[aur-general] Trusted User application: Levente Polyak
Hello everyone, My name is Levente Polyak (also known as anthraxx) and I would like to apply to become an Arch Linux TU. First at all I wanted to thank Felix Yan for being my sponsor for this journey. I was born in 1986 in Budapest (Hungary) and I'm currently working as a software developer and security engineer / pentester in Hamburg (Germany). I use GNU/Linux since something around 2001 and over the years collected lot of experience with different distributions and setups, going from SUSE over Debian and Ubuntu to Gentoo (and some others just for testing or education purpose). I was never fully satisfied with any of those, however with Gentoo I became acquainted with the concept of rolling releases which since then I don't wanted to ever miss. Finally around 2011 I gave Arch Linux a try and within a very short period of time I got fully addicted to its simplicity, flexibility and up-to-dateness. It was the first distribution were I started to feel like being "home" without having anything that annoyed me. I started maintaining packages in the AUR in 2013 and it didn't took long until I noticed that I evolved a passion for doing that. Since then I adopted and submitted several tools and libraries [0] that I find useful and/or use myself. When I find packaging issues or software bugs I contact upstream about the problems and/or contribute to the code directly. To name some: binwalk, lynis, shellnoob, xortool, selene, minitube... Besides my packaging activities I am very active in the Arch CVE Monitoring Team [1] since the first security advisory proposal of Remi [2]. As part of the team I track all relevant CVEs [3] which affect our official packages, push mitigation for important issues via bug reports and publish Arch Linux security advisories (ASA) [4] to the arch-security mailing list [5]. I'm also interested in developing for the Arch Linux ecosystem and as I noticed that the wiki became quite painful for tracking and handling the mitigation procedure, I started building a security tracker. If my current plan sum up I will be able to provide a preview of this soonish. My packages reflect my emphasis related to security, but my general interest in maintaining is not limited to that. However, I experienced that in various security and forensics circles Arch Linux is often being used and people are frequently crying why some of their daily tools are not available in the official repositories. If I became a TU, I would like to start with moving the following packages maintained by me to [community]: lynis, pyrit, binwalk, sslstrip, p0f, cowpatty, perl-term-extendedcolor, smali, volatility, vit, hexer. Additionally I would love to also move some packages maintained by other users to [community] but currently its just an idea as I did not yet ask them what they think about this step: radare2, capstone, zmap, zaproxy, hydra, medusa, nikto, snort, foremost, xpdf, pngcrush, wavemon, python-colorama (+ python2-colorama). On top of this I also had a look at the currently orphaned packages in [community] and I would like to adopt the following packages: ansible, awesome, cclive, codeblocks, fail2ban, fish, ncmpcpp, id3v2. As a small fadeout, besides all of the above, my favorite hobbies are hanging around at the local CCC hackerspace in Hamburg, playing it-sec CTFs, watching animes, geocaching and playing boardgames. Kind regards, Levente [0] https://aur.archlinux.org/packages/?SeB=m&K=anthraxx [1] https://wiki.archlinux.org/index.php/Arch_CVE_Monitoring_Team [2] https://lists.archlinux.org/pipermail/arch-security/2014-September/000098.ht... [3] https://wiki.archlinux.org/index.php/CVE [4] https://wiki.archlinux.org/index.php/Security_Advisorie [5] https://lists.archlinux.org/listinfo/arch-security
On 03/20/2015 01:05 AM, Levente Polyak wrote:
Hello everyone,
My name is Levente Polyak (also known as anthraxx) and I would like to apply to become an Arch Linux TU. First at all I wanted to thank Felix Yan for being my sponsor for this journey.
I'm glad to sponsor you Levente, and I think we are already familiar with your name on the security list. Let the discussion begin! -- Felix
I was born in 1986 in Budapest (Hungary) and I'm currently working as a software developer and security engineer / pentester in Hamburg (Germany). I use GNU/Linux since something around 2001 and over the years collected lot of experience with different distributions and setups, going from SUSE over Debian and Ubuntu to Gentoo (and some others just for testing or education purpose). I was never fully satisfied with any of those, however with Gentoo I became acquainted with the concept of rolling releases which since then I don't wanted to ever miss. Finally around 2011 I gave Arch Linux a try and within a very short period of time I got fully addicted to its simplicity, flexibility and up-to-dateness. It was the first distribution were I started to feel like being "home" without having anything that annoyed me.
I started maintaining packages in the AUR in 2013 and it didn't took long until I noticed that I evolved a passion for doing that. Since then I adopted and submitted several tools and libraries [0] that I find useful and/or use myself. When I find packaging issues or software bugs I contact upstream about the problems and/or contribute to the code directly. To name some: binwalk, lynis, shellnoob, xortool, selene, minitube...
Besides my packaging activities I am very active in the Arch CVE Monitoring Team [1] since the first security advisory proposal of Remi [2]. As part of the team I track all relevant CVEs [3] which affect our official packages, push mitigation for important issues via bug reports and publish Arch Linux security advisories (ASA) [4] to the arch-security mailing list [5]. I'm also interested in developing for the Arch Linux ecosystem and as I noticed that the wiki became quite painful for tracking and handling the mitigation procedure, I started building a security tracker. If my current plan sum up I will be able to provide a preview of this soonish.
My packages reflect my emphasis related to security, but my general interest in maintaining is not limited to that. However, I experienced that in various security and forensics circles Arch Linux is often being used and people are frequently crying why some of their daily tools are not available in the official repositories.
If I became a TU, I would like to start with moving the following packages maintained by me to [community]: lynis, pyrit, binwalk, sslstrip, p0f, cowpatty, perl-term-extendedcolor, smali, volatility, vit, hexer.
Additionally I would love to also move some packages maintained by other users to [community] but currently its just an idea as I did not yet ask them what they think about this step: radare2, capstone, zmap, zaproxy, hydra, medusa, nikto, snort, foremost, xpdf, pngcrush, wavemon, python-colorama (+ python2-colorama).
On top of this I also had a look at the currently orphaned packages in [community] and I would like to adopt the following packages: ansible, awesome, cclive, codeblocks, fail2ban, fish, ncmpcpp, id3v2.
As a small fadeout, besides all of the above, my favorite hobbies are hanging around at the local CCC hackerspace in Hamburg, playing it-sec CTFs, watching animes, geocaching and playing boardgames.
Kind regards, Levente
[0] https://aur.archlinux.org/packages/?SeB=m&K=anthraxx [1] https://wiki.archlinux.org/index.php/Arch_CVE_Monitoring_Team [2] https://lists.archlinux.org/pipermail/arch-security/2014-September/000098.ht... [3] https://wiki.archlinux.org/index.php/CVE [4] https://wiki.archlinux.org/index.php/Security_Advisorie [5] https://lists.archlinux.org/listinfo/arch-security
Hello, My name is Christian Rebischke. Maybe you read of me in the Archlinux-Security Mailinglist too (when not Levente was faster than me with the ASAs again :D ). I want to say some words to the application of Levente Polyak as Trusted User. I am not familiar with the aur-general mailinglist so I hope that I don't break some rules here. I know him personally since last year October and everything what I can say about him is that he is a very helpful, intelligent and polite person. He is the same person who showed me the Archlinux Security Mailinglist and helped me with my first ASAs after I had decided to help there. I am one of those persons he had mentioned and I would really appreciate when there would be more security related packages in the community repository. Moreover I am sure that there are more people who would appreciate this. To his work at the mailinglist. He makes an awesome job there. He reacts very fast on updates in the upstream and in the repositories and is really interested in a way how we can increase the performance and the workflow even more. I am sure that his security tracker will make a good job in the future. Thank your for your time. best regards, -------------------------------------------------------------- Christian Rebischke Website : www.nullday.de Twitter : @sh1bumi Jabber : shibumi@jabber.ccc.de PGP : 0x8D8172C8 Fingerprint: A224 6F57 FD0A AC81 3971 EEBE 5EDA 916B 3A2A 7C49 -------------------------------------------------------------- On Fri, Mar 20, 2015 at 01:44:01AM +0800, Felix Yan wrote:
On 03/20/2015 01:05 AM, Levente Polyak wrote:
Hello everyone,
My name is Levente Polyak (also known as anthraxx) and I would like to apply to become an Arch Linux TU. First at all I wanted to thank Felix Yan for being my sponsor for this journey.
I'm glad to sponsor you Levente, and I think we are already familiar with your name on the security list.
Let the discussion begin!
-- Felix
I was born in 1986 in Budapest (Hungary) and I'm currently working as a software developer and security engineer / pentester in Hamburg (Germany). I use GNU/Linux since something around 2001 and over the years collected lot of experience with different distributions and setups, going from SUSE over Debian and Ubuntu to Gentoo (and some others just for testing or education purpose). I was never fully satisfied with any of those, however with Gentoo I became acquainted with the concept of rolling releases which since then I don't wanted to ever miss. Finally around 2011 I gave Arch Linux a try and within a very short period of time I got fully addicted to its simplicity, flexibility and up-to-dateness. It was the first distribution were I started to feel like being "home" without having anything that annoyed me.
I started maintaining packages in the AUR in 2013 and it didn't took long until I noticed that I evolved a passion for doing that. Since then I adopted and submitted several tools and libraries [0] that I find useful and/or use myself. When I find packaging issues or software bugs I contact upstream about the problems and/or contribute to the code directly. To name some: binwalk, lynis, shellnoob, xortool, selene, minitube...
Besides my packaging activities I am very active in the Arch CVE Monitoring Team [1] since the first security advisory proposal of Remi [2]. As part of the team I track all relevant CVEs [3] which affect our official packages, push mitigation for important issues via bug reports and publish Arch Linux security advisories (ASA) [4] to the arch-security mailing list [5]. I'm also interested in developing for the Arch Linux ecosystem and as I noticed that the wiki became quite painful for tracking and handling the mitigation procedure, I started building a security tracker. If my current plan sum up I will be able to provide a preview of this soonish.
My packages reflect my emphasis related to security, but my general interest in maintaining is not limited to that. However, I experienced that in various security and forensics circles Arch Linux is often being used and people are frequently crying why some of their daily tools are not available in the official repositories.
If I became a TU, I would like to start with moving the following packages maintained by me to [community]: lynis, pyrit, binwalk, sslstrip, p0f, cowpatty, perl-term-extendedcolor, smali, volatility, vit, hexer.
Additionally I would love to also move some packages maintained by other users to [community] but currently its just an idea as I did not yet ask them what they think about this step: radare2, capstone, zmap, zaproxy, hydra, medusa, nikto, snort, foremost, xpdf, pngcrush, wavemon, python-colorama (+ python2-colorama).
On top of this I also had a look at the currently orphaned packages in [community] and I would like to adopt the following packages: ansible, awesome, cclive, codeblocks, fail2ban, fish, ncmpcpp, id3v2.
As a small fadeout, besides all of the above, my favorite hobbies are hanging around at the local CCC hackerspace in Hamburg, playing it-sec CTFs, watching animes, geocaching and playing boardgames.
Kind regards, Levente
[0] https://aur.archlinux.org/packages/?SeB=m&K=anthraxx [1] https://wiki.archlinux.org/index.php/Arch_CVE_Monitoring_Team [2] https://lists.archlinux.org/pipermail/arch-security/2014-September/000098.ht... [3] https://wiki.archlinux.org/index.php/CVE [4] https://wiki.archlinux.org/index.php/Security_Advisorie [5] https://lists.archlinux.org/listinfo/arch-security
On 03/19/15 13:39, Christian Rebischke wrote:
Hello, My name is Christian Rebischke. Maybe you read of me in the Archlinux-Security Mailinglist too (when not Levente was faster than me with the ASAs again :D ). I want to say some words to the application of Levente Polyak as Trusted User. I am not familiar with the aur-general mailinglist so I hope that I don't break some rules here.
I know him personally since last year October and everything what I can say about him is that he is a very helpful, intelligent and polite person. He is the same person who showed me the Archlinux Security Mailinglist and helped me with my first ASAs after I had decided to help there.
I am one of those persons he had mentioned and I would really appreciate when there would be more security related packages in the community repository. Moreover I am sure that there are more people who would appreciate this.
To his work at the mailinglist. He makes an awesome job there. He reacts very fast on updates in the upstream and in the repositories and is really interested in a way how we can increase the performance and the workflow even more. I am sure that his security tracker will make a good job in the future.
Thank your for your time.
best regards,
-------------------------------------------------------------- Christian Rebischke
Website : www.nullday.de Twitter : @sh1bumi Jabber : shibumi@jabber.ccc.de PGP : 0x8D8172C8 Fingerprint: A224 6F57 FD0A AC81 3971 EEBE 5EDA 916B 3A2A 7C49 --------------------------------------------------------------
On Fri, Mar 20, 2015 at 01:44:01AM +0800, Felix Yan wrote:
Not that my vote really counts, but if he's rockin' the security list, he'll be a great asset to the Trusted User community.</$22.22><!-- 2 cents adjusted for inflation !> -- Thanks, John D Jones III UNIX Zealot; Perl Lover unixgeek1972@gmail.com jnbek1972@gmail.com http://zoelife4u.org/ Where Earth and Spirit Unite
On Fri, Mar 20, 2015 at 1:05 AM, Levente Polyak <anthraxx@archlinux.org> wrote:
On top of this I also had a look at the currently orphaned packages in [community] and I would like to adopt the following packages: ansible, awesome, cclive, codeblocks, fail2ban, fish, ncmpcpp, id3v2.
Adopting awesome? Yes please!
Thu, 19 Mar 2015 18:05:39 +0100 Levente Polyak <anthraxx@archlinux.org>:
Additionally I would love to also move some packages maintained by other users to [community] but currently its just an idea as I did not yet ask them what they think about this step: radare2, capstone, zmap, zaproxy, hydra, medusa, nikto, snort, foremost, xpdf, pngcrush, wavemon, python-colorama (+ python2-colorama).
No objections from me, as zmap maintainer.
As a small fadeout, besides all of the above, my favorite hobbies are hanging around at the local CCC hackerspace in Hamburg, playing it-sec CTFs, watching animes, geocaching and playing boardgames.
I'm currently writing this in the CCC hackerspace in Düsseldorf, greetings to Hamburg! (31C3 was so awesome... ;-) --byte
On 03/20/2015 01:05 AM, Levente Polyak wrote:
Hello everyone,
My name is Levente Polyak (also known as anthraxx) and I would like to apply to become an Arch Linux TU. First at all I wanted to thank Felix Yan for being my sponsor for this journey.
I was born in 1986 in Budapest (Hungary) and I'm currently working as a software developer and security engineer / pentester in Hamburg (Germany). I use GNU/Linux since something around 2001 and over the years collected lot of experience with different distributions and setups, going from SUSE over Debian and Ubuntu to Gentoo (and some others just for testing or education purpose). I was never fully satisfied with any of those, however with Gentoo I became acquainted with the concept of rolling releases which since then I don't wanted to ever miss. Finally around 2011 I gave Arch Linux a try and within a very short period of time I got fully addicted to its simplicity, flexibility and up-to-dateness. It was the first distribution were I started to feel like being "home" without having anything that annoyed me.
I started maintaining packages in the AUR in 2013 and it didn't took long until I noticed that I evolved a passion for doing that. Since then I adopted and submitted several tools and libraries [0] that I find useful and/or use myself. When I find packaging issues or software bugs I contact upstream about the problems and/or contribute to the code directly. To name some: binwalk, lynis, shellnoob, xortool, selene, minitube...
Besides my packaging activities I am very active in the Arch CVE Monitoring Team [1] since the first security advisory proposal of Remi [2]. As part of the team I track all relevant CVEs [3] which affect our official packages, push mitigation for important issues via bug reports and publish Arch Linux security advisories (ASA) [4] to the arch-security mailing list [5]. I'm also interested in developing for the Arch Linux ecosystem and as I noticed that the wiki became quite painful for tracking and handling the mitigation procedure, I started building a security tracker. If my current plan sum up I will be able to provide a preview of this soonish.
My packages reflect my emphasis related to security, but my general interest in maintaining is not limited to that. However, I experienced that in various security and forensics circles Arch Linux is often being used and people are frequently crying why some of their daily tools are not available in the official repositories.
If I became a TU, I would like to start with moving the following packages maintained by me to [community]: lynis, pyrit, binwalk, sslstrip, p0f, cowpatty, perl-term-extendedcolor, smali, volatility, vit, hexer.
Additionally I would love to also move some packages maintained by other users to [community] but currently its just an idea as I did not yet ask them what they think about this step: radare2, capstone, zmap, zaproxy, hydra, medusa, nikto, snort, foremost, xpdf, pngcrush, wavemon, python-colorama (+ python2-colorama).
On top of this I also had a look at the currently orphaned packages in [community] and I would like to adopt the following packages: ansible, awesome, cclive, codeblocks, fail2ban, fish, ncmpcpp, id3v2.
As a small fadeout, besides all of the above, my favorite hobbies are hanging around at the local CCC hackerspace in Hamburg, playing it-sec CTFs, watching animes, geocaching and playing boardgames.
Kind regards, Levente
[0] https://aur.archlinux.org/packages/?SeB=m&K=anthraxx [1] https://wiki.archlinux.org/index.php/Arch_CVE_Monitoring_Team [2] https://lists.archlinux.org/pipermail/arch-security/2014-September/000098.ht... [3] https://wiki.archlinux.org/index.php/CVE [4] https://wiki.archlinux.org/index.php/Security_Advisorie [5] https://lists.archlinux.org/listinfo/arch-security
The discussion period has ended. Time to vote TUs! https://aur.archlinux.org/tu/?id=81 Regards, Felix Yan
On 03/25/2015 04:31 PM, Felix Yan wrote:
The discussion period has ended. Time to vote TUs!
Thanks to everyone who have voted! With 29 yes and only 1 no votes, I am glad to welcome Levente Polyak to our team! Congratulations! Levente, I have updated your AUR account. Please read [1] and [2]. [1] https://wiki.archlinux.org/index.php/DeveloperWiki:HOWTO_Be_A_Packager [2] https://wiki.archlinux.org/index.php/AUR_Trusted_User_Guidelines#TODO_list_f... Regards, Felix Yan
On Sat, Apr 4, 2015 at 10:15 AM, Felix Yan <felixonmars@archlinux.org> wrote:
With 29 yes and only 1 no votes, I am glad to welcome Levente Polyak to our team! Congratulations!
Another Hungarian :) Congratulations Levente.
On 04/04/2015 10:15 AM, Felix Yan wrote:
With 29 yes and only 1 no votes, I am glad to welcome Levente Polyak to our team! Congratulations!
wow, thanks to everyone, I feel super excited and honored!
Levente, I have updated your AUR account. Please read [1] and [2].
[1] https://wiki.archlinux.org/index.php/DeveloperWiki:HOWTO_Be_A_Packager [2] https://wiki.archlinux.org/index.php/AUR_Trusted_User_Guidelines#TODO_list_f...
I have looked at that roughly before but will now read both again very carefully! cheers and have a nice easter, Levente
On sam., 2015-04-04 at 16:15 +0800, Felix Yan wrote:
On 03/25/2015 04:31 PM, Felix Yan wrote:
The discussion period has ended. Time to vote TUs!
Thanks to everyone who have voted!
With 29 yes and only 1 no votes, I am glad to welcome Levente Polyak to our team! Congratulations!
Welcome to the team! Cheers, -- Sébastien "Seblu" Luttringer https://seblu.net | Twitter: @seblu42 GPG: 0x2072D77A
participants (8)
-
Christian Rebischke
-
Felix Yan
-
Jens Adam
-
John D Jones III
-
Levente Polyak
-
Oon-Ee Ng
-
SanskritFritz
-
Sébastien Luttringer