It's a wrap! The BSD-NL Conference - Early 2025 was a blast! 
A huge thank you to all the amazing speakers, (Kristof and Benedict!), attendees, and sponsors who made this event possible! 
Visit the website for more info and the next edition: https://bsdnl.nl
See you at the next one!
Today is a good test for the cooling situation in the #HardenedBSD server room. It's 87F outside and the portable A/C unit is keeping the room at 69F.
So far so good.
Today is the BSD-NL Conference - Early 2025
In between all the hacking and slacking there will be talks!
You can catch the stream on: https://exquisite.tube/c/bsdnlconference/videos
https://events.bsdnl.nl/early25/talk/WDHDZY/
A walkthrough of a packet's journey through (FreeBSD's) pf, concentrating on the big picture and its implications.
by Kristof Provost
https://events.bsdnl.nl/early25/talk/VKEQJW/
We'll follow the adventures of the spaceship BSD-NL 2025 (since NCC-1701 was already taken) on their voyage of exploration.
by Benedict Reuschling
The full schedule 
https://events.bsdnl.nl/early25/schedule/
2025-04-12 / April 12th 2025
10:00-23:00 CET
Brouwerij Maximus (Utrecht) https://bsdnl.nl
It looks like it's going to be rather difficult to stop fdlopen(extattrfd) from the perspective of the RTLD. The file descriptor looks like a regular file, so it's not possible to know that the underlying descriptor points to a filesystem extended attribute.
I think I might be able to prevent mmap(..., PROT_EXEC, ..., extattrfd), though that could be somewhat expensive from a performance perspective. That expense would only be paid if PROT_EXEC is specified, so that could help some.
If I use that approach, I would definitely gate it with a sysctl tunable defaulted to enabled.
For those following along, I'm trying to mitigate this proof-of-concept: https://git.hardenedbsd.org/shawn.webb/random-code/-/blob/main/extattr_dlopen/dlopen.c?ref_type=heads
T-1 days until BSD-NL Full Day Event - Early 2025
We are almost there! See you all tomorrow!
In between all the hacking and slacking there will be talks!
https://events.bsdnl.nl/early25/talk/WDHDZY/
A walkthrough of a packet's journey through (FreeBSD's) pf, concentrating on the big picture and its implications.
by Kristof Provost
https://events.bsdnl.nl/early25/talk/VKEQJW/
We'll follow the adventures of the spaceship BSD-NL 2025 (since NCC-1701 was already taken) on their voyage of exploration.
by Benedict Reuschling
The full schedule https://events.bsdnl.nl/early25/schedule/
2025-04-12 / April 12th 2025 10:00-23:00 CET Brouwerij Maximus (Utrecht) https://bsdnl.nl
From a usability perspective, the last thing to implement is a method for downloading a tarball of the repo (at a specific commit, tag, or branch). That would enable us to integrate support for distset downloading in the #HardenedBSD ports tree (similar to how #GitLab and #GitHub distset support is implemented).
T-2 days until BSD-NL Full Day Event - Early 2025
Sponsor Spotlight
We can not do this without our wonderful sponsors!
Today it's all about individual sponsors.
In no particular order, thank you Dave, Floris, Guido, Rene, Kristof, Timo, Hugo, Bram, Florian and Angie (Nourv2)!!
2025-04-12 / April 12th 2025 10:00-23:00 CET Brouwerij Maximus (Utrecht) https://bsdnl.nl
T-4 days until BSD-NL Full Day Event - Early 2025
Sponsor Spotlight
We can not do this without our wonderful sponsors!
Netzkommune
https://www.netzkommune.de/
2025-04-12 / April 12th 2025 10:00-23:00 CET Brouwerij Maximus (Utrecht) https://bsdnl.nl
T-5 days until BSD-NL Full Day Event - Early 2025
Sponsor Spotlight
We can not do this without our wonderful sponsors!
The Lightbird
2025-04-12 / April 12th 2025 10:00-23:00 CET Brouwerij Maximus (Utrecht) https://bsdnl.nl
T-6 days until BSD-NL Full Day Event - Early 2025
Sponsor Spotlight
We can not do this without our wonderful sponsors!
LAYLO
https://laylo.nl/
2025-04-12 / April 12th 2025 10:00-23:00 CET Brouwerij Maximus (Utrecht) https://bsdnl.nl
T-7 days until BSD-NL Full Day Event - Early 2025
Sponsor Spotlight
We can not do this without our wonderful sponsors!
OpenBSD Amsterdam
https://openbsd.amsterdam/
2025-04-12 / April 12th 2025 10:00-23:00 CET Brouwerij Maximus (Utrecht) https://bsdnl.nl
The Schedule is live!
BSD-NL Conference - Early 2025
2025-04-12 / April 12th 2025 10:00-23:00 CET Brouwerij Maximus (Utrecht) https://bsdnl.nl
If I were to host a regular #HardenedBSD hacking sessions via #Signal, using screen sharing, would you attend?
I wish Signal Desktop supported screen sharing. I would probably do regular #HardenedBSD live hacking sessions over Signal if it did.
edit[0]: According to https://infosec.exchange/@david_chisnall/114270027799791523, Signal does support screen sharing! I'm definitely gonna give this a shot.
building #GerbilScheme from source on #HardenedBSD, as one does. 
I need to give this Scheme a try, since it is one of the most "batteries-included" Schemes I have seen, with documentation that doesn't make me feel great despair.
Current status: Setting up an internal test #Radicle network. I'd like to see if we can at least provide our own Radicle seed network for the #HardenedBSD src and ports trees.
I don't want to place undue burden on the main Radicle network. At least, not until we confirm that it can handle our larger repos.
