[Fsuk-manchester] Follow-up: MFS Meeting. Tue, 21 August. "Avahi Zerocon

fsuk-manchester

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Fsuk-manchester] Follow-up: MFS Meeting. Tue, 21 August. "Avahi Zerocon

From:	Michael Dorrington
Subject:	[Fsuk-manchester] Follow-up: MFS Meeting. Tue, 21 August. "Avahi Zeroconf. Software Freedom Day. Libre 5. Foreshadow; SegmentSmack+FragmentSmack"
Date:	Tue, 28 Aug 2018 19:50:33 +0100
User-agent:	Mozilla/5.0 (X11; Linux i686 on x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.9.1

Follow-up from the meeting; if you need any additional help then please
reply to the list.


Foreshadow and Foreshadow-NG do have kernel updates such as those to Linux:

https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=958f338e96f874a0d29442396d6adf9c1e17aa2d

so installing the security updates from your distro should help.
However, you may wish to tighten up on the new kernel parameter
defaults, see the above link or local kernel documentation.  And you
might want to disable Hyperthreading in the BIOS; this is what Theo de
Raadt of OpenBSD recommends:

https://marc.info/?l=openbsd-tech&m=153504937925732

As discussed before, you can run the spectre-meltdown-checker to detect
earlier disclosed, and related, speculative execution vulnerabilities.
Work to check for Foreshadow and Foreshadow-NG is being added:

https://packages.debian.org/spectre-meltdown-checker


As discussed in the meeting, you may or may not want mDNS when on a
trusted network but less so on public Wi-Fi.  The issue of disabling
Avahi has confused other users, an internet search reveals.

The following command will: stop the Avahi daemon and associated
services; stop them restarting either on system boot or manually:

systemctl --now mask avahi-daemon

To revert:

systemctl unmask avahi-daemon
systemctl start avahi-daemon

and see the manual page of systemctl for more help (`man systemctl`).

Another option is to uninstall the "avahi-daemon" (or similar) package
but make sure you know what you are doing before doing this.

You might also want to do a belt & braces and not allow destination 5353
UDP in nor destination 5353 UDP out using a firewall/ACL.

Always remember to confirm by testing.


Post to the list if you want to know more or need help.

Regards,
Mike.
MFS Chair


On 18/08/18 13:28, Michael Dorrington wrote:
> Please forward this notice to those that would welcome it.
> 
> You can subscribe to the Manchester Free Software mailing list at:
> https://lists.nongnu.org/mailman/listinfo/fsuk-manchester
> 
> * Event: Manchester Free Software's August Meeting
> 
> * 45 minute slot: Avahi zero-configuration networking
> * 15 minute slot 1: Software Freedom Day 2018 in Manchester
> * 15 minute slot 2: Libre 5 progress
> * 15 minute slot 3: Security - Foreshadow; SegmentSmack+FragmentSmack
> 
> * Date: Tuesday, 21st August 2018 (3rd Tuesday of the month)
> * Start time: 19:00
> * Finish time: 21:00
> 
> * Location: PLANT NOMA
>   -
> https://madlab.org.uk/2018/04/madlab-and-plant-noma-announce-new-collaboration/
>   - https://www.plantnoma.com/
> * Address: Redfern, Dantzic Street, NOMA, M60 0AE.
>   - Near Shudehill Interchange and not far from original Madlab.
>   - https://www.openstreetmap.org/#map=19/53.48668/-2.23934
> 
> 
> == Details ==
> 
> === Introduction ===
> 
> The purpose of Manchester Free Software is to promote the Free Software
> philosophy.
> 
> Every meeting we start with an opportunity for informal key signing.
> For an explanation of what this is about see:
> https://en.wikipedia.org/wiki/Key_signing_party
> 
> 
> === Schedule ===
> 
> 19:00-19:05 Introduction and key signing
> 19:05-19:20 Software Freedom Day 2018 in Manchester
> 19:20-19:25 Short Break (5 minutes)
> 19:25-20:10 Avahi zero-configuration networking
> 20:10-20:25 Long Break (15 minutes)
> 20:25-20:40 Libre 5 progress
> 20:40-20:45 Short Break (5 minutes)
> 21:45-21:00 Security - Foreshadow; SegmentSmack+FragmentSmack
> 
> 
> === Topic details ===
> 
> 
> ==== Software Freedom Day 2018 in Manchester ====
> 
> Software Freedom Day 2018 is on Saturday, 15th September.  Software
> Freedom Day is a world-wide celebration and promotion of Software
> Freedom.  We'll discuss our event in Manchester which are doing with ManLUG.
> 
> * https://www.softwarefreedomday.org/
> 
> 
> ==== Avahi zero-configuration networking ====
> 
> This will be a talk and demo on Avahi, the zero-configuration networking
> software.  Avahi is generally installed by default on GNU/Linux desktop
> installs.  We'll explore the components, uses, the good and the bad.
> 
> * https://en.wikipedia.org/wiki/Avahi_%28software%29
> * https://packages.debian.org/avahi
> 
> 
> ==== Libre 5 progress ====
> 
> A look at Libre 5, the freedom focused smart phone (aka pocket
> computer).  Libre 5 is being worked on by Manchester Free Software's
> very own Bob Ham.
> 
> * https://puri.sm/posts/librem5-progress-report-17/
> 
> 
> ==== Security - Foreshadow; SegmentSmack+FragmentSmack ====
> 
> Security briefing covering 2 main topics with the level of detail
> determined by participants:
> 
> 1. Foreshadow and Foreshadow-NG are yet more speculative execution
> attacks on Intel CPUs such as Meltdown and Spectre.
> 
> * https://foreshadowattack.eu/
> 
> 2. SegmentSmack and FragmentSmack are issues with how Linux (which is a
> kernel) deals with network traffic.
> 
> * https://access.redhat.com/articles/3553061
> * https://security-tracker.debian.org/tracker/linux
> 
> 
> == Location ==
> 
> The meeting will take place at the usual PLANT NOMA, details above.
> 
> 
> == Transport ==
> 
> 
> === Parking ===
> 
> Around the venue there are parking meter bays that become zero cost
> after 8pm on Tuesday so you will have to pay up until then and the
> maximum stay is 2 hours BUT MAKE SURE YOU VERIFY ALL THIS on parking.
> 
> There are paid parking lots around the venue, they are marked by a blue
> P in this OpenStreetMap centred on PLANT NOMA
> <https://www.openstreetmap.org/#map=15/53.48668/-2.23934>.  Most of
> those parking lots are owned by NCP <http://www.ncp.co.uk/>.
> 
> If you can't decide otherwise then park in Manchester Arndale
> <https://www.manchesterarndale.com/visiting/directions>.
> 
> 
> === Public Transport ===
> 
> Manchester Victoria (MCV) train station, Shudehill tram and bus station,
> and Manchester Piccadilly bus station are all fairly close to PLANT
> NOMA, see OpenStreetMap centred on PLANT NOMA
> <https://www.openstreetmap.org/#map=15/53.48668/-2.23934>.
> 
> Manchester Piccadilly (MAN) train station and Manchester Central Coach
> Station are not too far away either.
> 
> 
> == More Information ==
> 
> Information about Manchester Free Software can be found on the
> Manchester Free Software pages on LibrePlanet
> <https://libreplanet.org/wiki/Manchester>.
> 
> Regards,
> Mike.
> MFS Chair.
> 


-- 
FSF member #9429
http://www.fsf.org/register_form?referrer=9429
http://www.fsf.org/about
"The Free Software Foundation (FSF) is a nonprofit with a worldwide
mission to promote computer user freedom and to defend the rights of all
free software users."

signature.asc
Description: OpenPGP digital signature

[Prev in Thread]

Current Thread

[Next in Thread]

[Fsuk-manchester] MFS Meeting. Tue, 21 August. "Avahi Zeroconf. Software Freedom Day. Libre 5. Foreshadow; SegmentSmack+FragmentSmack", Michael Dorrington, 2018/08/18
- [Fsuk-manchester] Reminder: MFS Meeting. Tue, 21 August. "Avahi Zeroconf. Software Freedom Day. Libre 5. Foreshadow; SegmentSmack+FragmentSmack", Michael Dorrington, 2018/08/20
- [Fsuk-manchester] Follow-up: MFS Meeting. Tue, 21 August. "Avahi Zeroconf. Software Freedom Day. Libre 5. Foreshadow; SegmentSmack+FragmentSmack", Michael Dorrington <=

Prev by Date: [Fsuk-manchester] Reminder: MFS Meeting. Tue, 21 August. "Avahi Zeroconf. Software Freedom Day. Libre 5. Foreshadow; SegmentSmack+FragmentSmack"
Previous by thread: [Fsuk-manchester] Reminder: MFS Meeting. Tue, 21 August. "Avahi Zeroconf. Software Freedom Day. Libre 5. Foreshadow; SegmentSmack+FragmentSmack"
Index(es):
- Date
- Thread