[nycbug-talk] no more jails

Sat Jul 15 16:06:08 EDT 2006

Hi N.J., All,

On Jul 15, 2006, at 1:31 AM, N.J. Thomas wrote:

>>>>> I'm speaking (my last lecture ever on jails)
>>>
>>>> May I ask why?
>>>
>>> Why is he going to defcon?

Because I desperately want a vacation this summer, and geeking out  
while drinking with friends Vegas will do quite nicely.

>>> why is he speaking?

Because I submitted a paper.

>>> why is he speaking on jails?

Well, the infamous Capture The Flag competition was run from FreeBSD  
jails last year, with great success, and some interesting perks for  
running the competition in such a manner.  The strongest idea for me  
here, is that in this viscous competition between some of the best  
hackers in the world, nobody broke out of their jail(8).  With that,  
jail(8) generated a good deal of interest in the security community,  
which is why I gave a basic 'building jails' lecture at Shmoocon this  
last spring.

At Shmoocon, I had the great luck of meeting a guy named Invisigoth,  
of the Kenshoto group, who have been the administrators for CTF for  
some time.  He spoke of how they/he designed the jailed systems for  
competition, and how they were delighted to be able to maintain a god- 
like view of all the systems in real time- (in previous competitions,  
all the scoring and etc. for the game have been done over the  
network, naturally.)  That stated, they could monitor, manipulate,  
and control the competitors systems directly at a process level, and  
monitor the disk data directly- which made for quite an exiting game.

URLS for Capture The Flag stuff:
http://forum.defcon.org/showthread.php?t=7321
https://www.kenshoto.com/
http://midnightresearch.com/hacking-contest-scoreboard/

Cool stuff....  I'm not sure that jail(8) will be used this year,  
likely not- every year they strive to do something completely  
different for the competitors.  Regardless, last time I was at  
Defcon, I learned more just walking around and watching the  
competitors- than I did watching many of the lectures...  It's a  
really exiting competition...

>>
>> He was probably asking why this is the last time Ike plans to give a
>> talk on jails...
>
> Yes, I wanted to know why Ike was going to stop lecturing on jails.
>
> Thomas

2 reasons why I think this will be my last jail(8) lecture:

1) I'm afraid I may be shamed by the international community of  
hackers after Defcon, as I fear folks there will take my presentation  
and root every jailed box I have ever touched...  After that, who  
wants to hear me talk about secure virtual machines? ;)

2) I figure everyone is getting sick to death of the jail(8) topic,  
(at least until some committers for OpenBSD and NetBSD get exited  
enough about the idea to write the code which implements jail(8) for  
those respective systems :)

Rocket-
.ike