Introduction In this blog post, I will show how one can create a mirror of OpenIndiana IPS repositories. IPS repositories hold packages coming from multiple sources, most notably from illumos-gate and oi-userland. Every time user runs pkg update on his OpenIndiana installation, pkg contacts IPS repository to fetch catalog metadata and determines if there are any new updates available. If updates are available, pkg downoalds only changed files over HTTP. IPS application server is written in Python and CherryPy web framework.
After a while, my blog finally received love it deserved. The biggest change is that I migrated the blog from Octopress to Hugo, which is a fast static site generator written in Go. The overall feeling stayed the same, but the blog maintenance is much easier for me. I am still finding my way around Hugo, but so far it works nicely. Another change is that this site is being hosted on Github Pages.
I arrived at CCH in the afternoon and headed directly for NOC Review talk. Guys did really wonderful job, although the Wifi was a problem. I really liked some network facts: ~70 access points, great signal coverage 3059 concurrent wireless clients connected during peaks traffic usage of 8.2 Gbps 40% of traffic being IPv6 Video can be found here. The 29C3 was really nice experience and I will definitely return back to 30C3.
Third day of the Congress was filled with some number of interesting talks I visited. I started with a talk, in which I was interested the most - An Overview of Secure Name Resolution - DNSSEC, DNSCurve and Namecoin. Speaker gave great introduction into DNSSEC and also talked about its deployment rate. He also spoke DNSSEC’s use in amplification attacks and suitable countermeasures. DNSCurve and Namecoin was discussed as well. From this talk, it is clear that DNSSEC is the way forward.
I started this day with visiting talk by Axel Arnbak titled Certificate Authority Collapse. Axel talked about the current model being completely broken (nothing new in the security community) and that the change is needed. He described the DigiNotar incident. The European Union wants to address this issue by regulations, which do more harm than good. If the CA model is broken, it should be fixed technically and not by law.
29c3 is my first Congress I visited. It returned to Hamburg after 8 years of being held in Berlin and is located at the Conference Center Hamburg (CCH). First day’s talk were mostly non-technical ones. Not my department by Jacob Appelbaum proposed that people should develop more software like Tor or similiar tools. The second talk titled Enemies of the State: What Happens When Telling the Truth about Secret US Government Power Becomes a Crime was about breaking the US constitution by the US goverment and the rise of spying practices after 11th September 2001 covered as the fight against the terrorism.