May 24, 2018

Monitorama 2017 conference report

I wrote this report for internal consumption shortly after the conference. As Monitorama 2018 approaches, I thought these notes could be useful for a wider audience to revisit the common themes and interesting questions from the previous year and to see what has been done to address them. ... Read more

March 7, 2018

ShmooCon 2018 conference notes

This was my second ShmooCon. It was just as fun as the first time, and this time I did various other activities (solving a few of Raytheon’s CTFs, practicing lockpicking, looking at all the codes in the conference program) in between interesting talks. For more details about the conference itself, see the last year’s report. ... Read more

December 6, 2017

DevOps Days Tel-Aviv 2017 conference notes

The Tel-Aviv instance of DevOps Days was interesting to me for two reasons. The first one is there’s a ton of innovation happening in Israel, so there’s a chance of hearing new things; yet Israel is far enough from Silicon Valley that its thinking and opinions are distinct from the San Francisco area monoculture. ... Read more

February 22, 2017

ShmooCon 2017 report

ShmooCon is a security conference held yearly in Washington, DC. With around 2000 participants, it has an audience large enough to fill 3 tracks and provide a range of extra-curricular activities, yet it is much less crazy than events like DefCon (which is ten times the size). ... Read more

May 12, 2016

Infrastructure secret management software overview

Currently, there is an explosion of tools that aim to manage secrets for automated, cloud native infrastructure management. Daniel Somerfield did some work classifying the various approaches, but (as far as I know) no one has made a recent effort to summarize the various tools. This is an attempt to give a quick overview of what can be found out there. The list is alphabetical. There will be tools that are missing, and some of the facts might be wrong–I welcome your corrections. For the purpose, I can be reached via @maxvt on Twitter. ... Read more

September 4, 2015

Finding interesting events in Boston

This is a short collection of links I used to keep myself entertained while living in Boston. Hopefully they will help you find something interesting to do in your free time there. The order is roughly the frequency I visited those sites to find something good. ... Read more

April 11, 2015

iCTF 2014-2015 writeup: temperature

This is a warmup-level challenge written in Python. The service opens a TCP socket on port 56098 and listens for commands to store or read a temperature reading based on time and location. The data is stored into a single flat file. Simply interacting with the service over telnet would not work, as the service only attempts to read once. The protocol is very easy to reconstruct by reading the source, though, and writing a small client to store and load data takes all of two minutes. ... Read more