From 4e738bc3ff64b034b3d00b0547be017c6b9d5975 Mon Sep 17 00:00:00 2001 From: Hannes Mehnert Date: Fri, 11 Oct 2024 11:30:39 +0200 Subject: [PATCH] update links --- About Us/Network | 2 +- About Us/Retreats | 2 +- Our Work/Projects | 10 +++++----- Our Work/Publications-and-Talks | 4 +--- 4 files changed, 8 insertions(+), 10 deletions(-) diff --git a/About Us/Network b/About Us/Network index 93e7da9..8ed3586 100644 --- a/About Us/Network +++ b/About Us/Network @@ -10,7 +10,7 @@ title: Network [Least Authority](https://leastauthority.com) Least Authority is a Berlin-based group building technology that is open source and focused on allowing user freedom and privacy protection in online services. Robur has worked with Least Authority to make security audits of OCaml applications. -[MirageOS](https://mirage.io)
+[MirageOS](https://mirageos.org)
MirageOS is a library operating system that constructs unikernels for secure and high-performing applications. Most Robur projects are designed to be compatible with MirageOS, as well as native operating systems, like Linux or FreeBSD. We work closely with the MirageOS community to help develop its ecosystem and increase the availability of secure applications offered within it. [Nitrokey](https://nitrokey.com)
diff --git a/About Us/Retreats b/About Us/Retreats index 257171a..da2e135 100644 --- a/About Us/Retreats +++ b/About Us/Retreats @@ -7,4 +7,4 @@ Twice a year the Robur team meet with others from the OCaml and MirageOS communi We use these times to discuss and learn about new developments in the MirageOS ecosystem and meet in person about our Robur projects. And of course we have fun whilst we are at it! -The retreats are held in a hostel in the center of the city, which we wholly rent out for the period, with food provided. If you are interested in participating in the next retreat please [see the MirageOS site](http://retreat.mirage.io/) for more details and sign-up method. +The retreats are held in a hostel in the center of the city, which we wholly rent out for the period, with food provided. If you are interested in participating in the next retreat please [see the MirageOS site](http://retreat.mirageos.org/) for more details and sign-up method. diff --git a/Our Work/Projects b/Our Work/Projects index bf8e42c..3a674e6 100644 --- a/Our Work/Projects +++ b/Our Work/Projects @@ -20,7 +20,7 @@ The [Bitcoin Piñata](http://ownme.ipredator.se) is a transparent [bug bounty](h Its open communication channels are HTTP and HTTPS, and a TLS client and TLS server endpoint, all written in [OCaml](/Our%20Work/Technology-Employed#OCaml). The cryptographic material for TLS is generated on startup in the Piñata and is supposed to never leave it. However, if an attacker manages to establish a mutually authenticated (using certificates) TLS channel, the private key to the bitcoin wallet is transmitted over this channel, and the attacker gains access to the bait (the bitcoins). -The project was [launched](https://mirage.io/announcing-bitcoin-pinata) on February 10th 2015. At this time friends from the IPredator project lent us 10 bitcoins (back then worth ~2000 EUR) for the bait. By 2018 no one had successfully cracked the Piñata and the bitcoins, by this point worth ~200 000 EUR, were repurposed for other projects, however the project remains live, with a small amount of bitcoins in it, for anyone wishing to try to crack it. +The project was [launched](https://mirageos.org/announcing-bitcoin-pinata) on February 10th 2015. At this time friends from the IPredator project lent us 10 bitcoins (back then worth ~2000 EUR) for the bait. By 2018 no one had successfully cracked the Piñata and the bitcoins, by this point worth ~200 000 EUR, were repurposed for other projects, however the project remains live, with a small amount of bitcoins in it, for anyone wishing to try to crack it. [Hannes Mehnert](/About%20Us/Team) and David Kaloper-Meršinjak designed the Bitcoin Piñata to attract security professionals to look into our [TLS](https://en.wikipedia.org/wiki/Transport_Layer_Security) stack, developed purely in OCaml since early 2014. @@ -39,10 +39,10 @@ The source code of the Piñata is [open source](https://github.com/mirleft/btc-p Further links about the Bitcoin Piñata: -- [Statistics after 5 months](https://mirage.io/blog/bitcoin-pinata-results) +- [Statistics after 5 months](https://mirageos.org/blog/bitcoin-pinata-results) - [Post about whacking the pinata](https://somerandomidiot.com/blog/2018/04/17/whacking-the-bitcoin-pinata/) -- [Evaluation 3 years later](https://hannes.nqsb.io/Posts/Pinata) -- [Usenix security research paper on TLS stack](https://usenix15.nqsb.io) +- [Evaluation 3 years later](https://hannes.robur.coop/Posts/Pinata) +- [Usenix security research paper on TLS stack](https://www.usenix.org/conference/usenixsecurity15/technical-sessions/presentation/kaloper-mersinjak) @@ -81,7 +81,7 @@ The Domain Name System is used like a phone book for the internet - it translate On the one side, the authoritative server, which has delegated responsibility for a domain, provides that mapping information (i.e. that a certain IP is the right one for a certain domain), and on the other side a resolver provides the functionality to figure out which server to request for each query a client has. -Since 2017 we have developed DNS, server, resolver, and client as a spare-time project. They serve different purposes in our ecosystem: the server is used by domains such as nqsb.io and robur.coop as an authoritative server; we use a caching resolver for our bi-annual hack retreats in Marrakesh; and the client is used by any MirageOS unikernel that needs to resolve domain names. +Since 2017 we have developed DNS, server, resolver, and client as a spare-time project. They serve different purposes in our ecosystem: the server is used by domains such as robur.coop as an authoritative server; we use a caching resolver for our bi-annual hack retreats in Marrakesh; and the client is used by any MirageOS unikernel that needs to resolve domain names. When developing this project we carefully considered which elements were strictly required and have ensured a minimal codebase, providing for better security and ease of use. diff --git a/Our Work/Publications-and-Talks b/Our Work/Publications-and-Talks index 4b00035..bb9fe3a 100644 --- a/Our Work/Publications-and-Talks +++ b/Our Work/Publications-and-Talks @@ -28,9 +28,7 @@ Discusses the basic usage of DNS, including stub and recursive resolver, server; [Engineering with Logic: Rigorous Test-Oracle Specification and Validation for TCP/IP and the Sockets API (JACM vol 66, January 2019)](https://dl.acm.org/citation.cfm?id=3243650), [full paper.](https://www.cl.cam.ac.uk/~pes20/Netsem/paper3.pdf) (Steve Bishop, Matthew Fairbairn, Hannes Mehnert, Michael Norrish, Tom Ridge, Peter Sewell, Michael Smith, Keith Wansbrough) -[Not-quite-so-broken TLS: lessons in re-engineering a security protocol specification and implementation (Usenix security 2015)](https://usenix15.nqsb.io), [video presentation](https://www.usenix.org/conference/usenixsecurity15/technical-sessions/presentation/kaloper-mersinjak) (David Kaloper-Meršinjak, Hannes Mehnert, Anil Madhavapeddy, Peter Sewell) - -[Not-quite-so-broken TLS 1.3 Mechanized Conformance Checking - TLS 1.3 Ready or Not (TRON)](https://tron.nqsb.io), [workshop website](https://www.ndss-symposium.org/ndss2016/tron-workshop-programme/) (David Kaloper-Meršinjak and Hannes Mehnert) +[Not-quite-so-broken TLS: lessons in re-engineering a security protocol specification and implementation (Usenix security 2015)](https://www.usenix.org/conference/usenixsecurity15/technical-sessions/presentation/kaloper-mersinjak), [video presentation](https://www.usenix.org/conference/usenixsecurity15/technical-sessions/presentation/kaloper-mersinjak) (David Kaloper-Meršinjak, Hannes Mehnert, Anil Madhavapeddy, Peter Sewell) # Martin Lucina