Projects in the topic security


Project MySelf

a project by cschum

The goal of Project MySelf is to build a system to collect data about yourself in a safe and private way, so that you control your data and you can decide what happens with it. Read more

Updated over 2 years ago. 4 hacker ♥️.

updating rpms in docker containers

a project by jordimassaguerpla

The docker way of updating containers is to build a new image with the updated binaries and files, which creates a security concern. The docker way is not anymore running "zypper update" in the containment but to update the whole image in the image registry (hub docker if we are talking about public registry) and then pull the image update from there, stop the outdated containments and replace them by starting new containments based on the new image.

Updated over 2 years ago. 1 hackers ♥️.

zypper-docker with multiple backends and an API

a project by mssola

During the last CSM workshop I started to refactor zypper-docker in a way that: - The CLI code and the "library" part got split.

Updated over 2 years ago. 3 hacker ♥️.

Diving into Qubes OS

a project by thardeck

What is Qubes OS

Qubes OS is an operating system based on Linux with security in mind.

Updated 9 months ago. 4 hacker ♥️. 1 follower.

Do something useful with the TPM

an idea by mwilck

Almost all our laptops, and many servers, feature a TPM today. The TPM doesn't have the best reputation in the community because it could be used to lock down platforms or do nasty things with DRM. Under normal conditions on PCs, the TPM is controlled by the system owner and could actually be useful for almost anything involving crypto. Unfortunately the integration of the TPM in the OS is essentially non-existent. The introduction of the TPM2.0 standard complicates matters, because we now have two different devices with different APIs. The goal of this project would be to identify reasonable use cases for the TPM, evaluate exisiting projects, and create ways how to integrate it into various workflows in openSUSE.

Updated over 2 years ago. 3 hacker ♥️. Has no hacker: grab it!

Analyze the security of Linux HTTPS connections and monitor the traffic of "smart" devices

an invention by thardeck

I have Raspberry Pi with WLAN and an additional network module which can be run as a WIFI access point.

Plan

Updated over 2 years ago. 1 hackers ♥️.

Securing a CMS by using a hidden CMS and exporting static html to a web server

a project by johannes_p

Small non profit organisations or activist groups need a Web presence that is easy to maintain by several authors. When using a CMS they do not have the resources to secure the CMS from the various possible attacs most CMSes are notorious for. Defacement or placing malicious content can damage the reputation of such non profit organisations. The solution would be to combine an of the shelf CMS with a static web server that is hosted on a different IP address. The authors would access the CMS through a kind of remote access gateway e.g. openvpn) where access can be well secured with certificates or even hardware tokens.

Updated almost 2 years ago. 1 hackers ♥️.

Generate CVRF

an invention by msmeissn

CVRF is a standard where security advisories are encoded in a XML format. We are currently not generating such a format, but it seems to be getting more attention.

Updated over 4 years ago. No love.

Improve supplychain security in the build service

an idea by kbabioch

In the past I've worked on a set of scripts to identify potential for improvement of the supply chain within our build service. For now RPM files can be scanned for unused signature files that are available upstream and look for potentially unused https:// links, although they are available. These scripts work on a prototype-basis, but there is a lot of follow-up work to do, e.g.:

Updated over 2 years ago. 1 hackers ♥️. 1 follower. Has no hacker: grab it!

Improving the Security of OpenPGP USB Token with a Secure Chip

a project by biergaizi

OpenPGP Card is an ISO/IEC 7816-4 compatible smartcard that is integrated with many OpenPGP functions, including signature, encryption, and authentication. It provides an trustful computing environment isolated from the host computer, to guard one's private keys from attacks and exposures. ZetiControl in Germany is the first manufacturer of OpenPGP Card based on BasicCard platform. Since then, compatible USB tokens have also been manufactured, such as Yubikey and Nitrokey. Currently for compatible USB tokens, there are two approaches of OpenPGP Card implementation:

Updated over 3 years ago. No love.