The North Bay Linux Users Group is a computer users serving the San Francisco North Bay and surrounding areas.
We strive to promote Linux, Free Software, Open Source, open standards, and to generally have a good time by hosting social events that educate, allow members to share ideas and knowledge and to build friendships.
We hold regular meetings on the second Tuesday of each month with a selected topic presented by a guest speaker.
Meetings and membership are free and open to the public.
Please sign up for the announce mailing list to receive notifications of upcoming events, or join us on the talk mailing list or in IRC to get help with Linux.
This talk is all about dissecting exactly what happens when a program stops doing what the designers designed it to do and starts doing what an attacker (or in this case, the presenter) wants it to do.
I’ll cover using a virtual machine environment of a simple system under Linux to step through all phases of an arbitrary code execution (ACE) exploit, including corrupting a data structure, out-of-bounds memory manipulation, pointer manipulation, and ultimately execution of arbitrary code.
I’ll be demonstrating memory viewer and disassembly tools to show the exact instructions being processed as they happen.
The simple system in question?
A Zilog Z80 processor, running inside of a Super Game Boy.
Come for the dissection, stay for some entertaining abuse of a live SNES console.
This will largely be a no slides, full demo presentation and should have something of interest for everyone.
See you there!
It’s easy to secure your servers when they are in the safe confines of your
own data center, but deploying servers in the cloud is like dropping them
from a helicopter into a jungle across enemy lines without so much as an IP
address. This talk will cover how to use Puppet to harden cloud servers
including certificate and key management, protecting secrets on your hosts,
managing dynamic IPs, and overall security best practices. While a few tips
will be specific to Puppet and Amazon AWS, most of the techniques would
apply in just about any environment.
I just spent the last 2 days at Agile Open Northern California.
This talk has nothing to do with Linux directly.
I intend to talk some about the sessions I attended, but more about the concept of Open Conferences in general.
The presentation will be followed by nominations for NBLUG’s upcoming elections and discussion of this month’s developments: shellshock, etc.
All positions are up for election and are listed in the bylaws.
I will give a brief talk about how we used a modified Pocket Radar unit, a Raspberry Pi board, and an HDTV to implement a radar speed sign.
The talk will include a brief overview of how the Pocket Radar works and what modifications were done to interface it to the Raspberry Pi.
In addition, I’ll explain a little about the webpage development and how it is run on the Raspberry Pi.
Also, I’ll cover what software was used on the Raspberry Pi, along with what configuration file changes where done.
I will bring a demo system so that people can see the sign in operation.
Have something you would like to present, but don’t have enough material for a full talk? Here’s your chance. Talk about anything Linux related.
Bring your hardware to get help with it or just to show it off.
GPG Key Signing Party:
The point of this is to create a web of trust. By signing someone’s public key, you state that you have checked that the person that uses a certain keypair, is who he says he is and really is in control of the private key. This way a complete network of people who trust each other can be created. This network is called the Strongly connected set. Information about it can be found at http://pgp.cs.uu.nl/
Before the meeting:
Create a GPG keypair, upload your public key to a keyserver, print out the fingerprint, mail it to me (email@example.com) and bring copies to the meeting.
Generate a public/private keypair with the gpg --gen-key command (accept the defaults), see man gpg for more info.
Upload your key to a keyserver:
gpg --send-keys --keyserver keyserver.ubuntu.com
Print out the key “fingerprint” with
Also include your full name, email address, and Key ID#.
Bring this to the meeting, and optionally make extra copies to hand out.
Email me at firstname.lastname@example.org with the fingerprint, email, full name,
and Key ID. I’ll have a list of everyone’s info to hand out.
During the meeting:
Verify your GPG key fingerprint on the list I hand out and verify your identity (with photo ID).
After the meeting:
Download the keys for the fingerprints verified at the meeting, add them to your keyring, sign them, and upload your key again.
With everything we know now about spying and hacking from the hacker next
to you in the coffee shop all the way to government surveillance, now’s as
good a time as any to learn how to protect your privacy and anonymity. The
Tails project provides a live bootable disk that sets up a secure
anonymous session on any computer with all traffic routed over Tor. In this
talk Kyle will discuss how to download and verify the latest Tails release,
and demonstrate some of the more advanced features of Tails including its
persistent encrypted storage.
Following in line with the prior talks about package managers, it seems almost natural to ponder about our other distribution choices.
Gentoo GNU/Linux offers its own package manager using its own method of obtaining software: Portage.
This talk will discuss what Gentoo is; how Portage works; what it does; the program and process of emerge and ebuilds; and some nifty utilities.
Building custom RPM packages and setting up a yum repo.
How to build custom RPM packages for Fedora, RedHat Enterprise, CentoOS, Oracle Linux, Scientific Linux, Suse, and other RPM based linux distributions.
Creating the spec file and package building.
Also how to setup a yum repository to distribute your packages.
I’ll be firing up my SteamOS box (built from various pieces I cobbled together) and demonstrating this distribution based on Debian Wheezy that’s designed for a 10-foot experience, i.e. sitting on a couch.
I’ll be showing how Valve configured the OS and how XBMC and even Netflix support can be added.
I’m almost positive there will be some 4-player local co-op going on by the end of the meeting.
In other words, expect a live demo—there’s no need for slides for this presentation! :)
Kids are exposed to computers and other technology very early in school.
What better place to demonstrate the benefits of Linux and Open Source Software than here?
Speaker Jordan Erickson will talk about his experiences with helping bring Linux to several local Sonoma County schools and after school programs, and how you can do the same.
Tom Most will be presenting “An Introduction to Debian Packaging”. This talk is aimed at developers and system administrators who wish to deploy applications to Debian and Ubuntu systems. Topics include the structure of a .deb, writing debian/control files, and use of debhelper and dh_make.
Comment from Allan: This should be of interest to anyone who uses a distribution that relies on .deb package management. See you there!
A Raspberry Pi, connected to a custom PCB with a PIC microcontroller, connected to… a game console’s controller port? In this presentation, Allan will talk about the Tool-Assisted Speedrun community from http://tasvideos.org, game console emulators in Linux, Raspberry Pi GPIO serial interface capabilities, PCB design, reverse-engineering, and how a TAS can be an artform.
There will be plenty of technical details but the presentation should be enjoyable by all, with demonstrations of games being played perfectly using tools to overcome the limitations of human reflexes and a finale of taking complete control of an unmodified Super Nintendo using only the controller input.