ICANN (the organisation that, e.g., decided that there is an .is top-level domain) will offer a technical training on DNSSEC that is hosted by the Computer Science department of University of Iceland.

DNSSEC uses cryptography to guarantee that not everyone can fake an answer to a request to resolve, e.g. island.is, to an IP address – but only the authoritative owner of that domain will be able to that.

This training is for everyone who now or in future is in charge of a domain and wants to use DNSSEC to secure the address resolution of that domain -- or for those who just want to learn about how the Domain Name System, (DNS) works.

To quote one of our MSc students in Cybersecurity who participated at such a training event last year:
“It was really interesting to see everything that goes into securing the DNS. Really good training with talented experts! Highly recommend going!”

Topics

Introduction / DNS Recap

• Zone Files, Resource Records and roles
• Reverse DNS 
• DNS Resolution Process and debugging
• TSIG and ACL

DNSSEC

• Signing
• Validation
• Non-existence
• Key management
• Chain of Trust
• Policy Considerations
• Setting up validation in a Recursive Server
• Signing Zones (Authoritative Servers)
• DNSSEC operations and maintenance
• Tools: Troubleshooting and Monitoring
• Overview of DANE, TLS and DNSSEC

Labs

• DNS/DNSSEC debugging 
• Zone creation and configuration: primary and secondaries
• Zone signing: manualand automatic  signing
• Establish and confirm chain of trust
• DNSSEC validation (recursive resolver)

Trainer: Ulrich Wisser, ICANN Technical Engagement Manager, Europe

For the labs, you need to bring your own laptop. ICANN will provide you with virtual machines

Dates and Location

Tuesday and Wednesday, 4th and 5th of February 2025, 9:00-17:00, Askja building, University of Iceland

Registration

Limited space available for students (as it is also open for industry people): first-come-first-served.

https://www.icann.org/en/engagement-calendar/details/dnssec-training-at-iceland-university-2025-02-04

This event is in the context of our cybersecurity activities and the ECCC/EU co-funded projects ICEDEF – Defend Iceland and Eyvör – the National Cybersecurity Coordination Centre of Iceland (NCC-IS).

After a successful first round of Cybersecurity grants for Icelandic SME companies, Icelandic Smaller and Middle-size Enterprises (SMEs) can now for a second time apply for cybersecurity-related funding. The call topics are the same as last time:

• strengthening cybersecurity culture and awareness,
• efficient education, research and development,
• secure digital services and innovation,
• stronger law enforcement, defense and national security,
• effective response to incidents, and
• strong infrastructure, technology and legal framework.

This funding is in the context of the ECCC/EU co-funded project Eyvör – the National Cybersecurity Coordination Centre of Iceland (NCC-IS). See also the official web page of Eyvör NCC-IS.

It is a great honour that six results from the EU Horizon 2020-funded Centre of Excellence for Research on AI- and Simulation-Based Engineering at Exascale (RAISE) result from University of Iceland were recognised by the EU as a 'key innovator' on the EU Innovation Radar website.

An example is LAMEC (Load AI Modules, Environments and Containers) that generates High-Performance Computing (HPC) job scripts. While job scripts are not rocket science, they are different for each HPC system and, in particular for newcomers, cumbersome to create. Therefore, LAMEC eases this with a few mouse-clicks using a web UI.

Another example is Scalable Hyperparameter Tuning to Accelerate AI Training in Reseach and Industry that directly relates to our PhD research Parallel and Scalable Hyperparameter Optimization for Distributed Deep Learning Methods on High-Performance Computing Systems

In fact, University of Iceland was involved in CoE RAISE and contributed to all of following results that are listed as innovations:

• Unique AI Framework (UAIF)
• Scalable Hyperparameter Tuning to Accelerate AI Training in Reseach and Industry
• AI4HPC – Train AI models with CFD datasets on HPC systems
• Load AI Modules, Environments, and Containers (LAMEC)
• Novel and Scaling Artificial Intelligence Technologies for a Wide Range Of Applications from Research and Industry
• RAISE Certification for Software and HPC Hardware to Standardize and Ease Access to HPC Systems and Usage of AI Software

In late 2024, version 4 of the Guide to the Software Engineering Body of Knowledge (SWEBOK) has been released. While this is not a textbook to teach Software Engineering, it covers the state of the Software Engineering knowledge, i.e. this is some sort of curriculum. I was one of the reviewers and can only recommend to download SWEBOK v4: it is valuable not only for teachers, but for everyone who wants to get a quick overview on a particular Software Engineering topic.

On Monday, 13.1.2025, 16:00, room M105 at Reykjavik University there will be an information meeting on the joint cybersecurity master's programme and cysec courses being offered at University of Iceland and Reykjavik University.

You can find more info here: https://uni.hi.is/helmut/cybersecurity/ -- there also the presented slides will be made available.

This joint cybersecurity master's programme would not be possible without funding from the University Collaboration Fund of the Ministry of Higher Education, Science and Innovation and co-funding from the ECCC/EU for the projects ICEDEF – Defend Iceland and Eyvör – the National Cybersecurity Coordination Centre of Iceland (NCC-IS).

To install a Palo Alto Networks GlobalProtect VPN client on Debian Bookworm, the following should in principle be sufficient

apt install openconnect network-manager-openconnect network-manager-openconnect-gnome


However, this did not work with KDE/Plasma. I then tried logging in with Gnome as Desktop Environment and I got once shown the SSO (with MFA) web interface inside the the Openconnect window, but without further success, i.e. without establishing the VPN connection.

Then, I downloaded from the assets at https://github.com/yuezk/GlobalProtect-openconnect the most recent amd64 deb:
https://github.com/yuezk/GlobalProtect-openconnect/releases/download/v2.3.9/globalprotect-openconnect_2.3.9-1_amd64.deb
and installed a missing dependency using apt install libgdk-pixbuf2.0-0 and then installed the downloaded deb.

I tried the graphical client (trial version working for 10 days only), but that did anyway not work. However, then the command line version finally worked:
sudo -E gpclient connect vpn.hi.is
It opens (probably using libwebkit2gtk that Debian had installed) a graphical Window for the SSO/MFA. Note that I had to re-run that command a couple of times until it finally worked.

Reykjavik University, University of Iceland, and University of Akureyri and applied together for funding in order to establish a joint Cybersecurity research centre. The Minister of Higher Education, Science and Innovation announced that the thre universities will together get for the project Rannsóknarsetur um netöryggisfræði get 67.3 million ISK funding over 2 years from the university collaboration fund (Samstarf háskóla). This is a continuation of a established collaboration that created the M.Sc. cybersecurity specialisations/emphasis that received previously 2 years of funding.

However, we envisaged a significantly higher grant and with that, the idea was to use the grant to introduce a new Ph.D. program, co-funding two Ph.D. student positions, to hold community engagement activities, to organise a "Defend the Flag" contest, and to create undergraduate and M.Sc research opportunities. Now, with the lower funding, we need to adjust our vision for the Cybersecurity research centre.

The grant will also be used as co-funding for cybersecurity Digital Europe Programme projects that are funded by the EU, however only at a 50% funding rate, so that the ministry funding is needed to provide part of the co-funding.

As we will have soon a new government in Iceland, we can expect that the ministries will get re-organised and we have to see what this means for this funding.

While I had never problems using Crossover Office on Debian, a fresh install on a fresh Debian 12 Bookworm revealed that 32 bit dynamic libraries were missing -- I got a message like:

Can't exec "bin/wineloader": No such file or directory at cxoffice/bin/wine line 1310.
wine:error: unable to start 'cxoffice/bin/wineloader': No such file or directory

To fix that, run:

cxoffice/bin/cxfix --auto

That should add the missing 32 bit libraries.

To check in addition for any other missing libraries: In the running crossover GUI:
Help -> System Information
to see if you are still missing any library. And indeed, still I needed to install apt install libcapi20-3 libosmesa6.

See also https://www.codeweavers.com/support/forums/general?t=26;msg=215738

Just for the record: I have two different USB C to NVMe enclosures with different chipsets, one is crap, one is great:

• Crap: Icy box IB-1817M-C31 with with JMicron JMS583 PCIe-USB Bridge Controller chipset: read stalls (not so much when writing, though), no S.M.A.R.T. support, no M.2 SATA support -- AVOID!
• Sabrent EC-SNVE 10Gbps Tool-Free Enclosure with Realtek RTL9210 chipset: performant, with S.M.A.R.T. support, supports both M.2 SATA and NVMe, and the tool-free approach (i.e. no screws) is also nice, even though the case is smaller, it gets less hot than the other one (which could either mean that the heat transfer from the SSD to the case is bad, or that the bridge controller chipset gets less hot) -- RECOMMENDED!

But it seems that firmware versions matter a lot. But Sabrent has only an updating tool for Windows, maybe these images can be used as input for some Linux-based tool?

We have two research papers accepted at the 11th IEEE International Conference on Social Networks Analysis, Management and Security (SNAMS-2024).

• Brynjólfur Stefánsson, Ásta Guðrún Helgadóttir, Martin Nizon-Deladoeuille, Helmut Neukirchen, Thomas Welsh: Understanding Trust in Authentication Methods for Icelandic Digital Public Services. IEEE SNAMS 2024: The 11th IEEE International Conference on Social Networks Analysis, Management and Security, IEEE, to appear 2024 or 2025. Preprint DOI: 10.48550/arXiv.2501.17548
• Martin Nizon-Deladoeuille, Brynjólfur Stefánsson, Helmut Neukirchen, Thomas Welsh.
  Towards Supporting Penetration Testing Education with Large Language Models: an Evaluation and Comparison. IEEE SNAMS 2024: The 11th IEEE International Conference on Social Networks Analysis, Management and Security, IEEE, to appear 2024 or 2025. Preprint DOI: 10.48550/arXiv.2501.17539

The program lists only paper titles -- not authors nor presenters. Our student Brynjólfur Stefánsson presented both papers at the conference.

This research is in the context of our cybersecurity activities and the ECCC/EU co-funded projects ICEDEF – Defend Iceland and Eyvör – the National Cybersecurity Coordination Centre of Iceland (NCC-IS).