Debian Conference 2014

Speaker: Daniel Kahn Gillmor
Computer users leave traces of data on local and remote machines that record their activity. These records can cause problems for people who do not want their activities tracked, and they facilitate both mass and targeted surveillance. Service operators are put in an uncomfortable position because of the existence of this data: they have a responsibility to protect their users, but they may also be at risk of compelled data disclosure against their users' interests. One way to avoid this problem is to reduce or eliminate the quantity of data generated and stored by any system by default in its regular operations. If you don't have the data, it can't be used against you or against your users. Debian is in a good position to shape norms around this -- we can configure default logging levels; we can tune what specifically gets logged, and we can determine how long logs are kept by default. This is a discussion about how to achieve the goal of data minimization within Debian, while considering the tradeoffs and consequences of this sort of change. We should cover at least: * what kind of statement (if any) about default levels of logging for debian packages might belong in Debian Policy * points of convenient control for minimizing logging on standard debian systems * different system logging architectures and how they can support data minimization * how to provide both data minimization and useful debugging information at a system level

Speaker: Tom Marble
Many elements of security we rely on such as generating of encryption keys and synthesizing one time session keys depend on random number generation. Any predictability of these numbers introduces potential weakness in secure systems. We often use Pseudo-random number generators (PRNGs) because they are quick and convenient, yet they are deterministic algorithms for approximating a sequence of random numbers. By contrast a true random number generator (TRNG) is implemented in hardware based on a physical process that creates unpredictable noise. Often entropy from TRNGs is used to seed PRNGs to provide a balance of speed and unpredictability. In this talk I will discuss the USB TRNG project of AltusMetrum to create a fully open source hardware TRNG. Why make yet another TRNG when several are commercially available? Because most existing TRNGs are expensive, out-of-stock or based on closed designs. The USB TRNG can be connected to the Entropy Key Daemon (ekeyd) which can provide entropy directly to the kernel pool or serving via the EGD protocol. How can we evaluate the quality of the USB TRNG? Results of statistical analysis will provided along with detailed design documents in order to encourage critical community review.