Djalal Harouni
Home
About
PGP Key
RSS
  • eBPF Summit 2021 - Talk: BPF to bridge Cloud and IoT Linux Security

    04 Jan 2022, 00:00 · 1 min read · opensource linux kernel bpf security IoT  ·
    Share on:
    eBPF Summit 2021 - Talk: BPF to bridge Cloud and IoT Linux Security

    At the eBPF Summit 2021, I gave a talk about how to take advantage of eBPF to try to bridge some cloud and IoT security features. My Talk can be found here: BPF to bridge Cloud and IoT Linux Security on youtube All eBPF Summit 2021 here: eBPF Summit 2021 Youtube Channel

    Read More
  • DZ Open Source contributions into space Mars 2020 Helicopter, Ingenuity

    19 Apr 2021, 00:00 · 1 min read · opensource linux kernel mars space algeria  ·
    Share on:
    DZ Open Source contributions into space Mars 2020 Helicopter, Ingenuity

    Some friends pinged me about a GitHub post that lists Open Source projects used into space, more precisely within the Mars ingenuity mission. The Github post is here: Open source goes to Mars

    Read More
  • All systems go Conference - Modern deployment for Embedded Linux and IoT Talk

    02 Dec 2017, 00:00 · 1 min read · opensource linux kernel IoT security conference systemd  ·
    Share on:
    All systems go Conference - Modern deployment for Embedded Linux and IoT Talk

    The Userspace Linux Conference All Systems Go! 2017 videos and talks are now available online. My talk "Modern Deployment for Embedded Linux and IoT" is available here: Video - Slides All video talks are here

    Read More
  • Modernization of Linux proc filesystem and containers security

    30 Nov 2017, 00:00 · 2 min read · opensource linux kernel containers security  ·
    Share on:
    Modernization of Linux proc filesystem and containers security

    TL;DR: The Linux kernel procfs suffers from a historical design that prevents having multiple separate procfs instances inside the same PID namespace. All the mounts are a mirror of the internal one. This blocks developement of Linux containers, sandboxes, and other security related features. Patch solution: PATCH RFC …

    Read More
  • Linux kernel improve Module autoloading infrastructure

    28 Nov 2017, 00:00 · 1 min read · opensource linux kernel security  ·
    Share on:
    Linux kernel improve Module autoloading infrastructure

    TL;DR: Currently, an explicit call to load or unload kernel modules require CAP_SYS_MODULE capability. However unprivileged users have always been able to load some modules using the implicit auto-load operation. An automatic module loading happens when programs request a kernel feature from a module that is not …

    Read More
  • Hardening Linux-based IoT systems

    16 Oct 2017, 00:00 · 4 min read · opensource linux kernel IoT security  ·
    Share on:
    Hardening Linux-based IoT systems

    TL;DR: In Linux kernel and as part of the Kernel Self Protection Project we are pushing for new lightweight security mechanisms. On top of that, in systemd we are implementing new lightweight container mechanisms that target Embedded Linux and IoT. Our goal is to make it easy to deploy Secure Embedded Linux and IoT …

    Read More
  • systemd Sandbox or systemd Lightweight Containers

    15 Oct 2017, 00:00 · 4 min read · opensource linux systemd containers security  ·
    Share on:
    systemd Sandbox or systemd Lightweight Containers

    Sandboxing IoT Apps using lightweight containers is an important step for Linux-IoT based devices, it allows to reduce the exposure from mis-configuration, bugs, or vulnerability exploitation. As a simple example the BrickerBot and similar worms did not use complex 0day exploits. They used simple attack vectors like …

    Read More

Djalal Harouni

Open Source Software hacker / Cloud / Linux kernel / BPF / systemd from Constantine dz.
Read More

Featured Posts

  • Kernel Image Lockdown and eBPF Flexibility!
  • eBPF: Block Linux Fileless Payload "Malware" Execution with BPF LSM
  • eBPF Summit 2021 - Talk: BPF to bridge Cloud and IoT Linux Security
  • Modernization of Linux proc filesystem and containers security
  • Linux kernel improve Module autoloading infrastructure
  • Hardening Linux-based IoT systems
  • systemd Sandbox or systemd Lightweight Containers

Recent Posts

  • Kernel Image Lockdown and eBPF Flexibility!
  • eBPF: Block Linux Fileless Payload "Malware" Execution with BPF LSM
  • eBPF Summit 2021 - Talk: BPF to bridge Cloud and IoT Linux Security
  • DZ Open Source contributions into space Mars 2020 Helicopter, Ingenuity
  • All systems go Conference - Modern deployment for Embedded Linux and IoT Talk
  • Modernization of Linux proc filesystem and containers security
  • Linux kernel improve Module autoloading infrastructure
  • Hardening Linux-based IoT systems

Categories

LINUX 10 OPENSOURCE 9 TECHNOLOGY 7 BPF 3 SECURITY 3

Tags

LINUX 10 OPENSOURCE 10 KERNEL 9 SECURITY 9 IOT 4 BPF 3 CONTAINERS 2 SYSTEMD 2 ALGERIA 1 CONFERENCE 1 MARS 1 SPACE 1
Djalal Harouni

Copyright  DJALAL HAROUNI. All Rights Reserved