Projects in the topic security


Project MySelf

a project by cschum

The goal of Project MySelf is to build a system to collect data about yourself in a safe and private way, so that you control your data and you can decide what happens with it. Read more

Updated about 3 years ago. 4 hacker ♥️.

updating rpms in docker containers

a project by jordimassaguerpla

The docker way of updating containers is to build a new image with the updated binaries and files, which creates a security concern. The docker way is not anymore running "zypper update" in the containment but to update the whole image in the image registry (hub docker if we are talking about public registry) and then pull the image update from there, stop the outdated containments and replace them by starting new containments based on the new image.

Updated about 3 years ago. 1 hackers ♥️.

zypper-docker with multiple backends and an API

a project by mssola

During the last CSM workshop I started to refactor zypper-docker in a way that: - The CLI code and the "library" part got split.

Updated about 3 years ago. 3 hacker ♥️.

Diving into Qubes OS

a project by thardeck

What is Qubes OS

Qubes OS is an operating system based on Linux with security in mind.

Updated 4 months ago. 4 hacker ♥️. 1 follower.

Do something useful with the TPM

an idea by mwilck

Almost all our laptops, and many servers, feature a TPM today. The TPM doesn't have the best reputation in the community because it could be used to lock down platforms or do nasty things with DRM. Under normal conditions on PCs, the TPM is controlled by the system owner and could actually be useful for almost anything involving crypto. Unfortunately the integration of the TPM in the OS is essentially non-existent. The introduction of the TPM2.0 standard complicates matters, because we now have two different devices with different APIs. The goal of this project would be to identify reasonable use cases for the TPM, evaluate exisiting projects, and create ways how to integrate it into various workflows in openSUSE.

Updated about 3 years ago. 3 hacker ♥️. Has no hacker: grab it!

Analyze the security of Linux HTTPS connections and monitor the traffic of "smart" devices

an invention by thardeck

I have Raspberry Pi with WLAN and an additional network module which can be run as a WIFI access point.

Plan

Updated about 3 years ago. 1 hackers ♥️.

Securing a CMS by using a hidden CMS and exporting static html to a web server

a project by johannes_p

Small non profit organisations or activist groups need a Web presence that is easy to maintain by several authors. When using a CMS they do not have the resources to secure the CMS from the various possible attacs most CMSes are notorious for. Defacement or placing malicious content can damage the reputation of such non profit organisations. The solution would be to combine an of the shelf CMS with a static web server that is hosted on a different IP address. The authors would access the CMS through a kind of remote access gateway e.g. openvpn) where access can be well secured with certificates or even hardware tokens.

Updated over 2 years ago. 1 hackers ♥️.

Generate CVRF

an invention by msmeissn

CVRF is a standard where security advisories are encoded in a XML format. We are currently not generating such a format, but it seems to be getting more attention.

Updated about 5 years ago. No love.

Improve supplychain security in the build service

an idea by kbabioch

In the past I've worked on a set of scripts to identify potential for improvement of the supply chain within our build service. For now RPM files can be scanned for unused signature files that are available upstream and look for potentially unused https:// links, although they are available. These scripts work on a prototype-basis, but there is a lot of follow-up work to do, e.g.:

Updated almost 3 years ago. 1 hackers ♥️. 1 follower. Has no hacker: grab it!

Improving the Security of OpenPGP USB Token with a Secure Chip

a project by biergaizi

OpenPGP Card is an ISO/IEC 7816-4 compatible smartcard that is integrated with many OpenPGP functions, including signature, encryption, and authentication. It provides an trustful computing environment isolated from the host computer, to guard one's private keys from attacks and exposures. ZetiControl in Germany is the first manufacturer of OpenPGP Card based on BasicCard platform. Since then, compatible USB tokens have also been manufactured, such as Yubikey and Nitrokey. Currently for compatible USB tokens, there are two approaches of OpenPGP Card implementation:

Updated almost 4 years ago. No love.

libpathrs

a project by cyphar

The plan is to implement a safe path resolution library for Linux to avoid the plentiful numbers of security vulnerabilities that have been seen in the wild related to path resolution race conditions and various other attacks. I've been working on kernel-space solutions but even if they were merged, it is difficult to use them safely directly. So this library intends to provide simple wrappers that everyone can use. https://github.com/openSUSE/libpathrs

Updated about 3 years ago. 1 hackers ♥️. 1 follower.

Kanidm: A safe and modern IDM system

an invention by firstyear

This hackweek I'll be working on Kanidm, an IDM system written in Rust for modern systems authentication. The github repo has a detailed "getting started" on the readme. Kanidm Github

Updated over 1 year ago. 2 hacker ♥️. 1 follower.

Kanidm - A modern opensource IDM

a project by firstyear

Project Description

Kanidm is a modern, fast, opensource IDM aiming to be an alternative to projects like 389-ds, freeipa, samba 4 and others. Inspired by many identity as a services, many features of this project aim to advance the state of what is possible with opensource security and IDM today.

Updated 4 months ago. 4 hacker ♥️. 3 followers.

Dawnscanner: revive the project and create an RPM package

a project by pperego

Project Description

Dawnscanner was a ruby code security static analyzer I created in 2013 and led until a couple of years ago. Unfortunately in my last two jobs, my focus was less on ruby code, so the project lost some traction.

Updated over 1 year ago. 1 hackers ♥️. 2 followers.

Kanidm - Modern Opensource Identity Management

an idea by firstyear

Project Description

Kanidm is a identity management system (a store of accounts, groups and more) that supports authentication to opensuse, web sites, networks, and more. The project has a focus on respect of humans, correctness, simplicity and performance. In previous hackweeks we have implemented cryptographic authentication (webauthn), wasm based web UI and more.

Updated 4 months ago. 5 hacker ♥️. 3 followers. Has no hacker: grab it!