October 18-20, 2019
Prime Produce, NYC

Stefanie Schirmer

Website | Twitter

I'm a German engineer and artist who has worked in Montreal and New York, now back in Berlin. I work with software, electronics, fabric, sound and wood to create interfaces that can be used together and encourage people to realize that they are already connected.

I'm an alumna of Hacker School / Recurse Center, and also of the School for Poetic Computation in New York City. During my PhD in Bioinformatics, I researched programming languages and compilers, dynamic programming, and RNA structures, with the use of statistical models. However, technology is not a cure-all, and it is often used to avoid emotionally uncomfortable work with real people and problems. I strive for a human-centric approach.

Currently I am working on a firewall for QubesOS, a security-focused operating system that is used by activists and journalists. My work is open source and is funded by the German Ministry of Education (BMBF) via the Prototype Fund.


A Firewall for Your Radical Network.

QubesOS is probably the most secure operating system right now, and recommended by security professionals and human rights activists. Security issues in operating systems are often related to networking or hardware. By dividing networking software, work area, private data and hardware drivers into different virtual machines, the Qubes operating system helps to isolate attackers. In case of a successful breach, attackers are confined to a virtual machine (=Qube), for example the networking Qube, and have no access to the user's private data, which is on a separate virtual machine. The rest of the system is safe on separate Qubes, even in case of compromise.

The talk will not be QubesOS-specific, rather use it as an example and draw conclusions that apply to all operating systems and give a general understanding and strategy plan for network security tailored to everyone's individual needs.

I will talk about

  • The layered structure of networking and why we have it
  • What is a network protocol and how we read it
  • Insecure and secure protocols
  • Tools to analyze and learn about a network (wireshark, traceroute)
  • The idea of QubesOS and how to structure your system into different Qubes and run them
  • Configuring a firewall and why it has been obscure in the past
  • Testing a firewall to see who can access which parts of the network