Free Software

Description:
Fear, Uncertainty, Doubt, and Disinformation exists around the modern computer processor. Revelations brought about from leaks has left the technology community concerned about what is being integrated into their hardware and what kind of vulnerabilities exist. This discussion will introduce concepts such as Active Management Technology, Trusted Execution Environments, and Out-Of-Band system access.

About Aaron:
Aaron is an experienced Linux user with several years of teaching experience. He works in the industry as a software developer while also providing consultancy on cyber security related topics. His discussions are AZ Post certified for training credit for law enforcement and he prides himself on providing quality educational material that is relevant and topical. He has a Masters Degree in Intelligence Analysis with a focus in Cyber Security, is a life long learner, and prides himself on staying up to date with the ever changing field of cyber security.

This month der.hans will present "ActivityPub: Decentralized Social Networking" for us.

Description:
ActivityPub is a decentralized social networking protocol for allowing various services to interact.
For instance, a long form blog engine can use an external microblogging service for comments.
ActivityPub is based on the ActivityStream 2.0 data format. It provides client to server APIs and server to server APIs for server to server federating.

Attendees will learn about:

• Why decentralized social networking is useful
• The history of ActivityPub
• The history of decentralized social networking
• Overview of some activities available through ActivityPub
• List of services implementing ActivityPub
• Now what?

Biography:
der.hans is a Free Software community veteran, presenter and author. He is the founder of the Free Software Stammtisch, BoF organizer for the Southern California Linux Expo (SCaLE) and chairman of the Phoenix Linux User Group (PLUG).
As a technology and entrepreneurial veteran, roles have included director of engineering, engineering manager, IS manager, system administrator, community college instructor, developer and DBA.
He presents regularly at large community-led conferences (SCaLE, SeaGL, LibrePlanet, LFNW, Tübix) and many local groups. 

This month Aaron Jones will present "Introduction To Remote Access Tools (RATS)"   Introduction To Remote Access Tools (RATS) is a two-hour course designed to provide an overview of what a RAT is, how it is created, and what kinds of legal and illegal behaviors are being facilitated by their deployment.   You are invited and we encourage you to invite any one you like. This is open to the public as well as law enforcement or anyone else who would like to come. I think it will be a good class and hope to see you there.

More information available from: https://phxlinux.org/index.php/meetings/20-plug-security.html

We'll be having 2 presentations this month from Ed Nicholson and der.hans.

Ed Nicholson - Technical Debts and Digital Assets

Description
Exploring the analogy of debt and real world financial obligations, as
a context for a software's or system's life cycle.
Debt and Software are both fundamentally types of Intangible Assets.
This talk is an exploration of how the much older asset class, Debt,
may be usefully applied in understanding the relative newcomers,
Software and Systems.

About Ed:
I support Free Software and how people, organizations and populations use, create and experience information. I enjoy The Prescott National Forest as my "office" and The Valley of The Sun as a home away from home. Personal systems run either Fedora, Project Atomic, Android or OpenBSD.



der.hans - Introduction to /etc/alterntives

Description:
/etc/alternatives allows choosing among many programs to provide a certain functionality.
For instance, editor can point the locally preferred text editor. alternatives will also make sure man-pages also match.
Attendees will learn:

• What is /etc/alternatives
• Why is /etc/alternatives
• How to configure /etc/alternatives
• How to use helper scripts

About der.hans:
der.hans is a Free Software community veteran, presenter and author. He is the founder of the Free Software Stammtisch, BoF organizer for the Southern California Linux Expo (SCaLE) and chairman of the Phoenix Linux User Group (PLUG).

As a technology and entrepreneurial veteran, roles have included director of engineering, engineering manager, IS manager, system administrator, community college instructor, developer and DBA.

He presents regularly at large community-led conferences (SCaLE, SeaGL, LibrePlanet, LFNW, Tübix) and many local groups.

For this month's Security Meeting, Aaron Jones will be giving us an "Introduction to Shodan"

Introduction To Shodan is a two-hour course designed to provide an overview of the search engine for finding devices connected to the internet. Shodan is a security researcher tool that works by scanning the entire internet, locating and parsing banners, and then returning this information to the user. Shodan is an excellent tool to familiarize yourself with if you do not have the infrastructure or tools necessary to run masscan yourself. Shodan is useful in the target selection phase of an operation.

About Aaron:
Aaron is an experienced Linux user with several years of teaching experience. He works in the industry as a software developer while also providing consultancy on cyber security related topics. His discussions are AZ Post certified for training credit for law enforcement and he prides himself on providing quality educational material that is relevant and topical. He has a Masters Degree in Intelligence Analysis with a focus in Cyber Security, is a life long learner, and prides himself on staying up to date with the ever changing field of cyber security.  

For this month's Security Meeting, Aaron Jones will be giving us an "Introduction to Shodan"

Introduction To Shodan is a two-hour course designed to provide an overview of the search engine for finding devices connected to the internet. Shodan is a security researcher tool that works by scanning the entire internet, locating and parsing banners, and then returning this information to the user. Shodan is an excellent tool to familiarize yourself with if you do not have the infrastructure or tools necessary to run masscan yourself. Shodan is useful in the target selection phase of an operation.

About Aaron:
Aaron is an experienced Linux user with several years of teaching experience. He works in the industry as a software developer while also providing consultancy on cyber security related topics. His discussions are AZ Post certified for training credit for law enforcement and he prides himself on providing quality educational material that is relevant and topical. He has a Masters Degree in Intelligence Analysis with a focus in Cyber Security, is a life long learner, and prides himself on staying up to date with the ever changing field of cyber security.  

We'll have 2 presentations at this month's meeting, both from der.hans. Federated Microblogging with Mastodon & uMatrix for webbrowser protection 

der.hans: uMatrix for webbrowser protection

Description:
uMatrix is a webextension security and privacy add on for Firefox.
Via a simple interface uMatrix allows personal rules for website cookies, JavaScript, CSS, pictures and video.
uMatrix uses and maintains per site allowlists and blocklists. For example, you can allow cookies, JavaScript, CSS and images for www.example.com and only CSS and images from cdb.example.com while blocking everything from spies.exampleduplicate.com.
Attendees will know what the web components are that uMatrix controls, how to use the uMatrix GUI interface and save rules.

der.hans: Federated Microblogging with Mastodon

Description:
Mastodon is a decentralized, open source social network. It implements ActivityPub for compatibility with other federated services such as Plume blog engine, PixelFed picture sharing service and PeerTube video sharing service.
Mastodon has per message privacy controls. Each message can be fully public, unlisted, private of direct.
Mastodon also gives you multiple options to block content, accounts or even complete domains.
Since Mastodon is federated there are many servers. Choose the independently-operated service that meets your needs. Like email, you aren't limited to just members of that particular service. You can even install your own instance.
Mastodon posts are limited to 500 characters and intentionally do not have rich text. It's for microblogging :).

Biography:
der.hans is a Free Software community veteran, presenter and author. He is the founder of the Free Software Stammtisch, BoF organizer for the Southern California Linux Expo (SCaLE) and chairman of the Phoenix Linux User Group (PLUG).
As a technology and entrepreneurial veteran, roles have included director of engineering, engineering manager, IS manager, system administrator, community college instructor, developer and DBA.
He presents regularly at large community-led conferences (SCaLE, SeaGL, LibrePlanet, LFNW) and many local groups.

For this month's security meeting we will have a presentation by Todd Stewart from SRP's Cyber Security department on "5 Habits of Highly Secure People"


Todd Stewart: 5 Habits of Highly Secure People

The presentation will cover the challenges of defending critical infrastructure in today’s Cyber World. It will also cover how to develop healthy cyber security habits at home. You have more control than you think when it comes to protecting your digital life. The goal of this presentation is to change your perception of cyber security and empower you to be accountable for cyber security at your job and at home.

About Todd:
Todd has been with SRP for 16 years. He was a system administrator for 10 years and has spent the last 6 years in Cyber Security. In his current role he is a Senior Cyber Security Analyst and is part of a team tasked with reducing Cyber risk to SRP. He holds Security Professional certifications as a Certified Information Systems Auditor (CISA), a GIAC Critical Control Certification (GCCC), a Foundational Certificate for the Information Technology Infrastructure Library (ITIL) and a Prosci Organizational Change Management (OCM) certification. Todd's favorite part of his job is meeting with people and helping empower them with the knowledge that they can use tools and techniques to try to protect themselves and their loved ones when using today's interconnected technology.