[the start] [downloads / resources] [contact details] [obligatory links page]

Random Resources

Transcript of Eben Moglen's talk
On the 26th June 2007, Eben Moglen of GPLv3 fame gave a talk at Edinburgh University to an audience of lawyers and (mostly) geeks, for the Scottish Society for Computers and Law's annual lecture for 2007. I made a transcript of the talk, and on this page, you can find this in various formats, as well as links to the recording.

VPN Security Slides - [29/03/2007]

These are from a talk I gave at the scottish linux users group (summary on their wiki). I gave the same talk at the University of Dundee for the the Tayside branch of the BCS on June 11th, 2007.

The topic is similar to the DHCP Security one in that I think it's something that's frequently underplayed and given inadequately consideration; broadly, it was a summarization of what VPNs are used for, and some architectural as well as some specific weaknesses in them, followed by a look at some ways to solve these problems and why you might want to consider something other than a VPN for remote access to solve some of the more architectural VPN issues.

Slides as a PDF file
PPT and ODP files in a .zip

All of the slides (including the artwork) are released under the Creative Commons Attribution-Sharealike 2.5 license. Certain portions of the artwork are (c) other people (from the Tango Project and released under the same license.

Assorted VPN (Security) Resources

The talk itself was a fairly whistlestop tour of some of the major failings of VPNs, so I've put a fairly extensive set of links online to some good VPN-related security resources here. They're worth a read if you're interested.

Excerpt from Packt IPCop book - [12/12/2006]
This chapter (not creative commons licensed!), published on linuxjournal.com, is an introduction to how IPCop treats network interfaces and how one might want to deploy it. It's from one of the book's earlier chapters, and is comprised of material written by my co-author Barrie Dempster and myself. The book's actually gotten fairly good reviews, including one on slashdot.org.

DHCP Security Paper - [30/12/2005]

The DHCP Paper which my talk was based on was published by obsidis, an online security magazine founded in the wake of phrack. I've had some quite good feedback from the paper, and anyone with commentary or criticisms is more than welcome to voice them (see the contact page for some idea as to how you might go about doing this).

For some reason unbeknownst to me, obsidis changed the licensing of the paper I gave them (ahem), so for anyone who's interested, here are my (identical) versions of this, but licensed using the Creative Commons AttributionShareAlike 2.5 License, onsite, in openoffice (.odt) format and as a pdf file.

Obsidis's online, HTML-ised version of the paper is on obsidis.org here, or here as a pdf file. Obsidis's site states that "Permission to make digital or hard copies of all or part of this work for personal use is granted without fee provided that copies are not made for profit or commercial advantage and that copies bear this notice and the full citation on the first page. To copy otherwise, to republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee.", but contrary to the Copyright Obsidis note at the bottom of the page, Obsidis aren't the copyright holder (I am), so.. take heed ;)

DHCP Security slides - [01/12/2005]

On the 22nd November 2005, I gave a talk to the British Computer Society's Tayside Branch on DHCP (in)security. (clicky). I've uploaded the slides here in case they prove useful for anyone. This ZIP File contains the presentation in both .ppt and .odp (oasis/opendocument) format.

Please note: The presentation is released under the Creative Commons Attribution-Sharealike 2.5 license, and that certain bits of the artwork are (c) Canonical Ltd (and released under the same license).

Please also note: This talk was originally an essay I wrote - the essay itself hasn't yet been published, but should be being released in the first edition of obsidis.org's security magazine. The essay provides a rather more comprehensive overview of the topic, and I'll stick it online here once it's been published.