About

I am a programmer and security professional from Norway, with interests in software product security, privacy, systems programming, programming languages, open source software, game development, and photography.

Work

At Northern.tech I lead the security team and the CFEngine product team. We work in the systems management field, developing an over-the-air software updater, Mender, and a configuration management solution, CFEngine. Here are a few of the things I’ve worked on:

• I worked on the handling, customer communication, and public announcement of several CVEs:
  • In CFEngine: https://cfengine.com/tags/cve
  • In Mender: https://mender.io/blog/tag/cve
• I’ve written content / blog posts on varied topics, including security, features, releases, technical content marketing and similar:
  • Handling security vulnerabilities in our products
  • Open source at Northern.tech
  • Benefits of agent-based configuration management.
  • Comparing Ansible and CFEngine.
  • Christmas-themed security holiday calendar
  • And many more blog posts which can be found here.
• I’ve worked on most parts of the C codebase for CFEngine Community (open source) and CFEngine Enterprise.
  • I introduced custom promise types, with a protocol for implementing management of arbitrary resources in external modules which can be written in any programming language.
  • I overhauled the reporting system, removing the redis queue and fixed several consistency / error handling issues.
• I introduced and wrote large parts of new tools introduced to CFEngine:
  • cfbs - The command line tool for the CFEngine Build system
  • cf-remote - CLI for spawning cloud VMs, downloading and installing CFEngine packages over SSH, and similar.
  • CFEngine Zed extension (and tree-sitter grammar).

Talks

• Introduction to CFEngine Build
• Modernizing the CFEngine project
• CFToolkit: New tooling in CFEngine 3.10, 3.12, and beyond

Side projects

In my spare time, I work on various open source websites, tools, games and other neat things, in Rust, Python, C, and in the browser (ts/js/css/html). Here are a few notable ones:

• Games:
  • towers - A tower defense game in the browser.
  • dagensquiz.no / dailyquiz.app - Randomized quiz of the day.
  • trpg - A browser-based black and white, turn based RPG / roguelike.
    • mrpg was an earlier iteration of this concept, written in Python.
  • tpg - Experimenting with multiplayer turn based games in the browser. For example Tic Tac Toe with 3 players, on a 7x7 board, with 4 in a row required to win.
• Electronics:
  • ohm - An easy way to draw circuit diagrams/schematics.
  • schem - Simplistic electronics circuits for use in theses / papers.

Open source contributions

Outside of the open source software I write at work, and the side projects mentioned above, I try to contribute to open source software:

• pyglet - A windowing / media library for Python.
• Hugo KISS theme the theme I use for this website.
• fui-kk - Course evaluation software for student council at University of Oslo, department of informatics. We did a large upgrade when I was a student in 2016-2017, automating many manual steps, and improving the websites.
• And various smaller ones:
  • Node.js website
  • brew vagrant tap
  • hyper rust library
  • Python (CPython)

I’ve also sponsored a few open source projects, including:

• Hugo
• Python
• tree-sitter
• curl
• brew
• Mastodon
• BlackHole

If you rely on the work of open source software authors, please consider donating to some of the projects you use.

Links

You can find and follow me on these websites:

• Bluesky: @olehermanse.bsky.social
• Mastodon: @olehermanse@infosec.exchange
• YouTube: youtube.com/olehermanse
• Linkedin: linkedin.com/in/olehermanse
• GitHub: github.com/olehermanse