docendo discimus

I’m coming back from Istanbul where I posted some quick notes from hotel and airports … awesome city and very good people

As you know, I landed this thursday at Coruña and on friday I was teaching at Master on Free Software the last security networking lesson. With this lesson we finished our first security block. This time we finished with a full laboratory covering practical corporative firewalling and a real web hacking session.

We played a dynamics group too where we were talking about security industry and how it impacts our enterprises and organizations. In particular we spoke about adding effective countermeasures in your organization/business, our current security situation, being productive with open security tools, handling vulnerability responsible disclosure or the new vulnerability markets among other topics.

We close this master class answering doubts and sharing our opinions and ideas about effective security.

Intense days here in Istanbul attending to GUADEC 2008 where I could track some very interesting and revealing key notes and technical sessions.

GUADEC is truly an innovation engine where among meetings, talks and so far you can share and evolve good ideas and opportunities with maybe the best minds changing the world quickly. This time I was chatting to people at Canonical, Nokia, Imendio or Sun (good party and beers guys!) and it was really fantastic knowing about their opinions and expertise at different domains.

I had the opportunity to talk to Stormy Peters too, our new Executive Director and an awesome industry analyst. As you know she was responsible for Hewlett Packard’s open source strategy, policy and business practices. Among different topics we share the same ideas about software and passion and how it impact the organization’s culture. I really enjoyed a lot talking to her.

Now, GUADEC 2008 is over and we already know the new place hosting GUADEC 2009. It’ll be a beautiful and sunny island, Gran Canaria. See you there guys!

As you know I landed at Istanbul yesterday in order to enjoy some good talks at GUADEC and drink some beers with old and new friends

Today I attended to Clutter (beautiful prototype guys!), Leisa Reichelt’s key note and Miguel de Icaza talk about desktop apps for the web. At night we listened the GNOME band while enjoying the Istambul’s coastline … just a good day here

The last weekend I put my black hat on again. I was teaching network security at Master on Free Software talking and showing a lot of different and effective attacks targetting current networks with very practical examples.

Now, people attending those classes know about tactics and tools used by blackhats while breaking in real targets. We focused on different topics such as design flaws, protocol weakness, hijacking connections, fragmentation attacks, active/passive fingerprinting, switched sniffing, MITM attacks, advanced scanning and so far.

The next master class, scheduled on the 18th/July, we’ll see advanced and strategic defense for organizations. Among the practices we’re going to analyse real attacks and play dynamics group.

By the way, I’m blogging from Istanbul … see you guys at GUADEC!

This weekend we enjoyed our first yearly summit on Arbo (great experience!) You can read the Mario’s report here Among a lot of activities we played extreme paintball too but don’t worry … We haven’t suffered any casualties

Two weeks ago some people in Igalia took part/attended some lectures on entrepreneurship. Those events are always good places to meet fresh and innovative people and this event wasn’t different. I attended some lectures on free software and disruptive business models really interesting but perhaps a hotspot in those lectures was my chat to Chema about research laboratories and their impact in organizations/corporations and how they are related to pymes and startups. If you attend this kind of events regularly you know that research and innovation are strategic drivers to keep your business growing.

While Ignacio de la Vega sketched his ideas showing some slides, people could see one slide about the active researching in enterprises. Ignacio talked about the research laboratories and how they are key factors to get continuous innovation in huge corporations. Meanwhile, I remember some basic problems to introduce a research laboratory in your business and how they’re becoming obsoletes.

If you’re playing an innovative role in your market, motives don’t matter, it can be a good idea introducing a place where you coordinate and link all your scattered attempts. But if it’s a good idea then why main corporations are failing. I think they’re making al least two huge mistakes.

First mistake is forgetting about the social innovation and how those enterprises are understanding the “lab without walls” concept. Nowadays a lab without walls is not enought. It must be open but it must be a transparent project too. Goals must be clear.

Second mistake is about change. Huge corporations, Enterprises and Universities conceive and, the worst of all, build this concept with strict geographic barriers and non disclosure policies in mind.

Nowadays bootcamps, hackfests, hackathons, etc. give a boost to a lot of open/free software communities/enterprises. Research is futile without Innovation but Innovation appears anywhere. Ideas crisscross among enterprises cause people live and understand a new social moment. Enterprises can’t stop this revolution. They must contribute.

In my opinion innovative enterprises must understand their “new” laboratories as comunication tools interfacing their business to other knowledge groups and enterprises. Laboratories shouldn’t be closed room with very expensive hardware inside alone. Sharing and evolving common and different ideas produce free innovation.

This weekend I decided to hack my personal n810. Previously I had surfed some promising applications to support meetings and coordination tasks on n810 but reading about this toy you have just realised that it lacks of crypto support to store your data with the default factory settings.

In short, keeping your private and sensitive data such as contact list or spreadsheets in this device is a non desirable action when you forget it at airport or it’s stolen. By the way, I decided to set up up LUKS and it’s working like a charm

This is my baby girl Carla. She was born one month ago in A Coruña (Spain). Our life have just changed

Today we uploaded the latest documentation for PHPReport 1.5. As you know, hackers released this version some months ago which shipped out with new features such as internationalization, new management/reporting pages or data charts improved.

Installation, administration and user guides are available at community now.

Previous week we were on the air. Some tv’s friends landed in Igalia HQ with cameras and microphones to set up on live broadcast.

Javi and Sergio blogged out some posts about this visit. Berto uploaded the stuff here

Here is an image from the making