Conversation

Notices

1. Embed this notice
   kline 🏴󠁧󠁢󠁳󠁣󠁴󠁿 (kline@mastodon.sdf.org)'s status on Saturday, 03-Feb-2024 23:16:32 JST kline 🏴󠁧󠁢󠁳󠁣󠁴󠁿

   Starting my #fosdem thread here. I've already managed to get one of the gold dust "M" size hoodies, one of the last, as well as see some stuff about open transit.

   For now, I'm at "vanilla Debian on an industrial embedded device".

   • Haelwenn /элвэн/ :triskell: likes this.
   • Embed this notice
     kline 🏴󠁧󠁢󠁳󠁣󠁴󠁿 (kline@mastodon.sdf.org)'s status on Saturday, 03-Feb-2024 23:17:24 JST kline 🏴󠁧󠁢󠁳󠁣󠁴󠁿

     in reply to

     Just finishing up a talk on Erlang's gen_statem, and just caught the end when coming in about Gleam - looks good!

     Haelwenn /элвэн/ :triskell: likes this.
   • Embed this notice
     kline 🏴󠁧󠁢󠁳󠁣󠁴󠁿 (kline@mastodon.sdf.org)'s status on Saturday, 03-Feb-2024 23:18:16 JST kline 🏴󠁧󠁢󠁳󠁣󠁴󠁿

     in reply to

     I couldn't get into the transit room next door (it's super popular!) so I'm back in the Erlang room seeing how you can implement UDP protocols.

     That's it! That's the whole server!

     Haelwenn /элвэн/ :triskell: likes this.
   • Embed this notice
     kline 🏴󠁧󠁢󠁳󠁣󠁴󠁿 (kline@mastodon.sdf.org)'s status on Saturday, 03-Feb-2024 23:19:21 JST kline 🏴󠁧󠁢󠁳󠁣󠁴󠁿

     in reply to

     My first main track talk now, using TPMs for key storage on laptops. Better than a yubikey?

   • Embed this notice
     kline 🏴󠁧󠁢󠁳󠁣󠁴󠁿 (kline@mastodon.sdf.org)'s status on Saturday, 03-Feb-2024 23:19:21 JST kline 🏴󠁧󠁢󠁳󠁣󠁴󠁿

     in reply to

     And in this talk James puts his money where is mouth is, posting his kernel.org private key as a qr code. The catch? The private key content can only be decrypted and used in conjunction with the TPM on his laptop.

     Pretty bold.

     Haelwenn /элвэн/ :triskell: likes this.
   • Embed this notice
     Haelwenn /элвэн/ :triskell: (lanodan@queer.hacktivis.me)'s status on Saturday, 03-Feb-2024 23:20:38 JST Haelwenn /элвэн/ :triskell:

     in reply to
     @kline Do TPMs even have proper protections in place? Like smartcards typically require a pin/password but here if someone steals his laptop, couldn't they decode his private key?
   • Embed this notice
     kline 🏴󠁧󠁢󠁳󠁣󠁴󠁿 (kline@mastodon.sdf.org)'s status on Sunday, 04-Feb-2024 00:05:29 JST kline 🏴󠁧󠁢󠁳󠁣󠁴󠁿

     in reply to

     • Haelwenn /элвэн/ :triskell:

     @lanodan TPMs (and also the keyfile like the one pictured) can be fitted out with PINs/passwords as needed. The keyfile on the slide was stripped of its password but has one in practice (though you need to wonder maybe why though)

     Haelwenn /элвэн/ :triskell: likes this.
   • Embed this notice
     kline 🏴󠁧󠁢󠁳󠁣󠁴󠁿 (kline@mastodon.sdf.org)'s status on Sunday, 04-Feb-2024 00:08:18 JST kline 🏴󠁧󠁢󠁳󠁣󠁴󠁿

     in reply to

     • Haelwenn /элвэн/ :triskell:

     @lanodan (but yes, he did say as well that before anyone tried to steal his laptop, the keyfile pictured was from hardware he had not brought to the conference)

     Haelwenn /элвэн/ :triskell: likes this.
   • Embed this notice
     Haelwenn /элвэн/ :triskell: (lanodan@queer.hacktivis.me)'s status on Sunday, 04-Feb-2024 00:09:21 JST Haelwenn /элвэн/ :triskell:

     in reply to
     @kline So not playing with fire as much as I thought ^^
   • Embed this notice
     kline 🏴󠁧󠁢󠁳󠁣󠁴󠁿 (kline@mastodon.sdf.org)'s status on Sunday, 04-Feb-2024 00:14:06 JST kline 🏴󠁧󠁢󠁳󠁣󠁴󠁿

     in reply to

     • Haelwenn /элвэн/ :triskell:

     @lanodan yeah, really it pans out to something like "here's my (aes encrypted) private key (and the aes key is on an mobo-mounted yubikey)"

     Haelwenn /элвэн/ :triskell: likes this.
   • Embed this notice
     Haelwenn /элвэн/ :triskell: (lanodan@queer.hacktivis.me)'s status on Sunday, 04-Feb-2024 01:10:25 JST Haelwenn /элвэн/ :triskell:

     in reply to
     @kline "As seen, Proprietary doesn't works, do you want to buy some?"
   • Embed this notice
     kline 🏴󠁧󠁢󠁳󠁣󠁴󠁿 (kline@mastodon.sdf.org)'s status on Sunday, 04-Feb-2024 01:10:26 JST kline 🏴󠁧󠁢󠁳󠁣󠁴󠁿

     in reply to

     (if you're wondering how this works, it's a bit like LUKS - the TPM has a small, on-chip bit of cryptography and then all the private key material can be stored in bulk, anywhere, but is unusable without sending it to the TPM when you need it, where it will use the local crypto to decrypt the privkey, do the operation you needed it for, and then return only the result you requested before forgetting the cleartext private key from the TPM memory)

   • Embed this notice
     kline 🏴󠁧󠁢󠁳󠁣󠁴󠁿 (kline@mastodon.sdf.org)'s status on Sunday, 04-Feb-2024 01:10:26 JST kline 🏴󠁧󠁢󠁳󠁣󠁴󠁿

     in reply to

     Ok, I went to a talk about zephyr but it was actually guy wearing a suit talking about how he couldn't get his proprietary FPGA toolchain to work, commenting that he knew about the free toolchain - just he didn't want to use it. It was a bit of a let down and it feels like he maybe missed the audience profile. He also tried to plug some commercial offerings.

     Anyway, now it's about kids designing and building airtag alternatives!

     Haelwenn /элвэн/ :triskell: and SuperDicq repeated this.
   • Embed this notice
     kline 🏴󠁧󠁢󠁳󠁣󠁴󠁿 (kline@mastodon.sdf.org)'s status on Sunday, 04-Feb-2024 01:14:31 JST kline 🏴󠁧󠁢󠁳󠁣󠁴󠁿

     in reply to

     You can tell this is the plan9 talk because they can't get it to connect to the projector.

     Haelwenn /элвэн/ :triskell: and feld like this.
   • Embed this notice
     Haelwenn /элвэн/ :triskell: (lanodan@queer.hacktivis.me)'s status on Sunday, 04-Feb-2024 01:16:28 JST Haelwenn /элвэн/ :triskell:

     in reply to
     @kline "Nah, the thinkpad T60 doesn't have HDMI out… any of you have an OSSSC?"
   • Embed this notice
     kline 🏴󠁧󠁢󠁳󠁣󠁴󠁿 (kline@mastodon.sdf.org)'s status on Sunday, 04-Feb-2024 01:21:24 JST kline 🏴󠁧󠁢󠁳󠁣󠁴󠁿

     in reply to

     (disclaimer: I can't see shit, it's probably libre office in Debian or something)

     Haelwenn /элвэн/ :triskell: likes this.