Archive for October, 2005

« Older Entries

“Bugfinding” and “Competition”

Monday, October 31st, 2005

We disagree with this post, and we feel a need to comment on the following blurb. Of course, our opinions are probably biased based on our histories.

Security is about tradeoffs. People have scarce resources to apply to the problem. Bugfinding forces people to apply resources in areas that they may not want to, by creating virtual hotspots in areas where there were no previous indications of a problem, and we know that anytime in the future, problems can crop up out of nowhere.

Yes, security is about tradeoffs and resources tend to be scarce. That said, the flawed argument made here against security researchers morphs right into a flawed argument against competition. If you replace the word “Bugfinding” with “Competition” in the second sentence, you can see how ridiculous these statements really are. Competition forces companies to innovate and improve to try to better serve their customers in order to excel over their competitors. Security researchers can be viewed in the same light as competition in this respect. They force companies to improve their products and fix defects. The companies producing the products may not like this, but those depending on them certainly should. Afterall, if the flaws are there, they can be discovered, whether you get to know about them or not, and we would rather know about them and have them fixed now than deal with a security incident and theft of customer’s records later. Sure, it takes time and is a pain to patch, but that is part of the world of imperfect products and is a necessary element to be considered in any deployment of IT solutions. It is not the fault of security researchers that the bugs are there, but it is because of them that many bugs are fixed.

Small businesses rarely custom-build solutions, so they depend on both commerical and free software/products to fit their IT needs. As a company that helps many small businesses build their infrastructures, we appreciate the efforts of security researchers to probe these commerical and free software/products and feel it helps us to provide better solutions to our customers, including the ongoing tasks like patching.

(Getting close to the time for the halloween parties. Muahahahah. Have fun and be safe.)

Update: via chargen 19/udp

Posted in D-Kriptik, Security | 1 Comment »

KDF discussions, hash bashes, and a new mailing list

Monday, October 31st, 2005

The IETF-CFRG mailing list has been having a lively and quite interesting discussion on key derivation functions (KDFs), randomness extraction, and key expansion these last few days. The threads of note start with the messages here, here, and here in the archives. This was sparked by the announcement of a NIST-recommended KDF being specified in an IETF draft, which rehashes the KDF included in the draft of SP 800-56.

Today marks the beginning of the Hash Function Workshop at NIST. Given a few of the speakers and their presentations, it should be an interesting couple of days (unfortunately, we are not going to be out that way). Hashing has been a big topic in cryptography in recent times, due to growing problems in a widely used family of hash functions.

A new mailing list called Practical Security has been started to discuss “applications of cryptographic protocols as well as other security techniques.” The first set of posts have been on anonymity technologies and their rare use in many cases. (On the other hand, pseudonymity technologies are commonly used.)

And, completely unrelated, this picture of NYC is stunning in its almost complete silence.

Posted in Conferences, Crypto, Security | No Comments »

Dell Inspiron 8500 and FreeBSD 6

Saturday, October 29th, 2005

We have discussed Dell Inspiron 8500’s in previous posts (one of our clients needed some help with one, and this prompted us to start using an Inspiron we had lying around), and it seems configuring these laptops with GNU/Linux and FreeBSD are popular search terms for hitting this blog. As a result, we have been asked about wireless with WPA support by FreeBSD 6 on an Inspiron 8500 with a miniPCI wireless card. In this post, we discuss some of the configuration tweaks we made to get FreeBSD 6 working properly on our Inspiron. We start with X, then sound, then wireless. Beforehand, our previous post will help with getting the basic system setup and up to date.

  1. The general method for getting X-windows (with a Gnome desktop) working on our system is similar to the one we used for our Debian installation: install X and then configure it. To do this, we will essentially rehash the instructions from the FreeBSD handbook section on X found here.

    First off, since this was a question, if you are experiencing “/dev/io” write errors, this could be due to your securelevel. Any securelevel greater than 0 disables write access to “/dev/io”. If you want, you can change this be setting “kern_securelevel_enable=”NO”" or “kern_securelevel=”0″” (the inner quotes are needed) in “/etc/rc.conf”.

    Ok, so, make sure that X11 is installed and, of course, Gnome. If they are not, they can be installed from the ports branch, which we updated in a previous post (by following the update instructions there, you will, as of the writing of this post, be sync’d to FreeBSD6-RC1), or using “sysinstall”, although this will be a pre-packaged version and not include the latest patches, which was part of the point of going through the previous post.

    • cd /usr/ports/xorg
    • make install clean
    • cd /usr/ports/x11/gnome2
    • make install clean

    This is a base, but there are other Gnome packages that you might want. After that, generate a configuration for X11 by running the following.

    • Xorg -configure

    This creates a configuration in “/root/xorg.conf.new”. We briefly edit this file (“vi /root/xorg.conf.new”) to include the proper modes and refreshes for the monitor, and screen that we saw from the Debian post. These settings can be extracted from the example for X on Debian, which works fine for us as we only needed to tweak the monitor and screen sections to insert the modes and refreshes (the video card configuration already looks to be correct for our needs).

    Once that is done, we test the configuration by running X.

    • Xorg -config /root/xorg.conf.new

    This looks good, so we copy the configuration file to etc/X11.

    • cp /root/xorg.conf.new /etc/X11/xorg.conf

    With that all set, we add Gnome to “/etc/rc.conf” by appending “gdm_enable=”YES”" (the inner quotes are needed), which causes Gnome to be automatically invoked at startup.

  2. In order to determine the sound driver we need to load, we run the command “kldload snd_driver”, which loads all the sound drivers available, and then “cat /dev/sndstat”, which lists the sound driver that has now been selected for use by the system. With the results we gather from those commands , we find that the selected driver was for the Intel ICH4. In order to have this driver loaded automatically during boot, we edit “/boot/loader.conf” and add “snd_ich_load=”YES”" (the inner quotes are needed) to it.
  3. As we did for Debian, we extract the Dell TruMobile 1300 MiniPCI drivers, and the drivers can be found here on the Dell suport site. Of these, all we need is the “bcmwl5.inf” and “bcm5wl.sys”, and we transfer these files to the laptop using “sftp”. Note: The “bcmwl5.inf” has to be converted to ASCII.

    Since we are running FreeBSD 6, we no longer have to use the “ndiscvt” tool directly nor do we build “if_ndis” with “ndis_driver_data.h” built into it. The wireless driver is now compiled into a separate kernel module by running the following command and walking through the prompts for driver conversion (no firmware necessary).

    • ndisgen

    “ndisgen” prompts for the .inf and .sys, and eventually generates a .ko. We copy the output of this conversion (“bcmwl5_sys.ko”) to “/boot/kernel”.

    • cp bcmwl5_sys.ko /boot/kernel

    Finally, we add the following entries to “/boot/loader.conf” to include the ndis drivers at boot. Note: This ordering of the entries is necessary.

      ndis_load=”YES”
      if_ndis_load=”YES”
      bcmwl5_sys_load=”YES”

    To load the modules we needed without rebooting, we ran “kldload”.

    • kldload ndis.ko
    • kldload if_ndis.ko
    • kldload bcmwl5_sys.ko

    Now, we could add an entry to rc.conf for the wireless network interface, and, if “D_dash_KRIPTIK_dot_COM” is an unprotected network, we would have been all set by adding the following to “/etc/rc.conf”.

      ifconfig_ndis0=”ssid D_dash_KRIPTIK_dot_COM DHCP”

    However, we want to use WPA, so we have to perform additional configuration. First, we need kernel support for the WPA mechanisms. This can be accomplished by linking these mechanisms into the kernel, as we did in a previous post, or by building these as kernel modules and manually configuring them to load by adding the following to “/boot/modules.conf”. (We threw in WEP as well.)

      wlan_ccmp_load=”YES”
      wlan_tkip_load=”YES”
      wlan_wep_load=”YES”

    If these modules have just been manually configured, then they are not currently loaded. To load the modules without rebooting, we can run “kldload”.

    • kldload wlan_ccmp.ko
    • kldload wlan_tkip.ko
    • kldload wlan_wep.ko

    Ok, with the necessary kernel components in place, we add the following line to “/etc/rc.conf”.

      ifconfig_ndis0=”WPA DHCP”

    We then copy over the example “wpa_supplicant.conf” from “/usr/src/contrib/wpa_supplicant” to “/etc”, and edit it as we did for Debian. Essentially, we leave the defaults in the example alone until the “# network block” section and then comment out the example entries.

    • cp /usr/src/contrib/wpa_supplicant/wpa_supplicant.conf /etc
    • vi /etc/wpa_supplicant.conf

    In the place of the example entries, we put the following in “wpa_supplicant.conf”.

      network={

      	ssid="D_dash_KRIPTIK_dot_COM"
	proto=WPA
	key_mgmt=WPA-PSK
	pairwise=CCMP
	group=CCMP
	psk="*****************************************"
	priority=1

      }

    We then disable networking (“/etc/rc.d/netif stop”), cross our fingers, and enable networking (“/etc/rc.d/netif start”).

    (Uh oh, we fail to negotiate a secure link and associate with the Access Point (AP). We try rebooting. Boom! Kernel panic when “wpa_supplicant” starts during boot. We reboot again. Boom! So, we play around with configurations for a few minutes and stop the system from crashing immediately during boot, but it is still not able to negotiate a secure link and associate with the AP. The issue appears to be with wpa_supplicant on FreeBSD using an NDIS driver that supports WPA, and we shelve it for a few days until we have some time to toy with it a bit more… Over those few days, the FreeBSD team make code changes that fixed the problem. When we next update our version of FreeBSD6 RC1 and try the setup as described above, it works perfectly.)

    We are all set.

While this post is not directly related to any of our current projects, we hope it helps.

Update: This Bejtlich post goes through similar paces.

Posted in BSD | No Comments »

Sudoku

Friday, October 28th, 2005

The bartender at Rififi one night was doing a Sudoku puzzle in the rare free moments that presented themselves. These puzzles are absolutely everywhere in New York these days. (I know I love them.) And, if you are working on one in public, you will not have a moments peace.

Posted in Off-topic | No Comments »

Comments on comments on the Skype security report

Tuesday, October 25th, 2005

I got in from running around town in the cold, miserable weather outside and was pointed to the following post on Skype Journal.

The Skype Forum is buzzing with commentary on Tom Berson’s security white paper. Most of it from sidewalk superintendents.

I thought I would find an industry specialist to talk with.

Please meet Michael Gough.

The whole post should be reviewed to see what Michael Gough has to say, and it gives a little background on him. I have three comments on Michael Gough’s statements.

  1. “Nothing custom; nothing home grown. The fact that Skype followed industry best practices helped to ease my concerns and those in my field as to how Skype actually implemented their encryption scheme.”

    From the details provided, we know Skype has not created home brew cryptographic algorithms (the implementations are custom), and the report did ease some of our concerns. However, the report is a summary of conclusions and, as such, is quite vague. For example, we do not know much about the protocols being utilized, especially for session key negotiation, and these do appear to be home grown. And, the CRC usage is an example to me of not using industry best practices (of course, VoIP is not my industry).

  2. “Skype uses 256-bit AES to encrypt every session between users. More important, this encryption changes each time you contact someone via IM, file transfer, or a voice call. So if some malicious person managed to capture all the data and managed to figure out your AES key, it would be worthless for the next call you make with Skype. Cracking the AES key would take someone roughly 20 years, so it’s not very probable.”

    The fact is, we do not know enough to make such statements. The key life cycle for Skype has not been provided to us. For example, without knowing how these AES session keys are generated and exchanged, claiming the strength of the session confidentiality is equivalent to that of cracking AES encryption with a 256 bit key is not possible and there is no guarantee of perfect forward secrecy.

    Let’s take the example of a very simple, RSA-based key exchange between two clients to demonstrate the example given in the preceding paragraph. (This is not a step-by-step example of a key exchange, and we are not going into the various types of attacks, just a couple relevant to what we want to demonstrate – please don’t beat me up on this piece. :) ) Let’s say each client has a static, 1024 bit RSA key pair. Both clients generate a 128 bit random values from a reasonable pseudo random number generator seeded with a solid amount of gathered, whitened system entropy, encrypt these key components using RSA with the other client’s public key, exchange these encrypted key components with each other, decrypt the encrypted key component using their respective private keys, and then simply concatenate these two values to form a 256 bit AES key. This key exchange is weaker than the 256 bit AES key being exchanged (e.g., an ideally generated RSA key pair with a 1024 bit modulus being used for RSA encryption is not close to equivalent in strength to (half of) a 256 bit AES key being used for AES encryption), and it lacks perfect forward secrecy (e.g., if the RSA private keys are compromised, then all AES session keys negotiated between these two clients (or one half of the session keys negiotated between one of these clients and another client) under these RSA key pairs are compromised, regardless of whether new session keys are generated during each key exchange, assuming the adversary can eavesdrop on the key exchange as they can the established session).

    When I skimmed the report previously, I did not see any claims in the report as to the confidentiality of the session being as strong as the underlying AES primitive with a 256 bit key nor to perfect forward secrecy.

  3. “Tom found some code issues, didn’t he? Well are they fixed yet? Where is the proof? How will Skype continue to test their security with third parties like Anagram Labs?” Security is an on going process and one security evaluation will not be enough to convince the biggest of security skeptics.”

    Very true, reading the post on the Skype blog, there is no statement as to whether they actually made changes with respect to the issues discussed in the report. I also wonder if they are reading the comments on the report and other questions raised by security people.

This is not to put the Skype security assessment nor Michael Gough’s positive comments in a negative light. As stated in a previous post,

Now, I do feel Skype provides confidentiality beyond a traditional phone company. I still believe the protocols should be publicized fully for proper evaluation, but I think Skype has done a good job having a respectable and known third party evaluate the security assessment of its system. That is a big step, and I was particular encouraged by the following statement from the blog post.

    As Skype and its software and services evolve, so does the need for security and similar reviews. This won’t remain the last one, but we’re happy to get our security review process off the ground with this report.

My set of thoughts as I skimmed the report can be found in a previous post.

(Ok, time for some hot coffee!)

via Skype Journal

Posted in Crypto, Skype, VoIP | 3 Comments »

Skype security

Sunday, October 23rd, 2005

Once again, we have fallen behind on reading the multitude of blog feeds we are subscribed to, but I just noticed the Skype blog posted that a general security analysis has been performed on the workings of the Skype system. I downloaded the report, which is essentially a summary of the results of the analysis. While details of the proprietary protocols are not given, it does provide some information about the mechanisms being employed and clearly states that the author of the report, Tom Berson of Anagram Laboratories, feels that Skype has done a good job of designing security elements into its system. The conclusions are summarized in the following statements at the end of the report.

The designers of Skype did not hesitate to employ cryptography widely and well in order to establish a foundation of trust, authenticity, and confidentiality for their peer-to-peer services. The implementers of Skype implemented the cryptographic functions correctly and efficiently. As a result, the confidentiality of a Skype session is far greater than that offered by a wired or wireless telephone call or by email and email attachments.

Beyond errors in the cryptosystem, I have also looked for back doors, Trojans, overreaching “debugging” facilities, etc. I did not find any hints of malware in the portions of the Skype code I reviewed.

I remember a post we wrote back in September of this year, in which I stated the following.

On a side note, the article glazes over the security of VoIP, as it does anything technical being outside the focus, but Werbach does give the following example.

    “Skype, for example, encrypts every call end to end, providing more privacy than any traditional phone company.”

It may, it may not. I tend to think it is no worse.

The main drawback of Skype is that it uses proprietary protocols. For example, the cryptographic protocol has not been publicly disclosed.

Now, I do feel Skype provides confidentiality beyond a traditional phone company. I still believe the protocols should be publicized fully for proper evaluation, but I think Skype has done a good job having a respectable and known third party evaluate the security assessment of its system. That is a big step, and I was particular encouraged by the following statement from the blog post.

As Skype and its software and services evolve, so does the need for security and similar reviews. This won’t remain the last one, but we’re happy to get our security review process off the ground with this report.

On a side note, some things I noted while skimming the paper. Berson’s conclusions pretty much summed these up.

  1. The code correctly implements AES using a block size of 128 bits and a key size of 256 bits. Standard AES-256 test vectors and keys were compared to the Skype AES. Skype AES matches the results produced by other implementations. Skype put significant effort into making Skype AES run quickly. It is optimized for Integer Counter Mode.

    Optimized AES implementations can be susceptible to information leaks, like these. Berson later points out

    It is well known that implementations of cryptographic operations may sometimes leak information about the plaintext or the key through their consumption of shared resources, such as storage, CPU time or power.

    and

    I consider this a minor problem, because a malicious program running on the same platform as a Skype client could do much greater damage directly.

  2. B. A CRC is computed on the contents of the encrypted buffer. The mod 2 sum of the CRC with the low order 2 bytes of the packet_index is stored in the last 2 bytes of the buffer.

    No keyed message authentication code (MAC) for integrity, just a squishy CRC. Berson later points out

    CRC-type checksums are commonly used in communication protocols to reliably and efficiently detect bit errors. However, because they are linear, they may be unsuitable for the purpose of detecting intentional modification of data.

  3. Why use AES with a 256 bit key when RSA with a ?? (client-client), 1536 (client-server), or 2048 (client-server) bit modulus is being used for key exchange? It could be planning for future changes that will strengthen the key exchange mechanism.
  4. There is no discussion on the coding practices utilized by the Skype team. For example, is code reviewed for common errors, such as buffer overflows? Berson finds

    I found a potential error associated with the decoding of integers. The error does not imperil the confidentiality of Skype communications, but might lead to unpredictable behavior in the presence of malicious inputs. I communicated this information to Skype engineering.

  5. The details on the protocols being used, especially for key exchange, are vague. While more information is given, it still requires leaps of interpretation by the reader to figure out what may be going on.
  6. Bravo to Skype for this initial security review.

Update: Whoops, forgot – via Share Skype

Posted in Crypto, Skype, VoIP | 2 Comments »

Time

Wednesday, October 19th, 2005

Time. We never have enough of it. This guy gives his opinion on how to live the most each day with so little of it. And, now, the next NYCBUG meeting is about time (management for the system administrator, that is), to be presented by Tom Limoncelli on November 2, 2005.

Speaking of, I just flew through the The Time Traveler’s Wife by Audrey Niffenegger. It came to me highly recommended, and now I highly recommend it. By the end, my vision was blurred with emotion. I knew Henry and Clare.

(Oh, and nothing to do this post, but cool.)

Posted in NYCBUG, Off-topic | No Comments »

Customer service and pride follow-up

Monday, October 17th, 2005

We received an email that had the following paragraph in it, which was in response to the “Customer service and pride” post a couple of weeks ago. Note: The company name was redacted by me, as the following paragraph was contained in a personal message and not an official statement from the company.

I agree with the comments you made regarding customer service. That
type of outlook made the difference at xxxxxxxx. Fortunately the
philosophy you describe was shared by many people at the company.

Suffice it to say, the company in reference has a worth in the hundred of millions (USD), is still customer focused, and is continuing to grow rapidly and successfully. They should serve as an example to us all.

Posted in Customer service, D-Kriptik | No Comments »

Customer service and LIRR

Monday, October 10th, 2005

We always take notice of great service, as it fits with our core values and so serves as a good example for the D-kriptik team (and hopefully others as well). These stories are always relayed within our community, but we used to say this was off-topic for the blog. We now feel that was a naive view and ignored our non-technical values, so these types of posts will become a norm on this blog.

Anyway, here was my experience. I was on the 4:54Am EST Long Island RailRoad (LIRR) train out of Penn station to the Bablyon one morning last week on my way out to Huntington. I was supposed to transfer at Jamaica to the Huntington train, but, unfortunately, I fell asleep on the Babylon train.

(For those that don’t ride the LIRR to Huntington or other destinations, the LIRR has conductors on the trains that come around and check tickets. Under normal circumstances, a one-way ticket from Penn to Huntington gets checked twice, between Penn station and Jamaica station, and between Jamaica station and Huntington station. Generally, the conductor will punch (a hole in) the ticket once between Penn and Jamaica, and then punch and keep the ticket between Jamaica and Huntington. The reason for this is that the conductors need to keep track of how much of the ticket is used but cannot keep the ticket at that point because the legs of the trip might involve transfers, such as switching trains at Jamaica. Once you are on the final leg of the journey with no more potential for transfers, the ticket is normally kept by the conductors as it is all used up.)

Well, after we had passed Jamaica, the conductor came around for tickets again. When he woke me up, I asked if we had passed Jamaica and said I was going to Huntington. He said that was a problem as we already left Jamaica, so we chatted a bit. He came up with two options for me: check if I could find someone to pick me up at some station other than Huntington, or go back to Jamaica and change trains to Huntington. I chose to go back to Jamaica, so he wrote a note on my ticket stating what happened, providing some identifying information, and giving me the “OK” to ride back to Jamaica without having to buy a new ticket, which was great. He also said to try to stay awake, at least until I was on the Huntington train. Friendly, caring, and helpful.

So, I hopped off the train at Lynbrook and caught a train going back to Jamaica at around 5:30AM EST. The conductor on this train came around, saw my ticket, read it, smiled with sympathy at what happened, and then chatted with me about when the next train to Huntington would be leaving from Jamaica (“6:02AM or 6:12AM”), which was her next train as well. Again, friendly, caring, and helpful.

The wee hours of the morning, and they were friendly, caring, and helpful. I walked away feeling like I got something extra for my money. Now, that is customer service, and, as a core value of D-kriptik, when we see it in others, we feel a need to praise it. Bravo to the LIRR employees.

Posted in Customer service | 3 Comments »

NYC BUG Meeting October 2005

Friday, October 7th, 2005

At 5PM EST on Wednesday (05-10-2005), I ended up at Stout NYC for a quick meeting. After discussing an interesting project and then passing it along to a buddy of mine (not to mention, drinking a couple of delicious stout beers), I realized it was time to run, literally, downtown. I made it to the New York City (NYC) BSD User’s Group (BUG) meeting at around 6:15PM EST, sweaty and tired, and the presentation was just starting up when I arrived.

The topic was on Google Summer of Code projects done for NetBSD and was presented by Jan Schaumann. This topic was not of particular interest to me, but I did take notes, and the following is, essentially, those notes.

For those that don’t know, the Google Summer of Code was a program sponsored by Google to give students an opportunity to write code for opensource projects over the summer and make some money in the process. Organizations, such as the NetBSD team, could sign up to participate and provide a list of projects that would be good for a student to get done over the summer. Students could then submit proposals to work on particular efforts, and selected students/projects (only one student per project, project had to involve writing code) are assigned mentors from the mentoring group to oversee the project. At the end of the summer (“pencils down” on 01-09-2005), the code was turned in, and, if the project met its milestones, the student received $4,500 USD. Regardless of the outcome, the mentoring organization received $500 USD per project undertaken.

NetBSD was not actually on the list of mentoring organizations during the first deadline for signing up as such, which was May 31, 2005. Only 4 or 5 oranizations were signed up at that point, such as Perl, Python, and Gnome, at that point. Google extended the deadline by one day, and an additional ~20 organizations signed up, including NetBSD.

The NetBSD group was pleased with the results of the Google Summer of Code, and they hope Google will do it again. The understanding is that Google plans to do it again, but has not said when.

Interesting side note: Google original set aside money for 200 students to participate (200 projects * $5,000 USD = $1,000,000 USD). Apparently, the lead of the Google Summer of Code ran into Sergei Brinn. Sergei asked him how it was going, and he responded positively. Sergei was pleased and said double the number of students (400 projects * $5,000 USD = $2,000,000 USD).

In total, seven NetBSD projects were selected.

  • hfs – add support for the standard Mac OSX filesystem to NetBSD
  • ndis – port the FreeBSD NDIS implementation to NetBSD
  • tmpfs – create a filesystem that is designed specifcally for use in volatile memory (e.g., RAM)
  • userfs – provide an interface for attaching filesystems in user mode
  • wcurses – add wide charater support to curses
  • zeronconf – provide automatic network configuration
  • bpg – create an OpenPGP client for NetBSD

This encompassed 7 students, 11 mentors from NetBSD, and 2 managers for the overall program at NetBSD. The source repository was established at sourceforge by the NetBSD, so the students could then just get to coding. The people involved in the program were scattered all over the world, as is common with opensource efforts.

As far as the success of the projectes, it breaks down to the following.

  • hfs – success, but overall scope had to be scaled down in the beginning as it was too ambitious an undertaking
  • ndis – success, and student is continuing to work on the effort
  • tmpfs – most successful; student plans an OnLamp article
  • userfs – success, but bare-bones
  • wcurses – success
  • zeronconf – success, but needs work; this project suffered from too many mentors, which led to no mentor having real responsibility or a direct connection with the student
  • bpg – success, and student is continuing to work on the effort; student wrote an article to be published in Dr Dobb’s Journal.

NetBSD has a focus on quality and a rigid process for allowing code into its codebase, so most of the code has not yet been imported into NetBSD and some needs major work. But a great deal of progress was made on a number of task the NetBSD team was looking to undertake, and Jan feels all of the NetBSD projects undertaken for the Google Summer of Code were a sucess. NetBSD would definitely participate in the program again.

Thanks to NYC BUG for organizing the meeting, and Jan Schaumann for presenting. I am still amazed and pleased by how lively the BSD community is around here. It is certainly good to be back in NY.

Posted in NYCBUG, Off-topic | No Comments »

« Older Entries