Jump to content
OpenSecurity.global

Steve Lord

Members
  • Content Count

    9
  • Joined

  • Last visited

  • Invited by

    Stuart Peck

Community Reputation

9 Neutral

1 Follower

Personal Information

  • Bio
    Warning: May contain nuts

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. It's certainly feasible, but DoH is pure cancer. DoT is better, but still dependent on the web of trust. DNSCurve is probably still the best option from a technical and ideological purity perspective. Although of course, end users may not care in the end, but we should avoid solutions that have the potential to make things worse in the long run.
  2. +1 For Proxmox. I've recently moved off proxmox to running docker on one of my systems and am making far better use of resources, but I still use it elsewhere, most notably on a NUC for a Torified malware lab.
  3. For most of the stuff I do, the physical kit I use is this: 16Gb 2014 Macbook Pro with Mojave and VMs in the streets. 6Gb Modded Thinkpad X230 running OpenBSD in the sheets. I have a bunch of systems running a mix of stuff at home from a Windows 10 box mostly used for GTA and hardware design to an Amiga 4000 running OS3.9. I tend to allocate kit for specific functions and compartmentalise, so I have a lot of kit floating around. I also have a bunch of physical boxes in datacentres for when I want to do heavy lifting. Not a big fan of using cloud platforms unless I need large scale compute capabilities for short periods.
  4. In 100 years we'll all be dead, and I suspect those that will be around will be tackling different problems in a very different world. If anything I see applied AI handling low hanging fruit for sysadmins rather than replacing them, freeing them up for more interesting work as Kevin put it. We've seen this already in other ML applications like Bayesian spam filtering instead of having people forward spam to be blocked (which was a thing in the late 90s for some people).
  5. Surely people would need to be able to do those things successfully with sysadmins before replacing them?
  6. Well, I'm biased obviously but for people on their first time here's some things to consider: Go through the brochure, work out which talks you want to see. Most are filmed, some aren't. Stuff that's filmed will go up after the event. Check out the non-talk things going on. We have permanent soldering workshops and locksport, as well as a smartcard area. The mental health village upstairs is new too. The CTF is structured so you can win prizes without being uber-1337. Give them a go with friends, you might be surprised at your progress. Most importantly, make sure you set some downtime aside for yourself and self care. You don't have to do everything all the time. There's spaces to work from and chill out if you need them. Drink plenty of water, it's a long few days and can really mess with your throat. Friday you will thank Wednesday you for staying hydrated. Get the sponsor passport and visit all the sponsors for stamps. Also fill in feedback forms as we do actually read them. Go to the closing. We give away tons of prizes there. If you have cool old tech worth between £30-£100 to donate to the bring and buy stall, Hammersmith and Fulham Food Bank will be grateful for your donation. Please don't bring old Raspberry Pis as we'll get flooded with them. If you want to bring books that's cool, but please only rare ones as they take up a lot of space and we don't have anywhere to donate them later. All money raised from the bring and buy goes to addressing food poverty in Hammersmith and Fulham. The only thing to avoid is getting too hammered, which we're trying to improve but there's still a lot of free alcohol floating around. We do have non-alcoholic alternatives too. Also if you see anyone who's having problems, being treated like crap or acting like a dick, please tell the crew. We have a police officer on crew, as well as first aid trained people.
  7. Zero trust feels very much like an attempt to reinvent the Jericho forum from back in the day. It may work for organisations that are aligned with it's objectives and can do so at scale, but it's going to end in tears for a lot of people because they lack the ability to implement it properly and are just opening themselves up to bad stuff happening. I'd take decently funded hunting, monitoring and response over arbitrary blocking any day of the week though.
  8. Will be there. We've got a couple of C64s, some monitors, joysticks and a ton of games. We'll have a championship with prizes, but also just general games. Come along, take a look, play if you like or just bask in the nostalgia.
  9. Hi, I'm Steve. I co-run 44CON, occasionally test pens and build things while doing the advisory security bod thing for several companies. I used to be an a**hole. I still am, but I'm trying not to be so much. Sometimes I succeed!
×
×
  • Create New...

Important Information

We use cookies as we're cookie monsters. Privacy Policy