of interest include, but are not limited to:

Â Â Â * Mobile Device Security
Â Â Â * Virtualisation, Hypervisor and Cloud Security
Â Â Â * Malware Analysis
Â Â Â * Reverse Engineering
Â Â Â * Exploitation Techniques
Â Â Â * Rootkit Development
Â Â Â * Code Analysis
Â Â Â * Forensics and Anti-Forensics
Â Â Â * Embedded Device Security
Â Â Â * Web Application Security
Â Â Â * Network Traffic Analysis
Â Â Â * Wireless Network Security
Â Â Â * Cryptography and Cryptanalysis
Â Â Â * Social Engineering
Â Â Â * Law Enforcement Activities
Â Â Â * Telecommunications Security (SS7, 3G/4G, GSM, VOIP, etc)

Submissions should thoroughly outline your desired presentation subject. Accompanying your submission should be the slides you intend to use or a detailed paper explaining your subject.

If you have any enquiries about submissions, or would like to make a submission, please send an e-mail to
presentations< at >ruxcon.org.au.

The deadline for submissions is the 10th of October.

If approved we will additionally require:

Â Â 1. A brief personal biography (between 2-5 paragraphs in length).
Â Â 2. A description on your presentation (between 2-5 paragraphs in length).

Contact Details

Presentation Submissions: presentations< at >ruxcon.org.au
General Enquiries: ruxcon< at >ruxcon.org.au

portage/rsync question

Butterworth, John W. — 2010-04-06T19:26:15

gmonstart / jvregisterclasses in tons of binaries with commands,malware?

2009-12-17T02:06:04

In linux binaries, in any linux distro, I've discovered the same strings
which I believe may be due to a virus or trojan.

Yet, clamav, rkhunter, chkrootkit do not detect abnormalities.

Whether I run 'strings' on the binary files or view with vim or gedit, here
is what is always seen inside the binaries:


__gmon_start__
_Jv_RegisterClasses

Followed by commands which differ within each binary.

If, by some luck, I've downloaded a fresh Linux ISO where binaries do not
include the above two strings followed by commands, after I run an update
the updated binaries suddenly contain the above two strings and other, what
I believe to be, rogue strings. I've avoided the possible infection with an
OpenBSD install, yet all the Linux installations and burned ISOs contain
binaries with the above two strings followed by commands.

Search using find within your bin and sbin directories for those two strings
and see how many positives you find. Now use a text editor like vi or gedit
and search through the gibberish, locate these strings and isolate the
commands, if any, which follow them. Searching for gmonstart, gmon,
registerclasses, jv, etc. variations of works. If you find results in your
binaries, please copy/paste the commands following the gmonstart and
jvregisterclasses strings so I may compare them to mine.

I've purchased Linux CDs from brick + mortar stores, downloaded ISOs from
different physical locations and found some CDs contained these strings
in the binaries and one or two rare ones did not, but when installed/updated
on a network connection the binaries replaced in the update process would
show these strings!! These strings are not alone by themselves in the
binaries they follow with commands with a < at > mark before each command.

Google results are vague, some suggest shell backdoors, every Linux user
I've asked to date calls me paranoid while at the same time this knowledge
comes as a surprise to them, too, when they search their binaries and find
the same strings. I'm amazed by how quickly some rush to judgement and call
you a paranoid for being curious about the files on your system. The strings
may/may not be common, but in comparing commands which follow these strings
I've noticed some which seem down right malicious!

Maybe they're right, I'm just paranoid, but what am I seeing and why
are these strings so common across Linux distros binaries, esp. the
Jv (java?) reference? Please, any help?