KOF2005 (part2) - 2005/10/29 (Saturday)
SELinux
Presented TresysTechnology. They spoke mostly for SELinux on FedoraCore 4. Tipical ;) Commercial oriented. Just mentioned Hardened Gentoo, but do not told that it is the only distribution in the moment with policies handling integrated with the package management (so you emerge some package and you getting the SELinux policy for that package). And you get all this for free. With additional toys like grsecurity, PAX etc. Indeed, their SETools are interesting. Tcl/Tk based GUI for working with policies. I wish to have similar for RSBAC too. See also: SELinux Policy Editor, Security Enhanced Linux Reference Policy
Rast - A full-text search system
Didn't understand everyting (N-grams etc.), but the usage was interesting - full search plug-in for tDiary(a volunteer-based distributed web diary rental service) - see also tdiary-rast on freebsd,tdiary-rast on debian ; ximapd - ximapd is an experimental IMAP daemon, but Maeda-san (the author of mod_ruby), with advanced filtering features (Gmail-like)
Matcha139
Didn't understand what exactly they are doing. Kids playing security games? White hats? Indeed that have some meetings on "Web Application Security" theme. I showed them Agile Web Development with Rails security chapter. Seems interested from Ruby On Rails. More investigation needed (web, ML etc.)
Ruby and Ruby On Rails
The RoR Hour was OK, but for me seems the level aready is too low. Most of the people in the room was there, cause the already readed articles etc. about RoR. So next time we need to do level-up - more tuning (performance, scaling etc.), testing, Ajax etc. stuff
The Rails studing: BIG disappointment for me :( I was there, waiting 1 hour and more and they told me: "OK, you are pro in Ruby, so go out". There is nobody so good that do not need more learning. And for me was important: i'm coming to Ruby from Rails, so i'm still missing some basic Ruby knowledge.
TODO: next time to bring my own notebook, so I can be independent.
