PLUG's Upcoming Events
This month we will have a two presentations. Phil Waclawski will present "Using Hierarchical Data in MySQL, Trees vs Nests" and Ed Nicholson will present "Securing a SSH Bastion host with PrivacyIDEA and U2F"
Phil Waclawski: Using Hierarchical Data in MySQL, Trees vs Nests
Real world data is often made of hierarchical relationships, or "trees".
Representing that data in a Relational Database starts to get complicated as soon as you have more than two levels in your "Tree".
There are many strategies for handling such data, and I will cover examples of at least two of them (adjacency list and nested sets) and possibly more.
If you have access to a mysql instance, you can create the test tables and follow along, or get the code later.
Ed Nicholson: Securing a SSH Bastion host with PrivacyIDEA and U2F
Phil has been a faculty member, focusing on open source software at MCC for nearly two decades.
This summer, Phil will once again be offering a "MCC Multimedia Madness" summer camp for 6-8th graders. Over the two weeks I will cover a wide range of open source software, including GIMP, Inkscape, Krita, Audacity, Blender, Hydrogen Drum Kit, Tux Guitar, Openshot, Linux Multimedia Studio, work with green screen and more.
For hobbies, Phil has too many. Blacksmithing, archery, Leatherworking, Wood Working, Jewelry, Sound Recording/editing and SCUBA diving. Phil is also learning to play the Bass.
Phil has been using linux at home for desktops and servers since 1994.
Bastion Servers are an important tool for access control to your other
systems. PrivacyIDEA is a credential management system that can add
many types of authentication to your Jump Server, for example U2F.
FIDO Universal 2nd Factor Keys are a convenient standard implemented
by many to improve security. PrivacyIDEA is a great example of how
easy adding important levels of security to your systems can be. About Ed:
Ed has been involved with Free Software for some time, and is most
interested in how people, organizations and populations use, create and
experience information. Recently, Ed is enjoying The Prescott National Forest
as his "personal office" and The Valley of The Sun as a home away from home.
Personal systems run either Fedora, Project Atomic, Android or OpenBSD.
We will be holding our new security meeting on April 11th at 7pm.
In this meeting we will learn about Virtual Private Networks, Proxies, and Tor. We will be discussing new developments on who can sell your data, how that data is gathered, and what these tools can do for you. Traffic obfuscation is not a silver bullet for anonymization. This two hour meeting will focus on providing a simplified and easy to follow explanation of online privacy, the technologies involved in masking or revealing users, and what a VPN or Tor can do for you.
* Any discussion of paid services or software will be done for educational purposes only. Neither the instructor, PLUG, or any one involved in this course endorses any paid services or products discussed at this meeting.
For more information see our meeting information
The Installfest will will be held at Gangplank on April 1st 2017.
260 South Arizona Avenue
We are pleased to announce that PLUG is starting a new free Security focused meeting.
On the 2nd Tuesday of every month
, starting at 7pm, at the Desert Breeze Substation located in Chandler AZ (Same location as the regular PLUG meeting), we will be holding cyber security focused courses for the public.
Desert Breeze Substation
251 N Desert Breeze Blvd W
Chandler, Arizona 85226
You are invited to attend this event if you are interested in cyber security and wish to have an opportunity to learn about digital security as well as related hardware and software.In this first class
we will be discussing the modern hacker, tools used, and their work flow. Topics covered will include probing, reconnaissance, and the software and tools used when inspecting a network for potential attack. Participants are encouraged to bring their Linux laptop or a copy of virtualbox + Linux OS as some aspects of the presentation will be hands on.
Tools covered include:
Aaron is an experienced Linux user with several years of teaching experience. He works in the industry as a software developer while also providing consultancy on cyber security related topics. His discussions are AZ Post certified for training credit for law enforcement
and he prides himself on providing quality educational material that is relevant and topical. He has a Masters Degree in Intelligence Analysis with a focus in Cyber Security, is a life long learner, and prides himself on staying up to date with the ever changing field of cyber security.
We have two presentations for February, from Yael Grauer and der.hans.
Yael will discuss hacker-show Mr. Robot and what it gets right about tech. Hans will cover etckeeper, a tool for tracking configuration changes.
For more info, Meeting time and location see:http://phxlinux.org/index.php/meetings/14-east-valley-meeting.html
Yael Grauer: What Mr. Robot Gets RightDescription
: Not only does Mr. Robot set the bar for dystopian hacker suspense thrillers, it’s also a great hacking show that’s true to the culture and portrays technology authentically.
In this presentation, Yael will discuss what Mr. Robot gets right... and the mostly free, mostly open source programs used by the characters on the show.Biography
: Yael is a freelance tech reporter covering online privacy and security, mass surveillance, and digital freedom. She has written for WIRED, Ars Technica, Slate, Motherboard, the Intercept, Forbes Tech, and more. She also co-hosts Monday Morning Dumpster Dive, a podcast on Friday news dumps that also airs on KJZZ.
For fun, Yael enjoys hiking, gardening, Brazilian jiu-jitsu, and spending time with her husband and their puppy.
der.hans: etckeeper - revision control for /etc/Description
: Ever debug a service problem for hours just to discover it was a new typo in a configuration file? Ever have someone (maybe you) bork a conf file and not realize it for days? Put /etc/ into version control, then track what changes and when.
etckeeper tracks changes in /etc/ with version control. It ties into package management systems for automagic checkins after updates. It also records important metadata such as permissions and ownership that version control systems (VCS) usually do not track.
Use the VCS you know and let etckeeper help you with some of the oddities found in /etc/.
An imporatant feature is detecting inadvertant changes or tracking what someone (maybe even you) did late at night or early in the morning. By tracking changes, you can document them, replicate them elsewhere or even back them out.Biography
: der.hans is a Free Software, technology and entrepreneurial veteran. He is a repeat author for the Linux Journal with his article about online privacy and security using a password manager as the cover article for the January 2017 issue.
He is chairman of the Phoenix Linux User Group (PLUG), BoF organizer for the Southern California Linux Expo (SCaLE) and founder of the Free Software Stammtisch.
He presents regularly at large community-led conferences (SCaLE, SeaGL, LFNW) and many local groups.