The Richard Stallman’s lectures
This last Thursday I enjoyed two Stallman’s lectures in Vigo. Some mates blogged out about it in their blogs so you can know every detail in this event easily if you are interested. If you don’t know I am talking about you can read the last Juanjo’s or Joaquim’s post in order to get the full details 
In this event I listened the Stallman’s message and his particular way to spread it with huge curiosity. He got some really interesting momentum in the lectures although I would like to highlight the Q&A time where he answered several interesting questions indeed. Specifically, he shared his thoughts and insights on the software libre movement (SLM) and how it fits in the software libre industry currently. Thereby he flied over hot topics such as the acquisition of Sun by Oracle, SaaS and the SLM or the GPL’s last version among others.
I have to recognize I was surprised when he talked about the GNU/Linux integration and how he was disappointed when the GNU project took off like a rocket with the Linux kernel on board while the different communities identified the GNU project with the kernel only calling it Linux alone instead GNU/Linux.
Stallman talked about the Linux community too and how the distributions share this piece of software and how their decisions, particularly those ones related to non free drivers and firmwares impact every distribution and the movement itself.
Last, but not least, he talked about his experience making decisions and how he made one difficult decision between the micro and monolithic kernel design and how it changed a lot of things in the project’s history.
Software under siege
This last Thursday Ernst Leiss gave a direct speech here at A Coruña. He used his classic presentation titled “Software Under Siege: Viruses and Worms” and, this time, I was able to attend and enjoy every comment
Ernst Leiss wrote “Principles of Data Security” (1982, Plenum) and “Software Under Siege” (1990, Elsevier) among other several reference works targeting digital information security so it was a great opportunity to discuss with him in person about some really interesting topics regarding to undecidible problems and detection algorithms, adding time variable on the Cohen’s seminal work or discussing about the infection routine for the Jerusalem virus (a 22 years old virus!)
On the other hand, we had some time to comment on the antivirus industry and its current research lines.
Awesome speech!
Day 1 and 2 at FOSDEM
Two Mondays ago, I came back from Brussels together with good friends (… I posted here about our trip to FOSDEM and you can find another Igalians‘ posts about it here, here, here and here too!) so in this post just only I’d like to talk about the technical talks which I could see there.
In the first place I could attend to Magnus Hagander talk about what’s coming in PostgreSQL 8.4. It was a very really interesting talk covering practical examples and cutting-edge SQL showing the new features.
Regarding to database track I had selected Replication, Replication, Replication, by Simon Riggs, and Filesystem I/O From a Database, by Selena Deckermann, but I couldn’t attend due to the extreme parallelization on FOSDEM. OWASP Testing Guide v3 and Secure Software Development was my second talk indeed. This speech showed the OWASP testing methodology and how it can be used in order to implement a software development lifecycle with security in mind. Matteo Meucci gave us a tour all around the project with focus on web application security.
My next choice was Lenz Grimmer who talked about HA with his talk called MySQL High Availability Solutions. He showed some topologies, tips, pointers and so on. I liked this talk really.
With Upstart and its future roadmap I reached Ext4 where Ts’o discussed about the history of ext4, its features, advantages and some really interesting benchmarks. Maybe in this presentation I’d like to highlight his comments on multi block allocation, delayed allocation and extents. Amazing speech!
Day 0 at FOSDEM’09
Arrived in Brussels after a long trip due to some unexpected delays in Madrid. At last among airports and flights it went by six hours
After checked in at the hotel we visited Grand Place, had dinner in a belgium restaurant and went to the beer event where we tasted the flavour of different beers with good folks. Now it’s time to sleep, it’s 4:40, so see you in FOSDEM tomorrow!
Security Networking at MSWL’09
Information security, network attacks, network defense and vulnerability management were the main topics this past weekend at Master on Free Software. Two days talking and playing with advanced networks attacks and defenses together with vulnerability management at Vigo (great city!)
As you know, the last year we handled different attacks and techniques showing practical countermeasures in order to get more secure configurations for our systems, so this year we decided to complete this approach including the best security management practices for persons in charge of security strategy and tactic in organizations.
In detail, we covered the following topics:
- Benefits of good security practices
- Security methodology
- Risk analysis and defense models
- Network architectures
- Network device security
- Integrity and availability architecture
Vulnerability management was a hot topic too. We introduced responsible disclosure and how it relates to the free software community …
FOSDEM’09
9 days to FOSDEM … yes, this year I’ll travel to the beautiful city of Brussels (Belgium) in order to attend to FOSDEM meetings.
Today, I was reviewing the grid and seeing some numbers. We’ll enjoy 263 talks in 20 rooms (in parallel) with 258 speakers covering really interesting topics (keynotes, security, kernel, systems, languages, availability, fault tolerance, embedded… there is a great deal of choice, it sounds really fine! 
Linux networking stack in depth
This last friday I taught Linux networking at Master on Free Software. As you know it’s the second edition and this time I was in charge of setting the basis of Linux networking for the new students.
In this lesson we saw, other than typical configurations and trouble shooting, some theory covering the current networking models (concepts, protocols, applications and so on) and a full revision about the networking stack implementation together with source code for the Linux kernel.
Reviewing the planning, security is the next battlefield …
Back from Istanbul
I’m coming back from Istanbul where I posted some quick notes from hotel and airports … awesome city and very good people
As you know, I landed this thursday at Coruña and on friday I was teaching at Master on Free Software the last security networking lesson. With this lesson we finished our first security block. This time we finished with a full laboratory covering practical corporative firewalling and a real web hacking session.
We played a dynamics group too where we were talking about security industry and how it impacts our enterprises and organizations. In particular we spoke about adding effective countermeasures in your organization/business, our current security situation, being productive with open security tools, handling vulnerability responsible disclosure or the new vulnerability markets among other topics.
We close this master class answering doubts and sharing our opinions and ideas about effective security.