Tuesday, December 18, 2018

Boston Linux Meeting Reminder, tomorrow, Wednesday, December 19, 2018 - Security: Rogue Device Attacks

When: December 19, 2018 7:00PM (6:30PM for Q&A)
Topic: Security: Rogue Device Attacks
Moderator: Federico Lucifredi
Location: MIT Building E-51, Room 315
Note: Parking at E-51 is now free. See note below

Please note that Wadsworth St is open from Memorial Drive to Amherst St,
but is closed between Amherst St to Main St. See the ling below for
additional details.
https://courbanize.com/projects/mit-kendall-square/updates

Summary:

A live demonstration of hacking with keystroke injection attacks

Abstract:

We will be taking advantage of the inherent trust that computers place
on what is believed to be a regular keyboard to unleash pre-programmed
kesytroke payloads at well over 1000 words a minute. We access the host
system and bypass traditional security countermeasures for payloads that
can include reverse shells, binary injetion, brute force password
attacks, and just about any attack that can be fully automated.

In this session we explore the fundamentals of attacks exploiting the
trust the operating system places on USB human-interaction devices to
demonstrate once again the old principle that if you can physically
access a computing device, there is no real security to be had. I will
review the hardware, its capabilities, how it can be used to breach OS
security, and how attackers can enable it to perform a variety of
nefarious tasks with its own suite of tools. I will then show how to
build and install additional software and customize the device with
binary or scripted payloads.

After exploring the building blocks of USB HID exploitation, we take the
discussion to the next level by altogether removing the need for a
device and exploring what attacks can be delivered directly by a plain
USB cable. We dissect an easily-sourced, low-cost hardware implant
embedded in a standard, innocent-looking USB cable providing an attacker
with further capabilities, including among them the ability to track its
own geolocation.

Clearly, complete control of a covert computer running with full system
access can be used in a variety of network security attack scenarios
that need to be accounted for in your threat model. We'll discuss
applicable security countermeasures.

Use your newfound knowledge for good, with great power comes great
responsibility!

Bio:

Federico Lucifredi is The Ceph Storage Product Management Director at
Red Hat, formerly the Ubuntu Server PM at Canonical, and the Linux
"Systems Management Czar" at SUSE.

For further information and directions please consult the BLU Web site
http://www.blu.org

Parking:
On-Campus Free Parking (These parking lots are free after 5pm)

Due to the never-ending construction, Sloan's Hermann Garage is only
accessable via Main Street. It is a small garage without a gate, and
directly under the Sloan library. Another option is the Amherst Street/E51
lot.

All other MIT lots require permits after hours.

The closest public parking
is Kendall Center Green Garage, next to the Marriott Hotel. The entrance is
90 Broadway Street. For other parking options, see
http://web.mit.edu/facilities/transportation/parking/visitors/public_parking.html


All Cambridge parking meters use Passport by Phone:
https://www.cambridgema.gov/traffic/Parking/paybyphone
This is active on all Cambridge metered parking spaces. Meters are free
after 8PM

For further information and directions please consult the BLU Web site
http://www.blu.org

--
Jerry Feldman <gaf@blu.org>
Boston Linux and Unix
PGP key id:3BC1EB90
PGP Key fingerprint: 49E2 C52A FC5A A31F 8D66 C0AF 7CEA 30FC 3BC1 EB90


_______________________________________________
Announce mailing list
Announce@blu.org
http://lists.blu.org/mailman/listinfo/announce

Thursday, December 13, 2018

Boston Linux Meeting Wednesday, December 19, 2018 - Security: Rogue Device Attacks

When: December 19, 2018 7:00PM (6:30PM for Q&A)
Topic: Security: Rogue Device Attacks
Moderator: Federico Lucifredi
Location: MIT Building E-51, Room 315
Note: Parking at E-51 is now free. See note below

Please note that Wadsworth St is open from Memorial Drive to Amherst St,
but is closed between Amherst St to Main St. See the ling below for
additional details.
https://courbanize.com/projects/mit-kendall-square/updates

Summary:

A live demonstration of hacking with keystroke injection attacks

Abstract:

We will be taking advantage of the inherent trust that computers place
on what is believed to be a regular keyboard to unleash pre-programmed
kesytroke payloads at well over 1000 words a minute. We access the host
system and bypass traditional security countermeasures for payloads that
can include reverse shells, binary injetion, brute force password
attacks, and just about any attack that can be fully automated.

In this session we explore the fundamentals of attacks exploiting the
trust the operating system places on USB human-interaction devices to
demonstrate once again the old principle that if you can physically
access a computing device, there is no real security to be had. I will
review the hardware, its capabilities, how it can be used to breach OS
security, and how attackers can enable it to perform a variety of
nefarious tasks with its own suite of tools. I will then show how to
build and install additional software and customize the device with
binary or scripted payloads.

After exploring the building blocks of USB HID exploitation, we take the
discussion to the next level by altogether removing the need for a
device and exploring what attacks can be delivered directly by a plain
USB cable. We dissect an easily-sourced, low-cost hardware implant
embedded in a standard, innocent-looking USB cable providing an attacker
with further capabilities, including among them the ability to track its
own geolocation.

Clearly, complete control of a covert computer running with full system
access can be used in a variety of network security attack scenarios
that need to be accounted for in your threat model. We'll discuss
applicable security countermeasures.

Use your newfound knowledge for good, with great power comes great
responsibility!

Bio:

Federico Lucifredi is The Ceph Storage Product Management Director at
Red Hat, formerly the Ubuntu Server PM at Canonical, and the Linux
"Systems Management Czar" at SUSE.

For further information and directions please consult the BLU Web site
http://www.blu.org

Parking:
On-Campus Free Parking (These parking lots are free after 5pm)

Due to the never-ending construction, Sloan's Hermann Garage is only
accessable via Main Street. It is a small garage without a gate, and
directly under the Sloan library. Another option is the Amherst Street/E51
lot.

All other MIT lots require permits after hours.

The closest public parking
is Kendall Center Green Garage, next to the Marriott Hotel. The entrance is
90 Broadway Street. For other parking options, see
http://web.mit.edu/facilities/transportation/parking/visitors/public_parking.html


All Cambridge parking meters use Passport by Phone:
https://www.cambridgema.gov/traffic/Parking/paybyphone
This is active on all Cambridge metered parking spaces. Meters are free
after 8PM

For further information and directions please consult the BLU Web site
http://www.blu.org

--
Jerry Feldman <gaf@blu.org>
Boston Linux and Unix
PGP key id:3BC1EB90
PGP Key fingerprint: 49E2 C52A FC5A A31F 8D66 C0AF 7CEA 30FC 3BC1 EB90


_______________________________________________
Announce mailing list
Announce@blu.org
http://lists.blu.org/mailman/listinfo/announce

Tuesday, November 20, 2018

Boston Linux Meeting reminder, tomorrow Wednesday, November 21, 2018 - Software in a Decentralized and Distributed World, with Hardware at the Edge

When: November 21, 2018 7:00PM (6:30PM for Q&A)
Topic: Software in a Decentralized and Distributed World, with Hardware
at the Edge
Moderator: Brian DeLacey
Location: MIT Building E-51, Room 315
Note: Parking at E-51 is now free. See note below

Please note that Wadsworth St is open from Memorial Drive to Amherst St,
but is closed between Amherst St to Main St. See the ling below for
additional details.
https://courbanize.com/projects/mit-kendall-square/updates

Summary:

A discussion and demo of Google's new Edge TPU

Abstract:

We cover new technologies including Google's Cloud IoT Edge & Edge TPU,
as well as the new decentralized software startup "Inrupt", and the open
source project known as "Solid".

Edge TP: Google's purpose-built ASIC designed for the Internet of Things
(IoT) https://cloud.google.com/edge-tpu/
IPFS is the Distributed Web https://ipfs.io/
Tim Berners-Lee's Solid project page https://solid.mit.edu/
Tim Berners-Lee's Inrupt project page https://www.inrupt.com/

For further information and directions please consult the BLU Web site
http://www.blu.org

Parking:
On-Campus Free Parking (These parking lots are free after 5pm)

Due to the never-ending construction, Sloan's Hermann Garage is only
accessable via Main Street. It is a small garage without a gate, and
directly under the Sloan library. Another option is the Amherst Street/E51
lot.

All other MIT lots require permits after hours.

The closest public parking
is Kendall Center Green Garage, next to the Marriott Hotel. The entrance is
90 Broadway Street. For other parking options, see
http://web.mit.edu/facilities/transportation/parking/visitors/public_parking.html


All Cambridge parking meters use Passport by Phone:
https://www.cambridgema.gov/traffic/Parking/paybyphone
This is active on all Cambridge metered parking spaces. Meters are free
after 8PM

For further information and directions please consult the BLU Web site
http://www.blu.org

--
Jerry Feldman <gaf@blu.org>
Boston Linux and Unix
PGP key id:3BC1EB90
PGP Key fingerprint: 49E2 C52A FC5A A31F 8D66 C0AF 7CEA 30FC 3BC1 EB90


_______________________________________________
Announce mailing list
Announce@blu.org
http://lists.blu.org/mailman/listinfo/announce

Wednesday, November 14, 2018

Boston Linux Meeting Wednesday, November 21, 2018 - Software in a Decentralized and Distributed World, with Hardware at the Edge

When: November 21, 2018 7:00PM (6:30PM for Q&A)
Topic: Software in a Decentralized and Distributed World, with Hardware
at the Edge
Moderator: Brian DeLacey
Location: MIT Building E-51, Room 315
Note: Parking at E-51 is now free. See note below

Please note that Wadsworth St is open from Memorial Drive to Amherst St,
but is closed between Amherst St to Main St. See the ling below for
additional details.
https://courbanize.com/projects/mit-kendall-square/updates

Summary:

A discussion and demo of Google's new Edge TPU

Abstract:

We cover new technologies including Google's Cloud IoT Edge & Edge TPU,
as well as the new decentralized software startup "Inrupt", and the open
source project known as "Solid".

Edge TP: Google's purpose-built ASIC designed for the Internet of Things
(IoT) https://cloud.google.com/edge-tpu/
IPFS is the Distributed Web https://ipfs.io/
Tim Berners-Lee's Solid project page https://solid.mit.edu/
Tim Berners-Lee's Inrupt project page https://www.inrupt.com/

For further information and directions please consult the BLU Web site
http://www.blu.org

Parking:
On-Campus Free Parking (These parking lots are free after 5pm)

Due to the never-ending construction, Sloan's Hermann Garage is only
accessable via Main Street. It is a small garage without a gate, and
directly under the Sloan library. Another option is the Amherst Street/E51
lot.

All other MIT lots require permits after hours.

The closest public parking
is Kendall Center Green Garage, next to the Marriott Hotel. The entrance is
90 Broadway Street. For other parking options, see
http://web.mit.edu/facilities/transportation/parking/visitors/public_parking.html


All Cambridge parking meters use Passport by Phone:
https://www.cambridgema.gov/traffic/Parking/paybyphone
This is active on all Cambridge metered parking spaces. Meters are free
after 8PM

For further information and directions please consult the BLU Web site
http://www.blu.org

--
Jerry Feldman <gaf@blu.org>
Boston Linux and Unix
PGP key id:3BC1EB90
PGP Key fingerprint: 49E2 C52A FC5A A31F 8D66 C0AF 7CEA 30FC 3BC1 EB90


_______________________________________________
Announce mailing list
Announce@blu.org
http://lists.blu.org/mailman/listinfo/announce

Friday, October 19, 2018

Parking at MIT E51 is once again open to the public after 5:00 pm

The following news was sent to me recently.

*On-Campus Free Parking:*

Due to the never-ending construction, Sloan's Hermann Garage is only
accessable via Main Street. It is a small garage without a gate, and
directly under the Sloan library. Another option is the Amherst Street/E51
lot. *These parking lots are free after 5pm*. The closest public parking
is Kendall Center Green Garage, next to the Marriott Hotel. The entrance is
90 Broadway Street. For other parking options, see
http://web.mit.edu/facilities/transportation/parking/visitors/public_parking.html

--
John Abreau / Executive Director, Boston Linux & Unix
Email jabr@blu.org / WWW http://www.abreau.net / PGP-Key-ID 0x920063C6
PGP-Key-Fingerprint A5AD 6BE1 FEFE 8E4F 5C23 C2D0 E885 E17C 9200 63C6
_______________________________________________
Announce mailing list
Announce@blu.org
http://lists.blu.org/mailman/listinfo/announce

Wednesday, October 17, 2018

BLU Meeting parking update

Parking in the E51 parking lot is now free after 5PM. Just found out today.


Sent from Galaxy S9+

Jerry Feldman <gaf.linux@gmail.com>
Boston Linux and Unix
http://www.blu.org
PGP key id: 6F6BB6E7
PGP Key fingerprint: 0EDC 2FF5 53A6 8EED 84D1 3050 5715 B88D 6F6B B6E7
_______________________________________________
Announce mailing list
Announce@blu.org
http://lists.blu.org/mailman/listinfo/announce

Tuesday, October 16, 2018

Boston Linux Meeting Reminder, tomorrow, Wednesday, October 17, 2018 - QualityBox: a MediaWiki hosting service

When: October 17, 2018 7:00PM (6:30PM for Q&A)
Topic: QualityBox: a MediaWiki hosting service
Moderator: Greg Rundlett , founder of eQuality Technology
Location: MIT Building E-51, Room 315


Please note that Wadsworth St is open from Memorial Drive to Amherst St,
but is closed between Amherst St to Main St. See the ling below for
additional details.
https://courbanize.com/projects/mit-kendall-square/updates

Summary:

A guided tour of QualityBox, a MediaWiki hosting service

Abstract:

Greg Rundlett, founder of eQuality Technology, has created a hosted
software service called QualityBox which is provides the wiki engine
(MediaWiki) that drives Wikipedia. Like Wikipedia, QualityBox is
instantly usable by the end-user. And like Wikipedia, it includes a huge
number of configurations, extensions and customizations that make it
supremely useful. Greg will take us on a tour of QualityBox, and the
MediaWiki ecosystem to illustrate some of the features and capabilities
that are available right "out of the box".

Featuring:
MediaWiki 1.31 LTS
Visual Editor
ElasticSearch (v5.6.10)
Excellent Mobile support
Modern and traditional layouts
New dashboards
Top to Bottom security upgrades
Free SSL certificates
Subdomain-based wiki farms
And LOTS more.


For further information and directions please consult the BLU Web site
http://www.blu.org

Parking:
MIT lots require permits after hours.
All Cambridge parking meters use Passport by Phone:
https://www.cambridgema.gov/traffic/Parking/paybyphone
This is active on all Cambridge metered parking spaces. Meters are free
after 8PM

For further information and directions please consult the BLU Web site
http://www.blu.org

--
Jerry Feldman <gaf@blu.org>
Boston Linux and Unix
PGP key id:3BC1EB90
PGP Key fingerprint: 49E2 C52A FC5A A31F 8D66 C0AF 7CEA 30FC 3BC1 EB90


_______________________________________________
Announce mailing list
Announce@blu.org
http://lists.blu.org/mailman/listinfo/announce