Ce mercredi 5 juin, j’ai eu l’opportunité de présenter au SSTIC 2024 le résultat de mes recherches sur NSEC3, le sous-système de DNSSEC permettant de sécuriser certains aspects de DNS. J’ai montré comment ce système peut être utilisé pour télécharger la liste des domaines hébergés par les TLD.
The New Year’s Eve 2024 has passed and I’d take this opportunity to write down what’s passing on my mind right now. 2023 has been a better year for me than every other year since 2017~2018, in that nothing really bad has happened 🤷. Here’s some important points:
Work
Things are doing as usual at my full time workplace. Many points of improvement to be made, but as my colleagues are reading I’m not sharing this online 🙂
I went to Offensivecon, Hexacon, SSTIC and gave a talk at the Global Encryption Forum in Switzerland. This gave me a lot of well needed motivation to continue working in the infosec field. Cybersecurity, crypto and embedded devices are very difficult fields, not because they’re particularly technical, but because they move so fast that you can sometimes feel like walking side by side with a moving train. Miss a step and the train is gone. I understand a bit better that I need to clarify my objectives and not be afraid of not pursuing goals I can’t reach – it’s just not possible to be an expert in everything.
Astronomy
I continued taking pictures in 2023, but not that many because the weather in Belgium was not good at all. Here’s a few thumbnails of my 2023’s work:
I finally decided to buy PixInsight to make progress on the astro pictures processing. I looked at ways of monetizing this hobby but unfortunately seems like there’s little business for non-bodyparts pictures on internet:
I also increase my commitment to our local club BW Astronomie, I’m now vice-president of the ASBL.
CTF
I played Hack-a-sat 4 quals with Solar Wine like other three years. Unfortunately we weren’t qualified. No regret at all, it’s a very good CTF and the focus it received from other teams justifies the difficulty of this year’s qualifications.
Cleaning up my parents’ house
This one was a difficult topic. After my mom’s death in 2022, we had to sell the house that was unsustainable for my brother and sister and me. This was a very big project because the house was in a terrible mess. I spent all weekends from end of 2022 to May 2023 for cleaning up, boxing stuff and going to the recycling park. This unpleasant project drained most of my energy during the first half of the year.
The new owner is a very nice family, I’m so glad it’s their house now. I wrote a bit on my mastodon feed about it.
Health
Without entering too much into details, in 2022 I struggled with anxiety a lot. Anxiety at work but also unexplainable anxiety, like feeling nervous when shopping for groceries. Around at the same time in June, I realized my weight reached a threshold and that I wasn’t feeling happy in my body anymore. I started both dieting and exercising once to three time a week. By September I lost 5kg and my anxiety issues were feeling much more manageable. I started plateauing a bit, but it’s in part due to not being comfortable running in bad weather and relaxing a bit my diet.
Another big struggle of mine is my lack of focus, general distraction and difficulty to keep up with projects. I took appointments (again) with health professionals and one of my goal this year is to understand what’s happening in my head.
3D Printing
I’ve had a resin 3D printer since two or three years, but this year I bought a Bambu Lab X1 Carbon (the Rolls of amateur 3D printers) and got introduced to SLA printing. I’ve printed and designed many parts for astronomy, so much that I think I’ll share them in one way or another next year. One of my goals would be to sell some of my original designs printed by myself online.
Home Improvement
I’ve had three main works this year: solar panels (kinda), water boiler (kinda), insulation (kinda).
I bought the solar panels in late 2022, but due to focus shifting and poor organizational skills, I delayed the installation. Now I’ve got almost everything needed to put them on the roof but didn’t have the good occasion for it.
The water heater is in the “kinda” category because I tried to clean it without being properly prepared. After opening it, I couldn’t get the resistor out but it came clear that this heater couldn’t be salvaged. I had to emergency buy a new one, got it delivered in 2 days, and fortunately my brother could help me installing it. I took the opportunity to install a heat exchanger model.
I used the end of December’s holidays to do some home improvement, like deep cleaning my son’s bedroom and adding insulation in the Cellar. I find more motivation now, but getting to work is never easy.
Security research
I unearthed one of my old projects (dates back to 2018) and try to do something useful with it. In parallel, I’m working on some application of algebra, gradient solvers and GPGPU to try solving some problems in cryptography – so far no interesting results.
I’ve also been involved in the fixing of the Terrapin vulnerability in libssh. My last code contributions to libssh date back from a few years, so I’m happy to go back there and contribute more often. Like I said, going back to a code base you wrote but haven’t maintained for years is like entering your childhood’s home but the furniture has moved everywhere.
Family
I’m living alone since 2023, with shared custody of our now-10-years-old. I’m lucky enough that this is not causing more than the occasional organizational trouble, and that kid is doing more than fine at school and at home.
Goals for 2024
There’s some argumentation against setting new year’s resolution. I’ll not hear them and go on because I’ve had my head set about the goals for a while. In order of priority:
Diagnose and start treating my concentration issues (I have a very good idea of where to start).
Continue exercising and eating properly on a regular basis.
Finish and publish my security research.
Be more social and go back in the dating scene.
Make progress with one of my two side projects: design more 3D printed astronomy stuff to sell online, and an educational electronic kit I started designing.
Continue contributing to libssh, either with fresh code or by reviewing and getting merged some of the many pending merge requests.
Stop spreading myself in a thousand of side-projects.
Write more? Maybe start writing a book? A podcast? A Youtube channel?
StarNet (https://www.starnetastro.com/) has become the de-facto star reduction software of choice for astrophotography. Its purpose is to remove stars from the pictures, so you can focus on treating the background that require different settings than the stars. StarNet++ works pretty well on Linux (as a CLI application) but the executable does not support CUDA and GPU acceleration by default, making it a bit slow.
Astrophotography is an awesome passion that’s a mix of science, technology, history, art and dedication. I’m writing this post to share on my journey, not as a way to teach you anything about astronomy, but to offer a window in my life and also show that it’s possible to get started from zero in a new hobby, provided you invest some time into it.
Three years ago, I wrote a blog post on the reasons why I left my job and was pursuing something better suited to my mindset and where healing some wounds wound be possible. I removed it because a person I’d rather not have read it did (if you think it’s you, please return my calls). One or two years before, I started to notice that not only my job had eaten my hobby, but I was less and less interested in computer security and hacking in general – as doing 2 or 3 hours of hacking at home after having spent the day on a pentest was simply not something I enjoyed anymore. It was time for me to be passionate in something else that didn’t involve reading social media for hours (which is unfortunately one of my other hobbies). Maybe go back to something I always loved without taking the time to explore it, partially because I thought that was out of reach or because I should spend all my time trying to be the best hacker in the world (that didn’t work). A few people may know that I was using the handle “spacewalker” until the mid-2000, it didn’t come out of nowhere but from my fascination for the night sky and poor science-fiction cultural references.