BSDCan Day 1

by Dru Lavigne

Related link: http://www.bsdcan.org/2005/



Being on the registration desk, I met up with Dan Langille early and loaded up my vehicle with wireless equipment, a printer, books, and registration stuff. There was barely room left for the driver, so Dan and I took off on foot after giving instructions to the driver.

9:00 came and went and still the stuff hadn't arrived. After waiting a few minutes, we determined the vehicle was lost somewhere else on campus. Several geeks exchanged cell phone numbers and set off on foot. Within moments, the vehicle was spotted on the other side of campus, a new set of directions was given, and the vehicle was unloaded in record time so registration could proceed.

As with any conference, the hardest part is deciding which talk to attend. This year was particularly difficult as there were so many good talks to chose from.

The first talk I attended was Colin Percival's Hyper-Threading Considered Harmful. While a highly technical talk in nature, Colin did a good job explaining what hyper-threading is and how the L1 and L2 cache can permit a side channel attack. Using OpenSSL and RSA as an example he walked through some of the mathematics and how exploit code could predict enough bits to factor a private key. He also discussed which systems are affected and some solutions to the problem. One quick fix is to disable hyper-threading which is the default FreeBSD approach.

During the break after the talk was the first author signing. Myself, Greg Lehey, Michael Lucas, Richard Bejtlich, Marshall Kirk McKusick and George Neville-Neil sat shoulder to shoulder to sign books. Proving the adage that writers are readers, there was a lot of book passing amongst the authors themselves as we signed copies of each others books. There is also a movie and several pictures of the autographing session and I'll post the URL once they're online.

BTW, this is the first time that Michael Lucas and I had met in person. If you enjoy his light-hearted writing style but haven't met him yet, yes, he's even wilder and crazier in person.

After break, I followed Richard Bejtlich to take in his talk which is also available on-line. Richard offers the clearest explanation I've seen on cvsup tags and when it is appropriate to use each. He walked through when and how to use binary updates. He then compared this method to manual patching (which sometimes requires a buildworld) and tracking the security branch. He compared the uname ouptuts of these three methods, making it easy to determine if and how a FreeBSD system has been kept up-to-date. He also demonstrated how to tunnel cvsup through ssh for scenarios where a firewall restricts outgoing TCP 5999.

At lunch, I had a chance to meet up with the other members of the BSD Certification group which were also attending BSDCan. While we spend a lot of time exchanging emails and working together using IRC, this is the first chance that several of us had met in person.

After lunch, I took in Sam Leffler's talk on FreeBSD Wireless Networking Support. This was another highly technical talk but Sam started it out by getting everyone up to speed on the various 802.11 technologies and the various wireless acronyms. He went through the goals of the project, what work has been done so far and what work is planned for the future.

The final talk of the day was der Mouse's live network backup. This started out as some code he created to provide realtime image backups of his own systems. The current implementation provides some crypto (though an ssh tunnel would be more secure), works through NAT and supports partition sizes up to 2 TB in size. It currently runs on NetBSD 1.x and 2.0 but should be trivial to port. He described his future goals. The audience also suggested some improvements and alternate implementations. It will be interesting to watch as this code matures and is ported to other systems.

The day ended with several BOFs. I led the BSD Certification Group BOF and was joined by Dan Langille, Richard Bejtlich, George Rosamond, Jim Brown and Marc Spitzer. After introducing ourselves and the goals of the group, the floor was opened to audience questions and feedback. There was a very good discussion on how to make the certification credible to employers. It was clear that a testing process that requires experience and the ability to troubleshoot is important. We also discussed the ongoing survey and encouraged everyone to start discussing certification within their own projects and communities. This BOF was recorded and I'll post the URL once the recording is online.

That evening we went enmasse to the Hard Rock Cafe for some eats and suds. I sat with Robert Bernier, Shawn from Drummondville and Beth Lynn from Pittsburgh. We had an interesting discussion on women in IT and what it is like to work in a male dominated environment. After sharing an ice cream sundae large enough to feed a family of 4, we waddled our way home to get ready for another conference day.