Today’s enterprise security staff cannot keep up with the fast moving DevOps software development model using their old waterfall-like gatekeeping control structures. At work I am heavily involved in that shift-left-of-security-transformation, which lead to this collection of notes.
Posts
Without any preparation or a defined route we tried to reach a mountain top near St. Johann in Tirol, Austria in March. More snow than expected and bad weather prevented us from achieving our ambitious goal.
Monitoring the climate is a standard project for the RaspberryPi. I bought two Raspberry Pi Zero, two BME680 Breakout, booted my old Raspberry Pi 3 and started hacking.
In the last month I implemented CI/CD in multiple projects. Some of them were Javascript applications, others Python Flask REST Backends and Jekyll apps. I also used CI/CD methods to automate the generation of my LaTeX Awesome CV..
A few years ago I stumbled over the outstanding Awesome CV which is written in LaTeX. At that time I had no idea what LaTeX - but customizing the CV to my needs, contributing the Cover Letter and adding the image to the header taught me how it works.
In the easter holidays we did a trip through Italy and visited a friend that is currently studying in Milano. I would recommend Rome for sight seeing, Bologna for food and Milano for both.
In my last year at university (2015-2016) I developed a linux kernel module which secures the Linux Crypto API using the Intel Software Guard Extensions. That was not a trivial task because multiple difficulties occured during the design and implementation. In the end the result was pretty solid and I was nominated for the CAST-Förderpreis IT-Sicherheit 2016 in Darmstadt.
This summer we did a tour to north germany and south sweden. By car we traveled through Berlin, Sassnitz, Binz, took the ferry to Trelleborg, drove through Ystad and settled for 4 days in Malmö.
Currently I am developing Linux Kernel modules and normal user-mode applications in parallel. I needed a function which prints the content of a char array to the console, the syslog and the kernel log.
Intel released its SGX SDK for Windows to the public. They included the launch enclave, which is required to start own enclaves.
I wanted to modify the Linux Kernel and execute it in QEMU. After multiple hours of searching the web, reading poor guides, tracking debian package bugs and hacking I finally found a way to do that. In the end it is quite simple…
On September 26th 2013, Intel published the Intel Software Guard Extensions programming reference. They added 19 new instructions which allows the creation and execution of an trusted “enclave” on an untrusted host. Some great benefits are coming with that technology.
The feeling when you are walking down an empty street at 30 degree Celsius during the holidays and nobody is on the street.
Yesterday, I started with Jekyll as a sideproject. After searching a while for themes on mademistakes and jekyllthemes I found Kaktus.
This paper was written as part of the conference seminar ”IT Security” which was organized by the Chair for IT Security Infrastructures (Prof. Dr. F. Freiling) at the University of Erlangen-Nuremberg during summer term 2015.