Paul Harvey @csirac2@mastodon.social
Electronics & infosec enthusiast trying to build defendable things. Usually with Linux, embedded or web things. @BSidesCBR helper. I @MakeHackVoid
"Trustworthy Whole-System Provenance for the Linux Kernel" - https://www.usenix.org/system/files/conference/usenixsecurity15/sec15-paper-bates.pdf
> .. We present Linux Provenance Modules (LPM), the first general framework for the development of provenance-aware systems. We demonstrate that LPM creates a trusted provenance-aware execution environment, collecting complete whole-system provenance while imposing as little as 2.7% performance overhead on normal system operation...
Playing w/friend's 1997 Thinkpad 380D (150MHz Pentium MMX 80MB/2GB). OPENSTEP installation proclaims "WARNING: preposterous time in Real Time Clock - CHECK AND RESET THE DATE!"
Technically it boots from CD but I wasted a lot of CD-Rs figuring out I had to burn RAW mode, doesn't like TAO discs. Also had to go back to Debian Etch (4.9) to get working PCMCIA+3Com drivers, though Jessie (8.10) did boot.
I'm researching meltdown on older CPUs... this one is probably too old
"Proceedings of the Seminar on the DoD Computer Security Initiative Program" [1979] https://csrc.nist.gov/CSRC/media/Publications/conference-paper/1979/07/17/proceedings-first-seminar-dod-computer-security-initiative/documents/1979-1st-seminar-proceedings.pdf
This is a really amazing document to me, summarizing a lot of what I'd hoped to get from folks in conversation.
Now that I've had a few conversations with mainframe users, I realize the odds of finding folks who actively worked in security-conscious environments are probably few and far between. Anyway, this spawned a whole bunch of new source material searches for my BSidesCBR talk :)
This LWN thread https://lwn.net/Articles/640212/ on a proposal to make readdir() fail on bad filenames is entertaining https://mastodon.social/media/zI9KSMsI4e39FofVTmg
With #grsecurity passing the baton, this 2015 DD rant written for the Wassenaar controversy is relevant today: http://seclists.org/dailydave/2015/q3/13
Who will carry on with multi-faceted, systemic security research like grsec for Linux in the large?
Obsession w/CVEs, bugs, vulns & exploits means this important work is left to a few people fiddling at the edges, while the mainstream chips away at the same old sandcastles, day in, day out...
Electronics & infosec enthusiast trying to build defendable things. Usually with Linux, embedded or web things. @BSidesCBR helper. I @MakeHackVoid
Server run by the main developers of the project 
It is not focused on any particular niche interest - everyone is welcome as long as you follow our code of conduct!