Artificial truth

The more you see, the less you believe.

[archives] [latest] | [homepage] | [atom/rss]

2017 in retrospect
Sun 31 December 2017 — download

End of December, beginning of January, time for the (now usual) retrospective.

In 2017, I

  • Hosted a training about Tails for Mediapart.
  • Attended the r2con 2017 in Barcelona, and gave two unexpected workshops there :D
  • Published 25 blogposts.
  • Released, along with my colleagues, an amazing open-source security module for php7 in the spirit of Suhosin, called Snufflepagus, providing virtual patching at PHP-level, killing several vulnerability classes like unserialization-based RCE, or poor entropy generation. We gave talks about it at Berlinsides, BlackAlps, the hack.lu and some other private conferences. You should slap it on your php7 stack.
  • Helped (a tiny bit) to organize a Debian event, with a strong focus on accessibility.
  • Managed to finally get a small, half-decent and working infrastructure at home, with monitoring, vpn and stuff.
  • Spent a significant portion of my time at work coding defensive software and doing related research, mostly on things that will be open-sauced at some point in the future. I do hope that it will help to raise a bit the bar against the bad guys™.
  • Managed an intern at work: it was a nice experience.
  • Got into the board of directors of nos-oignons
  • Celebrated Christmas away from my family for the first time in my life, and it was pretty relaxing.
  • Managed to get outside a bit more, made new friends, saw old ones.

I remember almost everything from last year, and I think that this one was way better.