[Commotion-dev] GNU 30 Hackday Commotion Security Tasks

Mon Sep 23 16:40:03 UTC 2013

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Very true on all counts.  I'm not sure if diving into the jungle that
is wpa_supplicant will be any less challenging, but it would certainly
be just as globally beneficial to figure out why Debian-based distros
are still stuck on wpa_supplicant 1.0.x, when version 2.x ais required
for decent IBSS_RSN support (and a whole bunch of other things).

Jordan McCarthy
Open Technology Institute | New America Foundation
Public Key: 0xC08D8042 | 4A61 3D39 4125 127D 65EA DDC2 BFBD A2E9 C08D 8042

On 09/23/2013 12:33 PM, Josh King wrote:
> That sounds great; however, I would imagine that rewriting the
> Broadcom driver stack would likely be well beyond what could be
> accomplished in a 3-day hackathon. Perhaps there are other discrete
> tasks around IBSS-RSN that could be accomplished? I know that
> wpa_supplicant's implementation could use some debugging.
> 
> On 09/23/2013 12:31 PM, Jordan McCarthy wrote:
>> I'm not sure what areas of interest and expertise will be
>> represented at this event, but if there's even a small amount of
>> representation from hardware/driver coders, it would be
>> spectacular to get some people working on more universal support
>> for the nl80211 kernel-driver interface.  Support for the nl80211
>> interface is a hard prerequisite for IBSS-RSN encryption, but
>> there are nevertheless quite a few driver families that have no
>> support for nl80211.  In particular, virtually none of the
>> broadcom wireless chipsets support this interface, and hence very
>> few products that rely on broadcom chipsets can currently 
>> contribute to a properly-secured mesh network.
>> 
>> Just my two cents, Jordan
>> 
>> Jordan McCarthy Open Technology Institute | New America
>> Foundation Public Key: 0xC08D8042 | 4A61 3D39 4125 127D 65EA DDC2
>> BFBD A2E9 C08D 8042
>> 
>> On 09/13/2013 10:55 AM, Josh King wrote:
>>> Hi everyone,
>> 
>>> I've received an email from one of the organizers of a
>>> hackathon at Ekoparty (http://ekoparty.org), a security
>>> conference taking place in Buenos Airies in concert with the
>>> GNU 30th anniversary. Since we are listed as a GNU 30 project,
>>> they were interested in possible security-related tasks or bugs
>>> in Commotion that could conceivably be tackled as part of a
>>> 3-day hackathon.
>> 
>>> So I'd like to solicit suggestions for items that would be 
>>> interesting for participants to work on in connection with 
>>> Commotion so that I can forward that on to the organizers. The 
>>> sooner we get some suggestions, the more time participants
>>> will have to prepare. Thanks!
>> 
>> 
>> 
>>> _______________________________________________ Commotion-dev 
>>> mailing list Commotion-dev at lists.chambana.net 
>>> https://lists.chambana.net/mailman/listinfo/commotion-dev
>> 
>> _______________________________________________ Commotion-dev
>> mailing list Commotion-dev at lists.chambana.net 
>> https://lists.chambana.net/mailman/listinfo/commotion-dev
>> 
> 
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQEcBAEBCgAGBQJSQG7iAAoJEL+9ounAjYBC/WkIAKChUTScEDlY+OSwTPEOF2P8
sq/2kUJvVeamT75mPNA4/VtjUpwPsTBLIJNdWCNyrJOKONZvYA15Iyr+n7UXwBOP
2cVpQM6ddRk+J+o3KvVO+6iXV46c4mGW/fk1vKbB+hG9XOsqFM3K14/KHov0IDeo
2mEef4EVrF87W9i1AVLL3/qqcBX6kuMJ9a4bs5Dxmensk7dWfRFWR5qMb2bp1388
h6nvG5jrmHpcZG/Z9T9D1T0nrAlFJ6K2A9GGQgTqCmPlD/ZivBHcbD6pvmXSD28t
H8KawyC9h2WKlWZteqxZ5xMTuePzD/6bx1igWkSjO/3+0QP5heJTovI/lar9tKg=
=c0Cg
-----END PGP SIGNATURE-----