Today’s enterprise security staff cannot keep up with the fast moving DevOps software development model using their old waterfall-like gatekeeping control structures. At work I am heavily involved in that shift-left-of-security-transformation, which lead to this collection of notes.
Without any preparation or a defined route we tried to reach a mountain top near St. Johann in Tirol, Austria in March. More snow than expected and bad weather prevented us from achieving our ambitious goal.
In the easter holidays we did a trip through Italy and visited a friend that is currently studying in Milano. I would recommend Rome for sight seeing, Bologna for food and Milano for both.
In my last year at university (2015-2016) I developed a linux kernel module which secures the Linux Crypto API using the Intel Software Guard Extensions. That was not a trivial task because multiple difficulties occured during the design and implementation. In the end the result was pretty solid and I was nominated for the CAST-Förderpreis IT-Sicherheit 2016 in Darmstadt.
This summer we did a tour to north germany and south sweden. By car we traveled through Berlin, Sassnitz, Binz, took the ferry to Trelleborg, drove through Ystad and settled for 4 days in Malmö.
Currently I am developing Linux Kernel modules and normal user-mode applications in parallel. I needed a function which prints the content of a char array to the console, the syslog and the kernel log.
I wanted to modify the Linux Kernel and execute it in QEMU. After multiple hours of searching the web, reading poor guides, tracking debian package bugs and hacking I finally found a way to do that. In the end it is quite simple…
The feeling when you are walking down an empty street at 30 degree Celsius during the holidays and nobody is on the street.
This paper was written as part of the conference seminar ”IT Security” which was organized by the Chair for IT Security Infrastructures (Prof. Dr. F. Freiling) at the University of Erlangen-Nuremberg during summer term 2015.