packages and services management
Log | Files | Refs | README

commit 5f1c7a852753e5f0fb96d66376e08024b8ebf58b
parent 5095c8e9061208e6bfc50f8db32e839af57cab35
Author: Josuah Demangeon <>
Date:   Mon, 29 Jan 2018 09:16:50 +0100

farbfeld utilities

Aagenda/34c3 | 1297+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Aagenda/epitech | 1133+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Aagenda/fosdem | 4802+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Aagenda/main | 32++++++++++++++++++++++++++++++++
Mbin/etc | 2+-
Abin/listree | 40++++++++++++++++++++++++++++++++++++++++
Dbin/lt | 40----------------------------------------
Mbin/mblaze-filter | 111+++++++++++++++++++++++++++++++++++++++++--------------------------------------
Mbin/xdg-open | 8++++++--
Apack/farbfeld-resize/build | 6++++++
Apack/farbfeld-resize/git | 1+
Apack/lel/git | 1+
Mskel/crontab | 1+
Mtwt | 2+-
14 files changed, 7379 insertions(+), 97 deletions(-)

diff --git a/agenda/34c3 b/agenda/34c3 @@ -0,0 +1,1297 @@ +B:1514637900 +E:1514639700 +S:0en & 1en auf dem Acker - Fritz - Dietrich Burghardt +C: +L:Saal Adams +D:Die Dynamik der globalen Agrarmärkte hat sich in den letzten Jahren verstärkt und birgt neue Herausforderungen für die Landwirte. Hoffnungsträger sind ähnlich wie in anderen Branchen auch Sensor- & Datenverarbeitungstechnik sowie das Internet: Produktionsprozesse steuern sich selbst, Anhänger werden halbautomatisch mittels Bilderkennung beladen, Maschinen kommunizieren mittels Maschinen und Fahrzeuge steuern sich weitestgehend schon jetzt autonom. +: +B:1514388600 +E:1514392200 +S:1-day exploit development for Cisco IOS - Artem Kondratenko +C: +L:Saal Clarke +D:Year 2017 was rich in vulnerabilities discovered for Cisco networking devices. At least 3 vulnerabilities leading to a remote code execution were disclosed. This talk will give an insight on exploit development process for Cisco IOS for two of the mentioned critical vulnerabilities. Both lead to a full takeover of the target device. Both PowerPC and MIPS architectures will be covered. The presentation will feature an SNMP server exploitation demo. +: +B:1514643300 +E:1514646900 +S:34C3 Infrastructure Review - Leon +C: +L:Saal Borg +D:In this traditional lecture, various teams provide an inside look at how this Congress‘ infrastructure was planned and built. You’ll learn what worked and what went wrong, and some of the talks may even contain facts! Also, the NOC promises to try and not have the network fail in the middle of the NOC presentation this time. +: +B:1514568600 +E:1514572200 +S:A hacker's guide to Climate Change - What do we know and how do we know it? - seyru, Sven Willner, Robert Gieseke +C: +L:Saal Borg +D:Climate change has long ceased to be news to many people, but it is increasingly shaping humanity's reality. +D: +D:This talk sheds light on the changes in the climate system and their consequences. +D: +D:We introduce the basics and discuss possible actions in response. +: +B:1514495700 +E:1514499300 +S:ASLR on the line - brainsmoke +C: +L:Saal Clarke +D:Address Space Layout Randomization (ASLR) is fundamentally broken on modern hardware due to a side-channel attack on the Memory management unit, allowing memory addresses to be leaked from JavaScript. This talk will show how. +: +B:1514651400 +E:1514654100 +S:Abschluss - sva +C: +L:Saal Adams +D:DE: Damit wir als Komputerfrieks nicht länger unkoordiniert vor uns hinwuseln, tun wir wat und treffen uns! +: +B:1514400300 +E:1514402100 +S:Access To Bodies - nadjalien +C: +L:Saal Dijkstra +D:Cyborgs und Body Enhancement sind typisch männlich dominierte Thematiken (Terminator etc). Im Gegensatz dazu ist zB die weiblich konotierte Beautybranche auch hochtechnisiert. Körper und Technologie sind auf verschiedenen Ebenen hier schon eng verzahnt. Diese beiden Bereiche zusammenzubringen ist FUN. Stehen Computer eigentlich auf rosa? +: +B:1514489400 +E:1514491200 +S:Afro TECH - Inke Arns +C: +L:Saal Dijkstra +D:Inke Arns will present speculative projections of the future and current developments in the field of digital technologies by artists and inventors from different countries in Africa, the African diaspora and many other actors in the USA and Europe. +: +B:1514385000 +E:1514386800 +S:Algorithmic science evaluation and power structure: the discourse on strategic citation and 'citation cartels' - J. Hartstein, Teresa Isigkeit, Franziska Sörgel +C: +L:Saal Clarke +D:Quantitative science evaluation, such as university rankings, rely on man-made algorithms and man-made databases. The modelling decisions underlying this data-driven algorithmic science evaluation are, among other things, the outcome of a specific power structure in the science system. Power relations are especially visible, when negotiated during processes of boundary work. Therefore, we use the discourse on 'citation cartels', to shed light on a specific perception of fairness in the scientific system, as well as on the actors who are in charge. While doing so, we draw analogies to the discourse on search engine optimization. +: +B:1514500200 +E:1514503800 +S:All Computers Are Beschlagnahmt - Kristin Pietrzyk +C: +L:Saal Adams +D:Im August 2017 wurde Indymedia linksunten vom Bundesinnenminister verboten. Rechtsanwältin Kristin Pietrzyk berichtet von den Razzien, von der Zusammenarbeit zwischen Polizei und Geheimdiensten und gibt Einblick in das juristische Vorgehen gegen Verbot und Zensur. +: +B:1514418300 +E:1514423700 +S:All Creatures Welcome - Sandra Trostel +C: +L:Saal Adams +D:ALL CREATURES WELCOME is a documentary film about the communities of the digital age. It shows the possibilities of new paths and new perspectives for society by using hacking as a mind-set. +D: +: +B:1514554200 +E:1514556000 +S:Antipatterns und Missverständnisse in der Softwareentwicklung - Fefe +C: +L:Saal Adams +D:Anhand von Anekdoten aus 20 Jahren Softwareentwicklung versucht der Vortrag herauszuarbeiten, was in der Praxis zu scheiternden Projekten führt. +D: +: +B:1514577600 +E:1514581200 +S:Are all BSDs created equally? - Ilja van Sprundel +C: +L:Saal Adams +D:In this presentation I start off asking the question „How come there are only a handful of BSD security kernel bugs advisories released every year?“ and then proceed to try and look at some data from several sources. +: +B:1514384100 +E:1514387700 +S:BBSs and early Internet access in the 1990ies - LaForge +C: +L:Saal Dijkstra +D:This talk explains how individuals were able to communicate globally in the 1990ies using self-organized networks of BBSsin networks like FIDO and Z-Netz, before individual access to the Internet was possible. It also covers the efforts of non-profit organizations to provide individual access to Internet Mail+News via UUCP and later via IP during that period. +: +B:1514411100 +E:1514412900 +S:BGP and the Rule of Custom - Caleb James DeLisle +C: +L:Saal Dijkstra +D:When bad actors can simply move servers from country to country, why does the internet remain reasonably civil ? +D:How does one get on, or get kicked off, of the internet ? +D:Why do fraud and child abuse websites regularly get shut down but thepiratebay remains living ? +D:I will explain BGP, the protocol that knits the internet together, also covering the world of last resort hosting, bulletproof hosting and high profile cases of servers that were taken offline and servers which could not be taken offline despite significant effort. +: +B:1514461500 +E:1514465100 +S:Beeinflussung durch Künstliche Intelligenz - Hendrik Heuer, KRN +C: +L:Saal Adams +D:Eine wissenschaftliche Perspektive auf die achtlose Anwendung der Algorithmen des maschinellen Lernens und der künstlichen Intelligenz, z.B. in personalisierten Nachrichtenempfehlungssystemen oder Risikosoftware im US-Justizsystem. +: +B:1514395800 +E:1514399400 +S:Bildung auf dem Weg ins Neuland - benni, dorina, steffen +C: +L:Saal Borg +D:An unseren Schulen besteht ein großes Defizit hinsichtlich der Vermittlung digitaler Mündigkeit. Da mittlerweile weitgehender Konsens besteht, dass an Schulen bezüglich digitaler Technologien mehr passieren muss, reagiert die Bildungspolitik und integriert neue Medien in die Bildungspläne. Auf Basis unserer Erfahrungen, die wir im Rahmen vom Chaos Macht Schule gesammelt haben, diskutieren wir die aktuellen bildungspolitischen Entwicklungen. +: +B:1514475000 +E:1514478600 +S:Blinkenrocket! - overflo, muzy +C: +L:Saal Clarke +D:The Blinkenrocket is a DIY SMD Soldering Kit that was designed to teach different manufacturing and soldering skills. +D: +D:A lot of work on both Hardware and Software was done in CCC erfas namely shackspace, chaosdorf and metalab. +D: +D:The kit is used in workshops since 1.5 years at the chaos macht schule events and is very successful in its purpose. Creating this project was a plenty of work and there is so much to show and tell around it, it will blow your mind. +: +B:1514408400 +E:1514410200 +S:BootStomp: On the Security of Bootloaders in Mobile Devices - Audrey +C: +L:Saal Dijkstra +D:In our paper we present a novel tool called BootStomp able to identify security vulnerabilities in Android bootloaders (such as memory corruptions) as well as unlocking vulnerabilities. During its evaluation, BootStomp discovered 6 previously unknown vulnerabilities across 4 different bootloaders. Finally BootStomp has been open-sourced to help the security community. +: +B:1514637900 +E:1514639700 +S:Briar - Torsten Grote +C: +L:Saal Borg +D:Briar is a peer-to-peer messaging app that is resistant to censorship and works even without internet access. The app encrypts all data end-to-end and also hides metadata by utilizing Tor onion services. +: +B:1514546100 +E:1514547900 +S:Bringing Linux back to server boot ROMs with NERF and Heads - Trammell Hudson +C: +L:Saal Clarke +D:The NERF and Heads projects bring Linux back to the cloud servers' boot ROMs by replacing nearly all of the vendor firmware with a reproducible built Linux runtime that acts as a fast, flexible, and measured boot loader. It has been years since any modern servers have supported Free Firmware options like LinuxBIOS or coreboot, and as a result server and cloud security has been dependent on unreviewable, closed source, proprietary vendor firmware of questionable quality. With Heads on NERF, we are making it possible to take back control of our systems with Open Source Software from very early in the boot process, helping build a more trustworthy and secure cloud. +: +B:1514408400 +E:1514410200 +S:Catch me if you can: Internet Activism in Saudi Arabia - Noujoum +C: +L:Saal Clarke +D:Activists in Saudi Arabia have been able to celebrate important victories like the recent lifting of the ban on women driving in September 2017 but have to fight on a lot of other front lines at the same time. Websites are blocked on a large scale and many activists are sent to jail on the grounds of a loosely used cybercrime law. This talk will give some insight into the current social and political strife happening on the Saudi Internet from a first-hand-perspective using some of the data collected in a collaboration with the OONI project. +: +B:1514580300 +E:1514582100 +S:Closing the loop: Reconnecting social-technologial dynamics to Earth System science - Jonathan Donges +C: +L:Saal Borg +D:International commitment to the appropriately ambitious Paris climate agreement and the United Nations Sustainable Development Goals in 2015 has pulled into the limelight the urgent need for major scientific progress in understanding and modelling the Anthropocene, the tightly intertwined social-techno-ecological planetary system that humanity now inhabits. The Anthropocene qualitatively differs from previous eras in Earth’s history in three key characteristics: (1) There is planetary-scale human agency. (2) There are social and economic networks of teleconnections spanning the globe. (3) It is dominated by planetary-scale social-ecological feedbacks. Bolting together old concepts and methodologies cannot be an adequate approach to describing this new geological era. Instead, we need a new paradigm in Earth System science that is founded equally on a deep understanding of the physical and biological Earth System – and of the economic, technological, social and cultural forces that are now an intrinsic part of it. It is time to close the loop and bring socially mediated dynamics and the technosphere explicitly into theory, analysis and computer models that let us study the whole Earth System. +: +B:1514547900 +E:1514551500 +S:Coming Soon: Machine-Checked Mathematical Proofs in Everyday Software and Hardware Development - Adam Chlipala +C: +L:Saal Dijkstra +D:Most working engineers view machine-checked mathematical proofs as an academic curiosity, if they have ever heard of the concept at all. In contrast, activities like testing, debugging, and code review are accepted as essential. They are woven into the lives of nearly all developers. In this talk, I will explain how I see machine-checked proofs enabling new everyday activities for developers of computer software and hardware. These activities have the potential to lower development effort dramatically, at the same time as they increase our assurance that systems behave correctly and securely. I will give a cosmological overview of this field, answering the FAQs that seem to stand in the way of practicality; and I will illustrate the principles with examples from projects that you can clone from GitHub today, covering the computing stack from digital hardware design to cryptographic software and applications. +: +B:1514486700 +E:1514490300 +S:Console Security - Switch - plutoo, derrek, naehrwert +C: +L:Saal Adams +D:Nintendo has a new console, and it's more secure than ever. +: +B:1514411100 +E:1514412900 +S:DPRK Consumer Technology - Will Scott, Gabe Edwards +C: +L:Saal Adams +D:The DPRK has largely succeeded at hiding its consumer technology. While versions of the desktop operating system, Red Star, have leaked, the mobile equivalent hasn't, and there remains little knowledge of the content available on the intranet. Let's fix that! +: +B:1514582100 +E:1514585700 +S:Decoding Contactless (Card) Payments - Simon Eumes +C: +L:Saal Adams +D:This talk will dive into the techniques and protocols that drive contactless card payments at the Point of Sale. We will explore how Apple Pay works on a technical level and why you are able to 'clone' your credit card onto your phone. Building upon previous C3 talks on the topics of EMV and ICC payments, we will learn about different NFC payment options, why legacy will never die and how the individual card brands have specified their payment workflows. +: +B:1514586600 +E:1514590200 +S:Deconstructing a Socialist Lawnmower - Darsha Hewitt +C: +L:Saal Dijkstra +D:Darsha Hewitt is a Canadian artist working in new media and sound. She is known for her examinations of communication technology in the domestic sphere and her use of DIY aesthetics and practices as an artistic method. She makes electromechanical sound installations, drawings, audio-visual works, how-to videos and experimental performances with handmade electronics. Through deconstruction and experimentation with failed and obsolete technology, her work demystifies hidden systems within machines as a way to trace-out structures of economy, power and control embedded throughout capitalist culture. +: +B:1514466000 +E:1514469600 +S:Deep Learning Blindspots - Katharine Jarmul +C: +L:Saal Adams +D:In the past decade, machine learning researchers and theorists have created deep learning architectures which seem to learn complex topics with little intervention. Newer research in adversarial learning questions just how much “learning" these networks are doing. Several theories have arisen regarding neural network “blind spots” which can be exploited to fool the network. For example, by changing a series of pixels which are imperceptible to the human eye, you can render an image recognition model useless. This talk will review the current state of adversarial learning research and showcase some open-source tools to trick the "black box." +: +B:1514404800 +E:1514408400 +S:Defeating (Not)Petya's Cryptography - Sebastian Eschweiler +C: +L:Saal Borg +D:In this presentation we will outline our findings about (Not)Petya's crypto flaws and how we were able to exploit them to decrypt infected computers. +D: +: +B:1514375100 +E:1514376900 +S:Demystifying Network Cards - Paul Emmerich +C: +L:Saal Borg +D:Network cards (NICs) are often seen as black boxes: you put data in a socket on one side and packets come out at the other end - or the other way around. +D:Let's have a deeper look at how a network card actually works at the lower levels by writing a simple userspace driver from scratch for a 10 Gbit/s NIC. +D: +D: +D:The first part of the talk looks at the evolution from 10 Mbit/s to 100 Gbit/s networks - both from a hardware perspective and how the software had to change from Linux pre-NAPI all the way to Linux XDP to keep up. +D:Hundreds of thousands of lines of code are involved when handling a packet in a typical operating system. +D:Reading and understanding so much code is quite tedious, so the obvious next question is: How hard can it be to implement a driver for a modern 10 Gbit/s NIC from scratch while ignoring all of the existing software layers? +D:Turns out that it's not very hard: I've writtenhref="">ixy, a userspace driver for 10 Gbit/s NICs from the Intel 82599 family (X520, X540, X550) from scratch in just about 1000 lines of C code. +D:The second part of the talk focuses on userspace drivers and the Intel 82599 architecture as it is easy to understand, has a great datasheet, and the core functionality is in the driver as opposed to a magic black-box firmware. +D:You will not only learn about my driver implementation - the talk also discusses how it relates to similar network frameworks like DPDK or Snabb and seemingly similar frameworks like netmap, XDP, pf_ring, or pfq. +D: +: +B:1514400300 +E:1514403900 +S:Der PC-Wahl-Hack - Linus Neumann, Martin Tschirsich, Thorsten Schröder +C: +L:Saal Adams +D:Hacker des Chaos Computer Clubs (CCC) haben eine in mehreren Bundesländern zur Erfassung und Auswertung der kommenden Bundestagswahl verwendete Software auf Angriffsmöglichkeiten untersucht. Die Analyse ergab eine Vielzahl von Schwachstellen und mehrere praktikable Angriffsszenarien. Diese erlauben die Manipulation von Wahlergebnissen auch über die Grenzen von Wahlkreisen und Bundesländern hinweg. Die untersuchte Software „PC-Wahl“ wird seit mehreren Jahrzehnten für die Erfassung, Auswertung und Präsentation von Wahlen auf Bundes-, Landes- und Kommunalebene eingesetzt. +: +B:1514380500 +E:1514382300 +S:Der netzpolitische Wetterbericht - Markus Beckedahl +C: +L:Saal Borg +D:Deutschland hat gewählt, man weiß nur noch nicht, wer regieren wird. Bis Weihnachten könnte ein Koalitionsvertrag verhandelt worden sein, vielleicht auch später. Was sind die zu erwartenden großen Debatten der neuen Legislaturperiode? +: +B:1514548800 +E:1514550600 +S:Designing PCBs with code - Kaspar +C: +L:Saal Clarke +D:An overview and history of various tools and languages that allow you to use code rather than CAD software to design circuits. +: +B:1514388600 +E:1514392200 +S:Die Lauschprogramme der Geheimdienste - Hans-Christian Ströbele, Constanze Kurz +C: +L:Saal Adams +D:Der NSA-BND-Untersuchungsausschuss des Deutschen Bundestags ist zu Ende. Da bietet es sich an, nun auf die gesammelten Geheimdienstskandale und die Reaktionen auf die Enthüllungen zurückzublicken. +: +B:1514405700 +E:1514407500 +S:Die Sprache der Überwacher - Thomas Lohninger, Werner Reiter, Angelika Adensamer +C: +L:Saal Adams +D:So intensiv wie 2017 wurde der Themenkomplex rund um Sicherheit und Überwachung in Österreich noch nie diskutiert. Das Thema ist in Hauptabendnachrichten und Leitartikeln angekommen. Die Diskussion rund um die geplante Einführung eines Sicherheitspakets, das sich bei näherer Betrachtung als ein reines Überwachungspaket entpuppt, bietet jede Menge Analysematerial: Öffentlich ausgetauschte (Schein-)Argumente, falsche Analogien und unpassende Sprachbilder haben die Debatte geprägt. In diesem Talk werden die Sprache der so genannten Sicherheitspolitiker (es sind in der Tat nur Männer) analysiert und ihre Argumente auf den Prüfstand gestellt. +: +B:1514408400 +E:1514410200 +S:Die fabelhafte Welt des Mobilebankings - Vincent Haupert +C: +L:Saal Adams +D:Bisher wurden Angriffe gegen App-basierte TAN-Verfahren und Mobilebanking von betroffenen Banken eher als akademische Kapriole abgetan. Sie seien, wenn überhaupt, nur unter Laborbedingungen und dazu unter wiederkehrend hohem manuellen Aufwand zu realisieren. Um diese Sichtweise zu korrigieren, haben wir das Programm Nomorp entwickelt, das in der Lage ist, zentrale Sicherungs- und Härtungsmaßnahmen in weltweit 31 Apps vollautomatisch zu deaktivieren und somit Schadsoftware Tür und Tor öffnet. Unter den Betroffenen stellen deutsche Unternehmen mit 20 Finanz-Apps die größte Fraktion. +: +B:1514413800 +E:1514417400 +S:Die göttliche Informatik - Rainer Rehak +C: +L:Saal Dijkstra +D:Die Informatik ist scheinbar das neue Göttliche, das den Klimawandel, die Kriminalität, unser fehlendes Wissen über das Gehirn, den Terror, dichter werdenden Stadtverkehr, die nationalen Energieprobleme und die Armut der Welt lösen kann; und zwar mit der Blockchain, mit künstlicher Intelligenz, mit der Cloud und mit Big-Data. Doch inwiefern ist die Informatik überhaupt in der Lage, derartige Probleme hoher gesellschaftlicher Relevanz anzugehen? In diesem Vortrag soll versucht werden, Teile der aktuelle Wunschliste an die Informatik mit ihren tatsächlichen aktuellen Möglichkeiten in Einklang zu bringen sowie die ökonomischen Motivationen und Rahmenbedingungen einzubeziehen. +: +B:1514462400 +E:1514464200 +S:Digitale Bildung in der Schule - Katja Bach +C: +L:Saal Dijkstra +D:„5.-Klässlerinnen, die über die Millisekunden für einen delay()-Aufruf diskutieren! +D:Gibt es nicht? Doch, gibt es!“ Ein Modellprojekt mit sieben Schulen in Aachen hat diese Frage untersucht – wir haben die Schülerinnen und Schüler begleitet und würden gerne darüber berichten, denn wir wissen jetzt: Programmieren macht ihnen Spaß! +: +B:1514585700 +E:1514587500 +S:Digitalization and the environment - Steffen Lange +C: +L:Saal Borg +D:In this talk, I address the question whether digitalization is likely to help decoupling economic growth from the environmental impacts of economic activities. In a first step, I summarize the literature on the impact of digitalization on growth and the environment. In a second step, I point out several concepts, in particular sufficiency, open source and commons, that may help to reconcile digitalization and environmental sustainability. +: +B:1514561400 +E:1514565000 +S:Don't stop 'til you feel it - iamkat +C: +L:Saal Borg +D:This talk will report on my current research in bringing to bear multiple knowledges on problem spaces around the environment and digital culture, and in so doing questioning both the prevailing knowledge hierarchy and the institutionalisation of knowledge production. To connect with the environment, for instance, do we need to connect with how it feels? This talk draws on works exploring both the marine environment and food, using knowledge from science, art, culture, instinct and history to create happenings and instances that break out the border of "me" and "my environment" to create an empathic response linking what we traditionally consider to be inside and outside. This will be demonstrated in the context of two artistic works - The Coral Empathy Device and Vital | Flows. +: +B:1514411100 +E:1514412900 +S:Doping your Fitbit - jiska, DanielAW +C: +L:Saal Clarke +D:Security architectures for wearables are challenging. We take a deeper look into the widely-used Fitbit fitness trackers. The Fitbit ecosystem is interesting to analyze, because Fitbit employs security measures such as end-to-end encryption and authentication to protect user data (and the Fitbit business model). Even though this goes beyond security mechanisms offered by other fitness tracker vendors, reverse-engineering the trackers enables us to launch practical attacks against Fitbit. In our talk, we demonstrate new attacks including wireless malware flashing on trackers as well as “unlocking” the trackers to work independent from the Fitbit cloud. +: +B:1514558700 +E:1514560500 +S:Drones of Power: Airborne Wind Energy - Christoph +C: +L:Saal Borg +D:Airborne wind energy is the attempt to bring the digital revolution to the production of energy. It means that we convert the power of high-altitude winds into electricity by autonomously controlled aircraft which are connected to the ground via a tether. +D:This technology can be a key element to finally power the world by clean energy only. In this talk we will explain the physical foundations, give an overview of the current status and show you how to build an experimental system by yourself: it involves hacking an off-the-shelf model aircraft and its autopilot based on the open and free Ardupilot framework. +: +B:1514370600 +E:1514374200 +S:Dude, you broke the Future! - Charles Stross +C: +L:Saal Adams +D:We're living in yesterday's future, and it's nothing like the speculations of our authors and film/TV producers. As a working science fiction novelist, I take a professional interest in how we get predictions about the future wrong, and why, so that I can avoid repeating the same mistakes. Science fiction is written by people embedded within a society with expectations and political assumptions that bias us towards looking at the shiny surface of new technologies rather than asking how human beings will use them, and to taking narratives of progress at face value rather than asking what hidden agenda they serve. +D: +D:In this talk, author Charles Stross will give a rambling, discursive, and angry tour of what went wrong with the 21st century, why we didn't see it coming, where we can expect it to go next, and a few suggestions for what to do about it if we don't like it. +D: +: +B:1514403000 +E:1514404800 +S:Ecstasy 10x yellow Twitter 120mg Mdma - !Mediengruppe Bitnik, !Mediengruppe Bitnik +C: +L:Saal Dijkstra +D:Artists !Mediengruppe Bitnik talk about recent works around bots and the online ecosystems that has been forming around them. Through the lens of their recent works around algorithms and bots, !Mediengruppe Bitnik offer a look into some of the technologies shaping our day-to-day. +: +B:1514582100 +E:1514585700 +S:Ein Festival der Demokratie - Daniel Möring, h01ger,, +C: +L:Saal Dijkstra +D:Erfahrungen und Details zu den zwei kritischen Medienprojekten FC/MC (alternatives Medienzentrum im Herzen der Stadt) und THERE IS NO TIME (Live-Talks am Rande des Sperrgebiets und über die Stadt verteilte Video-Empfangsstationen) und ihrer Kollaboration mit dem VOC zum G20 Gipfel in Hamburg. +: +B:1514580300 +E:1514582100 +S:Electroedibles - Denisa Kera, yair reshef, Zohar Messeca-Fara +C: +L:Saal Clarke +D:Electroedibles is an experiment with “edible” hardware that explores the limits of interaction between our tongue and circuits to mock the present fantasies of Internet of (Every)thing. This project initiated by the hardware lab at Shenkar College of Arts and Tel Aviv Makerspace consists from series of workshops, in which participants combine simple circuits (lickometer with LED, vibration motor or piezo) with recipes for candy making (hard candy based on syrups or gummy or corn starch molds). The circuits are casted in candy “molds” to serve different ideas defined by the participants: extreme hardware fetishist lollipops, philosophical props into sensory perception, post-colonial critique of the sugar cane addiction and slavery, scientific interest in triggering taste buds etc. This probe into the edible hardware is also a celebration of the DIY culture of sharing behind cooking, but also Open Source Hardware that bridges the divisions between the kitchen, the hardware studio and the science lab. Instead of applying science and technology to cooking and tasting (typical for molecular gastronomy & haute cuisine), the electroedibles use the experiences of candy cooking and to engage with different science and technology issues in enjoyable and funny ways. +: +B:1514470500 +E:1514474100 +S:Electromagnetic Threats for Information Security - @EMHacktivity , José Lopes Esteves +C: +L:Saal Clarke +D:For non specialists, Electromagnetic Pulse weapons (EMP) are fantasy weapons in science fiction movies. Interestingly, the susceptibility of electronic devices to electromagnetic interference has been advertised since the 90’s. Regarding the high integration of sensors and digital systems to control power-grids, telecom networks and automation infrastructures (e.g. Smart-grids, Industrial Control Systems), the intrinsic vulnerability of electronic devices to electromagnetic interference is of fundamental interest. In the context of IT Security, few studies have been carried out to understand how the effects may be a significant issue especially in the far-field region (distance between the transmitter’s antenna and the target with regard to the wavelength/central frequency). Most studies in Emanation Security (EMSEC) are related to near-field probing for side-channel and fault injection attacks assuming a close physical access to the targeted devices. In this paper, we propose a methodology to detect, classify and correlate the effect induced during the intentional exposure of analogue and digital systems to electromagnetic interference. Applying this methodology, the implication of the effects for the IT security world will be discussed with regards to the attacker profile needed to set-up a given scenario. +: +B:1514375100 +E:1514376900 +S:End-to-end formal ISA verification of RISC-V processors with riscv-formal - Clifford Wolf +C: +L:Saal Clarke +D:Formal hardware verification (hardware model checking) can prove that a design has a specified property. Historically only very simple properties in simple designs have been provable this way, but improvements in model checkers over the last decade enable us to prove very complex design properties nowadays. riscv-formal is a framework for formally verifying RISC-V processors directly against a formal ISA specification. In this presentation I will discuss how the complex task of verifying a processor against the ISA specification is broken down into smaller verification problems, and other techniques that I employed to successfully implement riscv-formal. +: +B:1514583000 +E:1514584800 +S:Ensuring Climate Data Remains Public - dcwalk +C: +L:Saal Borg +D:How do we keep important environmental and climate data accessible amidst political instability and risk? What even counts as an “accessible” dataset? Could we imagine better infrastructures for vital data? By describing the rapid data preservation efforts of U.S. environmental data that started in the wake of the recent election, I’ll address these questions and the new and existing issues that preservation surfaced about the vulnerability of data infrastructures. I'll focusing on specific projects, including the work of EDGI, that is trying to address these challenges by creating alternate forms of access and infrastructure! +: +B:1514368800 +E:1514370600 +S:Eröffnung: tuwat - Tim Pritlove +C: +L:Saal Adams +D:Daß sich mit Kleinkomputern trotzalledem sinnvolle Sachen machen lassen, die keine zentralisierten Großorganisationen erfordern, glauben wir. +: +B:1514585700 +E:1514587500 +S:Es sind die kleinen Dinge im Leben II - André Lampe +C: +L:Saal Clarke +D:Jeder weiß ungefähr was man mit einem Mikroskop tun kann: Kleine Dinge ansehen. Aber wie geht das genau, was braucht man dafür und gibt es da nicht eine Möglichkeit, dass da digitale Bilder rauspurzeln? Das hier soll eine Einführung sein, und zwar in die Grundlagen von Mikroskopen, wo der Unterschied zu anderen Optiken (Fotografie, Teleskope) ist und wie man zu Hause mit einfachen Mitteln schöne Bilder machen kann. Was kann man sinnvolles an den Nachwuchs verschenken, was taugen Anstreck-Dinger für das Smartphone oder USB-Mikroskope, wie fange ich zu Hause mit Mikroskopie an und was kann man überhaupt so alles betrachten? Quasi Micsorcopy 101. +: +B:1514482200 +E:1514485800 +S:Everything you want to know about x86 microcode, but might have been afraid to ask - Benjamin Kollenda, Philipp Koppe +C: +L:Saal Adams +D:Microcode is an abstraction layer on top of the physical components of a CPU and present in most general-purpose CPUs today. While it is well-known that CPUs feature a microcode update mechanism, very little is known about its inner workings given that microcode and the update mechanism itself are proprietary and have not been throughly analyzed yet. We close this gap by both analyzing microcode and writing our own programs for it. This talk will give an insight into our results and how we achieved them, including live demos of what we can do and technical details. +: +B:1514583000 +E:1514584800 +S:Extended DNA Analysis - _Adora_Belle_ +C: +L:Saal Clarke +D:In 2017, the federal states of Baden-Wurttemberg and Bavaria suggested the extension of the law on the analysis of forensic DNA. Up to now, DNA fingerprinting in forensic settings may, in addition to non-coding features of DNA, only analyze the chromosomal sex of the person, but not any other openly visible feature. Bavaria and Baden-Wurttemberg, under the leadership of CSU and the Green party, are pushing forward to analyze DNA found at crime scenes regarding hair color, eye color, skin color and in the case of Bavaria even geographical ethnicity. Extended DNA analysis, or “DNA facial composite” is seen as an impartial witness to the crime and, in the eyes of the states’ government, would help solve crimes. But would it? +: +B:1514486700 +E:1514490300 +S:Financial surveillance - Jasmin Klofta, Tom Wills +C: +L:Saal Clarke +D:Faced with new responsibilities to prevent terrorism and money laundering, banks have built a huge surveillance infrastructure sweeping up millions of innocent people. Investigative journalists Jasmin Klofta and Tom Wills explain how, as part of an international collaboration, they exposed World-Check, the privately-run watchlist at the heart of the system. +: +B:1514370600 +E:1514374200 +S:Forensic Architecture - Eyal Weizman +C: +L:Saal Dijkstra +D:In recent years, the group Forensic Architecture began using novel research methods to undertake a series of investigations into human rights abuses. The group uses architecture as an optical device to investigate armed conflicts and environmental destruction, as well as to cross-reference a variety of evidence sources, such as new media, remote sensing, material analysis, witness testimony, and crowd-sourcing. +D: +D:In this talk, Eyal Weizman provides, for the first time, an in-depth introduction to the history, practice, assumptions, potentials, and double binds of this practice. +: +B:1514475000 +E:1514478600 +S:Free Electron Lasers - Thorsten +C: +L:Saal Dijkstra +D:Wouldn’t it be awesome to have a microscope which allows scientists to map atomic details of viruses, film chemical reactions, or study the processes in the interior of planets? Well, we’ve just built one in Hamburg. It’s not table-top, though: 1 billion Euro and a 3km long tunnel is needed for such a ‘free electron laser’, also called 4th generation synchrotron light source. I will talk about the basic physics and astonishing facts and figures of the operation and application of these types of particle accelerators. +: +B:1514640600 +E:1514642400 +S:Fuck Dutch mass-surveillance: let's have a referendum! - niinja +C: +L:Saal Adams +D:Dutch intelligence agencies will soon be allowed to analyse bulk data of civilians on a massive scale, by intercepting internet traffic and through real-time access to all kinds of databases. They will also start hacking third-parties. My friends and I want to stop this. We started an action to enforce a referendum on the law. Surprisingly, it worked! How do we get most out of this opportunity? +: +B:1514379600 +E:1514383200 +S:Gamified Control? - Katika Kühnreich +C: +L:Saal Adams +D:In 2014 China’s government announced the implementation of big data based social credit systems (SCS). The SCS will rate online and offline behavior to create a score for each user. One of them is planned to become mandatory in 2020. This lecture will review the current state of governmental and private SCS and different aspects of these systems. +: +B:1514499300 +E:1514501100 +S:Growing Up Software Development - Mike Sperber +C: +L:Saal Dijkstra +D:Hacker culture overcomes limitations in computer systems through +D:creativity and tinkering. At the same time, hacker culture has shaped +D:the practice of software development to this day. This is +D:problematic - techniques effective for breaking (into) a computer +D:systems are not necessarily suitable for developing resilient and +D:secure systems. It does not have to be this way: We can approach +D:software development as a methodical, systematic activity rather than +D:tinkering, and teach it accordingly. I'll review my experience +D:teaching these methods for the past 18 years and give some suggestions +D:on what *you* may do. +D: +: +B:1514504700 +E:1514511900 +S:Hacker Jeopardy - Sec, Ray +C: +L:Saal Adams +D:The Hacker Jeopardy is a quiz show. +: +B:1514640600 +E:1514642400 +S:Hardening Open Source Development - gronke +C: +L:Saal Dijkstra +D:As authors it is our responsibility to build secure software and give each other the chance to verify and monitor our work. +D:Various flaws in development toolchains that allow code execution just by viewing or working in malicious repositories question the integrity of development environments and as such our projects as a whole. +D:This talk will discuss practical solutions for both technical and social challenges of collaboration. +: +B:1514551500 +E:1514553300 +S:History and implications of DRM - Molly de Blanc +C: +L:Saal Clarke +D:Digital Restrictions Management (DRM) is found everywhere from music to cars and, most recently, World Wide Web Consortium recommendations. How did we get here and where are we going with DRM? Who really owns not just your tools, but your experiences when someone (or something) else is controlling access to the data and access around them? We'll attempt to answer these questions, and more, in a historical overview, contemporary analysis, and look towards the future. +: +B:1514543400 +E:1514547000 +S:Holography of Wi-Fi radiation - Friedemann Reinhard +C: +L:Saal Dijkstra +D:Holography of Wi-Fi radiation +D:Philipp Holl [1,2] and Friedemann Reinhard [2] +D: +D:[1] Max Planck Institute for Physics +D:[2] Walter Schottky Institut and Physik-Department, Technical University of Munich +D: +D:When we think of wireless signals such as Wi-Fi or Bluetooth, we usually think of bits and bytes, packets of data and runtimes. +D: +D:Interestingly, there is a second way to look at them. From a physicist's perspective, wireless radiation is just light, to be precise: coherent electromagnetic radiation. It is virtually the same as the beam of a laser, except that its wavelength is much longer (cm vs µm). +D: +D:We have developed a way to visualize this radiation, providing a view of the world as it would look like for eyes sensitive to wireless radiation. +D: +D:Our scheme is based on holography, a technique to record three-dimensional pictures by a phase-coherent recording of radiation in a two-dimensional plane. This technique is traditionally implemented using laser light. We have adapted it to work with wireless radiation, and recorded holograms of building interiors illuminated by the omnipresent stray field of wireless devices. In the resulting three-dimensional images we can see both emitters (appearing as bright spots) and absorbing objects (appearing as shadows in the beam). Our scheme does not require any knowledge of the data transmitted and works with arbitrary signals, including encrypted communication. +D: +D:This result has several implications: it could provide a way to track wireless emitters in buildings, it could provide a new way for through-wall imaging of building infrastructure like water and power lines. As these applications are available even with encrypted communication, it opens up new questions about privacy." +D: +D: +D: +: +B:1514500200 +E:1514502000 +S:Home Distilling - lolnerd +C: +L:Saal Borg +D:This talk covers the theory, legality and economics of home distilling. We present the theoretical background of mashing, fermenting and distilling alcohol as well as the legal framework for home distilling in Germany from 2018 on. +: +B:1514577600 +E:1514581200 +S:How Alice and Bob meet if they don't like onions - Muelli, Erik, Matthias +C: +L:Saal Dijkstra +D:This history of anonymisation networks is long. Popular anonymisation networks rightfully focus on Web browsing, because that is the most popular application on todays Internet. The most popular anonymisation network is, rightfully so, Tor. You might, however, not have the requirements that mandate the use of the Tor network and thus are looking for alternatives. This talk presents a survey of anonymisation networks, what they achieve and how they differ. +D: +: +B:1514383200 +E:1514385000 +S:How can you trust formally verified software? - Alastair Reid +C: +L:Saal Borg +D:Formal verification of software has finally started to become viable: we have examples of formally verified microkernels, realistic compilers, hypervisors etc. These are huge achievements and we can expect to see even more impressive results in the future but the correctness proofs depend on a number of assumptions about the Trusted Computing Base that the software depends on. Two key questions to ask are: Are the specifications of the Trusted Computing Base correct? And do the implementations match the specifications? I will explore the philosophical challenges and practical steps you can take in answering that question for one of the major dependencies: the hardware your software runs on. I will describe the combination of formal verification and testing that ARM uses to verify the processor specification and I will talk about our current challenge: getting the specification down to zero bugs while the architecture continues to evolve. +: +B:1514384100 +E:1514387700 +S:How risky is the software you use? - Tim Carstens & Parker Thompson +C: +L:Saal Adams +D:Software vendors like to claim that their software is secure, but the effort and techniques applied to this end vary significantly across the industry. From an end-user's perspective, how do you identify those vendors who are effective at securing their software? From a vendor's perspective, how do you identify those techniques which are effective at improving security? Presenting joint work with Sarah Zatko, mudge, Patrick Stach, and Parker Thompson. +: +B:1514561400 +E:1514565000 +S:How to drift with any car - Guillaume Heilles, P1kachu +C: +L:Saal Dijkstra +D:Lots of research are arising from the fairly unexplored world of automative communications. Cars are no longer becoming computers, they are fully connected networks where every ECU exchanges and operates the vehicles at some point. +D:Here is an introduction of my immersion and discussions with my car, and how I finally managed to drift (a bit) with my mom's FWD Fiat 500c. +: +B:1514494800 +E:1514498400 +S:Implementing an LLVM based Dynamic Binary Instrumentation framework - Charles Hubain, Cédric TESSIER +C: +L:Saal Dijkstra +D:This talk will go over our efforts to implement a new open source DBI framework based on LLVM. We'll explain what DBI is used for, how it works, the implementation challenges we faced and compare a few of the existing frameworks with our own implementation. +: +B:1514568600 +E:1514575800 +S:Inside AfD - Felix Höfner, Lucia, Marek, Janosch, Slim +C: +L:Saal Clarke +D:Herbst 2017. Irgendwo in Deutschland. Die führenden Köpfe der AfD träumen von der parlamentarischen Machtübernahme und dem schleichenden Sieg im Kampf um die Deutungshoheit von Begrifflichkeiten. Doch dann kommt alles ganz anders. +: +B:1514482200 +E:1514485800 +S:Inside Android’s SafetyNet Attestation: Attack and Defense - Collin Mulliner +C: +L:Saal Clarke +D:SafetyNet Attestation is the primary platform security service on Android. Until recently you had to use third party tools or implemented your own app integrity checks and device rooting checks. Today you can use Android's SafetyNet Attestation infrastructure to ensure the integrity of your application and the user's device. Unfortunately, SafetyNet Attestation is not well documented by Google. This talk is split into three parts. Part one provides a deep dive into SafetyNet Attestation how it works. Part two is a guide on how to implement and use it for real world applications. This is based on the lessons learned from implementing SafetyNet Attestation for an app with a large install base. The talk will provide you with everything you need to know about Android’s SafetyNet Attestation and will help you to implement and use it in your app. Part three presents attacks and bypasses against SafetyNet Attestation. The attack method targets not only SafetyNet but other similar approaches. New tools and techniques will be released at this talk. +: +B:1514388600 +E:1514392200 +S:Inside Intel Management Engine - Maxim Goryachy, Mark Ermolov +C: +L:Saal Borg +D:Positive Technologies researchers Maxim Goryachy and Mark Ermolov have discovered a vulnerability that allows running unsigned code. The vulnerability can be used to activate JTAG debugging for the Intel Management Engine processor core. When combined with DCI, this allows debugging ME via USB. +: +B:1514491200 +E:1514494800 +S:Intel ME: Myths and reality - Igor Skochinsky, Nicola Corna +C: +L:Saal Adams +D:Many claims were made recently about purpose and capabilities of the Intel ME but with all the buzz it is not always clear what are facts and what is just speculation. We'll try to clear the fog of misunderstanding with research based on investigations of ME firmware and practical experiments on ME-equipped hardware. +: +B:1514629800 +E:1514631600 +S:International Image Interoperability Framework (IIIF) – Kulturinstitutionen schaffen interoperable Schnittstellen für digitalisiertes Kulturgut - Leander Seige +C: +L:Saal Clarke +D:Neue Standards wie IIIF ( ermöglichen es, digitalisiertes Kulturgut (Gemälde, Bücher, Handschriften, Fotografien, Karten u.s.w.) interoperabel und maschinenlesbar verfügbar zu machen. Darauf aufsetzend können nicht nur ansehnliche Präsentationen erstellt werden, insbesondere ermöglicht IIIF es, institutionsübergreifend Daten verknüpfbar zu machen und virtuelle Arbeitsoberflächen einrichtungsunabhängig zu realisieren. Dem Linked Data Prinzip folgend, sind alle Daten standardisiert identifizierbar und nutzbar. Es existieren bereits viele leistungsfähige Open Source Anwendungen für IIIF. Der Talk führt in IIIF ein und zeigt viele anschauliche Beispiele, die bedeutende Werke aus namhaften Einrichtungen weltweit enthalten. +: +B:1514556900 +E:1514560500 +S:Internet censorship in the Catalan referendum - Matthias +C: +L:Saal Dijkstra +D:On October 1st the Catalan society held a referendum to decide if they wanted to stay part of the Spanish state or create an independent state. This talk will explain the internet censorship which took place in the weeks before the referendum, on the very same day as well as in the timer after the referendum. +: +B:1514475000 +E:1514478600 +S:Internet of Fails - Barbara Wimmer +C: +L:Saal Borg +D:Expect current examples of IoT fails that I collected during my work as a journalist in regards of privacy and security. What do such fails mean for society? What are possible solutions and what can customers do? +: +B:1514635200 +E:1514637000 +S:Italy's surveillance toolbox - boter +C: +L:Saal Dijkstra +D:This project aims to take advantage of the availability of public procurement data sets, required by anticorruption transparency laws, to discover government surveillance capabilities in Italy. +D: +: +B:1514470500 +E:1514477700 +S:Jahresrückblick des CCC 2017 - frank, Constanze Kurz, nexus, Linus Neumann +C: +L:Saal Adams +D:Staatstrojaner, Vorratsdaten, automatisierte Biometriesammlungen, PC-Wahl – wir geben einen Überblick über die Themen, die den Chaos Computer Club 2017 beschäftigt haben. +: +B:1514413800 +E:1514417400 +S:KRACKing WPA2 by Forcing Nonce Reuse - Mathy Vanhoef +C: +L:Saal Adams +D:We introduce key reinstallation attacks (KRACKs). These attacks abuse features of a protocol to reinstall an already in-use key, thereby resetting nonces and/or replay counters associated to this key. We show that our novel attack technique breaks several handshakes that are used in a WPA2-protected network. +: +B:1514375100 +E:1514378700 +S:Ladeinfrastruktur für Elektroautos: Ausbau statt Sicherheit - Mathias Dalheimer +C: +L:Saal Adams +D:Wir retten das Klima mit Elektroautos — und bauen die Ladeinfrastruktur massiv aus. Leider werden dabei auch Schwachstellen auf allen Ebenen sichtbar: Von fehlender Manipulationssicherheit der Ladesäulen bis hin zu inhärent unsicheren Zahlungsprotokollen und kopierbaren Zahlkarten. Ladesäulenhersteller und Ladenetzbetreiber lassen ihre Kunden im Regen stehen — geht das schnelle Wachstum des Marktanteils zu Lasten der Kundensicherheit? +: +B:1514495700 +E:1514499300 +S:LatticeHacks - djb, Tanja Lange, Nadia Heninger +C: +L:Saal Adams +D:Lattices are an extremely useful mathematical tool for cryptography. +D:This talk will explain the basics of lattices in cryptography and cryptanalysis. +: +B:1514395800 +E:1514399400 +S:Lets break modern binary code obfuscation - Tim Blazytko, Moritz Contag +C: +L:Saal Dijkstra +D:Do you want to learn how modern binary code obfuscation and deobfuscation works? Did you ever encounter road-blocks where well-known deobfuscation techniques do not work? Do you want to see a novel deobfuscation method that learns the code's behavior without analyzing the code itself? Then come to our talk and we give you a step-by-step guide. +: +B:1514457000 +E:1514464200 +S:Lightning Talks Day 2 - gedsic, bigalex +C: +L:Saal Borg +D:Lightning Talks are short lectures (almost) any congress participant may give! Bring your infectious enthusiasm to an audience with a short attention span! Discuss a program, system or technique! Pitch your projects and ideas or try to rally a crew of people to your party or assembly! Whatever you bring, make it quick! +: +B:1514543400 +E:1514550600 +S:Lightning Talks Day 3 - gedsic, bigalex +C: +L:Saal Borg +D:Lightning Talks are short lectures (almost) any congress participant may give! Bring your infectious enthusiasm to an audience with a short attention span! Discuss a program, system or technique! Pitch your projects and ideas or try to rally a crew of people to your party or assembly! Whatever you bring, make it quick! +: +B:1514629800 +E:1514637000 +S:Lightning Talks Day 4 - gedsic, bigalex +C: +L:Saal Borg +D:Lightning Talks are short lectures (almost) any congress participant may give! Bring your infectious enthusiasm to an audience with a short attention span! Discuss a program, system or technique! Pitch your projects and ideas or try to rally a crew of people to your party or assembly! Whatever you bring, make it quick! +: +B:1514370600 +E:1514374200 +S:Lobby-Schlacht um die ePrivacy-Verordnung - Ingo Dachwitz +C: +L:Saal Clarke +D:In der EU wird gerade über eine Verordnung verhandelt, die für die Vertraulichkeit der elektronischen Kommunikation verbindliche und zeitgemäße Regeln schaffen soll. Diese „ePrivacy-Verordnung“ könnte in absehbarer Zeit die letzte Möglichkeit sein, dem informationellen Kontrollverlust EU-weit politisch etwas entgegenzusetzen. +: +B:1514403000 +E:1514404800 +S:Low Cost Non-Invasive Biomedical Imaging - Jean Rintoul +C: +L:Saal Clarke +D:An open source biomedical imaging project using electrical impedance tomography. Imagine a world where medical imaging is cheap and accessible for everyone! We'll discuss this current project, how it works, and future directions in medical physics. +: +B:1514643300 +E:1514646900 +S:MQA - A clever stealth DRM-Trojan - Christoph Engemann, +C: +L:Saal Dijkstra +D:Master Quality Authenticated (MQA) is a new audio format promising studio sound at home and no DRM. We take a critical look both at the sound-quality aspects as well as on the DRM story of MQA. +: +B:1514459700 +E:1514461500 +S:Making Experts Makers and Makers Experts - Daniel Wessolek, Isabelle Dechamps +C: +L:Saal Dijkstra +D:Over the past year, we have been developing open source wheelchair add-ons through user research, ideation, design, prototyping and testing. We present the outcome and insights from the process. +: +B:1514467800 +E:1514469600 +S:May contain DTraces of FreeBSD - raichoo +C: +L:Saal Dijkstra +D:Systems are getting increasingly complex and it's getting harder to understand what they are actually doing. Even though they are built by human individuals they often surprise us with seemingly bizarre behavior. DTrace lights a candle in the darkness that is a running production system giving us unprecedented insight into the system helping us to understand what is actually going on. +D: +D:We are going implement `strace`-like functionality, trace every function call in the kernel, watch the scheduler to its thing, observer how FreeBSD manages resources and even peek into runtime systems of high level programming languages. If you ever wondered what software is doing when you are not looking, this talk is for you. +: +B:1514543400 +E:1514550600 +S:Methodisch inkorrekt! - Nicolas Wöhrl, @ReinhardRemfort +C: +L:Saal Adams +D:Der IgNobelpreis ist eine Auszeichnung, um wissenschaftliche Leistungen zu ehren, die „Menschen zuerst zum Lachen, dann zum Nachdenken bringen“ („to honor achievements that first make people laugh, and then make them think“). Wir erklären die Preisträger 2017 in gewohnter Minkorrekt-Manier. +: +B:1514409300 +E:1514412900 +S:Microarchitectural Attacks on Trusted Execution Environments - Keegan Ryan +C: +L:Saal Borg +D:Trusted Execution Environments (TEEs), like those based on ARM TrustZone or Intel SGX, intend to provide a secure way to run code beyond the typical reach of a computer’s operating system. +D:However, when trusted and untrusted code runs on shared hardware, it opens the door to the same microarchitectural attacks that have been exploited for years. This talk provides an overview of these attacks as they have been applied to TEEs, and it additionally demonstrates how to mount these attacks on common TrustZone implementations. Finally, we identify new techniques which allow us to peer within TrustZone TEEs with greater resolution than ever before. +: +B:1514457000 +E:1514460600 +S:Mobile Data Interception from the Interconnection Link - Dr. Silke Holtmanns +C: +L:Saal Adams +D:Many mobile network operators rush to upgrade their networks to 4G/LTE from 2G and 3G, not only to improve the service, but also the security. The Diameter protocol - the successor of SS7 in Long Term Evolution (LTE) networks is believed to offer more protection to the network itself and to the end-users. However, also Diameter offers a rich functionality set, which can be also exploited and misused, if the network is not properly protected. We will show in this lecture, how data interception (MiM) can be done via the diameter based interconnection link. +: +B:1514632500 +E:1514634300 +S:Modern key distribution with ClaimChain - prometheas +C: +L:Saal Dijkstra +D:ClaimChain is a Public Key Infrastructure unique in that it can operate in fully decentralized settings with no trusted parties. A vouching mechanism among users, similar to the Web of Trust, assists with social authentication but without revealing the users' social graph. High-integrity data structures prevent equivocation and help detect compromises; the protocol can support generic claims (conventional PGP, modern OTR/Signal etc.); and a prototype evaluation indicates that ClaimChain can scale. +: +B:1514554200 +E:1514556000 +S:Net Neutraliy Enforcement in the EU - Thomas Lohninger +C: +L:Saal Clarke +D:After four years of advocacy and lobbying to enshrine net neutrality principles in law in Europe, we can now examine the first full year of enforcement of the new rules. We will compare the enforcment of net neutrality in the individual EU member states, showcase a few of the more creative net neutrality violations and demonstrate what civil society can do to keep the Internet neutral. Enforcing net neutrality also requires network measurement tools that can detect discrimination; we will discuss what progress Europe has made in this regard. +: +B:1514470500 +E:1514474100 +S:Netzpolitik in der Schweiz - Kire, Patrick Stählin, Hakuna MaMate +C: +L:Saal Dijkstra +D:Gleich in drei Gesetzen drohen Netzsperren. Staatstrojaner und Massenüberwachung bis ins WLAN sind mit der Einführung der Überwachungsgesetze BÜPF und NDG vorgesehen. E-Voting soll auf Biegen und Brechen durchgesetzt werden. Nur garantierte Netzneutralität lässt weiter auf sich warten. Im Vortrag versuchen wir, Einsichten in die netzpolitischen Auseinandersetzungen in der Schweiz zu geben und Handlungsmöglichkeiten aufzuzeigen. +: +B:1514591100 +E:1514596500 +S:Nougatbytes 11₂ - Rainer Rehak, Benks +C: +L:Saal Adams +D:Zwei Teams mit rauchenden Köpfen und ein johlendes Publikum raten sich durch unsere dritte Wortspielhölle der IT, Informatik und digitalen Gesellschaft. Wer bei vielschichtigen (Anm. d. R.: „haarsträubenden“!) Assoziazionsbilderrätseln freudiges Synapsenfunkeln und feuchte Augen bekommt oder aber bei Gehirnschmerz und Um-die-Ecke-Denk-Beulen trotzdem feiert, ist bei uns zu Hause. +: +B:1514554200 +E:1514556000 +S:OONI: Let's Fight Internet Censorship, Together! - Arturo Filastò (hellais) +C: +L:Saal Borg +D:How can we take a stand against the increasing shadow of Internet censorship? With OONI Probe you can join us in uncovering evidence of network interference! +: +B:1514573100 +E:1514576700 +S:On the Prospects and Challenges of Weather and Climate Modeling at Convection-Resolving Resolution - David Leutwyler +C: +L:Saal Borg +D:The representation of thunderstorms (deep convection) and rain showers in climate models represents a major challenge, as this process is usually approximated with semi-empirical parameterizations due to the lack of appropriate computational resolution. Climate simulations using kilometer-scale horizontal resolution allow explicitly resolving deep convection and thus allow for an improved representation of the water cycle. We present a set of such simulations covering Europe and global computational domains. Finally, we discuss challenges and prospects climate modelers face on heterogeneous supercomputers architectures. +: +B:1514556900 +E:1514560500 +S:Open Source Estrogen - maggic +C: +L:Saal Clarke +D:Collaborative and interdisciplinary research, Open Source Estrogen combines biohacking and artistic intervention to demonstrate the entrenched ways in which estrogen is a biomolecule with institutional biopower. It is a form of biotechnical civil disobedience, seeking to subvert dominant biopolitical agents of hormonal management, knowledge production, and anthropogenic toxicity. Thus, the project initiates a cultural dialogue through the generation of DIY/DIWO (do-it-yourself/do-it-with-others) for the detection and extraction of estrogen, and contextualized as kitchen performance and queer body worship. +: +B:1514495700 +E:1514499300 +S:Opening Closed Systems with GlitchKit - ktemkin, dominicgs +C: +L:Saal Borg +D:Systems that hide their firmware-- often deep in readout-protected flash or hidden in encrypted ROM chips-- have long stymied reverse engineers, who often have to resort to inventive methods to understand closed systems. To help reduce the effort needed to get a foothold into a new system, we present GlitchKit-- an open source hardware and firmware solution that significantly simplifies the process of fault-injecting your way into a new system -- and of fault-injecting firmware secrets out! This talk presents the development completed thus far, demonstrates the use of GlitchKit in simple attacks, and invites participation in the development of our open-source tools. +: +B:1514640600 +E:1514642400 +S:Organisational Structures for Sustainable Free Software Development - mo +C: +L:Saal Clarke +D:What kind of organisational structures exist for free software projects? What funding sources? How can you avoid pitfalls with funding, support volunteers, and stay a happy family? +: +B:1514400300 +E:1514403900 +S:Pointing Fingers at 'The Media' - alebey +C: +L:Saal Borg +D:The German election in September 2017 brought a tectonic shift to the layout of German politics. With the AfD in parliament far-right illiberalism has reached the mainstream. We investigate the communicative developments underlying this rise. Using web-scraping and automated content analysis, we collected over 10.000 articles from mainstream-news and far-right blogs, along with over 90GBs of Tweets and thousands of Facebook-Posts. This allows us a deep insight into how public discourse works in 2017 Germany. +: +B:1514552400 +E:1514556000 +S:Policing in the age of data exploitation - Eva Blum--Dumontet, Millie Wood +C: +L:Saal Dijkstra +D:What does policing look like in the age of data exploitation? This is the question we at Privacy International have been exploring for the past two years. Our research has focused on the UK where the population has been used as guinea pigs for ever more invasive modern approaches to policing. In this talk we will discuss our findings with you and avenues for change. +: +B:1514413800 +E:1514417400 +S:Practical Mix Network Design - David Stainton, jeffburdges +C: +L:Saal Clarke +D:We shall explain the renewed interest in mix networks. Like Tor, mix networks protect metadata by using layered encryption and routing packets between a series of independent nodes. Mix networks resist vastly more powerful adversary models than Tor though, including global passive adversaries. In so doing, mix networks add both latency and cover traffic. We shall outline the basic components of a mix network, touch on their roles in resisting active and passive attacks, and discuss how the latency impacts reliability, application design, and user experience. +: +B:1514640600 +E:1514642400 +S:Privacy Shield - Lipstick on a Pig? - Max Schrems +C: +L:Saal Borg +D:In 2015 the Court of Justice of the European Union (CJEU) has overturned the EU-US data sharing system called „Safe Harbor“ over US mass surveillance, as disclosed by Edward Snowden. Only months later the European Commission agreed with the US government to replace it with the so-called “Privacy Shield”, despite the existence of PRISM and Upstream surveillance. Why the new deal is nothing but the old “Safe Harbor”, what we can learn for the documents exchanged between the EU and the US and why it will very likely be overturned as soon as it reached the CJEU again. +: +B:1514568600 +E:1514572200 +S:Protecting Your Privacy at the Border - Kurt Opsahl, William Budington +C: +L:Saal Adams +D:Our lives are on our laptops – family photos, medical documents, banking information, details about what websites we visit, and so much more. Digital searches at national borders can reach our personal correspondence, health information, and financial records, allowing an affront to privacy and dignity which is inconsistent with the values of a free society. While privacy and security is important for any traveler, this has become a critical issue for international conferences and their attendees, who shouldn’t need to trade off an invasive search for participating in important conversations. This talk will discuss the both the legal and policy issues with border searches, as well as technological measures people can use in an effort to protect their data. +: +B:1514588400 +E:1514590200 +S:Public FPGA based DMA Attacking - Ulf Frisk +C: +L:Saal Clarke +D:Most thought Direct Memory Access (DMA) attacks were a thing of the past after CPU vendors introduced IOMMUs and OS vendors blocked Firewire DMA. At least until the PCILeech direct memory access attack toolkit was presented a year ago and quickly became popular amongst red teamers and governments alike. A year later the situation has improved but some firmware and operating systems still remain vulnerable by default. The hardware used to perform the attacks was however limited both in capabilities and supply. FPGA support was introduced and made available to the public to overcome these problems. In this talk I will subvert kernels, defeat full disk encryption and spawn system shells - all by using affordable publically available FPGAs and open source software! +: +B:1514395800 +E:1514399400 +S:QualityLand - Marc-Uwe Kling +C: +L:Saal Adams +D:Willkommen in QualityLand, in einer nicht allzu fernen Zukunft: Alles läuft rund - Arbeit, Freizeit und Beziehungen sind von Algorithmen optimiert. +: +B:1514551500 +E:1514553300 +S:Regulating Autonomous Weapons - Anja Dahlmann +C: +L:Saal Adams +D:Depending on the definition, autonomous weapon systems do not and might never exist, so why should we care about killer robots? It is the decline of human control as an ongoing trend in military systems and the incapacity of computing systems to „understand“ human beings and the nature of war that is worrisome. +: +B:1514405700 +E:1514407500 +S:Relativitätstheorie für blutige Anfänger - Steini +C: +L:Saal Clarke +D:Jeder kennt sie, kaum jemand versteht sie wirklich, die vielleicht berühmteste Gleichung der Welt: E=mc^2 +D:Was hat es damit auf sich, was ist die spezielle- und was die allgemeine Relativitätstheorie? Wie kann man sicher sein, dass das wirklich stimmt? Bleibt die Zeit stehen, wenn man sich mit Lichtgeschwindigkeit bewegt? Was ist das Zwillings-Paradoxon und dehnt sich das Universum aus, oder werden wir einfach nur immer kleiner? +: +B:1514568600 +E:1514572200 +S:Resilienced Kryptographie - ruedi, cforler +C: +L:Saal Dijkstra +D:Die Sicherheitsdesaster bei der Schlüsselgenerierung in TPM Chips und bei der Minix 3 basierten Intel ME Implementierung zeigen, dass das Vertrauen in hardwaregestützte Coputersicherheit grundlegend hinterfragt werden muss. Die Robustness in feindlicher Umgebung kann mit anspruchsvolleren kryptographische Verfahren mathematisch abgesichert erhöht werden. +D: +: +B:1514466000 +E:1514469600 +S:Reverse engineering FPGAs - MathiasL +C: +L:Saal Clarke +D:In this talk I describe the basic makeup of FPGAs and how I reverse engineered the Xilinx 7 Series and Lattice iCE40 Series together with the implications. +: +B:1514502000 +E:1514503800 +S:Robot Music - jacob remin, goto80 +C: +L:Saal Dijkstra +D:Once full automation hits, we will have a lot of free time on our hands. This project demonstrates early explorations in computer generated music via robot hands, old computers and generative algorithms. While the robot performs, we sit next to it and invite people for a conversation about robots being “creative” and “stealing our jobs”. +: +B:1514577600 +E:1514579400 +S:Running GSM mobile phone on SDR - Vadim Yanitskiy, ptrkrysik +C: +L:Saal Clarke +D:Since SDR (Software Defined Radio) becomes more popular and more available for everyone, there is a lot of projects based on this technology. Looking from the mobile telecommunications side, at the moment it's possible to run your own GSM or UMTS network using a transmit capable SDR device and free software like OsmoBTS or OpenBTS. There is also the srsLTE project, which provides open source implementation of LTE base station (eNodeB) and moreover the client side stack (srsUE) for SDR. Our talk is about the R&D process of porting the existing GSM mobile side stack (OsmocomBB) to the SDR based hardware, and about the results we have achieved. +: +B:1514647800 +E:1514651400 +S:SCADA - Gateway to (s)hell - nezza +C: +L:Saal Dijkstra +D:Small gateways connect all kinds of fieldbusses to IP systems. This talk will look at the (in)security of those gateways, starting with simple vulnerabilities, and then deep diving into reverse-engineering the firmware and breaking the encryption of firmware upgrades. The found vulnerabilities will then be demonstrated live on a portable SCADA system. +: +B:1514563200 +E:1514565000 +S:SatNOGS: Crowd-sourced satellite operations - Nikos Roussos +C: +L:Saal Clarke +D:An overview of the SatNOGS project, a network of satellite ground station around the world, optimized for modularity, built from readily available and affordable tools and resources. +: +B:1514556900 +E:1514558700 +S:Saving the World with Space Solar Power - anja, sjunk +C: +L:Saal Borg +D:Space Solar Power station, such as SPS Alpha, could overcome some issues that renewable energy plants on Earth suffer of structural basis when challenges such as energy transfer from orbit to Earth are solved. But will this solve the Earth's problems in a peaceful way? +: +B:1514502000 +E:1514503800 +S:Schnaps Hacking - Nero Lapislucis, sir wombat +C: +L:Saal Borg +D:This talk covers the theory, the required tools and how to make them, and the process of turning apples into juice, ferment them, and enrich the alcohol content of the product. +: +B:1514632500 +E:1514634300 +S:Schreibtisch-Hooligans - Arne Semsrott +C: +L:Saal Adams +D:Wie umgehen mit politischer Ohnmacht? Das Informationsfreiheitsgesetz bietet einige Ansätze: Es macht es auch für juristische Laien möglich, gegen Behörden vorzugehen, die das Recht brechen. Wir kämpfen gegen die Ohnmacht: Dieses Jahr haben wir alle Gesetzentwürfe aller Bundesministerien und Lobby-Stellungnahmen dazu befreit. Wir haben uns mit der Berliner Partypolizei angelegt - prost! - und 13 Behörden verklagt, darunter die Polizei Köln, das Innenministerium und das Verteidigungsministerium. Und wir haben einen Weg gefunden, zwei Behörden zu verklagen, die eigentlich sonst keine Auskunft geben ... +: +B:1514383200 +E:1514385000 +S:Science is broken - hanno +C: +L:Saal Clarke +D:We're supposed to trust evidence-based information in all areas of life. However disconcerting news from several areas of science must make us ask how much we can trust scientific evidence. +: +B:1514647800 +E:1514651400 +S:Security Nightmares 0x12 - frank, Ron +C: +L:Saal Adams +D:Was hat sich im letzten Jahr im Bereich IT-Sicherheit getan? Welche neuen Entwicklungen haben sich ergeben? Welche neuen Buzzwords und Trends waren zu sehen? +: +B:1514577600 +E:1514579400 +S:Simulating the future of the global agro-food system - Benjamin Leon Bodirsky +C: +L:Saal Borg +D:How can we feed a growing world population within a resilient Earth System? This session will present results from our cybernetic computer models that simulate how future trends in population growth, diets, technology and policy may change the global land cover, freshwater usage, the nitrogen cycle and the climate system, and how more sustainable pathways can be reached. We want to discuss how our computer models and our data can be made accessible and usable by a broader community, and which new ways exist to visualize key insights and provide decision support to our society. We will also showcase some interactive physical installations that have been developed jointly with a group of art students to visualize future scenarios. +: +B:1514457000 +E:1514460600 +S:Social Bots, Fake News und Filterblasen - Michael Kreil +C: +L:Saal Clarke +D:„Angriff der Meinungsroboter“ und „Gefangen in der Filterblase“ titelten die deutschen Medien. Doch was ist wirklich daran? +: +B:1514405700 +E:1514407500 +S:Social Cooling - Tijmen Schep +C: +L:Saal Dijkstra +D:What does it mean to be free in a world where surveillance is the dominant business model? Behind the scenes databrokers are turning our data into thousands of scores. This digital reputation is increasingly influencing our chances to find a job, a loan or even a date. Researchers are pointing out that, as people become aware of this reputation economy, it is generating a culture where self-censorship and risk aversion are the new normal. +D: +D:How do we deal with these chilling effects? I suggest we take the comparison of oil and data all the way: if oil leads to global warming, then data leads to Social Cooling. +: +B:1514470500 +E:1514474100 +S:Spy vs. Spy: A Modern Study Of Microphone Bugs Operation And Detection - Veronica Valeros, Sebastian Garcia +C: +L:Saal Borg +D:In 2015, artist Ai Weiwei was bugged in his home, presumably by government actors. This situation raised our awareness on the lack of research in our community about operating and detecting spying microphones. Our biggest concern was that most of the knowledge came from fictional movies. Therefore, we performed a deep study on the state-of-the-art of microphone bugs, their characteristics, features and pitfalls. It included real life experiments trying to bug ourselves and trying to detect the hidden mics. Given the lack of open detection tools, we developed a free software SDR-based program, called Salamandra, to detect and locate hidden microphones in a room. After more than 120 experiments we concluded that placing mics correctly and listening is not an easy task, but it has a huge payoff when it works. Also, most mics can be detected easily with the correct tools (with some exceptions on GSM mics). In our experiments the average time to locate the mics in a room was 15 minutes. Locating mics is the novel feature of Salamandra, which is released to the public with this work. We hope that our study raises awareness on the possibility of being bugged by a powerful actor and the countermeasure tools available for our protection. +: +B:1514379600 +E:1514383200 +S:Squeezing a key through a carry bit - Filippo Valsorda +C: +L:Saal Dijkstra +D:The Go implementation of the P-256 elliptic curve had a small bug due to a misplaced carry bit affecting less than 0.00000003% of field subtraction operations. We show how to build a full practical key recovery attack on top of it, capable of targeting JSON Web Encryption. +: +B:1514486700 +E:1514490300 +S:Taking a scalpel to QNX - Jos Wetzels, Ali Abbasi +C: +L:Saal Borg +D:In this talk we will present a deep-dive analysis of the anatomy of QNX: a proprietary, real-time operating system aimed at the embedded market used in many sensitive and critical systems, particularly within the automotive industry. +D: +D:We will present the first reverse-engineering and analysis of the exploit mitigations, secure random number generators and memory management internals of QNX versions up to and including 6.6 and the brand new 64-bit QNX 7.0 (released in March 2017) and uncover a variety of design issues and vulnerabilities. +: +B:1514543400 +E:1514545200 +S:Taxation - vavoida +C: +L:Saal Clarke +D:Taxation, the most "boring" #34c3 talk, but hey it's the economy stupid, and you pay for it! We will a provide a quick overview of the international taxation system. Explaining what a Double Irish Sandwich is. Why international corporations like Google only pays 2.4% taxes. And how your favourite tech companies (Google, Amazon, Apple, Microsoft, ... ) evaded billions in taxes. This tax-dodging costs the European Union more than $50 billion. Annually. We bring this numbers into perspective. And why you pay more. +D:And how you should discuss that topic, since it defines how our society will be. +: +B:1514377800 +E:1514379600 +S:The Enemy - Karim Ben Khelifa +C: +L:Saal Clarke +D:The Enemy brings you face-to-face with combatants from three conflict zones: with the Maras in Salvador, in the Democratic Republic of the Congo, and in Israel and Palestine. Their testimonies and confessions about their lives, experiences, and perspectives on war will allow you to better understand their motivations… and their humanity. +: +B:1514643300 +E:1514646900 +S:The Internet in Cuba: A Story of Community Resilience - Will Scott, kopek +C: +L:Saal Adams +D:Internet access in Cuba is notoriously restrictive. ETECSA, the government-run teleco, offers 60 wireless hotspots in parks and hotels, allowing foreigners and citizens alike to "visit" the Internet for only $1/hour… That’s what most tourists know about the Internet in Cuba, but of course, that can't be the whole story! +D: +D:In this talk, we'll take a deeper look at what life is like for Cuban hackers, and we’ll get to tour a vibrant set of community-driven networks that typical tourists never see. The story that emerges is an inspiring view of what communities can (and can’t) accomplish in the face of adversity. +D: +: +B:1514492100 +E:1514493900 +S:The Noise Protocol Framework - Trevor Perrin +C: +L:Saal Dijkstra +D:Thehref="">Noise Protocol Frameworkis a toolkit for 2-party secure-channel protocols. Noise is used by WhatsApp for client-server communication, by the WireGuard VPN protocol, and by the Lightning Network. In this talk I'll describe the rationale behind such a framework, and how you can use it to build simple, efficient, and customized secure-channel protocols. +: +B:1514413800 +E:1514417400 +S:The Ultimate Apollo Guidance Computer Talk - Michael Steil, Christian Hessmann +C: +L:Saal Borg +D:The Apollo Guidance Computer ("AGC") was used onboard the Apollo spacecraft to support the Apollo moon landings between 1969 and 1972. This talk explains "everything about the AGC", including its quirky but clever hardware design, its revolutionary OS, and how its software allowed humans to reach and explore the moon. +D: +: +B:1514491200 +E:1514494800 +S:The making of a chip - Ari +C: +L:Saal Clarke +D:You are surrounded by ICs. Yet you probably don't know much about how such a chip is made. This talk is an introduction to the world of chip fabrication from photolithography over ion implantation to vapor deposition of the connections +: +B:1514467800 +E:1514469600 +S:The seizure of the Iuventa - Hendrik, Kathrin +C: +L:Saal Borg +D:The ship „Iuventa“ of the organization „Jugend Rettet“ was seized on August 2nd 2017 by the Italian authorities. The accusations: facilitating illegal immigration, organized crime and possession of weapons. What followed was a smear campaign that had seldomly been seen before. Against „Jugend Rettet“ and all the other NGOs that do search and rescue (SAR) in the mediterranean sea. +: +B:1514465100 +E:1514466900 +S:Think big or care for yourself - AKO +C: +L:Saal Dijkstra +D:Technology is perceived as a danger. In German nursing sciences the dominant position on emergent technologies demands the removal of machines from caring environments („Entmaschinisierung“). In contrast to this, European research policy heavily focus on developing new health and social technologies to solve societal issues like a skill shortage in nursing. In this talk we first give an overview on main arguments against digital technologies in care with an example of a current research project in the field of Augmented Reality in care work. Secondly, we argue that those luddite positions in nursing science are losing touch with their subject’s reality. Consequently, they are about to miss another chance to establish their sphere of influence. +: +B:1514586600 +E:1514590200 +S:This is NOT a proposal about mass surveillance! - Lisa +C: +L:Saal Adams +D:In November 2016 the UK has passed the Investigatory Powers Act (aka Snooper’s Charter). This act unprecedentedly extends surveillance powers of the state – p.e. legalising the hacking of devices or forcing Internet Service Providers to collect web browsing histories – one does not even need to be suspected of a crime. This talk investigates the choice of words of the parliamentary debates and reveals how euphemistic and understating terminology discloses the extent of surveillance and justifies the causeless intrusion into everyone’s privacy. +D: +: +B:1514573100 +E:1514576700 +S:Tiger, Drucker und ein Mahnmal - Stefan Pelzer, Philipp Ruch, Morius Enden +C: +L:Saal Adams +D:Flüchtlingsfressende Tiger in Berlin, zum Diktatorensturz aufrufende Flugblätter in Istanbul und ein Mahnmal das den Rechtsextremisten Björn Höcker in seinem Thüringer Dorf heimsucht: Viel ist geschehen, seit das Zentrum für Politische Schönheit vor 3 Jahren auf dem Kongress gesprochen hat. +: +B:1514388600 +E:1514392200 +S:Tightening the Net in Iran - Mahsa Alimardani +C: +L:Saal Dijkstra +D:How do Iranians experience the Internet? Various hurdles and risks exist for Iranians and including outside actors like American technology companies. This talk will assess the state of the Internet in Iran, discuss things like the threats of hacking from the Iranian cyber army; how the government are arresting Iranians for their online activities; the most recent policies and laws for censorship, surveillance and encryption; and the policies and relationships of foreign technology companies like Apple, Twitter and Telegram with Iran, and the ways they are affecting the everyday lives of Iranians. This talk will effectively map out how the Internet continues to be a tight and controlled space in Iran, and what efforts are being done and can be done to make the Iranian Internet a more accessible and secure space. +: +B:1514647800 +E:1514651400 +S:Tracking Transience - Hasan Elahi +C: +L:Saal Borg +D:Hasan Elahi is an interdisciplinary artist working with issues in surveillance, privacy, migration, citizenship, technology, and the challenges of borders. An erroneous tip called into law enforcement authorities in 2002 subjected Elahi to an intensive investigation by the FBI and after undergoing months of interrogations, he was finally cleared of suspicions. After this harrowing experience, Elahi conceived “Tracking Transience” and opened just about every aspect of his life to the public. Predating the NSA’s PRISM surveillance program by half a decade, the project questions the consequences of living under constant surveillance and continuously generates databases of imag- ery that tracks the artist and his points of transit in real-time. Although initially created for his FBI agent, the public can also monitor the artist’s communication records, banking transactions, and transportation logs along with various intelligence and government agencies who have been confirmed visiting his website. +: +B:1514588400 +E:1514590200 +S:Treibhausgasemissionen einschätzen - Gunnar Thöle +C: +L:Saal Borg +D:Alles was wir jeden Tag tun erzeugt Treibhausgase. Für eine vernünftige/moralische/ökologische Entscheidung, um mit anderen Handlungsoptionen brauchbar vergleichen zu können, muss man wissen - wieviel? Ungefähr zumindest? Für Einsteiger. Keine Formeln, wenig Mathematik/Physik. +: +B:1514635200 +E:1514637000 +S:TrustZone is not enough - Pascal Cotret +C: +L:Saal Adams +D:This talk deals with embedded systems security and ARM processors architecture. Most of us know that we can perform security with the ARM TrustZone framework. I will show that most ARM processors include debug components (aka CoreSight components) that can be used to create efficient security mechanisms. +: +B:1514491200 +E:1514494800 +S:Trügerische Sicherheit - Peter Schaar +C: +L:Saal Borg +D:Wie steht es um die Sicherheitsversprechen, die mit dem Einsatz von neuen Überwachungsinstrumenten abgegeben werden? +D:Welche Unterminierung der Sicherheit kann durch Überwachung eigentlich entstehen? +: +B:1514647800 +E:1514651400 +S:Type confusion: discovery, abuse, and protection - gannimo +C: +L:Saal Clarke +D:Type confusion, often combined with use-after-free, is the main attack vector to compromise modern C++ software like browsers or virtual machines. Typecasting is a core principle that enables modularity in C++. For performance, most typecasts are only checked statically, i.e., the check only tests if a cast is allowed for the given type hierarchy, ignoring the actual runtime type of the object. Using an object of an incompatible base type instead of a derived type results in type confusion. Attackers have been abusing such type confusion issues to compromise popular software products including Adobe Flash, PHP, Google Chrome, or Firefox, raising critical security concerns. +D: +D:We discuss the details of this vulnerability type and how such vulnerabilities relate to memory corruption. Based on an LLVM-based sanitizer that we developed, we will show how to discover such vulnerabilities in large software through fuzzing and how to protect yourself against this class of bugs. +: +B:1514561400 +E:1514563200 +S:UPSat - the first open source satellite - Pierros Papadeas +C: +L:Saal Clarke +D:During 2016 Libre Space Foundation a non-profit organization developing open source technologies for space, designed, built and delivered UPSat, the first open source software and hardware satellite. +: +B:1514643300 +E:1514646900 +S:Uncertain Concern - Allison McDonald +C: +L:Saal Clarke +D:Over 11 million undocumented immigrants live in the United States today. Immediately after taking office, the Trump administration issued two executive orders pumping resources into border and immigration enforcement agencies, heightening fears of deportation, harassment, and family separation among immigrant communities. In the following months reports emerged of increased immigration enforcement activity and hints about the deployment of new high-tech methods by the immigration enforcement agency. I will discuss the current state of immigration enforcement in the US and associated surveillance capabilities, the results of a study with undocumented immigrants about their technology practices, and the takeaways for the technology and privacy community in supporting communities of heightened risk. +: +B:1514377800 +E:1514379600 +S:Uncovering British spies' web of sockpuppet social media personas - Mustafa Al-Bassam +C: +L:Saal Borg +D:The Joint Threat Research Intelligence Group (JTRIG), a unit in one of Britain's intelligence agencies, is tasked with creating sockpuppet accounts and fake content on social media, in order to use "dirty tricks" to "destroy, deny, degrade [and] disrupt" enemies by "discrediting" them. In this talk, we reveal some of that content, in relation to infiltrating activists groups around the world, including during the Arab spring and Iranian revolution. +: +B:1514500200 +E:1514503800 +S:Uncovering vulnerabilities in Hoermann BiSecur - Markus Müllner, Markus Kammerstetter +C: +L:Saal Clarke +D:Hoermann BiSecur is a bi-directional wireless access control system “for the convenient and secure operation of garage and entrance gate operators, door operators, lights […]” and smart home devices. The radio signal is AES-128 encrypted and the system is marketed to be “as secure as online banking”. In comparison to conventional and often trivial to break wireless access control systems, the system should thus make it practically infeasible to clone a genuine transmitter so that attackers can get unauthorized access. We used the low-cost CCC rad1o software defined radio (SDR) platform to intercept and analyze the wireless radio signal. We took apart several Hoermann BiSecur hand transmitters and subsequently utilized a vulnerability in the microcontroller to successfully extract the firmware. In order to conduct a security audit, the extracted firmware was disassembled and analyzed so that the encryption mechanism, the key material, the cryptographic operations as well as the RF interface could be reverse engineered. Our security analysis shows that the overall security design is sound, but the manufacturer failed to properly initialize the random seed of the transmitters. As a result, an attacker can intercept an arbitrary radio frame and trivially compute the utilized encryption key within less than a second. Once the key is known to the attacker, a genuine transmitter can be cloned with an SDR platform such as the CCC rad1o. In addition to unauthorized operation of gates and doors, there is a likely (although currently untested) impact on Smart Home appliances that use the BiSecur system. We tested a total of 7 hand transmitters from 3 different model series and with manufacturing dates between 2015 and 2017. All analyzed hand transmitters shared the same static random seed and were found to be vulnerable to our attack. The vulnerability can easily be fixed so that future hand transmitters and radio transmission are protected from our attack. +: +B:1514385900 +E:1514387700 +S:Unleash your smart-home devices: Vacuum Cleaning Robot Hacking - tj, DanielAW +C: +L:Saal Borg +D:Did you ever want to run your own IoT cloud on your IoT devices? Or did you ever wonder what data your vacuum cleaning robot is transmiting to the vendor? Why a vacuum cleaning robot needs tcpdump? +D:Nowadays IoT devices are getting more and more powerful and contain a lot of sensors. As most devices are connected directly to the vendor and transmit all data encrypted to the cloud, this might lead to privacy issues. An IoT device with no internet connection lacks a lot of features or is even unusable. We want to change that. +D: +D:We show you how to root a vacuum cleaning robot in order to get access to the underlying Linux operating system. Furthermore we will have a look into the vendors cloud interface and its commands, and will show you how to deattach the device from the cloud and connect it to your local Smart Home system. Finally we will show how to run Smart Home software directly on the vacuum cleaning robot itself. +: +B:1514556900 +E:1514560500 +S:Vintage Computing for Trusted Radiation Measurements and a World Free of Nuclear Weapons - Moritz, ALX +C: +L:Saal Adams +D:Eliminating nuclear weapons will require trusted measurement systems to confirm authenticity of nuclear warheads prior to their dismantlement. A new idea for such an inspection system is to use vintage hardware (Apple IIe/6502) instead of modern microprocessors, reducing the attack surface through simplicity. In the talk, we present and demo a custom open hardware measurement system based on gamma spectroscopy and verify that we use a genuine 6502 die using high-resolution x-ray microscopy. +: +B:1514457000 +E:1514458800 +S:Visceral Systems - Sarah Grant +C: +L:Saal Dijkstra +D:This talk considers the visceral relationship one can have towards intangible media, notably sound and network data transmissions. Sarah presents a selection of her work demonstrating these synesthetic relationships, ranging from experiments in bio and fiber arts to interface design and educational tools for demystifying computer networking technology. +: +B:1514632500 +E:1514634300 +S:WHWP - friederb +C: +L:Saal Clarke +D:Vorstellung der Dissertation "WHWP - Walter Höllerer bei WikiPedia". Es wurde ein +D:einzelner Artikel in der deutschen WikiPedia untersucht. Es wird dargestellt, welchen +D:Einfluss die beteiligten Autoren auf die Qualität des WikiPedia-Artikels über Walter +D:Höllerer hatten und weiterhin haben. Dafür wurden 113 Veränderungen durch 89 Autoren +D:einzeln untersucht und bezüglich ihrer Relevanz bewertet. Es wurden auch +D:die Entwicklungen berücksichtigt, die seit der französischen Encyclopédie zur +D:Online-Enzyklopädie WikiPedia geführt haben. Daraus ist eine bisher einzigartige +D:Arbeit über die Produktion von Wissen und Wissenssammlungen entstanden. +: +B:1514380500 +E:1514382300 +S:WTFrance - Agnes, Okhin +C: +L:Saal Clarke +D:France is part of the top countries trying to destroy encryption, especially through backdoor obligations, global interceptions, and effort to get access to master keys. French law already criminalises the use of encryption, imposing heavier penalties on people using it or regarding them as general suspects. +D:How can we oppose this trend? What political role for developers? +: +B:1514400300 +E:1514402100 +S:Watching the changing Earth - manuel +C: +L:Saal Clarke +D:For a few decades by now, satellites offer us the tools to observe the whole Earth with a wide variety of sensors. The vast amount of data these Earth observations systems collect enters the public discourse reduced to a few numbers, numbers like 3 or even 300. So, how do we know the amount of ice melting in the arctic or how much rain is falling in the Amazon? Are groundwater aquifers stable or are they are being depleted? Are these regular seasonal changes or is there a trend? How can we even measure these phenomena on a global scale? +D: +D:This talk will provide one possible answer: gravity. +: +B:1514461500 +E:1514465100 +S:We should share our secrets - Daan Sprenkels +C: +L:Saal Clarke +D: +D:Backing up private keys in a secure manner is not straightforward. +D:Once a backup has been compromised you need to refresh all your key material. +D:For example, the disclosure of a private key of a Bitcoin wallet gives access +D:to the coins inside. This makes it unattractive to store a complete backup of +D:your private key(s) with your bank or your spouse. The better option would be +D:to split the key into multiple parts. The recommended way to do this securely +D:is to use the Shamir secret sharing scheme. This talk provides a detailed +D:breakdown of how the scheme works and explains how it is implemented in C in +D:a new library called SSS. +D: +: +B:1514465100 +E:1514466900 +S:Why Do We Anthropomorphize Computers?... - Marloes de Valk +C: +L:Saal Borg +D:A talk on waiting for the technological rapture in the church of big data. The paralysing effect of hiding the human hand in software through anthropomorphising computers and dehumanising ourselves. +D: +: +B:1514486700 +E:1514488500 +S:Will You Be My Plugin? - Sebastian Schmieg +C: +L:Saal Dijkstra +D:While technology is often described as an extension of our bodies, this talk will explore a reversed relationship: Bodies and minds of digital laborers (you and me and basically everybody else) as software extensions that can be easily plugged in, rewired, and discarded. I will approach this topic from an artist's point of view. +: +B:1514573100 +E:1514576700 +S:Zamir Transnational Network und Zagreb Dairy - Wam (P.J.H.F.) Kat +C: +L:Saal Dijkstra +D:Die Geschichte des ZAMIR Transnational Network und meines Zagreb-Diary +D:( zwischen 1991 und 1995 im +D:früheren Jugoslawien. Es war das erste Computernetzwerk in einer +D:Kriegsregion, das alle Friedens-, Frauen-, Menschenrechts- und +D:humanitäre Aktivisten und alle anderen Menschen in dem Kriegsgebiet +D:miteinander und der Außenwelt verbunden hat. +: +B:1514482200 +E:1514485800 +S:avatar² - nsr +C: +L:Saal Dijkstra +D:Avatar² is an open source framework for dynamic instrumentation and analysis of binary firmware, which was released in June 2017. +D:This talk does not only introduce avatar², but also focuses on the motivation and challenges for such a tool. +: +B:1514561400 +E:1514565000 +S:cryptocurrencies, smart contracts, etc.: revolutionary tech? - Zooko +C: +L:Saal Adams +D:Bitcoin arrived eight years ago, and has now spawned a dazzling array of follow-on technologies, including smart contracts, censorship-resistant computation, trustless databases (“blockchains”) and more. This talk attempts to highlight a few of the most significant developments in both technology and in society's response to it, including some nation-state governments banning cryptocurrencies and/or launching their own cryptocurrencies. +: +B:1514375100 +E:1514378700 +S:eMMC hacking, or: how I fixed long-dead Galaxy S3 phones - oranav +C: +L:Saal Dijkstra +D:How I hacked Sasmung eMMC chips: from an indication that they have a firmware - up until code execution ability on the chip itself, relevant to a countless number of devices. It all started when Samsung Galaxy S3 devices started dying due to a bug in their eMMC firmware. I will cover how I figured out there's a firmware inside the chip, how I obtained it, and my journey to gaining code execution on the chip itself &mdash; up until the point in which I could grab a bricked Galaxy S3, and fix it by software-only means. +: +B:1514370600 +E:1514374200 +S:hacking disaster - Sebastian Jünemann +C: +L:Saal Borg +D:Gesundheit als entscheidender Teil von Glück und Zufriedenheit ist bis in ihre kleinsten Teilbereiche „durchkapitalisiert“. Und dieser Prozess macht auch vor humanitärer Hilfe und Krisenintervention nicht halt. In diesem Talk gehen wir auf verschiedene Beispiele ein und erklären, wie CADUS mit seinem Makerspace versucht, dieses Problem auf vielen Ebenen zu hacken. +: +B:1514629800 +E:1514631600 +S:hacking real estate market? - Anita Hopes +C: +L:Saal Adams +D:This is a lecture on the way the network called "Mietshäusersyndikat" works. +D:There will be a short introduction to the real estate market in Germany, and to the history of how the Mietshaeusersyndikat developed. +D:Then we will look at the tools used by the Mietshaeusersyndikat to establish the option of governing houses independently, as well as networking with other houses and people involved in the Mietshaeusersyndikat. There will be time for questions and discussion. +: +B:1514395800 +E:1514399400 +S:iOS kernel exploitation archaeology - argp +C: +L:Saal Clarke +D:This talk presents the technical details and the process of reverse engineering and re-implementation of the evasi0n7 jailbreak's main kernel exploit. This work was done in late 2013, early 2014 (hence the "archaeology" in the title), however, it will provide insight into the kernel debugging setup for iOS devices (iDevices), the encountered difficulties and how they were overcome, all of which can be useful for current iOS kernel vulnerability research. +: +B:1514637900 +E:1514639700 +S:institutions for Resolution Disputes - Rosa Menkman +C: +L:Saal Clarke +D:The institutions of Resolution Disputes [iRD] call attention to media resolutions. While a ’resolution’ generally simply refers to a standard (measurement) embedded in the technological domain, the iRD reflect on the fact that a resolution is indeed a settlement (solution), but at the same time a space of compromise between different actors (objects, materialities and protocols) who dispute their stakes (framerate, number of pixels etc.) within the growing digital territories. +: +B:1514629800 +E:1514631600 +S:library operating systems - Mindy Preston +C: +L:Saal Dijkstra +D:Traditional models of application development involve talking to an underlying operating system through abstractions of its choosing. These abstractions may or may not be a good fit for your language or application, but you have no choice but to use them - you can only layer more abstractions on top of them, to try to lessen the pain of a bad match. Library operating systems let you write applications that use better abstractions in your own language - either someone else's abstractions, or your own. +: +B:1514635200 +E:1514637000 +S:openPower - the current state of commercial openness in CPU development - Matteo Michel +C: +L:Saal Clarke +D:How does developing future processors with yesterdays capabilities work out today? CPU development is something out of focus these days. In this lecture I would like to show the state-of-the-art processor development flow of POWER processors from the first initial ideas to post-silicon testing. Apart from x86 Intel products there have been initiatives across the hardware industry to form some alternative business model. I would like to show if and how this compares to real open principals. +: +B:1514551500 +E:1514553300 +S:“Nabovarme” opensource heating infrastructure in Christiania - “Nabovarme” - Freetown Christiania´s digitally controlled/surveyed heating system. 350 users +C: +L:Saal Borg +D:Project “Nabovarme” (meaning “neighbour heating”) has transformed private heating necessity into a social experiment build on OpenSource software/hardware and social empowerment by transforming heat consumers into Nabovarme Users and letting them take ownership to infrastructure and consumption. +: diff --git a/agenda/epitech b/agenda/epitech @@ -0,0 +1,1133 @@ +B:1516435200 +E:1516467600 +S:G-EPI-004 >> Open House 4 +C:Event +L: +D:Event +D:Open House 4 +D:Extérieur +: +B:1518249600 +E:1518282000 +S:G-EPI-004 >> Open House 5 +C:Event +L: +D:Event +D:Open House 5 +D:Espace accueil +: +B:1521273600 +E:1521306000 +S:G-EPI-004 >> Open House 6 +C:Event +L: +D:Event +D:Open House 6 +D:Espace accueil +: +B:1515657600 +E:1515690000 +S:G-EPI-004 >> Exhibition +C:Event +L: +D:Event +D:Exhibition +D:Extérieur +: +B:1515744000 +E:1515776400 +S:G-EPI-004 >> Exhibition +C:Event +L: +D:Event +D:Exhibition +D:Extérieur +: +B:1515830400 +E:1515862800 +S:G-EPI-004 >> Exhibition +C:Event +L: +D:Event +D:Exhibition +D:Extérieur +: +B:1516867200 +E:1516899600 +S:G-EPI-004 >> Exhibition +C:Event +L: +D:Event +D:Exhibition +D:Extérieur +: +B:1516953600 +E:1516986000 +S:G-EPI-004 >> Exhibition +C:Event +L: +D:Event +D:Exhibition +D:Extérieur +: +B:1517040000 +E:1517072400 +S:G-EPI-004 >> Exhibition +C:Event +L: +D:Event +D:Exhibition +D:Extérieur +: +B:1517472000 +E:1517504400 +S:G-EPI-004 >> Exhibition +C:Event +L: +D:Event +D:Exhibition +D:Extérieur +: +B:1517558400 +E:1517590800 +S:G-EPI-004 >> Exhibition +C:Event +L: +D:Event +D:Exhibition +D:Extérieur +: +B:1517644800 +E:1517677200 +S:G-EPI-004 >> Exhibition +C:Event +L: +D:Event +D:Exhibition +D:Extérieur +: +B:1515691800 +E:1515699000 +S:B-INN-000 >> Atelier : Unreal 3D #1 +C:Workshop +L: +D:Workshop +D:Atelier : Unreal 3D #1 +D:Hub +: +B:1516296600 +E:1516303800 +S:B-INN-000 >> Atelier : Unreal 3D #2 +C:Workshop +L: +D:Workshop +D:Atelier : Unreal 3D #2 +D:Hub +: +B:1518111000 +E:1518118200 +S:B-INN-000 >> Atelier : Game Maker #1 +C:Workshop +L: +D:Workshop +D:Atelier : Game Maker #1 +D:Hub +: +B:1517506200 +E:1517513400 +S:B-INN-000 >> Atelier : Game Maker #2 +C:Workshop +L: +D:Workshop +D:Atelier : Game Maker #2 +D:Hub +: +B:1516975200 +E:1516989600 +S:G-EPI-004 >> Fairs +C:Event +L: +D:Event +D:Fairs +D:Extérieur +: +B:1516374000 +E:1516388400 +S:G-EPI-004 >> Fairs +C:Event +L: +D:Event +D:Fairs +D:Extérieur +: +B:1515828600 +E:1515843000 +S:G-EPI-004 >> Fairs +C:Event +L: +D:Event +D:Fairs +D:Extérieur +: +B:1518699600 +E:1518714000 +S:G-EPI-004 >> Fairs +C:Event +L: +D:Event +D:Fairs +D:Extérieur +: +B:1519925400 +E:1519932600 +S:B-INN-000 >> Atelier : introduction à la modélisation 3D +C:Workshop +L: +D:Workshop +D:Atelier : introduction à la modélisation 3D +D:Hub +: +B:1515517200 +E:1515520800 +S:B-INN-000 >> #Embarqué FOCUS +C:Workshop +L: +D:Workshop +D:#Embarqué FOCUS +D:Réunion +: +B:1516726800 +E:1516730400 +S:B-INN-000 >> #Embarqué FOCUS +C:Workshop +L: +D:Workshop +D:#Embarqué FOCUS +D:Réunion +: +B:1517936400 +E:1517940000 +S:B-INN-000 >> #Embarqué FOCUS +C:Workshop +L: +D:Workshop +D:#Embarqué FOCUS +D:Réunion +: +B:1519146000 +E:1519149600 +S:B-INN-000 >> #Embarqué FOCUS +C:Workshop +L: +D:Workshop +D:#Embarqué FOCUS +D:Réunion +: +B:1520355600 +E:1520359200 +S:B-INN-000 >> #Embarqué FOCUS +C:Workshop +L: +D:Workshop +D:#Embarqué FOCUS +D:Réunion +: +B:1521565200 +E:1521568800 +S:B-INN-000 >> #Embarqué FOCUS +C:Workshop +L: +D:Workshop +D:#Embarqué FOCUS +D:Réunion +: +B:1516093200 +E:1516107600 +S:G-EPI-004 >> Fairs +C:Event +L: +D:Event +D:Fairs +D:Extérieur +: +B:1514379600 +E:1514390400 +S:G-EPI-004 >> Discovery Days +C:Event +L: +D:Event +D:Discovery Days +D:Seigneur des Anneaux +: +B:1514898000 +E:1514908800 +S:G-EPI-004 >> Discovery Days +C:Event +L: +D:Event +D:Discovery Days +D:Seigneur des Anneaux +: +B:1515052800 +E:1515063600 +S:G-EPI-004 >> Discovery Days +C:Event +L: +D:Event +D:Discovery Days +D:Seigneur des Anneaux +: +B:1515070800 +E:1515081600 +S:G-EPI-004 >> Discovery Days +C:Event +L: +D:Event +D:Discovery Days +D:Amphi +: +B:1515139200 +E:1515150000 +S:G-EPI-004 >> Discovery Days +C:Event +L: +D:Event +D:Discovery Days +D:Seigneur des Anneaux +: +B:1514970000 +E:1514991600 +S:G-EPI-004 >> Discovery Days +C:Event +L: +D:Event +D:Discovery Days +D:Seigneur des Anneaux +: +B:1515056400 +E:1515078000 +S:G-EPI-004 >> Discovery Days +C:Event +L: +D:Event +D:Discovery Days +D:Seigneur des Anneaux +: +B:1514966400 +E:1514977200 +S:G-EPI-004 >> Discovery Days +C:Event +L: +D:Event +D:Discovery Days +D:Seigneur des Anneaux +: +B:1515492000 +E:1515495600 +S:B-ANG-058 >> Guidance cycle 3 +C:Follow-ups +L: +D:Follow-ups +D:Guidance cycle 3 +D:Réunion +: +B:1516096800 +E:1516100400 +S:B-ANG-058 >> Guidance cycle 3 +C:Follow-ups +L: +D:Follow-ups +D:Guidance cycle 3 +D:Réunion +: +B:1516701600 +E:1516705200 +S:B-ANG-058 >> Guidance cycle 3 +C:Follow-ups +L: +D:Follow-ups +D:Guidance cycle 3 +D:Réunion +: +B:1514966400 +E:1514970000 +S:B-CPP-300 >> [C++ Pool] Kick-off +C:Kick-off +L: +D:Kick-off +D:[C++ Pool] Kick-off +D:Amphi +: +B:1514966400 +E:1515011400 +S:B-CPP-300 >> [C++ Pool] D01 +C:TP +L: +D:TP +D:[C++ Pool] D01 +D:Video Games & Star Wars +: +B:1515052800 +E:1515070800 +S:B-CPP-300 >> [C++ Pool] D02M +C:TP +L: +D:TP +D:[C++ Pool] D02M +D:Video Games & Star Wars +: +B:1515074400 +E:1515101400 +S:B-CPP-300 >> [C++ Pool] D02A +C:TP +L: +D:TP +D:[C++ Pool] D02A +D:Video Games & Star Wars +: +B:1515139200 +E:1515184200 +S:B-CPP-300 >> [C++ Pool] D03 +C:TP +L: +D:TP +D:[C++ Pool] D03 +D:Video Games & Star Wars +: +B:1515315600 +E:1515326400 +S:B-CPP-300 >> [C++ Pool] Review - Rush 1 +C:Review +L: +D:Review +D:[C++ Pool] Review - Rush 1 +D:Video Games & Star Wars +: +B:1515920400 +E:1515931200 +S:B-CPP-300 >> [C++ Pool] Review - Rush 2 +C:Review +L: +D:Review +D:[C++ Pool] Review - Rush 2 +D:Video Games & Star Wars +: +B:1515398400 +E:1515443400 +S:B-CPP-300 >> [C++ Pool] D06 +C:TP +L: +D:TP +D:[C++ Pool] D06 +D:Video Games & Star Wars +: +B:1515484800 +E:1515502800 +S:B-CPP-300 >> [C++ Pool] D07M +C:TP +L: +D:TP +D:[C++ Pool] D07M +D:Video Games & Star Wars +: +B:1515506400 +E:1515533400 +S:B-CPP-300 >> [C++ Pool] D07A +C:TP +L: +D:TP +D:[C++ Pool] D07A +D:Video Games & Star Wars +: +B:1515571200 +E:1515616200 +S:B-CPP-300 >> [C++ Pool] D08 +C:TP +L: +D:TP +D:[C++ Pool] D08 +D:Video Games & Star Wars +: +B:1515657600 +E:1515702600 +S:B-CPP-300 >> [C++ Pool] D09 +C:TP +L: +D:TP +D:[C++ Pool] D09 +D:Video Games & Star Wars +: +B:1515744000 +E:1515789000 +S:B-CPP-300 >> [C++ Pool] D10 +C:TP +L: +D:TP +D:[C++ Pool] D10 +D:Video Games & Star Wars +: +B:1516003200 +E:1516048200 +S:B-CPP-300 >> [C++ Pool] D13 +C:TP +L: +D:TP +D:[C++ Pool] D13 +D:Video Games & Star Wars +: +B:1516089600 +E:1516107600 +S:B-CPP-300 >> [C++ Pool] D14M +C:TP +L: +D:TP +D:[C++ Pool] D14M +D:Video Games & Star Wars +: +B:1516111200 +E:1516138200 +S:B-CPP-300 >> [C++ Pool] D14A +C:TP +L: +D:TP +D:[C++ Pool] D14A +D:Video Games & Star Wars +: +B:1516176000 +E:1516221000 +S:B-CPP-300 >> [C++ Pool] D15 +C:TP +L: +D:TP +D:[C++ Pool] D15 +D:Video Games & Star Wars +: +B:1516262400 +E:1516307400 +S:B-CPP-300 >> [C++ Pool] D16 +C:TP +L: +D:TP +D:[C++ Pool] D16 +D:Video Games & Star Wars +: +B:1516348800 +E:1516393800 +S:B-CPP-300 >> [C++ Pool] D17 +C:TP +L: +D:TP +D:[C++ Pool] D17 +D:Video Games & Star Wars +: +B:1516525200 +E:1516536000 +S:B-CPP-300 >> [C++ Pool] Review - Rush 3 +C:Review +L: +D:Review +D:[C++ Pool] Review - Rush 3 +D:Video Games & Star Wars +: +B:1516435200 +E:1516449600 +S:G-EPI-004 >> Fairs +C:Event +L: +D:Event +D:Fairs +D:Extérieur +: +B:1515157200 +E:1515168000 +S:G-EPI-004 >> Discovery Days +C:Event +L: +D:Event +D:Discovery Days +D:Seigneur des Anneaux +: +B:1516806000 +E:1516813200 +S:B-ANG-058 >> TEPitech +C:TEPitech +L: +D:TEPitech +D:TEPitech +D:Seigneur des Anneaux +: +B:1516294800 +E:1516309200 +S:G-EPI-004 >> Fairs +C:Event +L: +D:Event +D:Fairs +D:Extérieur +: +B:1518008400 +E:1518019200 +S:G-EPI-004 >> Discovery Days +C:Event +L: +D:Event +D:Discovery Days +D:Seigneur des Anneaux +: +B:1515142800 +E:1515164400 +S:G-EPI-004 >> Discovery Days +C:Event +L: +D:Event +D:Discovery Days +D:Seigneur des Anneaux +: +B:1516780800 +E:1516791600 +S:G-EPI-004 >> Discovery Days +C:Event +L: +D:Event +D:Discovery Days +D:Seigneur des Anneaux +: +B:1516798800 +E:1516809600 +S:G-EPI-004 >> Discovery Days +C:Event +L: +D:Event +D:Discovery Days +D:Seigneur des Anneaux +: +B:1517644800 +E:1517659200 +S:G-EPI-004 >> Fairs +C:Event +L: +D:Event +D:Fairs +D:Extérieur +: +B:1515178800 +E:1515193200 +S:B-CPP-300 >> [C++ Pool] Rush 1 +C:Rush +L: +D:Rush +D:[C++ Pool] Rush 1 +D:Video Games & Star Wars +: +B:1520341200 +E:1520344800 +S:B-CUI-070 >> IT MCA +C:IT-MCA +L: +D:IT-MCA +D:IT MCA +: +B:1515157200 +E:1515160800 +S:B-CUI-070 >> IT MCA +C:IT-MCA +L: +D:IT-MCA +D:IT MCA +D:Réunion +: +B:1516957200 +E:1516982400 +S:G-EPI-004 >> Coding Club Lycée +C:Event +L: +D:Event +D:Coding Club Lycée +D:Extérieur +: +B:1515762000 +E:1515772800 +S:G-GPR-000 >> Coaching Session. individuel +C:Follow-ups +L: +D:Follow-ups +D:Coaching Session. individuel +D:Réunion +: +B:1516366800 +E:1516377600 +S:G-GPR-000 >> Coaching Session. individuel +C:Follow-ups +L: +D:Follow-ups +D:Coaching Session. individuel +D:Réunion +: +B:1516971600 +E:1516982400 +S:G-GPR-000 >> Coaching Session. individuel +C:Follow-ups +L: +D:Follow-ups +D:Coaching Session. individuel +D:Réunion +: +B:1517576400 +E:1517580000 +S:G-GPR-000 >> : discussion autour de l'addiction aux jeux vidéos +C:Workshop +L: +D:Workshop +D:: discussion autour de l'addiction aux jeux vidéos +D:Réunion +: +B:1518181200 +E:1518184800 +S:G-GPR-000 >> : discussion autour de l'addiction aux jeux vidéos +C:Workshop +L: +D:Workshop +D:: discussion autour de l'addiction aux jeux vidéos +D:Réunion +: +B:1515744000 +E:1515748800 +S:G-GPR-000 >> Coaching Session. de groupe +C:Workshop +L: +D:Workshop +D:Coaching Session. de groupe +D:Réunion +: +B:1515749400 +E:1515754200 +S:G-GPR-000 >> Coaching Session. de groupe +C:Workshop +L: +D:Workshop +D:Coaching Session. de groupe +D:Réunion +: +B:1515772800 +E:1515780000 +S:B-ANG-058 >> Self-assessment TEPitech +C:TEPitech +L: +D:TEPitech +D:Self-assessment TEPitech +D:Seigneur des Anneaux +: +B:1516348800 +E:1516353600 +S:G-GPR-000 >> Coaching Session. de groupe +C:Workshop +L: +D:Workshop +D:Coaching Session. de groupe +D:Réunion +: +B:1516354200 +E:1516359000 +S:G-GPR-000 >> Coaching Session. de groupe +C:Workshop +L: +D:Workshop +D:Coaching Session. de groupe +D:Réunion +: +B:1516194000 +E:1516204800 +S:G-EPI-004 >> Discovery Days +C:Event +L: +D:Event +D:Discovery Days +D:Seigneur des Anneaux +: +B:1515691800 +E:1515697200 +S:B-INN-000 >> #Mobile FOCUS +C:Workshop +L: +D:Workshop +D:#Mobile FOCUS +D:Réunion +: +B:1515772800 +E:1515782400 +S:B-ANG-058 >> Self-assessment TEPitech. Tiers-Temps +C:TEPitech +L: +D:TEPitech +D:Self-assessment TEPitech. Tiers-Temps +D:Seigneur des Anneaux +: +B:1517306400 +E:1517310000 +S:B-ANG-058 >> Guidance cycle 4 +C:Follow-ups +L: +D:Follow-ups +D:Guidance cycle 4 +D:Réunion +: +B:1517911200 +E:1517914800 +S:B-ANG-058 >> Guidance cycle 4 +C:Follow-ups +L: +D:Follow-ups +D:Guidance cycle 4 +D:Réunion +: +B:1518516000 +E:1518519600 +S:B-ANG-058 >> Guidance cycle 4 +C:Follow-ups +L: +D:Follow-ups +D:Guidance cycle 4 +D:Réunion +: +B:1519120800 +E:1519124400 +S:B-ANG-058 >> Guidance cycle 4 +C:Follow-ups +L: +D:Follow-ups +D:Guidance cycle 4 +D:Réunion +: +B:1517414400 +E:1517418000 +S:B-CUI-070 >> IT MCA +C:IT-MCA +L: +D:IT-MCA +D:IT MCA +D:Seigneur des Anneaux +: +B:1516114800 +E:1516122000 +S:B-ANG-058 >> Self-assessment TEPitech. - Tech3 +C:TEPitech +L: +D:TEPitech +D:Self-assessment TEPitech. - Tech3 +D:Seigneur des Anneaux +: +B:1523883600 +E:1523887200 +S:B-CUI-070 >> IT MCA +C:IT-MCA +L: +D:IT-MCA +D:IT MCA +D:Seigneur des Anneaux +: +B:1516179600 +E:1516183200 +S:B-PCP-000 >> Comment réaliser un bon CV : les points clés et erreurs à éviter +C:Conference +L: +D:Conference +D:Comment réaliser un bon CV : les points clés et erreurs à éviter +D:Amphi +: +B:1517389200 +E:1517414400 +S:B-PCP-000 >> Correction CV et lettre de motivation +C:Follow-ups +L: +D:Follow-ups +D:Correction CV et lettre de motivation +D:Hub +: +B:1516280400 +E:1516284000 +S:G-EPI-004 >> Brief Com +C:Event +L: +D:Event +D:Brief Com +D:Hub +: +B:1517317200 +E:1517328000 +S:B-PCP-000 >> Correction de CV et lettre de motivation +C:Follow-ups +L: +D:Follow-ups +D:Correction de CV et lettre de motivation +D:Hub +: +B:1516903200 +E:1516914000 +S:B-INN-000 >> APERO GAME LAB - GLOBAL GAME JAM +C:Event +L: +D:Event +D:APERO GAME LAB - GLOBAL GAME JAM +D:Seigneur des Anneaux +: +B:1517425200 +E:1517432400 +S:B-INN-000 >> #CyberDefense FOCUS +C:Workshop +L: +D:Workshop +D:#CyberDefense FOCUS +D:Hub +: +B:1517403600 +E:1517409000 +S:B-ANG-058 >> DIAGTEST Tek2/Tek3 +C:DIAGTEST +L: +D:DIAGTEST +D:DIAGTEST Tek2/Tek3 +D:Seigneur des Anneaux +: +B:1516197600 +E:1516199400 +S:B-INN-000 >> Galette des rois +C:Event +L: +D:Event +D:Galette des rois +: +B:1516626000 +E:1516627800 +S:B-SHL-400 >> Kick-off - Unit & Project +C:Kick-off +L: +D:Kick-off +D:Kick-off - Unit & Project +D:Video Games & Star Wars +: +B:1519218000 +E:1519228800 +S:G-EPI-004 >> Discovery Days +C:Event +L: +D:Event +D:Discovery Days +D:Seigneur des Anneaux +: +B:1516798800 +E:1516804200 +S:B-SHL-400 >> Follow-up - Shell Script +C:Follow Up +L: +D:Follow Up +D:Follow-up - Shell Script +D:Video Games & Star Wars +: +B:1518681600 +E:1518696000 +S:G-EPI-004 >> Fairs +C:Event +L: +D:Event +D:Fairs +D:Extérieur +: +B:1516806000 +E:1516815600 +S:B-ANG-058 >> Tepitech Tiers-temps +C:TEPitech +L: +D:TEPitech +D:Tepitech Tiers-temps +D:Seigneur des Anneaux +: +B:1516712400 +E:1516716000 +S:B-ANG-058 >> Guidance cycle 3 +C:Follow-ups +L: +D:Follow-ups +D:Guidance cycle 3 +: +B:1516629600 +E:1516633200 +S:G-EPI-004 >> Présentation RUSH Sony +C:Conference +L: +D:Conference +D:Présentation RUSH Sony +D:Hub +: +B:1517403600 +E:1517405400 +S:B-CNA-410 >> Kick-Off - Module introduction +C:Kick-off +L: +D:Kick-off +D:Kick-Off - Module introduction +D:Video Games & Star Wars +: +B:1517299200 +E:1517310000 +S:B-CPP-400 >> Bootstrap - NanoTekSpice +C:Bootstrap +L: +D:Bootstrap +D:Bootstrap - NanoTekSpice +D:Video Games & Star Wars +: +B:1517317200 +E:1517328000 +S:B-PSU-400 >> Bootstrap - Malloc +C:Bootstrap +L: +D:Bootstrap +D:Bootstrap - Malloc +D:Video Games & Star Wars +: +B:1517299200 +E:1517301000 +S:B-CPP-400 >> Kick-off - Unit & NanoTekSpice +C:Kick-off +L: +D:Kick-off +D:Kick-off - Unit & NanoTekSpice +D:Video Games & Star Wars +: +B:1517317200 +E:1517319000 +S:B-PSU-400 >> Kick-off - Unit & Malloc +C:Kick-off +L: +D:Kick-off +D:Kick-off - Unit & Malloc +D:Video Games & Star Wars +: +B:1517403600 +E:1517414400 +S:G-EPI-004 >> Discovery Days +C:Event +L: +D:Event +D:Discovery Days +D:Seigneur des Anneaux +: +B:1517990400 +E:1518001200 +S:G-EPI-004 >> Discovery Days +C:Event +L: +D:Event +D:Discovery Days +D:Seigneur des Anneaux +: +B:1518613200 +E:1518624000 +S:G-EPI-004 >> Discovery Days +C:Event +L: +D:Event +D:Discovery Days +D:Seigneur des Anneaux +: +B:1518008400 +E:1518010200 +S:B-CNA-410 >> Kick-Off - Bollinger Bands +C:Kick-off +L: +D:Kick-off +D:Kick-Off - Bollinger Bands +: +B:1518008400 +E:1518019200 +S:B-CNA-410 >> Bootstrap - Bollinger Bands +C:Bootstrap +L: +D:Bootstrap +D:Bootstrap - Bollinger Bands +: +B:1518076800 +E:1518082200 +S:B-PSU-400 >> Follow-up - Malloc +C:Follow Up +L: +D:Follow Up +D:Follow-up - Malloc +: +B:1516874400 +E:1516878000 +S:B-SHL-400 >> Shell Scripting avec Josuah +C:Workshop +L: +D:Workshop +D:Shell Scripting avec Josuah +D:Video Games +: +B:1519822800 +E:1519833600 +S:G-EPI-004 >> Discovery Days +C:Event +L: +D:Event +D:Discovery Days +D:Seigneur des Anneaux +: +B:1517328000 +E:1517333400 +S:B-INN-000 >> Atelier : Ruby on Rails avec Quentin Juquet +C:Workshop +L: +D:Workshop +D:Atelier : Ruby on Rails avec Quentin Juquet +D:Hub +: +B:1517385600 +E:1517391000 +S:B-PRO-410 >> Ecrire pour recadrer un collègue (Partie 1) +C:TD +L: +D:TD +D:Ecrire pour recadrer un collègue (Partie 1) +D:Star Wars +: +B:1523970000 +E:1523971800 +S:B-CPP-401 >> Kick-off - Plazza +C:Kick-off +L: +D:Kick-off +D:Kick-off - Plazza +: +B:1523970000 +E:1523980800 +S:B-CPP-401 >> Bootstrap - Plazza +C:Bootstrap +L: +D:Bootstrap +D:Bootstrap - Plazza +: +B:1523865600 +E:1523867400 +S:B-PSU-403 >> Kick-off - MyFTP +C:Kick-off +L: +D:Kick-off +D:Kick-off - MyFTP +: +B:1523865600 +E:1523876400 +S:B-PSU-403 >> Bootstrap - MyFTP +C:Bootstrap +L: +D:Bootstrap +D:Bootstrap - MyFTP +: +B:1519650000 +E:1519660800 +S:G-EPI-004 >> Discovery Days +C:Event +L: +D:Event +D:Discovery Days +D:Seigneur des Anneaux +: diff --git a/agenda/fosdem b/agenda/fosdem @@ -0,0 +1,4802 @@ +B:1517731200 +E:1517732700 +S:Managing build infrastructure of a Debian derivative +C:Distributions +L:K.3.201 +D: +: +B:1517731200 +E:1517731500 +S:Intro Geospatial devroom +C:Geospatial +L:AW1.126 +D: +: +B:1517731200 +E:1517740200 +S:Mozilla TechSpeakers CFP-help +C:Global Diversity CFP Day +L:J1.106 +D:Ask Mozilla TechSpeakers your public speaking, conference- and CFP (call-for-proposals)-related questions at the Mozilla booth, hear some tips &amp; tricks about public speaking and some inspiration for nailing your next conference submission. +: +B:1517731200 +E:1517731500 +S:Welcome +C:Containers +L:UD2.120 (Chavanne) +D:Introduction to the containers devroom. +: +B:1517731200 +E:1517732400 +S:Zonemaster +C:DNS +L:AW1.121 +D:DNS is the backbone of the Internet. When one is not able to access to a content (such as a website), the first thing to do is to verify the DNS connectivity. This talk will provde an overview of an open source DNS checking tool called "Zonemaster" (, developed and maintained by Afnic ( and IIS ( talk will further delve into the architecture, different components (Engine, API, GUI, CLI) and its usages for different end-users such as general users, Companies operating DNS, Companies having a DNS portfolio of domain names and DNS geeks. +: +B:1517731200 +E:1517732400 +S:Build your own Skype... in the browser +C:Real Time Communications +L:H.1309 (Van Rijn) +D:In this session, Steven Goodwin will practically demonstrate the various "moving parts" necessary to build a WebRTC application, by creating one live on stage. It will provide a better understand of how WebRTC applications work under the hood, what the API provides, and serve as a guide as to what is (and what is not) possible for developers to deliver using WebRTC, and what other technologies are needed for a full-blown solution. +: +B:1517731200 +E:1517732700 +S:Why you should take a look at Rust? +C:Rust +L:H.2214 +D:Today, many new programming languages have been created in order to simplify at the extreme the art of programming (Golang), to boost the performance of their human readable application (Nim), to secure the way to make and run programs with zero-cost abstraction (Rust), or just to propose a new exiting way to write programs (Scala, Swift), etc.Each of those new programming languages has its own features, goals, attendance, and community.Today, it may become hazardous to develop with a new programming language, especially for a company or for a full-time personal project, due to the lack of stability, libraries, IDE features for this programming language, a too small or strict community, or many other obvious reasons.The goal of this presentation is to introduce the concepts of Rust, its pros and cons, and how Rust differs from the others programming languages.The target audience is mainly for developers who are reluctant to launch themselves into Rust, or project managers and CTOs who are looking for stable and exciting new technologies.This talk is intended to emphasize Rust rationale, and will explain clearly and precisely why Rust wants to be the programming language of the next ten years. +: +B:1517731200 +E:1517731500 +S:Welcome to the Legal and Policy Issues devroom +C:Legal and Policy Issues +L:UA2.220 (Guillissen) +D:Welcome to and overview of the seventh year of the Legal and Policy Issues devroom +: +B:1517731200 +E:1517732100 +S:Intro to the SDR Devroom +C:Software Defined Radio +L:AW1.120 +D:Once again, we meet in Brussels, at FOSDEM, to talk about the state of free software SDR. The intro will recap the year, and give some updates on what's new and great in the SDR world. +: +B:1517731200 +E:1517736600 +S:Introduction to LLVM +C:LLVM Toolchain +L:K.3.401 +D: +: +B:1517731200 +E:1517733600 +S:Introduction to Swift Object Storage +C:Software Defined Storage +L:H.2213 +D:Object Storage is a "relatively" new storage architecture being widely used in cloud computing. This talk will introduce object storage concepts and use cases and how they are different from block and file storage. As an example, we will provide an overview of Openstack Swift, its main features as well as talk about what's in the works for future releases. Swift is a highly available, distributed, eventually consistent object store. It is used at organizations like Wikipedia, OVH, Ebay and many more across the globe to store lots of data efficiently at a massive scale. It provides a RESTful API for data access, making it ideal for use with web applications. This talk will also provide a demo usage of Swift. +: +B:1517731200 +E:1517732700 +S:Installing software for scientists on a multi-user HPC system +C:HPC, Big Data, and Data Science +L:H.1302 (Depage) +D:Before scientists can use HPC systems for their research, they need to get the tools and applications installed that they require.Until recently, this was a (perhaps surprisingly for some) painful process,especially for scientists that lack sufficient experience with compiling software and dealing with dependencies.Recently, several projects have emerged that aim to facilitate this process, each of which with a particular focus:performance, flexibility, reproducibility, ease of use, support for multiple platforms, etc.In this talk, I would like to present an objective comparison of the different tools that are most prevalent currently, including:condaEasyBuildGuixNixSpackAlthough I intend to focus on the use case of installing (scientific) software on multi-user HPC systems, I will also highlight particularly interesting features that fall outside that scope. +: +B:1517731200 +E:1517734200 +S:Next Generation Config Mgmt: Reactive Systems +C:Config Management +L:UA2.114 (Baudoux) +D:The main design features of the tool include:* Parallel execution* Event driven mechanism* Distributed architectureAnd a:* Declarative, Functional, Reactive programming language.The tool has two main parts: the engine, and the language.This presentation will demo both and include many interactive examples showing you how to build reactive, autonomous, real-time systems.Finally we'll talk about some of the future designs we're planning and make it easy for new users to get involved and help shape the project. +: +B:1517731200 +E:1517732400 +S:Automating style guide documentation +C:Tool the Docs +L:UD2.119 +D:An automated approach for documenting a styleguide and the source codeIntroductionThis talk is about how, we at Zalando Retail Core, are tackling the problem of providing our developers a great experience when they are using our styleguide. The talk will show that in using Markdown as the documentation format, a couple of convention, documentation.js for generating Markdown from jsdocs comments and our own Styleguide web application, we were able speed up our styleguide and source code documentation and the developer experience. Additionally, without relying on any static generator project with their own convention we are now able to fully control and change the user experience of our styleguide and are owning the whole documentation tool chain. +: +B:1517731200 +E:1517733900 +S:Black Blocks: Kubernetes, meet OpenStack Cinder +C:Virtualization and IaaS +L:UD2.218A +D:As kubernetes clusters take on more workloads, the need for persistent storage has only increased. Users want to connect more storage devices and use them efficiently. Cinder has been solving this use case in Openstack for a long time and can be integrated with any kubernetes cluster regardless of its cloud provider. By deploying a standalone cinder service and a new external provisioner to a cluster, pods can access almost any volume that cinder is able to provision. Complex operations such as cloning, snapshots, and migration become services of the cluster. This presentation will describe and demonstrate a cinder external provisioner, enumerate its advantages, discuss challenges especially around deployment, and propose collaboration opportunities between Openstack and kubernetes. +: +B:1517731200 +E:1517732100 +S:Introduction to the decentralized internet part +C:Decentralised Internet and Privacy +L:H.1301 (Cornil) +D:Welcome to the Decentralized Internet Devroom (DID)This is the second edition of this Devroom, which has been extended its topic to include privacy-related projects.During this session, we'll discuss two topics:1 - Why do we need do redecentralize the Internet?2 - How and with who will we do it? +: +B:1517731500 +E:1517733000 +S:Capture the GDPR with Identity management +C:Legal and Policy Issues +L:UA2.220 (Guillissen) +D:Capture the GDPR with Identity managementA new era of Data Privacy begins this year and May approaches unstoppably. The media present the GDPR on a daily basis in volumes no one has expected. The whole commercial sector is hyped with articles about the GDPR, recommendations, warnings and in the end MYTHS! The GDPR is not only multinational corporations’ concern any more. Individuals and small entrepreneurs are looking for the answers too. This makes space for speculations and many partial solutions are offered in a form of a GDPR project draft templates or migration of processing into the new safe environment without appropriate paperwork. Even software solutions usually offer only partial safety measures and you will need a bunch of them to fulfill the GDPR project.A complete solution exists only as cooperation of legal person analyzing interpretation of EU legislative and IT technician able to incorporate those requirements into daily operations. The complete solution still does not mean 100% compliance because there are so many threats you can never be utterly safe from.This presentation will tell what you must not omit to be compliant, how to give effects to the rights of data subjects and how to craft your GDPR solution. We will discuss lawful basis for data processing, consent requirements and tools able to manage them effectively. In the end, we may think about the design of identity management tool that combines the advantages of identity management into one solution dealing with various GDPR issues.Included GDPR areas in light of Identity management: Lawful basis and consent management, risk assessment, data breach tool, DPO’s control tool and data subject’s rights control tool. +: +B:1517731500 +E:1517733000 +S:Join the FREEWAT family +C:Geospatial +L:AW1.126 +D:FREEWAT (FREE and open source software tools for WATer resource management) is an HORIZON 2020 project financed by the EU Commission under the call WATER INNOVATION: BOOSTING ITS VALUE FOR EUROPE. FREEWAT's main result is an open source and public domain GIS integrated modelling environment (the FREEWAT platform) for the simulation of water quantity and quality in surface water and groundwater with an integrated water management and planning module. The modelling environment is designed as a composite plugin in QGIS v2.X. It comprises tools for the analysis, interpretation and visualization of hydrogeological and hydrochemical data and quality issues, also focusing on advanced time series analysis. It interfaces models related to the hydrological cycle and water resources management: flow models, transport models, crop growth models, management and optimization models. And it contains tools to perform model calibration, sensitivity analysis and uncertainty quantifications. Finally, the some additional tools are present for general GIS operations to prepare input data, and post-processing functionalities (module OAT – Observation and Analysis Tool). +: +B:1517731800 +E:1517733300 +S:The MySQL Ecosystem - understanding it, not running away from it! +C:MySQL and Friends +L:H.1308 (Rolin) +D:MySQL is unique in many ways. It supports plugins. It supports storage engines. It is also owned by Oracle, thus birthing two branches of the popular opensource database: Percona Server and MariaDB. It also spawned a fork: Drizzle. You're a busy DBA having to maintain a mix of this. Or you're a CIO planning to choose one branch. How do you go about picking? Supporting multiple databases? Find out more in this talk. +: +B:1517731800 +E:1517733000 +S:The State of Containers in Scientific Computing +C:Containers +L:UD2.120 (Chavanne) +D:Containers are gaining significant traction as a means of deploying and distributing software in the scientific computing space. With a plethora of solutions to choose from, this talk will go into why there is a tendency for custom container runtimes in this area of computing. We will discuss portability, performance, security and ease of use, as well as direct hardware access as driving factors. As new processor architectures and specialized hardware for machine learning emerge, some of those factors will affect larger parts of the container community. +: +B:1517732100 +E:1517733000 +S:Can we measure the (de)centralisedness of the Internet with RIPE Atlas? +C:Decentralised Internet and Privacy +L:H.1301 (Cornil) +D:We are looking into how RIPE Atlas probes in networks with the majority of end-users for a given country.We measure the path between them and infer if these networks are directly connected or not.With this information we can estimate how centralised the Internet is for a given country (in terms of who has access to user2user IP communication channels)This can be useful information for people who want to develop a more decentralised internet. +: +B:1517732100 +E:1517733900 +S:Recapping DARPA's First Big Hackfest +C:Software Defined Radio +L:AW1.120 +D:An overview of the DARPA Bay Area SDR Hackfest ( +: +B:1517732700 +E:1517733900 +S:Repairing DNS at TLD scale +C:DNS +L:AW1.121 +D:For DNS stability is important to delegate domains to correctly configured servers, but condition can change over the time. We are checking all 1.3 milions of domains regulary and try to poin on common mistakes. Presentation also show, how we deal with term "correct configuration" for atuhoritative DNS server +: +B:1517732700 +E:1517733600 +S:Writing a Janus plugin in Lua +C:Real Time Communications +L:H.1309 (Van Rijn) +D:Janus is written in C, and so are its plugins. That said, we recently implemented a Janus Lua plugin, that allows developers to use Lua scripts to drive the media/application logic instead. +: +B:1517732700 +E:1517734500 +S:DocBook Documentation at SUSE +C:Tool the Docs +L:UD2.119 +D:In the SUSE documentation team, we have been using DocBook XML for years. But then, even with all our experience and the strictness of XML, we still make mistakes. So we have been adding QA tools to our tool belt which we are presenting in this talk:* The SUSE Documentation Style Checker which we use to check for consistent terminology, writing style, correct spelling, "soft" XML rules that don't fit the DTD, and gotchas* Travis, the CI tool which you probably know and hopefully love and which we use to make sure our documentation validates when it enters our Git repo* Pull request workflows* dapscompare which we use during the development of our layout stylesheets to check for unintended consequences and for issues with tool dependenciesUsing these tools helps us ensure good formal quality, so that human reviewers can focus on the content. It also helps with make translation efficient. +: +B:1517733000 +E:1517734800 +S:Programming UEFI for dummies +C:Hardware Enablement +L:K.4.401 +D:With the upcoming end of legacy mode in UEFI firmware on PCs, every alternative and hobbyist operating systems, bare metal programmers and wannabe OS developers will have to deal with UEFI on modern hardware. After presenting the binary format of UEFI applications, I will focus on the use of UEFI APIs through EFI system table and UEFI protocols so you can get started. +: +B:1517733000 +E:1517734500 +S:GRUB upstream and distros cooperation +C:Distributions +L:K.3.201 +D:The presentation will discuss current state of GRUB upstream developmentand cooperation with distributions. +: +B:1517733000 +E:1517734800 +S:Get your decentralized project some EU funding +C:Decentralised Internet and Privacy +L:H.1301 (Cornil) +D:Free software projects for decentralization have been plagued with a lack of funding. We set up the Public Universal Base: Libre Infrastructure Consortium to respond to EU calls and bring funding to our community. We'll show you how to participate in the project and get some funding for your free software social media project. +: +B:1517733000 +E:1517734500 +S:Idiomatic Rust +C:Rust +L:H.2214 +D:Rust is a big language and it gets bigger every day. Many beginners ask: "What is idiomatic Rust?".This talk will highlight simple tips to make your Rust code more elegant and concise, and introduce you to my peer-reviewed collection of articles/talks/repos for writing idiomatic Rust code. +: +B:1517733000 +E:1517740200 +S:LPI Exam Session 3 +C:Certification +L:UB2.147 +D:LPI offers discounted certification exams at FOSDEM +: +B:1517733000 +E:1517734200 +S:Welcome & Chatting +C:Open Source Design +L:K.4.201 +D:Please feel free to come earlier, before talks start, to meet us! +: +B:1517733000 +E:1517734800 +S:Bicycle-sharing stations: profiling and availability prediction +C:Geospatial +L:AW1.126 +D:This presentation will show an exploratory data analysis about bicycle-sharing stations in two French cities (Lyon and Bordeaux).Keywords: Data Science, Prediction, Machine Learning, Python, Open Data, GIS +: +B:1517733000 +E:1517734500 +S:Artificial intelligence dealing with the right to be forgotten +C:Legal and Policy Issues +L:UA2.220 (Guillissen) +D:The right to be forgotten subsequens the ruling of privacy law, encountering difficulties in terms of defining its applicability in the context of continuous tech evolution. Artificial intelligence development particularly raises problems due to the nature of machine learning and the obvious differences between the memory process of humans and AI systems. The law does not have an answer apart from the general ruling of the right to be forgotten, lacking a particular focus on the context of AI nature and applicability. How does an analysis of the current legislation look like and also what can one implement de lege ferenda in order to assure the required attention to the AI context? +: +B:1517733000 +E:1517734500 +S:Binary packaging for HPC with Spack +C:HPC, Big Data, and Data Science +L:H.1302 (Depage) +D:Spack is a package manager for cluster users, developers, andadministrators, rapidly gaining populartiy in the HPC community. Likeother HPC package managers, Spack was designed to build packages fromsource. However, we've recently added binary packaging capabilities,which pose unique challenges for HPC environments. Most binarydistributions assume a lowest-common-denominator architecture,e.g. x86_64, and do not take advantage of vector instructions orarchitecture-specific features. Spack supports relocatable binaries forspecific OS releases, target architectures, MPI implementations, andother very fine-grained build options.This talk will introduce binary packaging in Spack and some of the openinfrastructure we have planned for distributing packages. We'll talkabout challenges to providing binaries for a combinatorially largepackage ecosystem, and what we're doing in Spack to address theseproblems. We'll also talk about challenges for implementing relocatablebinaries with a multi-compiler system like Spack. Finally, We'll talkabout how Spack integrates with the US exsascale project's open sourcesoftware release plan, and how this will help glue together the HPC OSSecosystem as a whole. +: +B:1517646600 +E:1517648100 +S:Welcome to FOSDEM 2018 +C:Keynotes +L:Janson +D:FOSDEM welcome and opening talk. +: +B:1517733300 +E:1517734500 +S:Automated Linux Containers deployment for fun and profit. +C:Containers +L:UD2.120 (Chavanne) +D:How we use LXD, Puppet, Jenkins, Bash and PyLXD to create system containers for our developers development environments in Emesa. +: +B:1517733300 +E:1517733600 +S:Welcome to the Perl devroom +C:Perl Programming Languages +L:K.4.601 +D:A short introduction +: +B:1517733600 +E:1517736000 +S:How Carton, Docker, and CircleCI Saved my Sanity +C:Perl Programming Languages +L:K.4.601 +D:In this talk I talk provide a bit of background on how vendored all its dependencies using a combination of Carton + CircleCI + Docker, and a more in-depth look at three particular tasks that would have been impossible without this work. This talk should prepare you to go ahead and make even your really old legacy application use Carton. +: +B:1517733600 +E:1517735100 +S:Beyond WHERE and GROUP BY +C:MySQL and Friends +L:H.1308 (Rolin) +D:We've been writing SQL queries with WHERE, GROUP BY, ORDER BY, HAVINGfor decades. But nobody is using DOS 3.2 or Windows 1.0 anymore - whylimit yourself to SQL:86? The latest versions of MariaDB support thefeatures of SQL:99 (common table expressions), SQL:2003 (windowfunctions), SQL:2011 (system-versioned tables), and SQL:2016 (JSON),which allows you to build more complex (for example, hierarchical)models data and write simpler and faster queries. +: +B:1517733900 +E:1517736600 +S:Dragonflow - An open network services ecosystem +C:Virtualization and IaaS +L:UD2.218A +D:Managing cloud networking using SDN gives cloud providers unprecedented control over their network. With a wave of their hand, bits can flow in any way, form, and manner. We’d like to leverage this newfound magic to support a multitude of new services.Enter Dragonflow. Dragonflow is a fully distributed SDN controller, responsible for first-to-market features such as distributed SNAT and distributed DHCP.  It is completely open-source and is an official Openstack project. It supports many networking services such as L2, routing, DHCP, security groups, and trunk ports. Additionally, it supports container networking through strong collaboration with the Kuryr project.  One of Dragonflow’s strongest points is that it’s extensible. Plugging in new services and getting them to work together is incredibly easy.In this talk we will discuss Dragonflow as an open platform for network applications, and the ecosystem of these services. +: +B:1517733900 +E:1517735100 +S:XMPP as the road to innovation +C:Real Time Communications +L:H.1309 (Van Rijn) +D:Contrary to basic logic and common misconceptions, the “X” in XMPP does not stand for “eXtra” or “eXtremely awesome” but for “eXtensible”. This actually tells you a lot about a protocol built to provide reasonable, solid set of of basic features but also a platform for innovative solutions tailored to the project’s needs.The extension mechanism is the heart of this philosophy and also the focus of this talk. We will explore real-life use cases and scenarios where extended XMPP served as a base for a dedicated solution - both for commercial and open-source projects. We will examine different functionalities and components (e.g. inbox, MUCLight, token based reconnection), share experiences, discuss best practices and dissect it all in MongooseIM platform.This talk is not going to take long. As you know, extending XMPP is kinda easy. +: +B:1517733900 +E:1517736300 +S:Gluster-4.0 and GD2 +C:Software Defined Storage +L:H.2213 +D:The new Gluster-4.0 release with GlusterD-2.0 makes Gluster easier to scale, manage, integrate and develop for. Learn how this benefits users and developers. +: +B:1517733900 +E:1517735700 +S:(Yet another) passive RADAR using DVB-T receiver and SDR. +C:Software Defined Radio +L:AW1.120 +D:We demonstrate the use of affordable DVB-T receivers used as general purpose software defined radio interfaces for collecting signals from a non-cooperative reference emitter on the one hand, and signals reflected from non-cooperative targets on the other hand, to map the range and velocity in a passive radar application. Issues include frequency and time synchronization of the DVB-T receivers, mitigated by appropriate digital signal processing relying heavily on cross-correlations. +: +B:1517734200 +E:1517735700 +S:Turning On the Lights with Home Assistant and MQTT +C:Internet of Things +L:AW1.125 +D:In this presentation you will learn the exact steps for using MQTT JSON Light component of the open source home automation platform Home Assistant for controlling lights through the machine-to-machine protocol MQTT. Practical examples for low cost devices combining together open source hardware with free and open source software will be revealed.The presentation will provide general overview of Home Assistant, details about the software integration of new devices to it through the MQTT protocol and open source MQTT brokers such as Mosquitto. We will do a code review of an open source Linux daemon application for Raspberry Pi, written in the C programming language and based on the Paho library for MQTT client and the piGPIO library used for pulse-width modulation (PWM) control of a RGB LED strip. We will compare it to an implementation of the same features for the microcontroller with WiFi ESP8266 written as a sketch for the Arduino environment. Furthermore, the presentation will include details about reading data from various sensors and their setup in Home Assistant. +: +B:1517734200 +E:1517735400 +S:BIND 9 Past, Present, and Future +C:DNS +L:AW1.121 +D:BIND 9 is now 17 years old, the latest stable version 9.12 was releases in December and the BIND 9 Team has adopted changes to adapt to the ever change Internet landscape. +: +B:1517734800 +E:1517735700 +S:Let's Fix The Internet +C:Lightning Talks +L:H.2215 (Ferrer) +D:The Internet today is plagued by many problems. From viruses and spam, to identity theft and piracy.We can solve those problems.With a virtual operating system that runs the cloud, using blockchains to secure identities and data, a virtual network layer to protect agains unauthorized network access, and a virtual machine to sandbox untrusted code.This talk will describe Elastos, an Operating System for the smart web.It will explore the approach that Elastos takes to achieve these goals, and gives a vision of a possible future internet. +: +B:1517734800 +E:1517737800 +S:Sancus 2.0: Open-Source Trusted Computing for the IoT +C:Security and Encryption +L:Janson +D:I will talk about Trusted Computing, what it can do, where the limitations are, and why we need trusted computing architectures to be open-source. Special emphasis will be on the Sancus architecture, which brings Trusted Computing to embedded domains such as the IoT or safety-critical control systems. +: +B:1517734800 +E:1517736000 +S:Test your API docs! +C:Tool the Docs +L:UD2.119 +D:Today many API docs are driven by API description formats, such as Swagger/OpenAPI, API Blueprint, and so on. I'm working on an Open Source tool (Dredd), which takes verifies whether the implementation is according to the description. This enables a whole new workflow to API designers - they can design before implementing, and then ensure the implementation is in sync with the design. +: +B:1517734800 +E:1517737800 +S:Provisioning vs Configuration Management Deployment vs Orchestration +C:Config Management +L:UA2.114 (Baudoux) +D:There's a lot of confusion around the differences between the various terms used when talking about configuring systems. Is Jenkins an orchestration tool or a deployment tool? Can Puppet provision systems? Is Ansible config management or and orchestration?In this talk, we're going to boil down the core of each term and talk about the approaches used and where things cross over. +: +B:1517734800 +E:1517736300 +S:Tying software deployment to scientific workflows +C:HPC, Big Data, and Data Science +L:H.1302 (Depage) +D:Package management, container provisioning, and workflow execution are often viewed as related but separate activities. This talk is about using Guix to integrate reproducible software deployment in scientific workflows. +: +B:1517734800 +E:1517736600 +S:Rustarm AKA A project looking at Rust for Embedded Systems +C:Hardware Enablement +L:K.4.401 +D:Rustyarm is a project in the Physical Computing group at the University of West of England looking at application of Rust on embedded micro controllers. UWE Sense is a new hardware and software platform for IoT, build with ARM micro controllers, Bluetooth LE and LoRaWAN, which runs a software stack written completely in Rust. While UWE Sense is a close to the metal implementation, UWE Audio, a new hardware platform for studying high performance audio using ARM micro controllers, uses Rust to implement a monadic reactive graph, supporting both an offline compiler and and Embedded DSL. UWE Audio uses safe Rust, for example, describing domain clock as generic associated types, providing both compile time guarantees that multiple streams will not be incorrectly sequenced at different sample rates, and the ability to dynamically compile for different parts of the system.In this talk I will provide a high-level overview of the Rustyarm project, including how using Rust has made this project interesting, but also enabled providing guarantees with respect to the audio scheduler, for example. However, Rust has some short comings in the embedded domain and we provide details on some of these and what we and the wider community are doing to address them. As an example of Rust’s application in the embedded domain we present early work on UWE Audio and hardware and software platform for building digital music instruments, which as already noted is programmed with solely in Rust. +: +B:1517734800 +E:1517737800 +S:Cyborg Teams +C:Miscellaneous +L:K.1.105 (La Fontaine) +D:A purely human team does not scale past a certain complexity point. In the Cockpit project we’ve done something amazing: We’ve built a team that’s part human and part machine working on an Open Source project. +: +B:1517648400 +E:1517651400 +S:Consensus as a Service +C:Keynotes +L:Janson +D:The Open Source label was born in February 1998 as a new way to popularise free software for business adoption. OSI will celebrate its 20th Anniversary on February 3, 2018, during the opening day of FOSDEM 2018. The presentation will summarize the evolution of open source licences and the Open Source Definition (OSD) across two decades, explain why the concept of free open source software has grown in both relevance and popularity and explore trends for the third decade of open source. +: +B:1517734800 +E:1517736600 +S:Blink Raster: A C++ library for Map Algebra +C:Geospatial +L:AW1.126 +D:The Blink Raster library is a C++ library for Map Algebra operations. Map Algebra is a long established conceptual framework for geographical data analysis. It is a versatile and highly generic framework, classifying local, focal, zonal and global operations. However existing libraries and tools that implement Map Algebra operations are not as generic and instead of a limited set of specific functions. The Blink Raster library aims to overcome this and provides an efficient computational framework that allows local, focal, zonal and global operations using user-specified functions.The library uses GDAL to access and write raster data. A central concept the library is the Raster, which is essentially a Range that iterates over the cells in a matrix of values. The core focal and zonal operations produce Expression Templates that model the Range concept. Therefore the outcome of zonal or focal operations on one or more Rasters is another Raster that does not hold data itself but directs to the data in the input rasters and combines the data lazily once the outcome Raster is iterated over. It thus becomes possible to combine and nest operations on rasters without creating temporary files. An additional benefit is that it is trivial to apply functions to only compute a subsection of the output Raster, which in turn makes the library very amenable to future parallellization. +: +B:1517734800 +E:1517736600 +S:Urban places as nodes of a decentralized Internet +C:Decentralised Internet and Privacy +L:H.1301 (Cornil) +D:The MAZI toolkit,, is a DIY networking toolkit for installing, customizing, and deploying self-hosted applications on a Raspberry Pi as local web server (in a sense, a YunoHost focusing on small-scale community networks and a PirateBox opening up to self-hosted applications) that can help to create a wide variety of local networks effectively and democratically designed and governed by local communities. Such a tool can bring closer together self-hosted software and community networks, making both more accessible to a wider audience. Openki,, is a FLOSS platform for self-organized education that facilitates the creation of collaborative learning groups in the city. In this talk I will explain how these two can be combined to help build a decentralized Internet anchored in urban spaces and facilitate learning and trust building processes that are necessary for privacy, among others. +: +B:1517734800 +E:1517736000 +S:Usability made simple +C:Open Source Design +L:K.4.201 +D:Test the usability of any Open Source software in just a few steps with minimal resources, to get useful feedback for designers and usable interfaces for users.We’ll go through the complete process of testing step by step and answering all the how-tos, using examples from the tests conducted for GNOME applications.We’ll discuss about:Choosing the right way to testPicking the right users to test withDeciding which tools to useAnalyzing the resultsMost importantly, learn how to effectively share the results and have an impact on the development decision making process. +: +B:1517734800 +E:1517736300 +S:Understanding 26 U.S.C. § 501, and Organizational Governance +C:Legal and Policy Issues +L:UA2.220 (Guillissen) +D:We often hear about the charitable organizations registered in the United States Federal tax system, but talking about the implications is sometimes taboo.I'll try and talk about these issues openly, and discuss some of the consequences (both +ive &amp; -ive) for public software.I'll provide a list of a few well-known organizations, and explain why it both matters and doesn't.Lastly I'll present some reporting that I did while researching this presentation. +: +B:1517734800 +E:1517738100 +S:Distributions are not democracies +C:Distributions +L:K.3.201 +D:This session will explore many different governance and decision making models in the Distribution world.Few projects aspire to operate under wholly democratic principles. This talk will explore some of the many flaws and problems with this approach, and how projects often struggle to operate democratically and at scale. Alternatively the session will also discuss the benefits, and weaknesses of less democratic governance models, such as Technical Committees, Governing Boards, and Benevolent Dictators for Life. Finally the talk will explore a simple, but scalable model of Distribution governance, empowering, enabling, and supporting the contributors in your project to create an environment where "Those that do, decide". +: +B:1517734800 +E:1517736300 +S:You want a Clean Desktop OS? Containerize it +C:Containers +L:UD2.120 (Chavanne) +D:Containers are all the rage, alongside cloud and DevOps. Sometimes they also induce rage. In this talk, we will take a look at using Fedora Atomic on your desktop, when it makes sense, and what the potential benefits vs drawbacks of having a container-based OS on your desktop are for you as a developer. +: +B:1517734800 +E:1517736300 +S:Rust memory management +C:Rust +L:H.2214 +D:A quick introduction to the unique memory management concepts of Rust. +: +B:1517734800 +E:1517736600 +S:Introduction to web development in C++ with Wt 4 +C:Embedded, mobile and automotive +L:UB2.252A (Lameere) +D:This talk is an introduction tohref="">Wt, a server-side web framework written in C++. Wt 4 is the latest version and introduces a more modern C++11-based API. +: +B:1517735400 +E:1517736600 +S:Kamailio - Pick Your SIP Routing Scripting Language +C:Real Time Communications +L:H.1309 (Van Rijn) +D:Kamailio is an open source SIP server that uses a scripting language for its configuration file to enable flexibility in deciding the routing of SIP messages. Starting with version 5.0, besides its native scripting language, Kamailio allows writing the routing logic in several other programming languages such as Lua, JavaScript, Python and Squirrel. This presentations aims to reveal the benefits and drawbacks of using any of these scripting languages for building scalable real time communication systems and services. +: +B:1517735400 +E:1517736900 +S:MySQL 8.0 Performance: InnoDB Re-Design +C:MySQL and Friends +L:H.1308 (Rolin) +D:MySQL 8.0 brings many fundamental changes in InnoDB design.This talk will cover several of them, including new REDO and CATS. +: +B:1517735700 +E:1517737500 +S:In the SpOOTlight: gr-radar +C:Software Defined Radio +L:AW1.120 +D:gr-radar is an out-of-tree module (OOT) for GNU Radio that came about during a Google Summer of Code. Let's take a look at this OOT together, see what it can do, and see what it could become! +: +B:1517735700 +E:1517737500 +S:Blame (and) DNS: debugging tutorial +C:DNS +L:AW1.121 +D:How to find out who, where, and how broke your DNS? What support line to call?These are hard questions because today's DNS is very complex and even simplest query for an IP address might involve dozen different parties. In this tutorial we will walk though typical scenarios and use common tools to find out why things do not work as we expect and who to contact. +: +B:1517736000 +E:1517738400 +S:4 Perl web services I wrote and that you may like +C:Perl Programming Languages +L:K.4.601 +D:I'll present 4 web services I wrote with Mojolicious a Perl web framework. Simple to install and simple to use, they promote users' privacy. One is an URL shortener, one is made for images sharing, the third is for files sharing with end-to-end encryption and the last is about URLs visits statistics. +: +B:1517736000 +E:1517736900 +S:Regular Expression Derivatives in Python +C:Lightning Talks +L:H.2215 (Ferrer) +D:Regular expressions are commonly implemented using a backtracking algorithm, or by converting them into a nondeterministic finite automata using Thompson's construction. An alternate approach is to use Brzozowski derivatives to directly generate deterministic finite automata. This talk describes an implementation of Brzozowski derivatives in Python, based on a paper by Owens, Reppy and Turon. This implementation is used for generating efficient Unicode lexers. +: +B:1517736300 +E:1517737800 +S:Accessing your Mbed device from anywhere using Pagekite +C:Internet of Things +L:AW1.125 +D:When looking at home automation solutions available in the market nowadays,one of the most important and expected features is to be able to control yourhome automation installation from anywhere in the world using a smartphoneapp. A vendor of a low-cost home automation solution requested us to add sucha feature to their existing IP gateway product, which only allowed for usersto control their home automation system with their smartphone while they areconnected to their local network at home. We were asked to make it possible tolet the smartphone app connect to the IP gateway from anywhere in the world.This vendor's IP gateway hard- and software was based on the Mbed platform, sothey needed a solution that could fit within Mbed.First of all, there are a lot of ways to make a device in a local networkaccessible from anywhere in the world: SSH tunneling, port forwarding withdynamic DNS,... Since our client wanted an open-source, secure, low-cost andeasy to set up solution that he could host himself, we opted to go forPagekite. However, since Mbed does not support OpenSSL, Linux sockets orlibev, the existing libpagekite C library was not an option to start from. Sowe started to implement a Mbed flavour of the library ourselves, and decidedto make it open-source +: +B:1517649900 +E:1517650200 +S:Welcome! +C:Free Java +L:UD2.208 (Decroly) +D:Welcome to the 2018 edition of the Free Java DevRoom! +: +B:1517736300 +E:1517738100 +S:Docs like code in Drupal +C:Tool the Docs +L:UD2.119 +D:When documenting software it makes sense to treat your docs like code. Doing so allows documentarians to collaborate much easier with developers. While most teams have chosen for static site generators to implement this methodology, we identified a number of use cases where it would make much more sense to use a CMS based system. In this talk I explain why, and introduce a new open source project, based on Drupal, that can import Markdown and Open API specifications. +: +B:1517650200 +E:1517652000 +S:Declarative Extensions for Kubernetes in Go +C:Monitoring and Cloud +L:UD2.120 (Chavanne) +D:Declarative systems, like Kubernetes are nice. Instead of forming the state of the system command-by-command, one just posts a set of declarative requirements. The system will try to adapt. While it easy to understand how to use such a system from the user perspective, it requires a complete rethinking for us engineers on how to integrate with such a system. Based on the experiences with extending Kubernetes for KubeVirt with the Kubernetes-Go-SDK, this session gives a short and concise overview on what is required to implement declarative flows in general and particularly in Kubernetes. Real-world examples and pitfalls included. +: +B:1517650200 +E:1517652000 +S:The State of Go +C:Go +L:H.1308 (Rolin) +D:Go 1.10 is planned to be released in February 2018 and this talk covers what's coming up with it. +: +B:1517650200 +E:1517652600 +S:Migrating to Red Hat IdM in a large Linux Environment +C:Identity and Access Management +L:UD2.119 +D:This talk will discuss how Red Hat IT is moving from a centralized LDAP and kerberos setup to a Red Hat IdM setup for all of our Linux users and hosts. +: +B:1517736600 +E:1517738400 +S:Making Linux Security Modules available to Containers +C:Containers +L:UD2.120 (Chavanne) +D:Containers would like to be able to make use of Linux SecurityModules (LSMs), from providing more complete system virtualizationto improving container confinement. To date containers access to theLSM has been limited but there has been work to change the situation.This presentation will discuss the current state of LSM stackingand namespacing. The work being done on various security modules tosupport namespacing, the infrastructure work being done to improve theLSM, an examination of the remaining problems, and provide a demoof a container leveraging LSM stacking so that the host is usinga different security module than that of the container. +: +B:1517736600 +E:1517738400 +S:The Generic Data Distribution System of the Retroshare Network +C:Decentralised Internet and Privacy +L:H.1301 (Cornil) +D:Because of their static topology and limited connectivity friend to friendnetworks represent a challenge in the distribution of data. We present GXS: ageneric data distribution system suitable for friend-to-friend networks, thatis in the heart of the Retroshare software. The presentation will start withan overview of the Retroshare software, discussing the specific requirementsin terms of secure and private data distribution. We will then cover thetechnical aspects of GXS, its architecture and concepts, its security, privacyand stability aspects, and its robustness and performance. We will also describe the existing decentralized services based on this system. Finally, a call to developers will be made, based on a generic example, while proposing multiple ideas of distributed services to be developped on top of GXS. +: +B:1517736600 +E:1517739000 +S:LizardFS - a year in development +C:Software Defined Storage +L:H.2213 +D:Community Update and Roadmap for the next 12 months including an interactive presentation of the most important new features. +: +B:1517736600 +E:1517738400 +S:How to build autonomous robot for less than 2K€ +C:Embedded, mobile and automotive +L:UB2.252A (Lameere) +D:Telepresence, Delivery Boy, Security and Follow Me in one PULUrobot. PULUrobot solves the autonomous mobile robotics complexity issue without expensive parts, without compromise.By fearless integration and from-scratch design, our platform can do SLAM, avoid obstacles, feed itself, and carry payload over 100kg, for less than 2000EUR.Application ecosystem can be born around it, as we offer a ready-made Open Source (GPLv2) solution in a tightly coupled HW-SW codesign.No need to solve a ROS module puzzle, or pay $50000 for a closed product anymore! +: +B:1517650200 +E:1517651700 +S:Everything is a device! +C:Microkernels +L:AW1.126 +D:MH is a personal effort to build systems based on a single, almost arbitrary, abstraction: the device. The original idea was that having a system with a limited, but easily understandable interface would allow to build systems that are easy to grasp and fun to extend.This talk will tell about the experience of designing MH, the lessons learned, errors made, and what using and playing with such system looks like. +: +B:1517650200 +E:1517652000 +S:The FreeBSD Foundation and How We Are Changing the World +C:BSD +L:K.3.401 +D:The FreeBSD Foundation was founded in 2000, initially to own the FreeBSD trademarks and intellectual property. Over the past 17 years, we’ve grown from being run by 3 volunteer board members, to a team of 9 staff members, and 8 volunteer board members. My presentation will cover a little bit of our history, what’s our purpose, the key areas we focus on and why, and how we are making this a better world, by supporting FreeBSD, the community, and the overall open source ecosystem. +: +B:1517650200 +E:1517652000 +S:Pulp 3 - Simpler, Better, More awesome +C:Package Management +L:K.3.201 +D:Pulp is a platform for managing repositories of software packages, but it can store any kind of binary data (e.g. cat photos). The core provides a REST API and manages files, but the real value for users is delivered by the plugins which allows core to manage a content type like a cat photo. The upcoming 3.0 release of Pulp includes a relational database, a new REST API, and a semantically versioned plugin API. This talk is going to briefly explain how Pulp is used, highlight the technologies under the hood, demonstrate the REST API, and show off the plugin API that will be included in Pulp 3.0. +: +B:1517736600 +E:1517738400 +S:Mainline Linux on Motorola Droid 4 +C:Hardware Enablement +L:K.4.401 +D:Sebastian will present the current state of Linux kernel support for the MotorolaDroid 4 (a smartphone from 2012), what has been done to reach it and describethe required work left to use it properly. The target audience are non-kerneldevelopers, that might be interested in starting kernel work.The work has been documented here: +: +B:1517736600 +E:1517738100 +S:Researchers and software licenses - A disaster waiting to happen +C:Legal and Policy Issues +L:UA2.220 (Guillissen) +D:In science and engineering, more and more software is published as Open Source software or uses other Open Source projects. Due to the different licenses with their requirements and restrictions as well as the resultant license compatibility issues, scientists and engineers must be aware of these issues. Ideally, they have some basic understanding about Open Source licensing. Unfortunately, in practice this understanding is not present, especially if more than one Open Source license is involved. But how do you teach scientists and engineers knowledge about open source licenses? +: +B:1517650200 +E:1517651700 +S:Simulating Multilevel Caches in Cachegrind +C:Debugging tools +L:AW1.121 +D:Systems with large amounts of multi-level cache available require the ability to profile cache performance at each layer, as there remains a significant performance disparity between L2 and L3 caches. An example of such a system and the focus of this work is the new Cavium ThunderX2 supercomputer at the GW4 Isambard project. This paper intends to detail the methodology used to extend the capabilities of the Valgrind tool: Cachegrind. This extension will enable it to model both the L2 and L3 caches separately, as opposed to as a single last level cache. This support will be added for both the ARMv8 architecture, in order to model performance on the Isambard supercomputer, and in addition x86_64, for comparative purposes. As a result of this extension, the Isambard project will be able to optimise frequently used programs, in order to reduce CPU time used and therefore improve throughput on the system. +: +B:1517650200 +E:1517651700 +S:Graphics Performance Analysis with FrameRetrace +C:Graphics +L:K.4.401 +D:FrameRetrace is the first fully open-source graphics performance analysis tool for OpenGL on Linux platforms. It enables rapid experimentation with shaders, state, uniforms and experiments, to find and fix performance or rendering problems in a frame. This talk will describe the current state of FrameRetrace, and why it is a compelling tool for OpenGL application and driver developers. A demo of FrameRetrace will illustrate and fix a performance problem in the mesa driver. +: +B:1517650200 +E:1517651100 +S:Community DevRoom Welcoming Remarks +C:Community devroom +L:K.4.601 +D:In which Leslie and Laura welcome everyone to the Community DevRoom 2018 +: +B:1517736600 +E:1517738100 +S:Combining CVMFS, Nix, Lmod, and EasyBuild at Compute Canada +C:HPC, Big Data, and Data Science +L:H.1302 (Depage) +D:One of the challenges in HPC is to deliver a consistent software stack that balances the needs of the system administrators with the needs of the users. This means running recent software on enterprise Linux distributions that ship older software.Traditionally this is accomplished using environment modules, that change environment variables such as $PATH to point to the software that is needed.At Compute Canada we have taken this further by distributing a complete user-level software stack, including all needed libraries including the GNU C library, but excluding any privileged components.I will describe our setup, which combines Nix for the bottom layer of base components, EasyBuild for the top layer of more scientifically inclined components, Lmod to implement environment modules, and the CernVM File System (CVMFS) to distribute it to Canadian supercomputers.Expected prior knowledge: knowing how to use the command line and environment variables. +: +B:1517736600 +E:1517737800 +S:A crash course on remote, moderated usability testing +C:Open Source Design +L:K.4.201 +D:I’m going to show you that you don’t need to be a researcher or have a huge budget to conduct remote, moderated usability testing.In this talk I’ll cover:The value of remote, moderated usability testing.Sourcing users.Writing a script.Speaking with users.How to share your findings with an open source community. +: +B:1517650200 +E:1517651700 +S:video - It's a lot more than just a HTML5 tag +C:Open Media +L:H.1309 (Van Rijn) +D:The &lt;video> element was first proposed by Opera Software in February 2007. Opera also released a preview build that washref="">showcasedthe same day and ahref="">manifestothat called for video to become a first-class citizen of the web.Integrating video elements into the HTML5 standard has changed the world forever and for the better and enabled us to gradually rid ourselves from the proprietary, exploitable and often slow FLASH technology.However, the means to embed video in HTML5 enabled web pages is only the tip of the iceberg. In this session, we will discuss other crucial aspects of handling and serving video. +: +B:1517650200 +E:1517652900 +S:The State of OpenJDK +C:Free Java +L:UD2.208 (Decroly) +D:A review of the past year in the life of the OpenJDK Community, and a look at what's ahead. +: +B:1517650200 +E:1517670000 +S:Global Diversity CFP Day +C:Global Diversity CFP Day +L:J1.106 +D:On Saturday 3rd February 2018 there will be numerous workshops hosted around the globe encouraging and advising newbie speakers to put together your very first talk proposal and share your own individual perspective on any subject of interest to people in tech. Mozilla and the Mozilla TechSpeakers will bring this global event to Brussels during the first day of FOSDEM, and during the workshop will also provide CFP help and mentoring to any of the FOSDEM participants. +: +B:1517650200 +E:1517652000 +S:Arrival & Informal Discussions +C:Ada +L:AW1.125 +D:Feel free to arrive early, to start the day with some informal discussions while the set-up of the DevRoom is finished. +: +B:1517650200 +E:1517652000 +S:Mozilla Open Source Support (MOSS) +C:Mozilla +L:UA2.118 (Henriot) +D:MOSS is Mozilla's program for supporting open source projects financially and with security audits. Find out about our successes so far, and how you can apply for help for your project. +: +B:1517650200 +E:1517651400 +S:Status of the Apache ODF Toolkit (incubating) +C:Open Document Editors +L:AW1.120 +D: +: +B:1517650200 +E:1517651700 +S:FOSS/H EDA tools for SPICE modeling +C:CAD and Open Hardware +L:K.4.201 +D:EspoTek’s Labrador is a tiny yet powerful device that transforms a PC into a fully featured electronics lab, complete with an oscilloscope, signal generator, logic analyzer, multimeter and power supply. Qucs (Quite Universal Circuit Simulator) is an integrated circuit (IC) simulator which allow to setup a circuit with a schematic entry graphical user interface (GUI) and simulate the large and small-signal (DC, AC, S-parameter, Harmonic Balance and noise analysis) of the microelectronic circuit. Both hardware and software are 100% open-source (FOSS). Both tools will be used to illustrate complete flow of the measurements, characterization and SPICE modeling of the semiconductor devices for EDA IC design applications. EspoTek’s Labrador and Qucs cointegrations thru embedded Octave scripts will be discussed as well. +: +B:1517650200 +E:1517652900 +S:A real life story about product testing with robotframework +C:Testing and automation +L:H.2213 +D:The residential heating division of Bosch thermotechnology is developing products for domestic hot waterand central heating in homes. These products include an app (iOS and Android) connected smart room thermostat anda control unit for controlling a boiler appliances.During this presentation, we want to share our lessons learned by explaining our testing strategy and the usageof robotframework. +: +B:1517650200 +E:1517652000 +S:The path to Data-plane micro-services +C:SDN and NFV +L:H.1301 (Cornil) +D:Embracing containers and micro-services with their scaling model and resiliency is the new frontier in software packet processing.This talk will describe the reasons, the challenges and opportunities of this trend. +: +B:1517650200 +E:1517652300 +S:Cypher: An evolving query language for property graphs +C:Graph Processing +L:H.2214 +D:Cypher is a property graph query language that provides expressive and efficient querying of graph data. Originally designed and implemented within the Neo4j graph database, it is now being used by several industrial database products, as well as open-source and research projects. +: +B:1517650200 +E:1517657400 +S:BSDCG Exam Session +C:Certification +L:UB2.147 +D:The BSDA certification is designed to be an entry-level certification on BSD Unix systems administration. +: +B:1517736600 +E:1517739300 +S:Live Block Device Operations in QEMU +C:Virtualization and IaaS +L:UD2.218A +D:QEMU is an open source machine emulator and virtualizer when used incombination with hypervisors such as Xen or KVM, the Linux Kernel-basedVirtual Machine.This talk will focus on QEMU's Block Layer, and in particular it willexamine the four main types of (potentially long-running) live blockoperations: 'stream', 'commit', 'mirror', and 'backup' in detail. Aftersetting some context, we will see what they are, where they're used, andhow they can be invoked via the QMP (QEMU Machine Protocol) interface orthe libvirt API. +: +B:1517736600 +E:1517738400 +S:GDAL Tips and Tricks +C:Geospatial +L:AW1.126 +D:I've learned a lot about using GDAL over the years at Planet, from how to manage the installation to using it in Python and ending up with some modern use-case with Cloud-optimized GeoTIFFs +: +B:1517650200 +E:1517652900 +S:Convergence of your virtualization and container infrastructures with KubeVirt +C:Virtualization and IaaS +L:UB2.252A (Lameere) +D:In order to run containers and virtualization, admins need to take care of two infrastructure stacks. KubeVirt is one way to converge both stacks. +: +B:1517736900 +E:1517738100 +S:Introducing gtk-rs +C:Rust +L:H.2214 +D:The goal of this talk is to provide an introduction to the gtk bindings in Rust through the gtk-rs organization. It'll be mainly about how we made it and how we keep making it better.Presentation of gtk-rs (before it was even an organization)Beginning: rust &lt;-> C direct binding, no indirection, almost no safetyGeneration of signals through (old) macro systemOld closures system to allow callbacksShort (old) code demonstrationCreation of gtk-rsmulti-repositoryeasier to maintain, more difficult to releaselicensing issues: keeping docs in their own repository and write a tool to put it backNew gtk-rs era: automatic generationGIR crateParsing gir files and automatically generate as much as possiblePresentation of the crate, how it works and the hierarchyA lot of things are simplified: doc generation, website, releasesgtk-rs growthmore members(semi) automatic release processa lot more of bindings (sourceview, pangocairo, webkit...)gtk-rs environmenta few projects (process viewer, EDI, tools...)relm crate to easily write GTK UIsGNOME-classgstreamer-rsFuture of gtk-rsasynctutorialsmore projectsmore rust in GNOME libraries (librsvg already started this port) +: +B:1517736900 +E:1517738700 +S:Connecting LLVM with a WCET tool +C:LLVM Toolchain +L:K.3.401 +D:During my master project i worked on combining LLVM with a WCET tool.Worst-Case-Execution-Time (WCET) is the longest time a program can execute, typically measured in cycles.This information is typically of interest for code that has timing requirements such embedded systems in cars.The project involved combining an open-source tool called SWEET with LLVM.This involves using datastructures in LLVM to output the interface-language to the tool SWEET.As a proof-of-concept, the ARM Cortex-m0 has been chosen and an attempt has been made to automatically generate a WCET analysis during compilation.This talk will explain my findings in the project and explain the concept of WCET in general. +: +B:1517736900 +E:1517737800 +S:Asterisk Project: Do I see video in the future? +C:Real Time Communications +L:H.1309 (Van Rijn) +D:Haven't heard about what's new in the world of Asterisk or missed Astricon this last year? This is your opportunity to get filled in on what's happening and try to figure out how you can utilize new features in Asterisk in your network. Plan is to cover what's happened since the last major release of Asterisk and cover what will be going into the next one. +: +B:1517737200 +E:1517738100 +S:Adding performance counters to htop +C:Lightning Talks +L:H.2215 (Ferrer) +D:Typical userspace process monitoring tools usually show some general metrics like CPU% usage, Memory%, CPU time and so on, which have been around for a long time. In this lightning talk, I will discuss some other performance measurements available in modern systems, like hardware performance counters, and talk about their inclusion in htop, in hopes that these powerful metrics will reach a wider audience. +: +B:1517737200 +E:1517738700 +S:MySQL 8.0 Roles +C:MySQL and Friends +L:H.1308 (Rolin) +D:MySQL 8.0 introduced roles: a new security and administrative feature that allows DBAs to simplify user management and increases security of multi-user environments. The syntax for roles requires some adaptation. This talk will guide users through the intricacies of the new feature. +: +B:1517737500 +E:1517739300 +S:Efficient implementation of a spectrum scanner on a software-defined radio platform +C:Software Defined Radio +L:AW1.120 +D:One of the important tasks of national regulators is to detect abusive usage of the radio-frequency (RF) spectrum. This talk presents the implementation of an opportunistic spectrum scanner on a software-defined radio platform, whose aim is to continuously scan the RF spectrum and to detect whether any signals are present. The implementation is done on a USRP-N210 software-defined radio, a popular and cheap model. One major bottleneck of USRP-based implementations is the limited CPU computation power, which does not allow to process RF signals at high sample rates continuously. In the proposed implementation, most computation is done on the USRP FPGA, such that the host CPU is relieved and is only used to store data and coordinate the scanning. We present the details of the FPGA and the software architecture, as well as some experimental results that show the efficiency of the proposed spectrum scanner. +: +B:1517651400 +E:1517652600 +S:Working in the ODF TC +C:Open Document Editors +L:AW1.120 +D:The talk introduces you to the work of the ODF TC. This includes insights into day-to-day work and also takes into account the developers' relationship to the ODF standard. +: +B:1517651400 +E:1517652900 +S:Italy: the most hacker-friendly country? +C:Community devroom +L:K.4.601 +D:The Digital Transformation Team was born to build the "operating system" of the Italy, a series of fundamental components on top of which they can build simpler and more efficient services for the citizens, the Public Administration and businesses, through innovative digital products. Among the critical infrastructures, there's the way software is developed. Italy is betting hard on open practices, by not only opening the source code of the country, but also turning citizens and hackers into first-class participants of the digital transformation, giving them the power to develop and maintain software which impacts their daily life.To sustain this switch, the Team is building hackerspaces throughout the country, to increase awareness of open practices, and is turning all developers paid with public money into open source contributors. After this talk, you will know how to "hack your government", how to participate in this change (even if you are not Italian!) and how we are working to spread this idea throughout all of Europe. +: +B:1517737800 +E:1517739000 +S:Living on the Edge +C:DNS +L:AW1.121 +D:To improve system security to the next level, the DNS services used by applications at the end-point need recent standards implemented. Currently typical use of DNS by applications is limited to forwarding requests to the system's stub resolver, which in turn simply forwards it to the recursive resolver in the network which does all the heavy lifting; iterate over the authoritatives, secure the lookups with DNSSEC etc.  This first-mile in the DNS eco-system (from application, via stub to the recursive resolver) is completely insecure and exposed. This makes the use of DANE (a secure alternative to the flawed CA based PKIX) impossible and also leaves end-users unprotected to DNS based connection hijacking and very exposed to eavesdropping attacks!To deliver DANE and Privacy to the end-user, we need to address these issues as close to the end-user as possible. The getdns library is a resolver library for applications, providing a versatile stub resolver that takes care of all the difficulties and complexities that arise when these higher security and privacy demands need to be practiced for actual users instead of just networks. +: +B:1517738100 +E:1517739000 +S:Speech-to-Text in Jitsi Meet +C:Real Time Communications +L:H.1309 (Van Rijn) +D:In this talk I want to present my work for GSoC 2016 and 2017, which involved implementing speech-to-text APIs in Jitsi Meet. The goal was to be able to provide real-time subtitles for hearing-impaired as well as a way to deliver a transcript afterwards. +: +B:1517738400 +E:1517739900 +S:Behind the scenes of a FOSS-powered HPC cluster at UCLouvain +C:HPC, Big Data, and Data Science +L:H.1302 (Depage) +D:With the advent of the DevOps and Infrastructure as Code movements, tools have emerged that allow building a complete HPC solution from scratch based only on open source software. At UCLouvain, one of our clusters, and the services on which it depends, is built on a full FOSS stack. From the operating system, to the deployment tools, monitoring, scheduling, and user software installation, everything is built from open source software that inter-operate gracefully. For instance, for deployment/provisioning, we use a combination of Ansible and Salt which we find work perfectly together even if they are often considered to be mutually exclusive.This talk will share our experience with making FOSS software co-operate smoothly and will offer our point of view on choosing the right tool for the right job. It will also present some of the contributions we have made to the open source community. +: +B:1517738400 +E:1517740200 +S:GRASS GIS in the sky +C:Geospatial +L:AW1.126 +D:href="">GRASS GIShas contained remote sensing tools for decades, catering to the needs of users since the first generations of Landsat satellites. In this talk we will present the current efforts of integrating modern data sources and modern approaches into GRASS GIS. Tools exist for pre-processing recent very high resolution images, object-based image analysis (OBIA), Lidar data handling, etc. At the same time, efforts have gone into ensuring the scalability of tools for huge data sets. The presentation will provide a short brief on the general state of GRASS GIS development, go on to an overview of the remote sensing tools available, to end with a use case on how to use GRASS GIS for time series processing in a high performance cluster/grid computing environment. +: +B:1517652000 +E:1517653800 +S:OpenDaylight as a Platform for Network Programmability +C:SDN and NFV +L:H.1301 (Cornil) +D:Software Defined Networking (SDN) may have started as the separation of the control plane and the data plane, but the true power lies in the ability to communicate with the network through well defined interfaces using standard protocols. This session provides a brief intro to SDN in general, and more specifically to OpenDaylight, an open source platform for programmable SDN. Next we dive into network programmability, including why we need it and the role of NETCONF, YANG, and RESTCONF. Then we put the theory into practice as we install OpenDaylight as use it a platform for programming a sample network. +: +B:1517738400 +E:1517739900 +S:A decade of config surgery with Augeas +C:Config Management +L:UA2.114 (Baudoux) +D:Augeas is a configuration editing tool. It parses configuration files intheir native formats and transforms them into a tree. Configuration changesare made by manipulating this tree and saving it back into native configfiles.The tool, and this description, recently turned 10 years old, a milestonethat I will celebrate with a stroll down memory lane, looking at Augeas'original goals and subsequent achievements over the past decade. Over thattime, it has become an important building block for configurationmanagement tools like Puppet and Salt, and is used by tools such as EFF'sLet's Encrypt, OSQuery, and libvirt.I will talk about some of the basic patterns for using Augeas to performsurgery on configuration files, share some tips on how to get the most outof its tree structure, and how to use it to perform idempotent changes. Iwill also talk about a few areas where Augeas can be improved, and whereit's use could be simplified. +: +B:1517652000 +E:1517653800 +S:Packaging C/C++ libraries with Conan +C:Package Management +L:K.3.201 +D:Managing C/C++ dependencies has always been a pain, especially for cross platform projects.Conan is a portable package manager, mainly intended for C/C++, that makes library packaging possible (even pleasant!).After a brief presentation of Conan, I'll show how we're using it to deal with our new C++ project's dependencies. +: +B:1517738400 +E:1517739900 +S:Comparative Law of Licenses and Contracts in the EU and US +C:Legal and Policy Issues +L:UA2.220 (Guillissen) +D:This session will be a panel of lawyers from the US, the UK, and the EU. We will take on the evergreen question "it is a license or a contract," describing how their respective system distinguishes the two. +: +B:1517652000 +E:1517653500 +S:Valgrind register allocator overhaul +C:Debugging tools +L:AW1.121 +D:Register allocator is a key component in Valgrind's VEX subsystem. Superficially it only translates virtual registers to the real ones. But is that really all? What actually happens under the covers, what algorithms are at play here and what are the constraints under which it operates?Last year, a major overhaul of the Valgrind VEX register allocator has been done, resulting in a new version v3 which is now used by Valgrind. In addition to a new design, new register allocation algorithms have been also implemented, producing faster and smaller code. +: +B:1517738400 +E:1517739300 +S:Emitter: Scalable, fast and secure pub/sub in Go +C:Lightning Talks +L:H.2215 (Ferrer) is a real-time messaging service for connecting online devices. It is a scalable, fast and secure pub/sub in Go. +: +B:1517652000 +E:1517655300 +S:Gnucap, and analog and mixed signal simulation +C:CAD and Open Hardware +L:K.4.201 +D:This talk will present an overview of analog(ue) and mixed-signal simulation, with a focus on Gnucap .. the GNU Circuit Analysis Package.I will introduce the basis of simulation, the basic "SPICE" methods (DC, AC, and transient analysis), mixed-signal (event driven) simulations, and "Fast-Spice". Also, some derived methods, including Fourier analysis, Harmonic Balance, and Periodic Steady State will be introduced. Along with this, I will review where the Free simulators (Gnucap, Qucs, NGspice, Xyce) stand.I will also present the plugin based architecture of Gnucap, and how it encourages contributions and fast deployment without sacrificing quality of the base work. +: +B:1517738400 +E:1517740200 +S:... like real computers! +C:Hardware Enablement +L:K.4.401 +D:Installing an operating system on single board computers (SBCs or "Fruit-Pis") is very board specific and requires a lot of hand holding. If at all, standard distributions support only a small number of them explicitly, which leads to a lot of board specific images and distributions. This talk will show how this situation can be improved, to the point where off-the-shelf Linux (or BSD) distributions can be installed on those boards, without those distros knowing about each and every one of them. Key ingredients are standardized firmware interfaces like UEFI, stable device trees and on-board memory like SPI flash.This should make using ARM based SBCs as easy as using (x86) PCs today: like "real computers".On top of this ways to simplify and speed up mainline Linux kernel support are explored. Enabling kernel support for new SoCs usually takes a while, especially if the effort is driven by the community. This delays distribution support, up to a point where a certain SoC or board might become slightly dated when it's finally supported. Using more device tree features and less hardcoded kernel data would reduce the code required to support new SoCs, ideally reaching a point where new SoCs could be at least booted with existing (distribution!) kernels, just by providing the proper device tree blob.This talk describes the idea and gives an example by looking at what can be done on Allwinner SoCs. +: +B:1517738400 +E:1517740200 +S:Running Android on the Mainline Graphics Stack +C:Miscellaneous +L:K.1.105 (La Fontaine) +D:Finally, it is possible to run Android on top of mainline Graphics! The recent addition of DRM Atomic Modesetting and Explicit Synchronization to the kernel paved the way, albeit some changes to the Android userspace were necessary.The Android graphics stack is built on a abstraction layer, thus drm_hwcomposer - a component to connect this abstraction layer to the mainline DRM API - was created. Moreover, changes to MESA and the abstraction layer itself were also needed for a full conversion to mainline.This talk will cover recent developments in the area which enabled Qualcomm, i.MX and Intel based platforms to run Android using the mainline graphics stack +: +B:1517738400 +E:1517739600 +S:So we have free web fonts; now what? +C:Open Source Design +L:K.4.201 +D:The number of free-software fonts has exploded, thanks to CSS webfont services like Google Fonts and Open Font Library. But open fonts have yet to make gains in document-creation systems beyond web pages: print-on-demand publishing, print-on-demand merchandise, eReaders and EPUB generation, games, and bundled with FOSS applications. This talk will look at the obstacles, bottlenecks, and disconnects behind this situation and explain what needs to happen next in order to move forward. +: +B:1517652000 +E:1517653500 +S:Handling media - the RESTful approach +C:Open Media +L:H.1309 (Van Rijn) +D:In Kaltura we use REST API for every external and internal interaction and integration. As online video platform we work with media files combined with textual REST API and we would like to share the lessons learned. +: +B:1517738400 +E:1517741400 +S:Using TPM 2.0 As a Secure Keystore on your Laptop +C:Security and Encryption +L:Janson +D:For decades, all laptops have come with a TPM. Now with Microsoft forcing the transition to the next generation, Linux faces a challenge in that all the previous TPM 1.2 tools don't work with 2.0. Having to create new tools for TPM 2.0 also provides the opportunity to integrate the TPM more closely into our current crypto systems and thus give Linux the advantage of TPM resident and therefore secure private keys. This talks will provide the current state of play in using TPM 2.0 in place of crypto sticks and USB keys for secure key handling; including the algorithm agility of TPM 2.0 which finally provides a support for Elliptic Curve keys which have become the default recently. +: +B:1517652000 +E:1517655000 +S:Python 3: 10 years later +C:Python +L:K.1.105 (La Fontaine) +D:Python 3.0 was released 10 years ago. It's time to look back: analyze the migration from Python 2 to Python 3, see the progress we made on the language, list bugs by cannot be fixed in Python 2 because of the backward compatibility, and discuss if it's time or not to bury Python 2.Python became the defacto language in the scientific world and the favorite programming language as the first language to learn programming. +: +B:1517738400 +E:1517740200 +S:Ring as a free universal distributed communication platform. +C:Decentralised Internet and Privacy +L:H.1301 (Cornil) +D:Ring, a free universal distributed communication platform gets its first stable version in July 2017. This project is based on OpenDHT, which manages communications through a p2p network. In this talk, after a short demonstration, we will describe what is the state of the platform now, what is new since the last FOSDEM, and what will be embedded during the next months. +: +B:1517738400 +E:1517740200 +S:A lion, a head, and a dash of YAML +C:Tool the Docs +L:UD2.119 +D:The Sphinx documentation tool provides tremendous extensibility and theming options; options which are massively underutilized. We demonstrate how you can go about writing your own extensions and themes for Sphinx and ultimately how you treat your docs like code. +: +B:1517738400 +E:1517740800 +S:Perl in the Physics Lab +C:Perl Programming Languages +L:K.4.601 +D:Let's visit our university lab. We work on low-temperature nanophysics and transport spectroscopy, typically measuring current through experimental chip structures. That involves cooling and temperature control, dc voltage sources, multimeters, high-frequency sources, superconducting magnets, and a lot more fun equipment. A desktop computer controls the experiment and records and evaluates data.Some people (like me) want to use Linux, some want to use Windows. Not everyone knows Perl, not everyone has equal programming skills, not everyone knows equally much about the measurement hardware. I'm going to present our solution for this, Lab::Measurement (see also ). We implement a layer structure of Perl modules, all the way from the hardware access and the implementation of device-specific command sets to high level measurement control with live plotting and metadata tracking. Current work focuses on a port of the entire stack to Moose, to simplify and improve the code. +: +B:1517652000 +E:1517655000 +S:Next Generation Internet Initiative +C:Keynotes +L:Janson +D:The new Next Generation Internet initiative could be the first real opportunity to put large scale public funding to work to really fix the internet. With an order of magnitude of hundreds of millions of euro in research, development and engineering effort it can actually be a major step toward reaching the post-Snowden internet we want. NLnet Foundation and Gartner Europe that wrote the strategic vision for the Next Generation Internet initiative will present the work they did in a unique collaboration which sought the expertise of key organisations and communities in the field - like RIPE (the European regional internet registry), GÉANT (research networks), the European assocation of country domain name organisations, ISP associations, the internet exchanges, the open source community (FSFE), the digital civil rights community (EDRi) and Internet Society. So not just the separate communities that operate different 'layers' (or rather slices) of the technology but also what we consider 'ethical guardians' of the internet. +: +B:1517738400 +E:1517741700 +S:Developing Enterprise and Community distributions at the same time, impossible ? +C:Distributions +L:K.3.201 +D:Starting with openSUSE Leap 42.2, a lot of cooperation has been done to bridge gaps between openSUSE and SUSE Linux Enterprise distributions. Things have been improving nicely with openSUSE Leap 42.3.We'll go into details on what this cooperation means for both openSUSE contributors and for SUSE and how we ensure it takes place.We'll share a few statictics, discuss on the new SLE15 development and how is done in harmony with openSUSE Tumbleweed (rolling release). +: +B:1517652000 +E:1517652300 +S:Welcome +C:Ada +L:AW1.125 +D:Welcome to the Ada Developer Room at FOSDEM 2018, which is organized by Ada-Belgium in cooperation with Ada-Europe. +: +B:1517652000 +E:1517653800 +S:Advanced Go debugging with Delve +C:Go +L:H.1308 (Rolin) +D:Learn how to utilize the Delve debugger to dig into and solve complex bugs in your code.Delve is a powerful yet simple open source debugger for the Go programming language. In this talk, I will discuss what makesboth Go and Delve different from other languages / debuggers, and then dive into real world usage. I will begin by introducingthe tool, and showing the basics of how it works. From there I will use specific example problems to show how to use some ofthe most powerful features of Delve to solve even the most complex bugs.This talk will be beneficial to beginners and advanced users alike. +: +B:1517652000 +E:1517655000 +S:Intel GFX CI and IGT +C:Graphics +L:K.4.401 +D:In this talk, we highlight how important automated testing is to sustain the upstream development model of Linux, especially when products are involved. We will then give you a tour of our system, how it integrates with the developer's workflow, what we are working on, and we managed to grow from a couple of thousands tests executed per week to over 4 millions!We will also present the changes we have done to the IGT test suite to become less Intel-specific and serve the needs of multiple drivers. +: +B:1517738400 +E:1517739900 +S:GStreamer & Rust +C:Rust +L:H.2214 +D:GStreamer is a highly versatile, cross-platform, plugin-based multimediaframework that caters to the whole range of multimedia needs. It can be usedbasically everywhere, from embedded devices like phones, TVs or drones todesktop applications or on huge server farms.This talk will focus on how and why Rust looks like the perfect programminglanguage for evolving GStreamer and provide a safer but still performant andeven more productive development environment than C.Both GStreamer application development in Rust, and GStreamer plugindevelopment will be covered. What is possible today already, for whichapplications can Rust be perfectly used already and which parts are stillmissing? How does it feel like to write an application in Rust compared todoing it in C? And how and why would one write GStreamer plugins in Rust toextend the framework and all applications with support for new codecs, filtersor anything else?Afterwards there will be a short outlook into the future of Rust in theGStreamer project itself and for GStreamer application and plugin development. +: +B:1517652000 +E:1517655000 +S:De-mystifying contributing to PostgreSQL +C:PostgreSQL +L:H.1302 (Depage) +D:PostgreSQL is a great community. They are open-minded, friendly, agreeable and so on. You feel like helping them.The problem is you are shy and you look at community people as gods. On top of that you don't want to mess up with their work or bother them with obvious and silly (to them) questions!This conference talk is based on my own true story. I will tell you about how I submitted my very first patch to the community. After some background presentation about how the community works, I will try to answer the following questions:What can I do to help (and you'll see that even without coding you can do a lot!) ?What's a contribution ?What's a patch ? How can I create one?And I hope that sooner or later you'll come and join the community and you'll feel so proud of yourselves! +: +B:1517738400 +E:1517742000 +S:Drive your NAND within Linux +C:Embedded, mobile and automotive +L:UB2.252A (Lameere) +D:NAND flash chips are almost everywhere, sometimes hidden in eMMCs, sometimes they are just parallel NAND chips under the orders of your favorite NAND controller. Each NAND vendor follows its own rules. Each SoC vendor creates his preferred abstraction for interacting with these chips.Handling all of that requires some abstraction, and guess what? That is currently being enhanced in Linux, and that is what this talk is about! +: +B:1517652000 +E:1517653800 +S:The free toolchain for the STM8 +C:Embedded, mobile and automotive +L:UD2.218A +D:The STM8 is STMicroelectronics' current 8-bit microcontroller architecture.In recent years a free toolchain or the STM8 architecture appeared and quickly surpassed the non-free ones.The central part of the toolchain is the Small Device C Compiler (SDCC), which features some optimizations suited to highly irregular architectures such as the STM8The talk introduces all parts of the free toolchain for the STM8 and also discusses remaining gaps. +: +B:1517652000 +E:1517653800 +S:Creating Inclusive Teams in Tech +C:Mozilla +L:UA2.118 (Henriot) +D:In order to retain talent in teams one important thing that has to exist is the feeling of belonging, and that can manifest itself through creating an inclusive atmosphere at work. The world is evolving into a global village. Various tools and products enable collaboration with people across the world. While this is a great thing that we should consider a blessing, the associated exchange of diverse ideas comes with some challenges. Join me to find out some of the key skills that could transform your team into a more inclusive place. +: +B:1517652300 +E:1517655000 +S:NetBSD and Mercurial +C:BSD +L:K.3.401 +D:Migrating from CVS to a modern VCS is challenging for old and large projects. When limitations of older hardware join, the true fun begins.This talk explores some of the issues found while evaluating Mercurial as new VCS for NetBSD and how they got resolved. +: +B:1517738700 +E:1517739900 +S:How to build and run OCI containers +C:Containers +L:UD2.120 (Chavanne) +D:In this talk you can expect to learn what OCI containers are, how to build them and why you may want them. The first part will be a brief introduction to OCI containers followed by the motivation behind our use-case at the OpenStack/Magnum project and the Container Service at CERN. How we leverage OCI containers and why we chose them to offer container infrastructure to our users, meaning running kubernetes, etcd, flanneld, OpenStack-specific daemons, CERN-specific tools, the docker daemon and cri-o.The second part will be a shallow dive on how to run and build OCI containers from scratch and most importantly how to populate the famous config.json file, the heart of the OCI configuration. This part will include examples on how to use docker, runc, rkt, atomic and buildah. +: +B:1517652300 +E:1517654100 +S:GPU resource multiplexing in component based systems +C:Microkernels +L:AW1.126 +D:Through the introduction of new hardware features in recent GPUs it becomes feasible to implement proper isolation between different graphics applications. In this talk we will present a user space GPU multiplexer solution for Intel Gen8+ that takes advantage of those hardware features. It supports the concurrent execution of multiple 3D applications, while still retaining a low code complexity. Furthermore, we will give an holistic overview of the inner workings of a modern graphics stack. +: +B:1517738700 +E:1517740200 +S:Home automation - Not as simple as you think +C:Internet of Things +L:AW1.125 +D:Home automation, like most fields in IoT, appears simple. A few lines of code, a couple of data points, and the job appears done. However, integrating computer code into a human life is not so simple. This talk highlights the personal issues involved in this area of IoT software development, and why the code you develop in the lab is often unsuitable for the home. "Simple" functionality like picking a random song, decreasing the volume, and playing a movie take on hidden complexities, that will be uncovered. +: +B:1517652300 +E:1517655000 +S:An Introduction to Ada for Beginning and Experienced Programmers +C:Ada +L:AW1.125 +D:An overview of the main features of the Ada language, with special emphasis on those features that make it especially attractive for free software development. +: +B:1517652600 +E:1517654400 +S:Improvements around document signatures and encryption +C:Open Document Editors +L:AW1.120 +D: +: +B:1517652600 +E:1517654400 +S:Performance Analysis and Troubleshooting Methodologies for Databases +C:Monitoring and Cloud +L:UD2.120 (Chavanne) +D:Have you heard about USE Method (Utilization - Saturation - Errors), RED (Rate - Errors - Duration) or Golden Signals (Latency - Traffic - Errors - Saturations) ?In this presentation we will talk briefly about these different, but similar “focuses” and discuss how we can apply them to the data infrastructure performance analysis troubleshooting and monitoring.We will use MySQL as example but most of the talk will apply to other database technologies as well. +: +B:1517739000 +E:1517740500 +S:Histogram support in MySQL 8.0 +C:MySQL and Friends +L:H.1308 (Rolin) +D:In MySQL 8.0, you can create histograms over column values. Histograms will improve the selectivity estimates used by the query optimizer, especially for conditions on columns that are not indexed. This presentation will cover the types of histograms you can create, and discuss best practices for using histograms. The presentation will contain many practical examples of how histograms improve query execution plans. +: +B:1517739300 +E:1517742000 +S:Kubernetes load balancing for virtual machines (Pods) +C:Virtualization and IaaS +L:UD2.218A +D:Due to the fact that a Kubernetes cluster is very dynamic and its state changes over time,its initial scheduling decision might turn out to be a sub-optimal one with respect to the cluster's ever-changing state.This brings us to the need of a load balancing/rescheduling mechanism that will work on top of Kubernetes. +: +B:1517652900 +E:1517655600 +S:A slightly different nesting: KVM on Hyper-V +C:Virtualization and IaaS +L:UB2.252A (Lameere) +D:This may come as a surprise but it is already possible to run nested KVM inside Hyper-V VMs (and this includes several instancetypes on Azure). Such workloads, however, may not always perform very well. Some limitations come from x86 architecture and conceptual differencesbetween KVM and Hyper-V, other issues could be dealt with within KVM. In this talk Vitaly will go through different performance bottlenecks ofnested KVM-on-Hyper-V deployments. The presentation will mainly be focused on low-level features: hardware support for nested virtualization,clocksources and clockevents, virtual device drivers. Benchmark data and general thoughts on the usefulness of such deployments won't bemissing too. +: +B:1517739300 +E:1517741700 +S:Geographically distributed Swift clusters +C:Software Defined Storage +L:H.2213 +D:The OpenStack Swift object storage service achieves high availability and durability by replicating object data across multiple object servers. If one disk or object-server fails then its data is always available on other object servers. Swift is able to apply this principle to not just disks and object servers but also independent availability zones and regions. This enables the deployment of so-called Global Clusters which provide a single object namespace spanning multiple geographically dispersed data-centres, each offering independent local access to object data.This talk will describe some of the mechanisms that Swift provides for configuring and optimising Global Clusters. We will briefly describe how Swift's consistent hashing Ring maps objects to object servers and how that mapping algorithm can be configured to distribute copies of each object across data-centres. We will show how Swift's read and write affinity settings can be used to optimise WAN traffic in a Global Cluster. Finally we will discuss some of the challenges we faced when implementing Global Cluster support for erasure coded objects, and how those were overcome by enhancements to the Ring and the erasure coding write path. +: +B:1517739300 +E:1517741100 +S:An optimized GFDM software implementation for low-latency +C:Software Defined Radio +L:AW1.120 +D:We present an open source GFDM implementation in GNU Radio. It is optimized for high throughput and low-latency. Future mobile communication standards in the realm of Industry 4.0 will require low latency waveforms in conjunction with high spectral efficiency. GFDM is a promising candidate to meet these requirements. Having an open source implementation helps researchers to experiment with this waveform early on in the process. +: +B:1517739300 +E:1517740500 - connect community cellular networks using WebRTC and PWA +C:Real Time Communications +L:H.1309 (Van Rijn) +D:How do we in 2017 create a mobile, cross-platform App to connect people in the internet to community GSM networks for calls and texts with a small team and limited time? SayCel and Rhizomatica, together with Altermundi and other individual contributors, have created an open source WebRTC dialer as Progressive Web App and a WebRTC gateway to solve this not so trivial problem. +: +B:1517652900 +E:1517655000 +S:Cypher for Apache Spark +C:Graph Processing +L:H.2214 +D:AbstractGraph pattern matching is one of the most interesting and challenging operations in graph analytics. Query languages like openCypher, implemented in systems like Neo4j, SAP HANA Graph and Redis Graph, allow the intuitive definition of graph patterns including structural and semantic predicates.For now, graph query languages are most prominent in graph database systems such as Neo4j. However, we think that many systems can benefit from having such a language in their toolbox. One of these systems is Apache Spark, which is one of the most popular open source frameworks in the context of distributed processing of large data volumes within complex analytical workloads.To bring the benefits of Cypher from the graph database realm into the world of Big Data, we at Neo4j started developing Cypher for Apache Spark (CAPS). CAPS is primarily focused on graph-powered data integration and graph analytical query workloads within the Spark ecosystem. In addition, CAPS is our testbed for Cypher language extensions as specified in the openCypher project; for example, multiple graphs, graph transformations and construction, and query composition.In our talk, we want to motivate use-cases for CAPS and give an overview of new querying capabilities which we demonstrate using Apache Spark and Apache Zeppelin. Furthermore, we briefly present the internal architecture highlighting the main differences between Neo4j and CAPS. +: +B:1517652900 +E:1517654700 +S:Æ-DIR -- Authorized Entities Directory +C:Identity and Access Management +L:UD2.119 +D:This talk will introduce Æ-DIR, a paranoid identity and access management (IAM) system based on pure OpenLDAP. The talk will detail the data model used for delegated administration and its use e.g. for a strictly authorizing SSH proxy.Furthermore it introduces OATH-LDAP, a OATH-based OTP authentication system with pure LDAP backend and the enrollment process used for secure initializing yubikey tokens.The conclusion of the talk will highlight want else will be done with the data and role model in the near future. +: +B:1517739300 +E:1517740200 +S:DNSSEC for higher performace +C:DNS +L:AW1.121 +D:"Security slows down everything." Or not? This talk will explain how aggressive use of DNSSEC-validated cache (aka RFC 8198) boosts DNS performance, and why signing your own domain can provide higher security and performance at the same time. +: +B:1517653200 +E:1517654700 +S:The OpenJDK Developer Experience +C:Free Java +L:UD2.208 (Decroly) +D:Much has happened in the last year for developers contributing to OpenJDK:- the repositories have been consolidated into a single repository- the run-test make target has been introduced- the JTReg (and jcov, asmtools and jtharness) build have been greatly improved- there is now a binary build of OpenJDK that can be used as --boot-jdk (on Linux x86-64)The situation for HotSpot developers has also improved over the years:- the HotSpot build system was converted to the "new" build system- a proper unit test framework for C++ code (googletest) was added- debug symbols are no longer zipped by default- the JDK and HotSpot JTReg testlibraries were combined into oneThis talk will show how all these changes make the OpenJDK developerexperience a lot smoother. The speakers will also share their personaltips and tricks on how to work even faster on OpenJDK!We also realize that the OpenJDK developer experience is far fromoptimal, and would therefore like this talk to initiate a discussion onwhat could be improved and how people can get involved. +: +B:1517653200 +E:1517654700 +S:Media 101 for Communities +C:Community devroom +L:K.4.601 +D:In a world of constant news cycles, getting the word out about your project seems nearly impossible. You've got a web site, a Twitteranda Diaspora account, and still it seems like no one is showing up at your virtual doorstop. But there is one old-school toolset at your disposal that can help you and your project be recognized for the awesome you know it to be: the media. +: +B:1517739600 +E:1517742000 +S:Compiler-assisted Security Enhancement +C:LLVM Toolchain +L:K.3.401 +D:This talk will be about adding features to LLVM that improve the security of the code.TWe will briefly talk about side channel attacks by focusing on information leakage due to timing behaviour and introduce the concept of 'bit-slicing' as a possible countermeasure against such kind of leakage.We'll then talk about the LADA and the SECURE projects and about my contribution: the addition to LLVM of several tools that can automatically transform sensible regions of the code into 'bit-sliced' format.We will discuss then the benefits and the limits of such transformations. +: +B:1517739600 +E:1517740500 +S:Linux Test Project introduction +C:Lightning Talks +L:H.2215 (Ferrer) +D:Introduction into the Linux Test Project - large kernel+libc testsuite from the upstream maintainer. I would like to sum up shortly where we came from, what is the current status and where we are heading for the future. +: +B:1517653500 +E:1517656200 +S:Piece of cake +C:Testing and automation +L:H.2213 +D:Designing custom hardware, though might seem intimidating at first, can simplify many activities. It solves certain issues, but often raises many others. Paweł will present a fresh open hardware approach at providing remote access (including device flashing, debugging and power management) to embedded devices -href="">MuxPi, successor ofhref="">SD MUXboard (showcased during FOSDEM 2016 and Embedded Linux Conference 2016). +: +B:1517740200 +E:1517742000 +S:Building Decentralised Communities with Matrix +C:Decentralised Internet and Privacy +L:H.1301 (Cornil) +D:Over at we've spent a lot of the last year refining the Matrix protocol for open, secure, decentralised communication to make it more usable for larger scale usage. One of the major recent additions has been the ability to group together sets of users and rooms into 'Communities' - equivalent to Slack Teams or Discord Servers, which give a way for existing projects and communities to give their users a much more focused and friendly environment for decentralised communication with Matrix. In this talk we'll explain how Communities (aka Groups) work, how they're implemented, and how FLOSS projects in particular are using them and other recent features to escape the centralised tyranny of proprietary alternatives! +: +B:1517653800 +E:1517655600 +S:Ligato: a platform for development of cloud-native VNFs +C:SDN and NFV +L:H.1301 (Cornil) +D:The talk will present Ligato - an open source platform for creating cloud-native VNFs. We will give the motivation and background for developing Ligato, describe its the architecture, and provide examples or real-world use cases. We will compare the performance and scale of Ligato-based VNF deployments with performance and scale of VNFs deployed in other environments, such as OpenStack. +: +B:1517653800 +E:1517655300 +S:Rendering of subtitles in HTML5 with imscJS +C:Open Media +L:H.1309 (Van Rijn) +D:The TTML Profile for Internet Media Subtitles and Captions (IMSC) is the most promising candidate for a long awaited harmonized subtitle format for the Web. The open source library imscJS is not only a polyfill to render IMSC subtitles in the browser: as an open reference implementation it is a blueprint how to integrate IMSC subtitles in other open source projects e.g. in video players. The presentation will show how imscJS parses and renders IMSC subtitle files, where imscJS is already used and how the open source ecosystem for subtitles could benefit from it in the future. +: +B:1517653800 +E:1517655600 +S:Testing and Automation in the Era of Containers +C:Go +L:H.1308 (Rolin) +D:As containers and orchestration technologies went from niche to necessary tools to build modern distributed systems, traditional testing is no longer enough. e2e cases represent a great solution, but it's often easier said than done.In this talk, I will share my experience of building a testing framework for distributed systems, revisiting common mistakes, how to avoid them, and showing how to take advantage of the power of Go to make sure our systems behavior match our original expectations, with scalability in mind through automation. +: +B:1517653800 +E:1517655600 +S:Building RT Linux distribution with Yocto +C:Embedded, mobile and automotive +L:UD2.218A +D:The conference will describe how to use PREEMPT_RT and Xenomai with Yocto build system- building image and SDK- developing simple application- testing performances +: +B:1517740200 +E:1517741700 +S:Advocating For FOSS Inside Companies +C:Legal and Policy Issues +L:UA2.220 (Guillissen) +D:Companies who use and contribute to free and open source often haveinternal advocates who make policy decisions, help with toolingrecommendations, and teach others about the importance of free and opensource. Different offices and departments will often have differences inthe ways they are managing using, contributing to, and releasing freeand open source software. +: +B:1517740200 +E:1517742000 +S:GeoPandas: easy, fast and scalable geospatial analysis in Python +C:Geospatial +L:AW1.126 +D:The goal of GeoPandas is to make working with geospatial vector data in python easier. GeoPandas ( extends the pandas data analysis library to work with geographic objects and spatial operations.Pandas is a package for handling and analysing tabular data, and one of the drivers of the popularity of Python for data science. GeoPandas combines the capabilities of pandas and shapely (python interface to the GEOS librabry), providing geospatial operations in pandas and a high-level interface to multiple geometries to shapely. It combines the power of whole ecosystem of geo tools by building upon the capabilities of many other libraries including fiona (reading/writing data with GDAL), pyproj (projections), rtree (spatial index), ... Further, by working together with Dask, it can also be used to perform geospatial analyses in parallel on multiple cores or distributed across a cluster. GeoPandas enables you to easily do operations in python that would otherwise require a spatial database such as PostGIS. +: +B:1517740200 +E:1517741400 +S:State of the rkt container runtime and its Kubernetes integration +C:Containers +L:UD2.120 (Chavanne) +D:This presentation will give an update on the rkt project, what new features were implemented recently and what’s coming up. It will also give an update on the state of the rkt implementation of the Kubernetes Container Runtime Interface (CRI), rktlet. +: +B:1517653800 +E:1517656200 +S:Valgrind's Memcheck tool vs Optimising Compilers +C:Debugging tools +L:AW1.121 +D:The ongoing work to improve the accuracy of definedness tracking in the face of newer more aggressively optimizing compilers. +: +B:1517740200 +E:1517741700 +S:Cockpit: A Linux Sysadmin Session in your Browser +C:Config Management +L:UA2.114 (Baudoux) +D:Cockpit is an open source project that has built the new system admin UI for Linux. It turns Linux server into something discoverable and usable. Its goal is to remove the steep learning curve for Linux deployments. But more than that, it's a real Linux session in a web browser. +: +B:1517740200 +E:1517741700 +S:How DeepLearning can help to improve geospatial DataQuality , an OSM use case. +C:HPC, Big Data, and Data Science +L:H.1302 (Depage) +D:How DeepLearning, and semantic segmentation, can be an efficient way to detect and spot inconsistency in an existing dataset ?OpenStreetMap dataset took as an use case. +: +B:1517740200 +E:1517741700 +S:Introducing rust-av +C:Rust +L:H.2214 +D:Multimedia development is mainly done in C+assembly since speed is important and such combination of languages traditionally gives the best control over the hardware.Rust is considered a mature system language that provides strong warranties about memory access (and more) without sacrificing runtime speed.Multimedia libraries are plagued by classes of bugs that Rust actively prevents at compile time, thus this talk is about leveraging Rust to have a multimedia framework that is nice to use and at the same time more trustworthy. +: +B:1517653800 +E:1517655600 +S:WebExtensions API status after Firefox 57 +C:Mozilla +L:UA2.118 (Henriot) +D:An year ago I done a talk about WebExtensions and how much they are a cool, a year later and after Firefox 57/Quantum what is waiting to devs and users of the most customizable browser?Let's see together what is happened and what is coming to us! +: +B:1517740200 +E:1517741400 +S:Self-host your visual assets with Free Software +C:Open Source Design +L:K.4.201 +D:We are going to introduce Identihub, a self hosted solution for visual asset hosting licensed under the AGPL v3 license and show how to easily make your SVG files convertable for non designers +: +B:1517740200 +E:1517742000 +S:Booting it successfully for the first time with mainline +C:Hardware Enablement +L:K.4.401 +D:While things have gotten a lot better, new hardware bring-up sometimes still feels like pulling teeth. With the right methodology, tools and techniques, a significant amount of time, energy (and sanity) can be saved while enabling a new board to run Linux. In this talk, we'll discuss the phased process involved in new board bring-up and the challenges it can pose, from reviewing initial schematic design to the successful upstreaming of any necessary bootloader and kernel patches. We'll also provide some examples of the process based on a board that was recently made compatible with mainline. +: +B:1517653800 +E:1517655600 +S:The package bazaars and the cathedrals +C:Package Management +L:K.3.201 +D:A distro package environment such as Debian and a language-focused package environment such as npm may seem very similar at first. But underneath, they are very different in their goals, features and approach to create packages and manage dependencies. +: +B:1517740500 +E:1517742000 +S:Melting the Snow +C:DNS +L:AW1.121 +D:Snowshoe spam is a type of spam that is notoriously hard to detect. Anti-abuse vendors estimate that 15% of spam can be classified as snowshoe spam. Differently from regular spam, snowshoe spammers distribute sending of spam over many hosts, in order to evade detection by spam reputation systems (blacklists). To be successful spammers need to appear as legitimate as possible, for example, by adopting email best practices, such as the Sender Policy Framework (SPF). This requires spammers to register and configure legitimate DNS domains.Many previous studies have relied on DNS data to detect spam. However, this often happens based on passive DNS data. This limits detection to domains that have actually been used and have been observed on passive DNS sensors.To overcome this limitation, we take a different approach. We make use of active DNS measurements, covering more than 60% of the global DNS namespace, in combination with machine learning to identify malicious domains crafted for snowshoe spam. Our results show that we are able to detect snowshoe spam domains with a precision of over 93%.More importantly, we are able to detect a significant fraction of the malicious domains up to 100 days earlier than existing blacklists, which suggests our method can give us a time advantage in the fight against spam. In addition to testing the efficacy of our approach in comparison to existing blacklists, we validated our approach over a 3-month period in an actual mail filter system at a major Dutch network operator. Not only did this demonstrate that our approach works in practice, the operator has actually decided to deploy our method in production, based on the results obtained. +: +B:1517740500 +E:1517742000 +S:Mallard, Pintail, and other duck topics +C:Tool the Docs +L:UD2.119 +D:Mallard completely reinvented topic-oriented help for GNOME. Learn about Mallard's unique topic organization system. Discover Ducktype, a lightweight but semantic format with all the power of Mallard. And witness Pintail, the all-in-one one documentation site builder built from the ecosystem of Mallard tools. +: +B:1517740800 +E:1517743200 +S:Testing for testing +C:Perl Programming Languages +L:K.4.601 +D:"Although I have been using GitHub for assignment submission for a long time, it has been only this year, when after being fired from the Free Software Office of the university of Granada I lost the class assistant, when I felt the dire need to do some automatic checks on the assignments the students of a cloud computing class turned it.This was not only running some tests on the code; since the students have total freedom on the language and other aspects of their project, it had to check things that went from the presence of some files to the use of GitHub issues for organization of the tasks.This was eventually solved with a Perl script that tested every pull request made by students. And this has had a number of interesting and mostly positive side effects on the student behavior and performance, which will be examined and presented in this presentation, where I will do no theater and dress with a single tee. Promised.Take home message is one that I have trying to drive home since the beginning, when I was talking about how Perl saved a conference I was organizing: Perl is an incredible tool for automating simple tasks that nobody thought could actually be automated; and automating things has many implications for the automator and the automatees; so Perl and daily life are always interesting and winning combinations. +: +B:1517740800 +E:1517742000 +S:Kids and Schools and Instant Messaging +C:Real Time Communications +L:H.1309 (Van Rijn) +D:We want to discuss experiences, issues, and ideas concerning the use of free/open IM services among children and in education. +: +B:1517740800 +E:1517741700 +S:LizardFS and OpenNebula, a petabyte cloud the simple way +C:Lightning Talks +L:H.2215 (Ferrer) +D:A demonstration of the new Open Nebula connector to LizardFS on a PB Filesystem. +: +B:1517654400 +E:1517655600 +S:Documentation convergence project for LibreOffice +C:Open Document Editors +L:AW1.120 +D:LibreOffice like other office suites, is a sophisticated, ubiquitous and complex end-user application, that demands good documentation to continue its strive. The current situation for LibreOffice documentation is that producing contents is still a lenghty and hard task, often requiring rework depending on different sort of publiccation needed. In this presentation, we will summarize the efforts done so far within the LibreOffice ecosystem and make the point on the need for a different approach to make the LibreOffice documentation an element of communty gathering and contribution, extending the range of the quality of the software. +: +B:1517740800 +E:1517742300 +S:Let's talk database optimizers +C:MySQL and Friends +L:H.1308 (Rolin) +D:Whenever you write a SQL query, the database query optimizer tries to find the best possible plan to retrieve your data. The question is, what can it do and how does it do it? In this talk we will look at recent developments in query optimizers from the major database providers. With a focus on the MySQL world, we will be looking at ways to "help" the query optimizer to come up with better plans. +: +B:1517741100 +E:1517742600 +S:Mirai and Computer Vision +C:Internet of Things +L:AW1.125 +D:In this demonstrative session we learn the ropes of IoT nodes with computer vision. We develop a web camera application, consider security, and store or forward data for image processing. +: +B:1517654700 +E:1517656500 +S:Hurd's PCI arbiter +C:Microkernels +L:AW1.126 +D:One of Hurd's goals is to isolate hardware drivers, to provide flexibility and safety, by isolating drivers' possibly erratic behavior, delegating driving hardware to unprivileged users, etc.We are thus currently working on a PCI arbiter, which allows to let different userland drivers access PCI devices concurrently, while paving the way for fine-grain per-user, per-session, etc. permission management over PCI access, the use of IOMMUs allowing to do that very safely. +: +B:1517741100 +E:1517742600 +S:DLR-CAFE: CUDA Filterbank Updates +C:Software Defined Radio +L:AW1.120 +D:This talk is aimed at giving an update on my efforts to open source my CUDA Polyphase Filterbank library DLR-CAFE, the Satellite Networks Department Coprocessor Accelerated Filterbank Extension Library, developed at the German Aerospace Centre (DLR). It will contain a short introduction to the newest addition to the library, a Polyphase Filterbank Arbitrary Resampler. Following this, I will give a brief update on my progress to release the library into the Open Source wilderness. +: +B:1517655000 +E:1517656500 +S:Opening the Oracle JDK +C:Free Java +L:UD2.208 (Decroly) +D:We are going to open-source all of the features in theOracle JDK. There will be zero differences between theOpenJDK and the Oracle JDK.Mark Cavage, JavaOne keynote October 2017This announcement by Mark got a big round of applause, but what does it actually mean? What are the commercial features and when will they be available? I'll talk through some of them, focusing mainly on those which are interesting and/or likely to be released soon. +: +B:1517655000 +E:1517656800 +S:freeIPA installation using Ansible +C:Identity and Access Management +L:UD2.119 +D:The talk will describe freeIPA client and server installations using anisble-freeipa with examples.The client installation and configuration using ansible-freeipa provides some simplifications and extensions of the normal installation process like for example the possibility to install several clients, a simple use of one time passwords, enhanced server discovery and also the repair mode.The server installation and configruation part is currently work in progress, but should be complete for the talk. +: +B:1517655000 +E:1517656800 +S:Monitoring Legacy Java Applications with Prometheus +C:Monitoring and Cloud +L:UD2.120 (Chavanne) +D:Prometheus is often associated with modern architectures, cloud-native applications, and dynamic container platforms. While new applications can be designed to integrate well with cloud infrastructure and monitoring, most organisations also have to operate legacy applications that do not fit well into these environments.This talk shows how to monitor legacy Java applications with Prometheus. The goal is to have Prometheus as a central monitoring tool that integrates both, modern cloud-native applications as well as legacy Java EE applications. +: +B:1517655000 +E:1517656500 +S:Software Philanthropy for Everyone +C:Community devroom +L:K.4.601 +D:All large companies use free and open source software. Many of them contribute to free and open source software, and some of them publish their own free and open source software. All of this is good, and should be encouraged to continue.In addition to that, though, many large companies have philanthropic arms; charitable foundations either operated by the company or closely aligned with the company, and primarily funded by the company. These foundations generally have focus areas, which include almost every conceivable charitable cause except... free and open source software!This presentation will talk about Bloomberg's journey to add software philanthropy to its global charitable contributions, including the mundane aspects of running volunteer coding events, soliciting mentors/leaders to participate, organizing employee (and non-employee) participation, and others, but also how this type of philanthropy can be included in 'employee giving' and similar programs. Anyone who runs an Open Source Program Office, or similar group, within a company that also has a philanthropic arm should consider including free and open source software contributions in their plans, and this talk will help you get started. +: +B:1517655300 +E:1517658300 +S:ARB_gl_spirv: bringing SPIR-V to Mesa OpenGL +C:Graphics +L:K.4.401 +D:arbglspirv: bringing SPIR-V to Mesa OpenGLSince OpenGL 2.0, released more than 10 years ago, OpenGL has beenusing OpenGL Shading Language (GLSL) as a shading language. WhenKhronos published the first release of Vulkan, almost 2 years ago,shaders used a binary format, called SPIR-V, originally developedfor use with OpenCL.That means that the two major public 3D graphics API were usingdifferent shading languages, making porting from one to the other morecomplicated. Since then there were efforts to allow making thiseasier.On July 2016, the extension ARBglspirv was approved by Khronos,that allows a SPIR-V module to be specified as containing aprogrammable shader stage, rather than using GLSL, whatever the sourcelanguage was used to create the SPIR-V module. This extension is nowpart of OpenGL 4.6 core, making it mandatory for any driver that wantsto support this version.This talk introduces the extension, what advantages provides, andexplain how it was implemented for the Mesa driver. +: +B:1517741700 +E:1517742300 +S:Turning physical systems into containers +C:Containers +L:UD2.120 (Chavanne) +D:System containers such as those that LXD can run are effectively Linux systems but without a Linux kernel.So wouldn't it be nice to just be able to take an existing physical system or virtual machine and transfer it over the network to a LXD host, then boot it as a container without needing any manual transfer process?This is what I'll be demoing in this short talk, using a small piece of software that uses the LXD migration API to stream a system over the network to a remote LXD server, turning it into a container. +: +B:1517655300 +E:1517657400 +S:BSD from scratch - from source to OS with ease on NetBSD +C:BSD +L:K.3.401 +D:NetBSD has had support for cross compilation for some time now.This talk covers the features and changes in NetBSD enabling anew comer to set out from obtaining a copy of the NetBSD source code and pkgsrc tobuilding an OS &amp; Firmware for an ARM board from scratch on an operating systemof their choice. +: +B:1517742000 +E:1517745600 +S:LibreOffice Exam Session 1 +C:Certification +L:UB2.147 +D:LibreOffice Certifications are designed to recognize professionals in the areas of development, migrations and trainings who have the technical capabilities and the real-world experience to provide value added services to enterprises and organizations deploying LibreOffice on a large number of PCs. +: +B:1517655600 +E:1517656500 +S:Easy GnuPG +C:Lightning Talks +L:H.2215 (Ferrer) +D:There are scads of options presented by GnuPG, which are all part of making it the flexible and powerful an encryption framework that it is. But it's extremely complicated to get started with, and that quite reasonably puts people off.EasyGnuPGis a wrapper script that tries to simplify the process of using GnuPG. In order to simplify things, it is opinionated about the "right" way to use GnuPG. +: +B:1517742000 +E:1517743500 +S:A Usability Survey of Free Software Licenses +C:Legal and Policy Issues +L:UA2.220 (Guillissen) +D:We want software creators to use FOSS licenses. We also know people make mistakes in the process, or don't even try because they've heard it's "too complicated." Just like with software, we would do well to study these failures and use them as opportunities to improve the usability of our licenses. This talk aims to start that process by identifying known problems and considering some possible solutions. +: +B:1517742000 +E:1517744700 +S:Device Assignment for VMs in Kubernetes +C:Virtualization and IaaS +L:UD2.218A +D:Assigning a host device to a VM is commonly supported task by virtualizationmanagement software. Because of performance requirements of modern workloads,the same could be said for container orchestration tools. But it is not thesame assignment - as VM and containers have varying degree of isolation, it isdone at different system layers. How could we bring device assignment toinfrastructure that handles both VMs and containers, such as KubeVirt?The talk aims to* introduce KubeVirt, a Kubernetes add-on to manage virtual machines,* give overview of device assignment in Kubernetes and in VM management software oVirt,* present an idea of combining these two. +: +B:1517655600 +E:1517657400 +S:Networking-VPP +C:SDN and NFV +L:H.1301 (Cornil) +D:Goal of this presentation is to explain what is and how it is integrated with OpenStack neutron. +: +B:1517742000 +E:1517743800 +S:Open source Big Geospatial Data analytics +C:Geospatial +L:AW1.126 +D:Big Spatial Data technology based on geospatial attributes for the Cloud is relatively new to the developer community and organisational ecosystem. To find the latest proven software one has to look across the Atlantic Ocean, where a suite of specialised open spatial solutions is emerging. For us in Europe this creates opportunities to innovate traditional mapping services into higher value added business information provision.Meet the innovative projects from across The Big Pond such as GeoGig (versioning/data history), GeoMesa (database) and GeoWave (distributed storage). Building upon Hadoop, Spark and Cassandra we are able to integrate the latest technology for robust and affordable geospatial solutions, to deploy Big Spatial Data answers to Big Data challenges. +: +B:1517655600 +E:1517657700 +S:The Computer Science behind a modern distributed data store +C:Graph Processing +L:H.2214 +D:What we see in the modern data store world is a race between different approaches to achieve a distributed and resilient storage of data. Most applications need a stateful layer which holds the data. There are at least three necessary ingredients which are everything else than trivial to combine and of course even more challenging when heading for an acceptable performance.Over the past years there has been significant progress in respect in both the science and practical implementations of such data stores. In his talk Max Neunhoeffer will introduce the audience to some of the needed ingredients, address the difficulties of their interplay and show four modern approaches of distributed open-source data stores. +: +B:1517742000 +E:1517742900 +S:GrimoireLab: free software for software development analytics +C:Lightning Talks +L:H.2215 (Ferrer) +D:The talk will explain how to analyze software development withhref="">GrimoireLab. It will show with simple code how easy it is to retrieve data from git, Bugzilla, GitHub, mailing lists, StackOverflow, Gerrit, IRC, Slack, and many other repositories. Then, with the same toolkit, the data will be organized in ElasticSearch indexes, visualized in actionable dashboards, and summarized in reports. Some advanced analysis will also be presented on how to exploit the data using Python/Pandas and IPython/Jupyter Notebooks. The talk will be complemented with interesting insights on real FOSS projects. +: +B:1517655600 +E:1517659200 +S:A tour with Firefox' developer tools +C:Mozilla +L:UA2.118 (Henriot) +D:A lot happened in Firefox' devtools this year. Follow along with us for a tour of what changed this year, and how you can help ! +: +B:1517655600 +E:1517656800 +S:Anatomy of the OpenOffice localization process +C:Open Document Editors +L:AW1.120 +D:Even a simple typo correction has to travel a long journey from the OpenOffice User Interface to the source code, to the translation team and all the way back into the new release. We will explore the involved process, tools and how the process can be streamlined. +: +B:1517655600 +E:1517657100 +S:An update on VLC and the VideoLAN community +C:Open Media +L:H.1309 (Van Rijn) +D:This talk will present some updates on the VideoLAN community and on VLC. +: +B:1517742000 +E:1517743800 +S:O’PAVES: An open platform for autonomous vehicle tinkerers +C:Embedded, mobile and automotive +L:UB2.252A (Lameere) +D:O’PAVES (Open Platform for Autonomous VEhicle Systems) aims at providing an open source and open hardware platform for the prototyping and development of autonomous vehicles. In the current state of the project, what we have is a remote controlled car, but with sensors that you would find on an autonomous vehicle such as IMU and distance sensors. The goal is not necessarily to implement the autonomous feature ourselves, but to allow users to do it by either modify the firmware or add and external computer such as a Raspberry Pi or OpenMV to to add autonomous driving features.The hardware is open and was designed with FOSS tools such as Kicad and FreeCAD. It’s made of a PCB that act as the frame of the car, 3D printed parts, off the shelf parts from (battery, motors, sensors) and and Crazyflie 2.0 nano drone. The drone (without its motors) is connected to the O’PAVES board using an extension port. This solution makes the platform easy to build because most of the very small electronic assembly is already done on the drone. The software is developed in Ada and also only uses FOSS tools like the GNAT compiler or the AdaDriversLibrary. The project is hosted on GitHub: this 25 minutes talk I want to present the state of the project, explain how you can build and hack the platform and show some of the tools and techniques that we used to develop the project. I will bring one of the prototype with me and at least show a video demo if not a live demo. +: +B:1517655600 +E:1517657100 +S:Tutorial: my first FPGA design +C:CAD and Open Hardware +L:K.4.201 +D:You have no hardware knowledge and want to know how people design chips ? You are a software guy, having heard of VHDL or Verilog but never used it ? In this 25 min tutorial, you will learn the basis of hardware design and how to write a simple FPGA design using only FOSS tools. (This tutorial is not about PCB design, but reprogrammable chips design)This is the same talk as the one of FOSDEM'17. As the room was full, some people were not able to attend so I propose to do it again. +: +B:1517655600 +E:1517658600 +S:Unix Architecture Evolution from the 1970 PDP-7 to the 2017 FreeBSD +C:History +L:Janson +D:Based on ahref="">GitHub repositoryrecording the history of the Unix code from 1970 until today, we look at the most significant elements and milestones of the system's architectural evolution and the lessons we can learn from it. +: +B:1517655600 +E:1517659200 +S:How to keep your embedded Linux up and running? +C:Embedded, mobile and automotive +L:UD2.218A +D:Userspace software is imperfect and we all know about this.Running it for 5 minutes seems to be easy but what about days or weeks?This problem already gave server guys a lot of sleepless nights.Nowadays also IoT and embedded Linux world is facing very the same problem.Unfortunately solutions known from server world (Nagios and friends) usually cannot be directly applied. +: +B:1517742000 +E:1517745000 +S:Re-structuring a giant, ancient code-base for new platforms +C:Miscellaneous +L:K.1.105 (La Fontaine) +D:Come and hear how LibreOffice is meeting the challenges of new platforms both hardware and software, adapting to new constraints &amp; shining. +: +B:1517742000 +E:1517744400 +S:Container Attached Storage (CAS) with OpenEBS +C:Software Defined Storage +L:H.2213 +D:The OpenEBS project has taken a different approach to storage when it comes to containers. Instead of using existing storage systems and making them work with containers; what if you were to redesign something from scratch using the same paradigms used in the container world? This resulted in the effort of containerizing the storage controller. Also, as applications that consume storage are changing over, do we need a scale-out distributed storage systems? +: +B:1517742000 +E:1517743500 +S:Terraform is maturing +C:Config Management +L:UA2.114 (Baudoux) +D:Terraform seems to be the configuration management of the cloud: a tool that allows us to define our infrastructure as code so it becomes automatable and testable. It suffers from a bunch of issues though. These issues have been encountered and solved before in other tools like puppet, but the story very much resembles that one. This session will draw some parallels between early puppet and early terraform days and explain what we can do to make these changes in a better way. +: +B:1517742000 +E:1517743800 +S:SITL bringup with the IIO framework +C:Hardware Enablement +L:K.4.401 +D:This talk aims at an introduction to using the Industrial IO(IIO) framework to initialize sensors and acquire data to feed to a Software in the Loop(SITL) interface of drone software such as iNav/Cleanflight. Most flight controller boards are based on low power ARM microcontrollers and the flight controller software is not usually based on Linux. However, with the availability of increasingly powerful boards with onboard sensors and multicore processors, using a Linux based flight controller software can be used to our advantage. Experimenting with onboard devices and scheduling algorithms can lead to interesting applications with minimal porting overhead to new architectures. +: +B:1517655600 +E:1517658300 +S:Will it blend? +C:Virtualization and IaaS +L:UB2.252A (Lameere) +D:This talk should explain the internal mechanisms and differences between three schedulers that are currently used to plan workload placements in today’s datacenters and clusters. +: +B:1517742000 +E:1517745000 +S:Data integrity protection with cryptsetup tools +C:Security and Encryption +L:Janson +D:The talk describes the architecture of data integrity protection with cryptsetup on Linux systems and the following steps that need to be achieved to have encrypted block-level authenticated storage. +: +B:1517655600 +E:1517658600 +S:Surviving in an Open Source Niche: the Pythran case +C:Python +L:K.1.105 (La Fontaine) +D:Pythran is an open source compiler for scientific kernels written in Python.Its goal is to turn scientific kernels written in Python into native modules that runs much faster, take advantage of SIMD instruction units, multi-cores, get rid of the GILwithoutsacrifying high-level programing. As such it understands a strict subset of the Python language, keeping 100% backward compatibiliy with the original language.Looks cool? It is. But the target niche is small (high performance computing in Python and several great tools already exist (Cython, Numba).How have Pythran survived in the OSS jungle for 6 years while gathering a small but living community? +: +B:1517655600 +E:1517658600 +S:PostgreSQL -- A Crash Course +C:PostgreSQL +L:H.1302 (Depage) +D:A crash course to get you up and running with PostgreSQL. We will cover:Installation from binaries and sourceCluster initialization, startup, and session managementBasic configuration - postgresql.conf and pg_hba.confpsql use/hintsSQL syntax and quotingData types +: +B:1517742000 +E:1517743500 +S:Portable graphics abstraction in Rust +C:Rust +L:H.2214 +D:Graphics abstraction is an important part of maturing Rust ecosystem. gfx-rs has been the basis of many graphics applications since 2013, but as of this year it undergoes a total rewrite with the new vision, set of goals, and talented contributors. In this talk, I want to explain what this means to existing users, Mozilla, and the world.Intended audience: people interested in Rust ecosystem foundational libraries, graphics and game development, Vulkan. +: +B:1517742000 +E:1517743800 +S:The emPeerTube strikes back +C:Decentralised Internet and Privacy +L:H.1301 (Cornil) +D:Presentation of PeerTube, a decentralized video streaming platform using P2P (BitTorrent) directly in the web browser and ActivityPub to federate servers.Attended audience is technical people, or decentralization enthousiasts. +: +B:1517655600 +E:1517657400 +S:Networking deepdive +C:Go +L:H.1308 (Rolin) +D:In this talk we'll discuss networking in Go. We start off with a review of the stdlib net package and its sub-packages and then walk through common use cases, patterns and challenges. In the second part we focus on best practices using the stdlib and community-provided frameworks such as gorilla/websocket and gRPC. +: +B:1517655600 +E:1517657400 +S:Open Build Service in Debian +C:Package Management +L:K.3.201 +D:It is impressive how much time and resources a team can save by using the OBS to manages their packages creation and distribution. OBS is a generic system to build and distribute packages from sources in an automatic, consistent and reproducible way.Andrew Lee will cover the benefits of using OBS, explain some of it features and workflow for all your packaging and releasing needs, like automatically build package from scratch on multiple target distros and architectures, easy access through QA to the developer's repo to generate new images with the changes for testing before integration into the production repo, vcs-like workflow as branch code, send merge requests and review submissions and flexible to connect additional resources to empower the backend worker(builders) even with different architectures. At the end tips on how to setup and optimize OBS will be provided. +: +B:1517742000 +E:1517742600 +S:Modules v4 +C:HPC, Big Data, and Data Science +L:H.1302 (Depage) +D:Typically users initialize their shell environment when they log in a system by setting environment information for every application they will reference during the session. The Modules project, also referred asEnvironment Modules, provides a shell command namedmodulethat simplifies shell initialization and lets users easily modify their environment during the session with configuration files called modulefiles.The Modules project has a long history as its development was started in 1991. At that time, the concept of themodulecommand was laid down to dynamically and atomically enable environment configurations during a shell session. Since then, this concept has become a standard practice, especially among the scientific community where people share same computing resources but all have a specific software and version requirement.After an almost 5-year release hiatus, Modules with its version 4 is back into the environment management game. The intend is to further improve the modulefile standard and the module command capabilities, with proven concepts applied to similar fields like software package management.After briefly explaining the root concept behind the module command, this talk will cover the major changes between versions 3.2 and 4 at both software and project level. Then focus will be put on some of the recent or upcoming new features:* virtual modulefiles* extend the module command at your site* sharing code across different modulefiles* dependencies management between modulefiles* new ways to query or change the environment stateThe audience for this talk is anyone who is interested in user environment management. From the system administrator, who has to provide access to a software catalog, to the end-user of shared computing system, who need to juggle with different workloads combining software elements. +: +B:1517742000 +E:1517743200 +S:Our Open Source Design collective +C:Open Source Design +L:K.4.201 +D:For everyone who doesn’t know what exactly we do, this is a short intro to our collective: We work to raise the profile of good design in open source software, and connect developers &amp; designers to make it happen.We run an Open Source Design community forum, organize design tracks at well-known events like FOSDEM (hello ;), FOSSASIA and OpenTechSummit, have a job board to get designers involved, provide open design resources to developers &amp; designers, and more.We will also take our GROUP PHOTO during this session! :) +: +B:1517655600 +E:1517658600 +S:Making the Ada_Drivers_Library: Embedded Programming with Ada +C:Ada +L:AW1.125 +D:The Ada programming language was designed for embedded programming and it is well known in the aerospace domains and in general everydomain where failure is not an option. Unfortunately it is not used a lot in the embedded FOSS community.In the past two years, AdaCore worked to promote the use of Ada in the FOSS community, in particular for embedded programming with the "Make with Ada" blog post series, my "Programming is Too Difficult for Humans" interview for the podcase, "Ada Driver Library" blog posts on "ARM Community", or the "Make with Ada" embedded software project competition. +: +B:1517742000 +E:1517745000 +S:Introducing BuildStream +C:Distributions +L:K.3.201 +D:In this talk, I will be introducing our new distribution agnosticbuild tool which we presently use in GNOME for the purpose ofunifying our software build story, allowing us to achive multiplegoals using the same flexible build metadata. I will talk about themotivations behind creating BuildStream, how it has been helping usso far, and how the rich feature set we've created can help softwaredevelopers and integrators. +: +B:1517742300 +E:1517744100 +S:DNS privacy, where are we? +C:DNS +L:AW1.121 +D:The DNS privacy project started in november 2013 at the IETF meetingin Vancouver, following Snowden's revelations. Where are we today? Wehave a problem statement (RFC 7626), standard solutions (QNAMEminimisation, DNS over TLS), running code (such as the getdns library)and actual deployments (such as the Quad9 public resolver). The talkwill examine the current state of the project. It is intended forpeople who have a general knowledge of DNS, but you don't need to bean expert. +: +B:1517742300 +E:1517743800 +S:Finding a home for docs +C:Tool the Docs +L:UD2.119 +D:Where docs are stored can impact open source projects in a variety of ways. This talk will present some options, considerations, and guidelines for making an informed decision when choosing a path for docs in current and future projects. +: +B:1517742300 +E:1517743500 +S:OpenDHT: make your project distributed +C:Real Time Communications +L:H.1309 (Van Rijn) +D:OpenDHT provides an simple way to build distributed software by providing an easy to use but powerful API in C++11 and Python 3. We will present OpenDHT and its possibilities to easily build fully or partially distributed software. We will also present new OpenDHT features and use cases and discuss about future developments. +: +B:1517742300 +E:1517744700 +S:Efficient use of memory by reducing size of AST dumps in cross file analysis by clang static analyzer +C:LLVM Toolchain +L:K.3.401 +D:Clang SA works well with function call within a translation unit. When execution reaches a function implemented in another TU, analyzer skips analysis of called function definition. For handling cross file bugs, the CTU analysis feature was developed (Mostly by Ericsson people)[2]. The CTU model consists of two passes. The first pass dumps AST for all translation unit, creates a function map to corresponding AST. In the second pass when TU external function is reached during the analysis, the location of the definition of that function is looked up in the function definition index and the definition is imported from the containing AST binary into the caller's context using the ASTImporter class. During the analysis, we need to store the dumped ASTs temporarily. For a large code base this can be a problem and we have seen it practically where the code analysis stops due to memory shortage. Not only in CTU analysis but also in general case clang SA analysis reducing size of ASTs can also lead to scaling of clang SA to larger code bases. We are basically using two methods:-1) Using Outlining method[3] on the source code to find out AST that share common factors or sub trees. We throw away those ASTs that won't match any other AST, thereby reducing number of ASTs dumped in memory.2) Tree prunning technique to keep only those parts of tree necessary for cross translation unit analysis and eliminating the rest to decrease the size of tree. Finding necessary part of tree can be done by finding the dependency path from the exploded graph where instructions dependent on the function call/execution will be present. A thing to note here is that prunning of only those branches whose no child is a function call should be done. +: +B:1517742600 +E:1517745000 +S:File access-control per container with Landlock +C:Containers +L:UD2.120 (Chavanne) +D:Linux has multiple access-control systems, including SELinux, AppArmor, Smack or Tomoyo, that can enforce a security policy. However, it may be challenging to create and maintain such a policy per container. Moreover, a dynamically configured and unprivileged access control may better fit to container needs.In this talk, we present a Linux Security Module (LSM) proposal called Landlock, leveraging eBPF to create flexible access-control rules. Landlock can be used as a new security layer, composing with namespaces, cgroups, seccomp and other LSMs, to sandbox applications and containers. We highlight the last Landlock patchset (v8) which brings a new way to restrict access to files. +: +B:1517742600 +E:1517744100 +S:TLS for MySQL at large scale +C:MySQL and Friends +L:H.1308 (Rolin) +D:At the Wikimedia Foundation we aim for perfect privacy of our users. That means not only enforcing TLS (https) between our users and the datacenters but all intermediate steps, including database access.When you are a top 5 website with hundreds of thousand of queries per second and billions of users but a very limited budget, that is not easy, specially for MySQL. This is a description of our experience, including operational and performance pain points, of rolling out encryption. +: +B:1517742600 +E:1517743200 +S:Scale Out and Conquer: Architectural Decisions Behind Distributed In-Memory Systems +C:HPC, Big Data, and Data Science +L:H.1302 (Depage) +D:Distributed platforms, like Apache Ignite, rely on horizontal scalability. More machines in the cluster means greater performance of the application. Do we always get twice the speed after adding the second machine to the farm? Ten times faster after adding ten machines? Is that [always] true? What is the responsibility of the platform? And where do engineers’ responsibilities begin? +: +B:1517742900 +E:1517744700 +S:Physics, Math, and SDR +C:Software Defined Radio +L:AW1.120 +D:This talk is about IQ imbalance, DC offsets, Noise Figure, and Intermodulation Distortion and how to simulate, measure, and, where possible, correct each in GNU Radio. +: +B:1517743200 +E:1517745600 +S:Perl in Computer Music +C:Perl Programming Languages +L:K.4.601 +D:Perl has modules that can be used in many aspects of computer music - that is music generated where somewhere along the line a computer is involved. It can interface with MIDI, sound synthesis, analysis, and various music making tools. The talk will present some ways of using Perl to express a musician's creativity. +: +B:1517743200 +E:1517743800 +S:The Magnificent Modular Mahout +C:HPC, Big Data, and Data Science +L:H.1302 (Depage) +D:Open source big data engines as well as HPC libraries seem to be proliferating at an increasing rate. Technical debt can be incurred with statistical and machine learning algorithms that require a highly specialized knowledge of the algorithm at hand as well as the distributed engine / HPC library which the method has been written against. The Apache Mahout project presents a highly modular stack which introduces levels of abstraction between the mathematical implementation of the algorithm (an R-Like Scala DSL) and the execution of the code. Users are able to interchange Apache Spark, Apache Flink (batch), and H2O distributed engines, as well as ViennaCL for OpenCL on GPU and OpenMP, and CUDA native solvers. Users can also port high level algorithms to new distributed engines or native solvers by defining a handful of BLAS operations. +: +B:1517656800 +E:1517659500 +S:Advanced testing in action on a Java project +C:Testing and automation +L:H.2213 +D:This talk will demonstrate advanced testing practices used by thehref="">XWiki open source project, and using Java, Maven, Docker and Jenkins:Testing forhref="">backward compatibility with Revapiand anhref="">associated strategyTesting for coverage with Jacoco and defining a viable strategy for slowing improving the situationTesting the quality of your tests withhref="">Descartes Mutation testingAutomatically enriching your test suite withhref="">DSpotTesting various configurations withhref="">Docker containers and Jenkins +: +B:1517656800 +E:1517657700 +S:BulletinBoard DHT and wireguard-p2p +C:Lightning Talks +L:H.2215 (Ferrer) +D:A introduction to BulletinBoard, a internet-wide general-purpose distributed-hash-table to store key/value pairs and wireguard-p2p, a tool for setting up WireGuard VPN connections from peer to peer. +: +B:1517743200 +E:1517744100 +S:Perceval: Software Project Data at Your Will +C:Lightning Talks +L:H.2215 (Ferrer) +D:Software development projects, in particular Open Source ones, heavily rely on the use of telematic tools to support, coordinate and promote development activities. Despite their paramount value, project data is scattered on the Internet, making them difficult to retrieve, collect, clean, link and analyze, challenging the achievement of insightful analytics for both practitioners and researchers. This talk presents Perceval, a tool able to perform automatic and incremental data gathering from almost any tool related with contributing to Open Source development (e.g., source code management, issue tracking systems, mailing lists, forums). It hides the technical complexities related to data acquisition and eases the definition of analytics. Perceval is an industry strong free software tool that has been widely used in Bitergia, a company devoted to offer software analytics of open source software projects. +: +B:1517656800 +E:1517659200 +S:gdb tools: duel and @PrettyPrinter +C:Debugging tools +L:AW1.121 +D:This talk will describe two python extensions for gdb: @PrettyPrinter decorator — an easy approach to writing new pretty printers for your data, and DUEL — a high level data exploration language, a very powerful but easy way of examining complex data structures. +: +B:1517656800 +E:1517658300 +S:The Z Garbage Collector - An Introduction +C:Free Java +L:UD2.208 (Decroly) +D:The Z Garbage Collector, also known as ZGC, is a new garbage collectoroptimized for low latency and very large heaps. We've developed ZGCinternally at Oracle so far, but we're now open-sourcing it so as tobroaden the base of both contributors and users. It was recentlyaccepted as an official project under OpenJDK where future developmentwill be happening.This talk will give an overview of how ZGC works, how it scales tomulti-terabyte heaps and how it maintains very low GC pause times. We'llpresent the goals, current status and what to expect going forward.We'll also give a quick primer on how to get started using ZGC on yourworkloads. +: +B:1517656800 +E:1517658600 +S:Antipatterns in OpenOffice Code +C:Open Document Editors +L:AW1.120 +D:Whenever I tried to look through Open Office Code I see the same Issues in Code I see in my consulting work.I would like to go with the Audience through some of the basic Antipatterns of coding. In a presentation I will define those basic Antipatterns.I will give some reasons I have seen in my professional work why they occur and they seem to be true in Open Office, too. In the last phase we will transit into a discussion about how avoid these issues,and how we can reflect on these Issues.My Idea is to have 15 Minutes Presentation and 15 Minuts discussion.Language will be in english, as good as my english is. :) +: +B:1517656800 +E:1517658300 +S:Your Open Source Community Metrics Should be Tracking More than Code +C:Community devroom +L:K.4.601 +D:Metrics, when used wisely, allow you to make informed decisions about how to grow your open source community and how to better assess its health. But your community is about more than code. Who’s joining and leaving? Who's really active and really helpful? Who should you be encouraging? In this presentation, Jeremy will explain why your metrics should track more than just code. Open source ecosystems are really about people, which is why we're creating a Contributor Relationship Management system. +: +B:1517657100 +E:1517658900 +S:Easily Secure Your Front and Back End app with Keycloak +C:Identity and Access Management +L:UD2.119 +D:A presentation of the Open Source IDM server : Keycloak. Some slides to give the big picture followed by a live coding session where we will set up a keycloak server and then secure a front app and some backend ends applications. +: +B:1517743500 +E:1517745000 +S:The IoT botnet wars, Linux devices, and the absence of basic security hardening +C:Internet of Things +L:AW1.125 +D:This talk will cover the ongoing battle being waged is leveraging insecure Linux-based Internet of Things (IoT) devices. BrickerBot is an example of a recent malware strain attacking connected devices and causing them to “brick,” making an electronic device completely useless in a permanent denial-of-service (PDoS) attack.Additionally, the Mirai botnet consisted of connected printers, IP cameras, residential gateways, and baby monitors that flooded DNS servers. Mirai was behind the largest DDoS attack of its kind ever in October 2016, with an estimated throughput of 1.2 terabits per second. It leveraged these enslaved devices to bring down large portions of the internet, including services such as Netflix, GitHub, HBO, Amazon, Reddit, Twitter, and DIRECTV. BrickerBot’s goal appears to counter Mirai’s: Bricking insecure Linux devices so that malware such as Mirai can’t subjugate these devices in another DDoS attack. We will take an in-depth look at the anatomy of the attack.We will then dive into basic some security hardening principles which would have helped protect against many of these attacks. Some of the fundamental security concepts we will cover include:Closing unused open network portsIntrusion detection systemsEnforcing password complexity and policiesRemoving unnecessary servicesFrequent software updates to fix bugs and patch security vulnerabilities +: +B:1517657100 +E:1517660700 +S:Live sculpting a Genode-based operating system +C:Microkernels +L:AW1.126 +D:The talk demonstrates the Genode-based operating system as routinely used by the Genode developers. The starting point is a generic and fairly minimalistic base system, which is then live shaped into different forms using a plain text editor. Along the way, many features of Genode come into play, eventually forming a usable system. +: +B:1517743800 +E:1517745300 +S:Rusty robots +C:Rust +L:H.2214 +D:Are we embedded yet? I'd say yes! In this talk I'll show you how I programmed a self-balancing robot from scratch. I'll cover IO abstractions, motion sensors, motor drivers, filters, control stuff, bare metal multitasking, logging, etc. And I'll explain how some of Rust features made development easier and made the program more correct. +: +B:1517657400 +E:1517658900 +S:Kodi v18 features and improvements +C:Open Media +L:H.1309 (Van Rijn) +D:A short walk through of what we have been doing past year since v17 release and what we are still planning to do. +: +B:1517743800 +E:1517745600 +S:Rapid SPI Device Driver Development over USB +C:Embedded, mobile and automotive +L:UB2.252A (Lameere) +D:On the quest for a cheap and easy way to connect some simple SPI devices to my laptop it was surprising to not find anything suitable available. To connect the SPI device to a Linux laptop over USB in order to develop a SPI kernel driver for it and having a rapid development and test cycle. None of the solutions to access the SPI device over libusb in userspace would work for me. I needed a SPI master controller inside the kernel to work with the variety of devices and kernel subsystems. +: +B:1517743800 +E:1517745300 +S:Breaking with conventional Configuration File Editing +C:Config Management +L:UA2.114 (Baudoux) +D:While on top-level configuration management tools usually have key/value interfaces,in the layer below other techniques are used, such as:Rewriting configuration files with templates (ERB templates, ...)Specify replacements (file_line, Augeas, ...)In this talk, we will discuss a new approach using a key/value interface in every layer of configuration access, implemented in Puppet-Libelektra.Different to other key/value APIs Puppet-Libelektra is independent of the concrete configuration file format, abstracts from the syntax, and supports validation. +: +B:1517743800 +E:1517745600 +S:What's new with FPGA manager +C:Hardware Enablement +L:K.4.401 +D:After a brief overview of the Linux Kernel FPGA manager framework and it's (short) history,we'll look at what's new with the FPGA Manager framework in the Linux Kernel, what's still missing, outlook on how to fix things,and leave some time for discussion. +: +B:1517657400 +E:1517659200 +S:Upspin and a future of the Internet +C:Go +L:H.1308 (Rolin) +D:Upspin is both a protocol and a reference implementation for a global name space for network-accessible files that comes with permissions and end-to-end encryption. With simplicity at its core (the protocol is just 10 methods), it is very versatile and can be a building block for a decentralized Internet +: +B:1517743800 +E:1517745600 +S:Spatial Support in MySQL 8.0 +C:Geospatial +L:AW1.126 +D:MySQL 8.0 is right around the corner, and the most important new spatial featureis support for geography and ellipsoidal coordinate reference systems(CRSs). The final release is not out yet, but there is a release candidate, sowe know what to expect.In this talk we'll go on a tour of the spatial support in MySQL with a focus onthe new features in 8.0, especially those related to geography and ellipsoidalCRSs.What can MySQL do? Which ellipsoids/CRSs does MySQL support? Can I create myown? Which functions can I use? How does it work? Are there limitations? Thesequestions, and more, will be answered by this talk. +: +B:1517743800 +E:1517745300 +S:Outsourcing Source Code Distribution Requirements +C:Legal and Policy Issues +L:UA2.220 (Guillissen) +D:A well-known obligation in some FOSS licenses is the requirement to provide "complete corresponding source code" (CCSC). After the initial collection and packaging of the CCSC, its provision imposes a burden that may persist for a very long time. Ensuring that the CCSC is always available is not a simple matter, especially considering that the original development team might change structure, people might be replaced or change roles, legal entities may disappear, etc.In this talk we will present the possibility of using Software Heritage, an independent, non-profit third party, in order to outsource CCSC provision. As part of the exploration, we will review the legal obligations in popular copyleft licenses, explain the burden of long-term CCSC hosting, describe the hosting infrastructure in place, and propose a publishing workflow that might help FOSS producers painlessly comply with the licenses. +: +B:1517657400 +E:1517659200 +S:Introduction to Flatpak +C:Package Management +L:K.3.201 +D:Flatpak uses unprivileged Linux containers to install and sandbox desktop apps. It resembles traditional packaging systems like dpkg and RPM in some ways, but is very different in other ways. This talk will introduce Flatpak's model for packaging, how and why it differs from traditional packaging systems, and how Linux operating systems can benefit from having both. +: +B:1517743800 +E:1517745600 +S:Contributopia +C:Decentralised Internet and Privacy +L:H.1301 (Cornil) +D:For the past 3 years, the French non-profit Framasoft has been leading a campaign to "De-google-ify Internet", hosting 32free-libre alternatives to Google (and GAFAM) services, educating users to change their digital habits and creating aFrench network of free-libre and ethical services hosters. In October 2017, Framasoft launched a new campaign: Contributopia. 12 actions over 3 years sharing the same goal: let's create the digital tools to equip the "contributors society" in order to interest them into contributing to free-libre and open-source software. +: +B:1517657400 +E:1517659200 +S:ONAP – A road to network automation +C:SDN and NFV +L:H.1301 (Cornil) +D:ONAP (Open Network Automation Platform) is an open source software platform that delivers capabilities for the design, creation, orchestration, monitoring, and life cycle management ofVirtual Network Functions (VNFs)The carrier-scale Software Defined Networks (SDNs) that contain themHigher-level services that combine the aboveONAP provides for automatic, policy-driven interaction of these functions and services in a dynamic, real-time cloud environment. ONAP is not just a run-time platform; it includes graphical design tools for function/service creation. This talk will introduce ONAP as a whole and walk through a specific use case (vCPE) from design to VNF onboarding and runtime. Eventually, how we can leverage ONAP to enable open/closed loop automation of Virtual Network Functions. +: +B:1517743800 +E:1517745000 +S:Improving GitLab's Navigation and Design System +C:Open Source Design +L:K.4.201 +D:A brief introduction to what GitLab is and what remote working means. How did we improve and ship our revised navigation, plus how are we creating a consistent design language and system. +: +B:1517743800 +E:1517744400 +S:Tools for large-scale collection and analysis of source code repositories +C:HPC, Big Data, and Data Science +L:H.1302 (Depage) +D:There are 10s of millions Git repositories publicly available over the Internet, but what kind of tools would one need to be able to treat all this code as a Big Dataset?I will talk about new and existing OSS tools that were built and used, in order to allow collection and analysis of millions of Git repositories on commodity hardware clusters.Toos: - Babelfish: universal code parser - Engine: library, extending Apache Spark, to query Git repositories - Rovers/Borges: Git repository crawlers written in Go - Siva: optimized storage format - go-git: custom implementation of Git protocol and storage format - CoreOS and K8s clusters for jobs orchestration +: +B:1517743800 +E:1517745000 +S:Open communication in WebVR with Matrix! +C:Real Time Communications +L:H.1309 (Van Rijn) +D:VR/AR has a huge problem: there isn't any standard way to communicate with other people. This talk will demo how Matrix can be used as an open signalling layer for establishing WebRTC voice, video and 3D video calls in WebVR on anything from a Cardboard to a Vive: providing a decentralised communication ecosystem to build an open metaverse! +: +B:1517657400 +E:1517659200 +S:Google’s approach to distributed systems observability for Go +C:Monitoring and Cloud +L:UD2.120 (Chavanne) +D: +: +B:1517657400 +E:1517658900 +S:Graphic design tools for Open Source FPGAs +C:CAD and Open Hardware +L:K.4.201 +D:Nowadays we have low-level tools to control Open Source FPGAs but these are only for experts who know hardware description languages. There is a challenge in making this technology accessible and easy to use by everyone.In this talk I will present the project Apio, a multiplatform cli toolbox, and Icestudio, a high-level visual editor that allows to create and synthesize graphic designs into Open Source FPGAs.Connecting high-level description languages with real hardware implementations enables a lot of new ideas, new research branches, new capabilities. We have begun to explore the surface but there is still a long way to go! +: +B:1517657700 +E:1517660700 +S:pot: another container framework based on jails and ZFS +C:BSD +L:K.3.401 +D:The initial idea of pot was to imitate containers, like docker, but using FreeBSD technologies, like jails and ZFS. The goal was to run several "pots" on my laptop to serve my needs and, at the same time, to learn how to manage them efficiently, especially in term disk usage. Instead of using/extending existing tools, like ezjail or iocage, I decided to reinvent the wheel and to write myself a new tool.After some time, I realized that making pot more generic and available to everyone could be a good idea and that's what I intend to present.I also show some interesting use cases and, hopefully, a live demo. +: +B:1517744400 +E:1517745300 +S:DNS-based discovery for OpenID Connect +C:DNS +L:AW1.121 +D:OpenID Connect is a widely deployed standard to implement single-sign-on in the web. While the existing protocol discovery mechanisms might be well-suited for the current social media login deployment status (that is, a handful of islands of identity providers and Facebook&amp;Google coping with 90%+ of the market share), a better mechanism would be needed for a real federated, distributed environment. +: +B:1517744400 +E:1517745900 +S:Babelfish: a universal code parser for source code analysis +C:Source Code Analysis +L:UD2.119 +D:As the amount of written code increases exponentially, better and more scaling source code analysis tools are required.Babelfish offers a foundation on which these tools can be built.Babelfish aims to be a universal code parser that scales. Native parsers provided by each language ecosystem are used to get a native AST. This AST is then converted to a language-independent format that includes universal annotations for language features, which allows both a generic language-independent analysis and a more detailed language-specific analysis.Language drivers are built on top of containers to allow easy deployment of many different languages in a generic way. An SDK is provided to develop these drivers, providing the annotation language, conversion tools, etc. A server is in charge of handling the different drivers, language detection, scaling the number of running instances, etc. Finally, libraries and clients for different languages are provided to give language analysts the needed foundation to be able to write the code analysis tools they want.In this talk, we want to explain in more detail the architecture and components of Babelfish to reach both language analysists interested in building tools on top of it and potential contributors to the project. +: +B:1517744400 +E:1517745300 +S:Are distributions still relevant? +C:Lightning Talks +L:H.2215 (Ferrer) +D:With flatpaks, snaps, and more - do we even still need distributions? What makes a distribution and how can package maintainers reconcile the fact that they have learned the hard ways of packaging for their distribution with the ease of use of distribution-agnostic packages? +: +B:1517744400 +E:1517745900 +S:MySQL InnoDB Cluster +C:MySQL and Friends +L:H.1308 (Rolin) +D:MySQL InnoDB Cluster provides a built-in High Availability solution for MySQL. It tightly integrates MySQL Server, Group Replication, MySQL Router and MySQL Shell providing an easy-to-use full stack solution for HA.MySQL Shell main goal is to provide a natural interface for all 'DevOps' tasks related to MySQL, by supporting scripting with development and administration APIs. To allow an easy and straightforward configuration and administration of InnoDB Clusters, the Shell provides a scriptable API - the AdminAPI. This API hides the complexity associated with configuring, provisioning and managing everything without sacrificing power, flexibility or security.Join this session to understand the key points of MySQL InnoDB Cluster and to learn how to use the Shell and the AdminAPI to configure and manage InnoDB Clusters. +: +B:1517658000 +E:1517658900 +S:Nakadi Event Broker +C:Lightning Talks +L:H.2215 (Ferrer) +D:Nakadi is an open source event broker, built on top of Kafka-like queues, that provides a REST API for easy integration with microservices. In this talk, we will introduce Nakadi, and demonstrate one of its most important features: timelines. +: +B:1517744400 +E:1517745000 +S:Slurm in Action: Batch Processing for the 21st Century +C:HPC, Big Data, and Data Science +L:H.1302 (Depage) +D:This talk will give an overview over how we use Slurm to schedule the workloads of over 6000 scientists at NERSC, while providing high throughput, ease of use and ultimately user satisfaction.With the emergence of data-intensive applications it was necessary to update the classic scheduling infrastructure to handle things like user defined software stacks (read: containers), data movement and storage provisioning. We did all of this and more through facilities provided by Slurm. In addition to these features we will discuss priority management and quality of service and how that can greatly improve the user experience of computational infrastructures. +: +B:1517744700 +E:1517746200 +S:Debugging A Live Gluster File System Using .meta Directory +C:Software Defined Storage +L:H.2213 +D:Meta is a client side xlator which provide an interface similar to the Linux procfs, for GlusterFS runtime and configuration. The contents are provided using a virtual hidden directory called .meta which is inside the root of GlusterFS mount. +: +B:1517744700 +E:1517745900 +S:Stupid Pluto Tricks +C:Software Defined Radio +L:AW1.120 +D:The ADALM-PLUTO SDR can be used as both a streaming (to GNU Radio device) as well as a standalone SDR, since it includes a single core ARM A9, and runs Linux inside. Although it requires closed source tools (Xilinx), they are zero cost, and with a little time, custom firmware images can be created, allowing the device to be a standalone radio platform.This talk will show a few different things that can be done, including a ADS-B receiver, an instrument to measure Noise Pollution, a stealth RF capture device (to investigate RF), and a cell phone jammer detector. +: +B:1517658300 +E:1517661000 +S:Securing Embedded Systems using Virtualization +C:Virtualization and IaaS +L:UB2.252A (Lameere) +D:Hypervisors were once seen as purely cloud and server technologies, but have slowly seeped into the embedded space providing extra layers of security. This discussion will showcase how companies from security vendors to automotive are using open source hypervisors (particularly Xen Project) to secure embedded systems, what challenges they face and how they have overcome it. We will also explore what this might mean to IoT at large and how to get started in securing your embedded system with a hypervisor-first approach. +: +B:1517744700 +E:1517747400 +S:Automate oVirt Disaster Recovery Solution With Ansible +C:Virtualization and IaaS +L:UD2.218A +D:Even the best system administrator cannot always avoid any and every disaster that may plague his data center, but he should have a contingency plan to recover from one - and an administrator that manages his virtual data centers with oVirt is of course no different.This session will showcase how Ansible can be used to leverage the new APIs introduced in oVirt 4.2 to create a fully-fledged DR strategy. +: +B:1517658300 +E:1517660400 +S:Analzying Blockchain transactions in Apache Spark +C:Graph Processing +L:H.2214 +D:I will show the Blockchain analysis in Jupyter interactive notebook using the external Spark cluster running in Kubernetes, everything dockerized.The talk will briefly describe how Blockchain transactions work, but most of the time would be the demo. In the demo I will show how we can run various queries on the publicly available Blockchain data, graph algorithms such as PageRank for identifying significant BTC addresses and more.Intended audience:* intermediate* analysts* Bitcoin/Altcoin enthusiastsLinks:*** +: +B:1517658600 +E:1517660700 +S:Community Karoke +C:Community devroom +L:K.4.601 +D:We'll do community karaoke using not much but a laptop and the mic in the room. If you have a song you want to karoke, tell us where you can find the music online and come prepared to sing.Those who do not wish to sing or listen are welcome to use this time to go have lunch. +: +B:1517658600 +E:1517660100 +S:A pixel format guide to the galaxy +C:Graphics +L:K.4.401 +D:The Pixel Format Guide is a collection of documents and an accompanying python tool which aim to help people interpret and manipulate the pixel format definitions used by the various graphics APIs and projects. In this talk we will describe the Pixel Format Guide and the capabilities of the accompanying tool, provide examples of how it can be used to automate many tasks involving pixel format definitions and explore future directions. +: +B:1517658600 +E:1517659800 +S:BaseDocumenter +C:Open Document Editors +L:AW1.120 +D:BaseDocumenter will be published (under the GPLV3 license) during the first half of 2018 as an extension/plugin of LibreOffice.The software scans Base applications (tables, queries, forms, scripts, ...) and collects everything useful to support the application designer and to improve the dialog with the end-user.A special focus is set upon impact analysis, i.e. how to cope with design changes and what-if situations. +: +B:1517658600 +E:1517660100 +S:Rubber 'Duke' Debugging +C:Free Java +L:UD2.208 (Decroly) +D:In the spirit of Jon Bentley(not the top geardude), we will take this chance to talk abouteverybody’s favorite pastime...debugging!As programmers, we spend most of our timedebugging. I know I know, most of us never'write' any bugs(it's ALWAYS your peskycolleagues). Still, somebody has to clean itall up.And yet, there's very little literature aboutdebugging. Fewer conference talks still.But that's about to change.This talk will be a collection of real-lifebug micro-mortems. Proving now morethan ever, that for want of a nail, kingdomscan really be lost... +: +B:1517745000 +E:1517747400 +S:LLVM, Rust, and Debugging +C:LLVM Toolchain +L:K.3.401 +D:Debugger support for Rust is good but not great. This talk will discuss the difficulties specific to Rust, and will outline a plan to modify LLVM, LLDB, and the Rust compiler to improve the Rust debugging story. +: +B:1517745300 +E:1517746500 +S:Introduction to LXD clustering +C:Containers +L:UD2.120 (Chavanne) +D:This demo introduces the new LXD clustering feature and show how to scale a single-node deployment to a fault-tolerant multi-node one, sharing information about containers, storage pools and networks in the same database. +: +B:1517745300 +E:1517746500 +S:Scaling messaging systems +C:Real Time Communications +L:H.1309 (Van Rijn) +D:When it comes to messaging servers, scalability is the key and knowing how to fit more users and achieve better latency is the most important trick in your bag. In this talk we’re going to explore different ways of scaling an open source XMPP server - MongooseIM. +: +B:1517659200 +E:1517660700 +S:Funny digital electronics with Open Source FPGAs +C:CAD and Open Hardware +L:K.4.201 +D:Is it possible for non-tech people or even kids to create digital circuits? Thanks to thehref="">Icestorm projectwe all have open source FPGAs. We have develop both Free/libre hardware and software for making it very easy for the non-tech people or kids to start learning and playing with digital circuits. We will show in a demo how thehref="">Icestudioand thehref="">Icezum AlhambraFPGA board works. With very few clicks the digital circuits are synthesized and uploaded into the FPGA. It opens the way for teaching hardware thinking and digital circuits without pain and learning concepts while building circuits +: +B:1517659200 +E:1517660400 +S:Shared Memory Parallelism in Ada: Load Balancing by Work Stealing +C:Ada +L:AW1.125 +D:Tasking in Ada provides an effective tool for shared memory parallelism. For coarse grained regular parallelism, load balancing works with one single job queue. For finer grained and irregular parallelism, work stealing balances the load with multiple job queues. The programming concepts will be illustrated with examples of algorithms in polyhedral geometry. The demonstrated code belongs to the free and open source PHCpack, at +: +B:1517659200 +E:1517662200 +S:The circuit less traveled +C:History +L:Janson +D:Retrocomputing, lost lessons of software design, a quarter of a century of failed progress - and how learning from the past could lead to the next generation of computers. +: +B:1517659200 +E:1517666400 +S:LPI Exam Session 1 +C:Certification +L:UB2.147 +D:LPI offers discounted certification exams at FOSDEM +: +B:1517659200 +E:1517661000 +S:Automating Your Lights with Open Source +C:Embedded, mobile and automotive +L:UD2.218A +D:This presentation will reveal the exact steps for making a low-cost lightning solution that combines open source hardware with free and open source software. It will cover a wide range of topics from designing a printed circuit board with KiCAD to software support and integration with the popular open source home automation platform Home Assistant through the machine-to-machine protocol MQTT.We will review the designing process of open source hardware embedded devices that control 12V RGB LED strips and collect data from I2C sensors for light, temperature, humidity, color and gesture recognition. We will compare and highlight the differences between the software implementation of MQTT client with brightness and color control of the lights using pulse-width modulation (PWM) on embedded Linux through an add-on board for Raspberry Pi and a device powered by the low-cost microcontroller with Wi-Fi ESP8266.The talk will also provide information about open source hardware licenses, KiCAD getting started guidelines, tips for avoiding common hardware pitfalls and mistakes. Furthermore, we will discuss the challenges of prototyping and low-volume hardware manufacturing. The talk is appropriate for anyone interested in combining open source hardware with free and open source software. No previous knowledge is required. The presentation will try to encourage more people to grab the soldering iron and start prototyping entirely open source products. +: +B:1517745600 +E:1517747100 +S:Flatpak and your distribution +C:Distributions +L:K.3.201 +D:Flatpak uses unprivileged Linux containers to install and sandbox desktop apps. Some Linux distributions are getting excited about Flatpak, while others are not so sure yet. This talk aims to describe what Flatpak is good for, how it can help your distribution, and how your distribution can help Flatpak. +: +B:1517745600 +E:1517748600 +S:Inside Monero +C:Security and Encryption +L:Janson +D:While many in the tech industry are familiar with Bitcoin and the many altcoins that have forked off its code base, fewer are aware of Monero. Monero is evolved from CryptoNote, which is a completely independent code base from Bitcoin emphasizing privacy as opposed to Bitcoin's transparent blockchain. Like Bitcoin, Monero is fully open source. The project is driven entirely by volunteers. The Monero team has developed further innovations over the CryptoNote code base making it the most private cryptocurrency ever, and the first in the world with true fungibility. +: +B:1517659200 +E:1517660700 +S:What's new in GStreamer? +C:Open Media +L:H.1309 (Van Rijn) +D:This talk will take a look at what's been happening in the GStreamer multimedia framework as of late and what shiny new features you can expect to land in the near future.It will be fairly high-level and is targeted at both application developers and anyone interested in multimedia on Linux and elsewhere. +: +B:1517745600 +E:1517747100 +S:The Julia programming language +C:HPC, Big Data, and Data Science +L:H.1302 (Depage) +D:The Julia programming language is a high-level language, primarily developed for scientific computing. It uses just-in-time compilation to get a performance level that is comparable to C/C++. It was designed to overcome the “two-language problem”, where a proof-of-concept in a high-level language needs to be translated to a compiled language by specialists to get the required performance. In this talk, the main features of the language will be highlighted from the perspective of a “convert” coming from C++ and with a focus on scientific programming aspects. As an application, arrays and the work on making parts of the Trilinos library available will be discussed. +: +B:1517745600 +E:1517746800 +S:Template toolkit translations +C:Perl Programming Languages +L:K.4.601 +D:Recently, I released Log::Report::Template, which extends Template Toolkit with a simple way to use translations. The (gnu) gettext translation infrastructure, where translations are organized via PO-files, is implemented by various perl modules. They do all extend the original (printf) formatted strings in some way or the other. Log::Report has extended the power of the translatable message ids much further than other modules, also adding features specific for generating HTML. +: +B:1517659200 +E:1517661000 +S:Dep Deep Dive! +C:Go +L:H.1308 (Rolin) +D:This talk dives into, the “official experiment” and precursor to a new approach to dependency management in the go toolchain itself. To help you get the most out of dep, we’ll cover both the essential workflows, and dep’s core design principles. +: +B:1517745600 +E:1517749200 +S:Implementing state-of-the-art U-Boot port, 2018 edition +C:Embedded, mobile and automotive +L:UB2.252A (Lameere) +D:This presentation is a practical guide to implementing U-Boot bootloader port to a new system from scratch. At the beginning, two main pilars of contemporary U-Boot, device tree (DT) support and driver model (DM), are explained. This is followed by an in-depth look at the crucial subsystems, clock, pinmux, serial, block and a few other commonly used ones. Finally, systems with limited resources and multi-stage booting is discussed. The talk includes examples and experiences from platforms recently added to mainline U-Boot. +: +B:1517745600 +E:1517747100 +S:TiKV - building a distributed key-value store with Rust +C:Rust +L:H.2214 +D:It’s not an easy thing to build a modern Key-Value database which supports the distributed transaction, horizontal scalability, etc. But this is exactly what we are doing and we have built such a database from scratch using Rust. The database is named TiKV. In this talk, I will share how we use Rust to build the storage, to support replication across geographically distributed data networks, to implement an RPC framework, to inject failure for tests, and to monitor the key metrics of the whole cluster. +: +B:1517659200 +E:1517661000 +S:Identity governance and data protection with midPoint +C:Identity and Access Management +L:UD2.119 +D:This talk will present new data protection and identity governance capabilities of midPoint. MidPoint is open source identity management (IDM) and identity governance (IGA) system. MidPoint has all the features of a traditional identity management system. However, this talk will focus on data protection and identity governance. We will explain what identity governance is and how it can handle the challenges of data protection legislation such as European GDPR regulation. We will show how to use midPoint to set up identity management and governance policies and how midPoint can be used to maintain them in the long run. The talk will show how to manage data protection, entitlements and security policies in one unified system and how to consistently apply that to employees, students, contractors ... and all other identities in all your systems.This talk is intended for identity administrators, security officers and all security practitioners in general. +: +B:1517659200 +E:1517660100 +S:Connecting the Edge +C:Lightning Talks +L:H.2215 (Ferrer) +D:There are few things in today’s technology landscape that promise to be more transformational than the emergence of an estimated 20 billion IoT edge devices by 2020.One of the well understood impacts of the edge as it emerges is that it will unleash a data tsunami. The evidence is already out there—a connected car can produce up to 5 terabytes of data hourly, an oil and gas drilling rig can produce 7 to 8 terabytes of data daily. Waiting for all of this data to be sent to the cloud and acted upon won’t cut it for many applications in industrial or consumer domains. Even for edge analytical applications, conventional big data architectures that involve forwarding everything to the cloud to be stored and analysed doesn’t make sense—what you likely need are Machine Learning and streaming analytics capabilities at the edge. +: +B:1517659200 +E:1517661000 +S:NFV a' la VDE way +C:SDN and NFV +L:H.1301 (Cornil) +D:vSwitches, vRouter, vGateway can be transparently deployed on thehosts of a LAN using VDE based Networks of Namespaces (NoN).A Network of Namespaces (NoN) interconnects network namespaces running ondifferent hosts as if they were on the same (virtual) Local Area Network. It ispossible to set up and maintain NoN using VLANs, veth, kernel bridgedefinitions,… but it would be a daunting work for system administrators.VXVDE and VXVDEX implement zero-configuration NoN. Starting a namespaceconnected to a NoN it is as simple as typing a command like: “vdens vxvde://“.This new approach is fast (about the same performance figures of VXLAN’s kernelimplementation) and it runs on vanilla Linux kernels.Several protection features can be added to support different usage scenarios:VXVDEX provides NoN with access control, and the agnostic encryption (meta)plugin can protect any kind of VDE implementation from eavesdropping. +: +B:1517745600 +E:1517748000 +S:Linux as an SPI Slave +C:Hardware Enablement +L:K.4.401 +D:The SPI bus connects a master with one or more slave devices. So far, Linux always assumed the master role. In v4.13, Linux finally gained slave support.In this presentation, Geert will talk about adding SPI slave mode support to the existing SPI subsystem, and using a Linux system as an SPI slave. He will show what makes SPI special, and cover possible use cases and limitations of Linux-based SPI slave mode.Finally he will demonstrate how he modified Linux to add support for SPI slave mode. +: +B:1517745600 +E:1517746500 +S:FreeBSD : pkg provides +C:Lightning Talks +L:H.2215 (Ferrer) +D:pkg-provides is a plugin for querying which package provides a particular file,we use this example to introduce peoples to the art of writing plugins to FreeBSD pkg tool. +: +B:1517659200 +E:1517662200 +S:PostgreSQL Replication in 2018 +C:PostgreSQL +L:H.1302 (Depage) +D:The world of PostgreSQL replication has come a long way from the days of manually compiling and installing erServer. The options are new, and there are many of them, directed at solving different problems. This talk takes a look at some of the options available today and tomorrow. +: +B:1517745600 +E:1517747100 +S:Painless Puppet Providers +C:Config Management +L:UA2.114 (Baudoux) +D:Puppet's most powerful extension point is providing "native" types and providers. Ruby fragments that describe how puppet can interact with resources in our systems. This has been part of puppet's core code since the very first days, but adoption has been hampered by the API being tied up deeply into puppet's internals.The new Resource API project provides a coherent, and decoupled way to define new resource types. It is based on Puppet4+ data types, making validation a breeze. The backend provider is a simple ruby class with well-defined API requirements. Together, this makes the new providers easier to read, and write, as well as easier testable.In this talk I'll give an overview of the new API, and how to write providers using it. Basic Ruby and Puppet knowledge recommended. +: +B:1517745600 +E:1517746800 +S:Cultural interpretations of Design and Openness +C:Open Source Design +L:K.4.201 +D:I'm not a designer, but I've lived and worked in 3 different continents with both proprietary and open source software, and find my appreciation and idea of what "good design" is has changed with my experience and exposure. As I moved from software development to community outreach and marketing, I learn more about how design affects every aspect of the product and promotion. To top it off, I've encountered many different understanding of what openness is, especially when related to design. In this presentation I'd like to share some observations and lessons learned, and hope it can help designers, especially open source designers, navigate and negotiate the diversity in cultures and expectations. +: +B:1517745600 +E:1517747400 +S:Distance computation in Boost.Geometry +C:Geospatial +L:AW1.126 +D:What is the shortest distance between two administrative units in a city? How similar are two hurricane trajectories? In the heart of both questions there is distance computation. In this talk we will discuss distance computation in Boost.Geometry, the library that is currently being used to provide GIS support to MySQL.We study and implement several families of algorithms for distance (such as iterative, series approximation, elliptic arc length, flat earth approximation, spherical) and compare them w.r.t. performance and accuracy. One application is a distance function that given a user defined accuracy utilize the most efficient algorithm. Additionally, we examine the effect of those algorithms in distance computation between geometries and in nearest neighbor searching by showing particular examples.We sum up by briefing GSoC'17 results and ideas for GSoC'18 as well as the next steps of development in Boost.Geometry. +: +B:1517659200 +E:1517661000 +S:Package quality assurance +C:Package Management +L:K.3.201 +D:OSSERT is a quality report for every Ruby gem. While developing OSSERT, I thought a lot about the quality of the open-source software. In this talk, I will tell about and discuss more details about what I have learned, some techniques and approaches for assessing the quality of an open source project and how to present those findings to users. +: +B:1517659200 +E:1517662200 +S:Lift your Speed Limits with Cython +C:Python +L:K.1.105 (La Fontaine) +D:The Cython compiler is the most widely used static compiler for Python. It is used to speed up Python code and to extend the CPython runtime with fast native extension modules that process huge amounts of data all around the world. This talk by one of the core developers gives a quick intro into the compiler, the language, and some of its main applications in the Python big-data ecosystem. +: +B:1517745600 +E:1517747100 +S:Peeling onions: understanding and using the Tor network +C:Decentralised Internet and Privacy +L:H.1301 (Cornil) +D:Tor is an important tool providing privacy and anonymity online. The property of anonymity itself is more than just providing an encrypted connection between the source and the destination of a given conversation. There is in fact a lot of information that can be still learned by just observing encrypted communications. Anonymity is a broad concept, and it can mean different things to different groups. The main advertised property of the Tor network is that it provides strong anonymity given a variety of people using the network. The Tor network itself is only a part of what Tor is. Tor also provides privacy at the application level through the Tor Browser. This talk is going to present what Tor is and how it works. We are also going to present new features we have been developing lately. Finally we are going to explain how you can build applications that use Tor. +: +B:1517745600 +E:1517747100 +S:Too young to rock'n'roll (and to contribute) +C:Legal and Policy Issues +L:UA2.220 (Guillissen) +D:Young people obviously are big users of technology. While this carries its own legal questions, wanting children to be creative and maybe contribute to technology is a really difficult topic. Licences, hosting terms of service, contributor agreements - all these legal documents are made by adults, for adults, and minors often struggle to be able to agree them, even with parental consent. We want to look at what the issues are and raise awareness for the importance of contributions by children. +: +B:1517659200 +E:1517661000 +S:Tomorrow's JavaScript Debugger +C:Mozilla +L:UA2.118 (Henriot) +D:These days, Mozilla is rewriting Firefox's devtools using a new and shiny technology stack. Anyone can join easily - the code is on Github, and it's just a matter of 2 commands in your terminal to get a local debugger running!The debugger is universal - it can debug any browser, node and mobile. The feature list is innovative and aimed to be the best debugging experience for React, Angular, Ember, RxJS and more types of apps. In addition, making contribution to the debugger together with top notch developers from all around the world is an exciting experience!By the end of this talk you will have the tools to get into hacking on Firefox's debugger. I will introduce architecture and process of development, and make you feel comfortable to approach a world class open source project, and become a contributor to tomorrow’s JavaScript debugger. +: +B:1517745600 +E:1517748600 +S:OpenADx – xcelerate your Automated Driving development +C:Community +L:K.1.105 (La Fontaine) +D:The Bosch Automated Driving division faces among many the challenge that the toolchain for developing automated driving solutions becomes more complex by every level of automation. Well established tools are not well integrated for the use cases needed and it is easy to detect gaps in the overall toolchain for dedicated tasks. Instead of solving these challenges alone, wasting lots of money on the path, the Bosch division together with partners from the industry but also from other domains builds up a community to solve the toolchain challenge together in the OpenADx initiative. With this the partners expect a substantial saving on toolchain costs but also a better integration within organization and especially at the interfaces between cooperating organizations. This talk will present the approach and the current state of the community. +: +B:1517745900 +E:1517747400 +S:A Guided Tour of Eclipse IoT: 3 Software Stacks for IoT +C:Internet of Things +L:AW1.125 +D:Whether you’re looking at the constrained devices that make for the "things" of the IoT, gateways that connect them to the Internet, or backend servers, there’s a lot that one needs to build for creating end-to-end IoT solutions. In this session, we will look at the typical software features that are specific to IoT, and see what’s available in the open source ecosystem (and more specifically Eclipse IoT) to implement them.A live demo of the Eclipse IoT Open Testbed for Asset Tracking will allow the audience to see some of the projects (such as Eclipse Kura, or Eclipse Kapua) in action. +: +B:1517659500 +E:1517661900 +S:Debug your build by tracing and reversing +C:Debugging tools +L:AW1.121 +D:Can you tell exactly which source files are built into your binaries? Any sufficiently large build feels a bit like magic!Join me to explore how you can debug your build by stracing it and rebuilding a build graph of files and tools transformations. +: +B:1517746200 +E:1517747700 +S:Experiences with testing dev MySQL versions and why it's good for you +C:MySQL and Friends +L:H.1308 (Rolin) +D:This talk describes how we test the development versions of MySQL and why we do it and some of the fun things we've seen during such testing. +: +B:1517746200 +E:1517747700 +S:Migrating code with SmaCC +C:Source Code Analysis +L:UD2.119 +D:SmaCC is a LALR/GLR parser generation framework written in Smalltalk. It has support for creating abstract syntax trees (ASTs) and source code transformations. Several software projects have been migrated to other languages using SmaCC. +: +B:1517659800 +E:1517661600 +S:Observability and the Development Process +C:Monitoring and Cloud +L:UD2.120 (Chavanne) +D:Historically, monitoring has been thought of as an afterthought of the software development cycle: something owned by the ops side of the room. But instead of trying to predict the various ways something might go sideways right before release and crafting dashboards to prepare, what might it look like to use answers about our system to figure out what to build, and how to build it, and whom for?Observability is the practice of understanding the internal state of a system via knowledge of its external outputs -- and is something that should be built into the process of crafting software from the very beginning. +: +B:1517660100 +E:1517661600 +S:Load testing with Locust +C:Testing and automation +L:H.2213 +D:This lightning talk will cover our team's efforts at Bloomberg to run a set of performance tests using Locust, an open source Python-based user load testing tool. The talk will review our motivation for running performance tests, how we set up our testing environment in a distributed fashion so that we can generate a high load, how Locust helps with this, and how to automate this testing process. The talk will also cover how testing can prevent potential risks when releasing new software to your client base. +: +B:1517746500 +E:1517748300 +S:The GNU Radio runtime +C:Software Defined Radio +L:AW1.120 +D:In the last decade the GNU Radio project and its ecosystem has grown a lot. Unfortunately not all parts of the project have got attention equally. A lot of new and missing functionality can be found in so-called Out-of-Tree modules (OOTs).The struggle to add changes to OOTs which are incompatible to the GNU Radio core is real. The GNU Radio runtime needs some fresh ideas so new development with GNU Radio will be possible and rewarding. This presentation will try to give an quick overview about the current structure and inner workings of the GNU Radio runtime and take a dive into how a new runtime can be implemented to make GNU Radio future-proof. +: +B:1517746500 +E:1517748900 +S:Ceph management with openATTIC +C:Software Defined Storage +L:H.2213 +D:openATTIC is an Open Source Management and Monitoring System for the Ceph distributed storage system.Various resources of a Ceph cluster can be managed and monitored via a web-based management interface. It is no longer necessary to be intimately familiar with the inner workings of the individual Ceph components.Any task can be carried out by either using openATTIC’s clean and intuitive web interface or via the openATTIC REST API.openATTIC itself is stateless - it remains in a consistent state even if you make changes to the Ceph cluster's resources using external command-line tools.If you're interested in the dramatic changes and improvements we made since last year and you want to take a look at the newest version of openATTIC, this is the right talk for you. +: +B:1517746800 +E:1517747100 +S:Welcome to the Retrocomputing DevRoom +C:Retrocomputing +L:AW1.121 +D: +: +B:1517746800 +E:1517748000 +S:aiosip: the efficient swiss-army knife of SIP +C:Real Time Communications +L:H.1309 (Van Rijn) +D:In the SIP world, you have mainly B2BUA like (Asterisk, Freeswitch..) and Proxies (Kamailio, OpenSER...)But contrary to the HTTP world, you have few implementations in a pure high-level language like Python, Ruby...With several concrete examples in testing, benchmarking, and call control (uaCSTA), we hope to show the interest to be able to re-use a programming language ecosystem. +: +B:1517746800 +E:1517748000 +S:Releasing to CPAN and GitHub +C:Perl Programming Languages +L:K.4.601 +D:The previous 17 years, I published over 1000 distributions for 65 modules to CPAN. Some modules saw over 100 versions, because my workflow was: release often. This works very well when you work alone and regularly with your modules. Recently, my needs shifted a little. There are some (minor) advantages to use GIT. And once that transfer is made, the step to GitHub is made. Everyone has his/her own way of releasing, with tricks to improve the process. I will demonstrate how my process works and how I changed my workflow. It will demonstrate how I load my whole history into git and github with little effort. +: +B:1517746800 +E:1517748000 +S:containerd 1.0 Project Update +C:Containers +L:UD2.120 (Chavanne) +D:Containerd, a minimal container runtime created out of the original Docker engine, has now been a Cloud Native Computing Foundation (CNCF) member project since March 2017. Intended for use not just by the Docker engine as a lower layer container runtime and management layer above an OCI compliant executor, the expectation is that Kubernetes will use containerd as well as other projects that need a straightforward, embeddable container runtime without vendor control or opinionated behavior.This project update will overview how we arrived at a "containerd 1.0" feature complete state from the original containerd implementation, and how it is being embedded and used in various projects like "cri-containerd" for Kubernetes and the recent Docker engine releases. We'll also look at the ease with which containerd can be embedded via its client library to offer container lifecycle management to any broader application. +: +B:1517746800 +E:1517747700 +S:Wrap it Up! Packaging from Pots to Software +C:Lightning Talks +L:H.2215 (Ferrer) +D:Big changes are well underway in how software gets packaged and delivered. But even relatively modern takes on packaging goods and services for sale and consumption go back hundreds of years. In this talk, I'll take you on a whirlwind tour of packaging. What forms has packaging taken? What problems were being solved? What kinds of trade-offs need to be made? What lessons can we learn? How has packaging evolved from the utilitarian to the experiential?And, critically, the trade-offs between prescriptive proprietary bundles and the sort of open-ended unrestricted choice that open source software can enable. +: +B:1517660400 +E:1517661300 +S:PBX on a non-specialized distro +C:Lightning Talks +L:H.2215 (Ferrer) +D:Installing FreePBX and Asterisk on a general-purpose system has a lot of hidden traps and requires sysadmin skills.But sometimes we don't want to use a specialized distro for several reasons.This talk is about why we have chosen to provide a ready-to-use PBX on NethServer and how we dealt with problems that you face when you try to install cutting edge FreePBX and Asterisk releases on a standard distro (CentOS 7 in our case) that has to work in production environment providing also other services. +: +B:1517660400 +E:1517661900 +S:MethodHandles Everywhere! +C:Free Java +L:UD2.208 (Decroly) +D:The MethodHandle API was added in Java 7, as a way to programmatically build up smart function pointers. Far more powerful than simple reflection, handles JIT and optimize like Java code, producing a fast, direct, type-safe callable. And the API has continued to evolve: in Java 9, you can now embed atomic semantics, array views, loops and "finally" logic, and much more. Come learn how flexible and useful MethodHandles can be! +: +B:1517660400 +E:1517661900 +S:Nouveau +C:Graphics +L:K.4.401 +D:Brief update on the Nouveau project. +: +B:1517660700 +E:1517662200 +S:Passing the Baton: Succession planning for FOSS leadership +C:Community devroom +L:K.4.601 +D:As we look at the next horizon for FOSS, we must consider who will take us there. While we have these founders in our midst, we must take the time to do succession planning for free and open source leadership. +: +B:1517747400 +E:1517748900 +S:Qt GUIs with Rust +C:Rust +L:H.2214 +D:Build a graphical application with Qt and Rust. Qt is a mature GUI library. Rust is a new, exciting and strict programming language. You can build most of your application logic in Rust and write the GUI in QML or Qt Widgets.This talks will walk through how to do this with Rust Qt Binding Generator. +: +B:1517747400 +E:1517748600 +S:Ecosystems of Professional Libre Graphics Use +C:Open Source Design +L:K.4.201 +D:Libre Graphics magazine spent five years showing off excellent work done with Free/Libre and Open Source graphics software. We showed off the work of individuals and small studios doing exciting work with F/LOSS tools. While exciting things are happening in the world of F/LOSS design, the perception of F/LOSS graphics tools as somehow less-than or other-than the “industry standard” for graphic designers persists. This presentation looks at problems of F/LOSS adoption, especially for graphic design. It asks the question “What kinds of ecosystems do we need to have to successfully do Libre Graphics (including F/LOSS, Free Cultural licenses, and Open Standards) in professional contexts?” +: +B:1517747400 +E:1517751000 +S:LibreOffice Exam Session 2 +C:Certification +L:UB2.147 +D:LibreOffice Certifications are designed to recognize professionals in the areas of development, migrations and trainings who have the technical capabilities and the real-world experience to provide value added services to enterprises and organizations deploying LibreOffice on a large number of PCs. +: +B:1517747400 +E:1517750700 +S:Unix? Windows? Gentoo! +C:Distributions +L:K.3.201 +D:In need to support Unix, Linux and Windows? Within one application ecosystem?Having a C/C++ application to natively support both Unix/Linux and Windows operating systems is known to be a mess for both the application's Source Code and Build System. Nevertheless, developers still are expected to provide exactly that - depending on the nature and lifetime of an application. This talk is about how SSI Schäfer IT Solutions is achieving the goal of concurrently providing support for both operating system worlds within one single C/C++ application ecosystem, which was originally targetting the Unix world only. +: +B:1517661000 +E:1517662200 +S:Ada, or How to Enforce Safety Rules at Compile Time +C:Ada +L:AW1.125 +D:This is a real life story of a mixed criticality system, where a proper usage of Ada's features for controlling visibility allowed a provable enforcement of the segregation rules at compile time: any violation would simply not compile. +: +B:1517661000 +E:1517662800 +S:Qt in Automotive +C:Embedded, mobile and automotive +L:UD2.218A +D:The Qt Automotive Suite solves a number of automotive problems, but these are not unique to our industry. We have a look at how to measure and understand start-up timing and performance, how to use the Qt Application Manager Wayland compositor, how to generate platform APIs and more. We also take a quick look at the tools provided, e.g. QMLLive for rapid prototyping and GammaRay for deep introspection. +: +B:1517661000 +E:1517662500 +S:Update on GStreamer for Embedded Devices +C:Open Media +L:H.1309 (Van Rijn) +D:GStreamer is the de-facto multimedia framework used for embedded Linux systems. I will focus on recent improvements relevant to the embedded community. In particular, I'll explain our progress in making it easy to do zero-copy pipelines using DMAbuf to connect all the components of the multimedia pipeline, from V4L2 capture, to OpenMAX based codecs to Wayland or KMS based sinks. I'll also give a short overview of the improvements into the OpenGL stack, in particular for embedded platforms.GStreamer is a highly versatile plugin-based multimedia framework that caters to a whole range of multimedia needs, whether desktop applications, streaming servers or multimedia middleware; embedded systems, desktops, or server farms. It is also cross-platform and works on Linux, *BSD, Solaris, macOS, Windows, iOS and Android.This talks targets everyone who cares about Free and Open Source multimedia on embedded systems. GStreamer is the standard multimedia framework, not only on the Linux desktop, but most importantly, in embedded Linux products. +: +B:1517747400 +E:1517748900 +S:Cumin: Flexible and Reliable Automation for the Fleet +C:Config Management +L:UA2.114 (Baudoux) +D:Cumin is a Python API and CLI that provides a flexible and scalable way to execute multiple commands on cluster of hosts in parallel. It has a fine-grained hosts selection mechanism that allows to dynamically query multiple backends and combine their results. In addition to some built-in backends such as PuppetDB, SSH known hosts files, OpenStack API, it's possible to plug-in external backends. The current transport layer is SSH, although additional transport layers could be easily added. There are multiple execution strategies available and fine-tunable to suit different orchestration requirements. The executed commands outputs are automatically grouped for readability.The talk will describe the reasons that led us to the development of Cumin and its features and show its current usage at the Wikimedia Foundation for automation and orchestration. +: +B:1517661000 +E:1517663100 +S:G-CORE: The LDBC Graph Query Language Proposal +C:Graph Processing +L:H.2214 +D:The talk will present G-CORE and its most striking features. G-CORE is a graph query language proposal developed by Linked Data Benchmark Council (LDBC). It is a closed graph query language that includes graph pattern matching, inclusive extended regular path expressions, graph construction (graph projection and graph aggregation), and (weighted) shortest path finding. The query language queries graphs and returns a graph. Hence, it supports views and correlated sub-queries, which have proven their worth in the relational databases. To ensure that the query language is practically usable on large data, G-CORE builds on previous complexity results and carefully select useful features, but restricted in such ways that the resulting language is polynomial in data complexity. As such, G-CORE connects the practical work done in industrial proposals with the foundational research on graph databases; in fact, it can be considered as a bridge between these two worlds. +: +B:1517747400 +E:1517750100 +S:Vectors Meet Virtualization +C:Virtualization and IaaS +L:UD2.218A +D:As workloads have grown and computing has become more data intensive there has been a move to improve the data crunching capabilities of modern processors. Traditional scalar instruction sets have been augmented by extensions borrowing techniques from super computers in the form of SIMD or Vector processing instructions.In the world of virtualisation these new instructions offer a number of new challenges. From efficient emulation for code generating JIT's such as QEMU to increased latency when multiplexing multiple machines under KVM.This talk will briefly examine the history of SIMD instructions before introducing ARM's innovative Scalable Vector Extensions. We will then discuss the challenges involved in virtualising them both in software and hardware alike. +: +B:1517747400 +E:1517749200 +S:DOSEMU and FreeDOS: past, present and future +C:Retrocomputing +L:AW1.121 +D:DOSEMU (1992) and FreeDOS (1994) are long-running projects which allow you to run DOS applications on Linux and on bare hardware. I will describe their history and current developments.Intended audience: anyone who is interested in DOS and emulation. +: +B:1517661000 +E:1517662800 +S:How compilers affect dependency resolution in Spack +C:Package Management +L:K.3.201 +D:Spack is a general-purpose package manager, used on machines ranging fromlaptops to high performance computing (HPC) clusters. It supportspackages in C, C++, Fortran, as well as many other languages, and itallows users to build many different versions of packages with differentcompilers, build options, dependencies, patches, and targetarchitectures.Swapping a new compiler into a build may seem trivial, but this and otherfeatures in Spack add subtle constraints and complexities to thedependency model. We'll talk about modeling compiler runtime librariesin the DAG, compilers depending on other compilers, and how dependencyresolution has to change for cross-compiling. We'll also touch on why allthis is necessary for HPC environments, and how packaging has helped toenable new collaborations and software reuse across the scientificcomputing community. +: +B:1517747400 +E:1517748900 +S:Does data security rule out high performance? +C:HPC, Big Data, and Data Science +L:H.1302 (Depage) +D:Traditionally HPC systems assume they are in a secure, isolated environment andas many barriers as possible are removed, in order to achieve the highestpossible performance. While these assumptions may still hold for traditionalsimulation codes, many HPC clusters are now used for heterogeneous workloads.Such workloads increasingly involve the integration of input data from a varietyof sources, notably in the life sciences. Scientists are now operating at thepopulation scale, where datasets are ultimately derived from real people. Inthis talk we discuss some of the restrictions placed on the usage of suchdatasets, how those restrictions interfere with the goal of high performancecomputing, and some alternative strategies that meet the data requirements whilenot hobbling the speed of analytical workloads. +: +B:1517661000 +E:1517662800 +S:Integrating cloud and container projects in the OPNFV community: Cross Community CI +C:SDN and NFV +L:H.1301 (Cornil) +D:This talk will explain the tight relationship between the OpenStack and OPNFV communities, using as a base the Cross Community CI project, and the benefits that both communities get from it.Initially the OPNFV CI was based on the consumption of stable artifacts, including stable versions of OpenStack. Developers were not able to work with master versions, causing lack of testing and delay on delivering projects.Cross Community CI project (XCI) enabled testing based on master versions of the different upstream components (OpenStack , OpenDaylight...). This caused to significantly cut the time of development and identify bugs earlier.In this talk we will introduce that concept, and we will also explain the tooling used to achieve it (bifrost, openstack-ansible, ansible-opendaylight), showing how a deployment goes from end to end, how to reuse this project for your own needs, and how to start integrating your own project into XCI if that fits into the scope. +: +B:1517661000 +E:1517662200 +S:Accessibility 101 (not only) for LibreOffice developers +C:Open Document Editors +L:AW1.120 +D:This talk will take you through the basics of a11y in a desktop application, using LibreOffice as an example. Starting with basic terminology (mnemonic widget? accessible label?), we'll discover building blocks of a11y in desktop environment, have a look at the sources of most common mistakes developers make when they don't include a11y-awareness into their development process and how to fix them. We'll also show the ways how anyone (even those with little or no knowledge of programming) can contribute to improving a11y ... not only in LibreOffice. +: +B:1517661000 +E:1517662800 +S:Networking Swiss Army Knife for Go +C:Go +L:H.1308 (Rolin) +D:Creating and managing network devices, Traffic Control, routing and iptables, introspecting and manipulating network packets. That normally involves a lot of low level C programming, which introduces a huge gap between frontend (web and service oriented) and backend needs (systems programming). Go is excellent in bridging this gap in general, and thanks to the great work of the Go community, networking tasks are very easy to solve too. This session will introduce a set of libraries which form a comprehensive Swiss Army Knife to tackle almost any network related task on Linux with Go. +: +B:1517661000 +E:1517662500 +S:The open source EDA tool chain for the Chips4Makers project +C:CAD and Open Hardware +L:K.4.201 +D:The Chips4Makers project tries to make low volume ASICs possible for makers and hobbyists. The talk will start with a summary and vision of the Chips4Makers project.In a second part of the talk the current state of the used tool chain will be discussed. With the Retro-uC project this tool chain is tested and it will be presented what worked and what is candidate for improvement. I do hope I can get feedback from the public and get more inspiration to improve the toolchain in use for future user projects.The Retro-uC chip itself - a microcontroller with the right instruction set for a retrocomputing enthusiast - is discussed in a talk in the retrocomputing devroom. +: +B:1517661000 +E:1517663700 +S:Unleashing the Power of Unikernels with Unikfraft +C:Virtualization and IaaS +L:UB2.252A (Lameere) +D:Unikernels have been shown to provide incredible performance benefits, including boot times of a few milliseconds, low CPU utilization, throughput in the range of 10-40 Gb/s and memory footprints of a few MBs or even KBs, to name but a few metrics. The clear downside is development time: it can take several months or longer to produce a working, optimized unikernel, and up until now, the process needed to be repeated for each target application. There was no shared research and development on the building and creation of unikernels.In this presentation we will introduce Unikraft, a new, open source Xen Project sub-project under the auspices of the Linux Foundation that seeks to automate the development process for unikernels. Unikraft decomposes operating systems and libraries into elementary modules called libraries (e.g., schedulers, memory allocators, drivers, filesystems, network stacks, etc) and then allows users to quickly pick and choose, through a menu, which components to use when building a unikernel. Once done, Unikraft builds one image per target “platform” (e.g., Xen, KVM or Linux user-space), severely reducing unikernel development time. We will show a brief demo on how to use Unikraft, and cover the basics of the system including how to contribute to it. +: +B:1517661000 +E:1517664000 +S:CBSD, Isolation manager +C:BSD +L:K.3.401 +D:CBSD is able to manage bhyve, jails and xen on a cluster of hosts while keeping dependencies reasonably low. It is able to configure network interfaces and firewall rules dynamically, whether you use PF, IPFW or IPFILTER. This talk will cover main CBSD features, implementation details, future plans and growth of CBSD as well as ecosystem around it. +: +B:1517747400 +E:1517748900 +S:Harmonize or Resist? +C:Legal and Policy Issues +L:UA2.220 (Guillissen) +D:There's a lot of pressure from the US (and some of it's allies) to "harmonize" with American ideas about patents and copyrights. The response by different nations has been wildly different -- some have chosen to play along while others have chosen to resist. What makes sense for one country won't make sense for another and it's all in the details. This talk examines existing legal patterns, the state of local economies and varying trade relationships in an effort to survey what kinds of resistance are possible or effective. +: +B:1517661000 +E:1517662800 +S:Making a browser fast +C:Mozilla +L:UA2.118 (Henriot) +D:Making a browser fast will speak about the numerous changes that happens under the hood of Firefox during 2017 and how Mozilla made his browser much more reactive to the user. +: +B:1517747400 +E:1517749200 +S:Building Rock Climbing Maps with OpenStreetMap +C:Geospatial +L:AW1.126 +D:Traditionally natural rock climbing walls and routes have been developed on a volunteer-basis and openly shared among the climbing community. However, Open-license data set for climbing routes in electronic format is not widely available. OpenBeta Initiative project is building an open source app to make it easier for rock climbers to contribute climbing routes and GPS-coordinates to OpenStreetMap. +: +B:1517747400 +E:1517748900 +S:Anonymous Whistleblowing with SecureDrop +C:Decentralised Internet and Privacy +L:H.1301 (Cornil) +D:This session will introduce SecureDrop, a free and open source whistleblowing platform. We will describe how it addresses the critical need for a way for journalists and sources to communicate securely and anonymously. Many large news organizations including the Associated Press (AP), the Guardian, the Washington Post and the New York Times are all now running SecureDrop in their newsrooms to preserve an anonymous tip line in the presence of increasing surveillance powers by governments and corporations. We will describe how SecureDrop works, how you can install it, and how you can contribute to the project. +: +B:1517747700 +E:1517750100 +S:Heterogeneous Computing with D +C:LLVM Toolchain +L:K.3.401 +D:GPU programming is popular with scientists who need massive parallel computing power. DCompute is an extension of LDC, the LLVM-based D compiler, which uses the PTX and SPIR-V targets of LLVM for a smooth integration in a system programming language. +: +B:1517661300 +E:1517663100 +S:Implementing a safe and auditable access to customer instances of your SaaS for the support staff with HashiCorp Vault +C:Identity and Access Management +L:UD2.119 +D:SaaS are for a lot of us an unavoidable part of our day to day workflows. Unfortunately, sometimes things goes wrong and you need an hand from the support team to get you back on track.This talk will explore how, as a SaaS provider, you can implement an access to independent customer instances for your support staff and guarantee accountability and auditability using only free software tools like HashiCorp Vault. +: +B:1517661300 +E:1517664000 +S:Microkernels in the Era of Data-Centric Computing +C:Microkernels +L:AW1.126 +D:During the history of digital computers, the majority of mainstream computer systems we designed as CPU-centric. All the data that the computer processed always passed through the main memory in one way or the other and the code running on the CPU manipulated with the data, directly on indirectly. Even DMA controllers, co-processors, GPUs and intelligent NICs were used just as slave peripherals, although with some degree of computational off-loading in the recent years.One of the reasons for keeping the same basic architecture despite its drawbacks such as the ever-widening memory barrier (i.e. the difference between the latency of the CPU and the RAM) was arguably its conceptual simplicity. However, trends for a major change in the status quo are finally emerging into the mainstream. These new architectures, often called data-centric computing or near-data processing, propose to turn an ordinary computer into a distributed system where the distinction between the CPU, main memory and peripherals is much more blurry. Components such as individual DRAM chips, flash memory chips and NICs should have autonomous computing capabilities and the possibility to interchange data between other components without the involvement of the main CPU.This talk will present a brief overview of the concepts and discuss the consequences for operating system designs, especially regarding microkernels. +: +B:1517661600 +E:1517662500 +S:Urbit: the personal server +C:Lightning Talks +L:H.2215 (Ferrer) +D:The internet has failed to decentralize. What started as a network of nodes in people's homes turned into a network of server farms largely owned by a handful of tech giants. Flaws in the internet's design and implementation allowed for an online world to form where a few large services control nearly all users. Social networks don't put you in touch with your friends. They put you in touch with a server that helps with that... at the cost of privacy and community.Urbit aims to solve this and many other problems by providing a decentralized network of personal servers. These come with a personal identity and an operating system that provides an immutable global namespace and all the infrastructure needed for making decentralized applications./> +: +B:1517748000 +E:1517749500 +S:MySQL Test Framework for Support and Bugs Work +C:MySQL and Friends +L:H.1308 (Rolin) +D:MySQL Test Framework (MTR) provides unit test suite for MySQL. Tests in the framework are written by MySQL Server developers and contributors and run to ensure build is working correctly.I found this is not the only thing which can be done with MTR. I regularly use it in my Support job to help customers and verify bug reports.With MySQL Test Framework I can:Create complicated environment in single step and re-use it laterTest same scenario on dozens of MySQL/Percona/MariaDB server versions with single commandTest concurrent scenariosTest errors and return codesWork with results, external commands, stored routinesEverything with single script which can be reused on any machine any time with any MySQL/Percona/MariaDB Server version.In this session I will show my way of working with MySQL Test Framework and I hope you will love it as I do! +: +B:1517748000 +E:1517749200 +S:Gnuk Token and GnuPG scdaemon +C:Hardware Enablement +L:K.4.401 +D:Gnuk is an implementation of USB cryptographic token for GnuPG.It conforms OpenPGP card specification, implements USB CCID protocol, and supports modern ECC, i.e., Ed25519 and X25519.I started the project in 2010, and to enable better support, I joined GnuPG development. I had a talk in FOSDEM2012. It wasn't go well as I expected in 2012.I needed to design my own free hardware design for reference hardware. That's FST-01.I needed to design and implement True Random Number generator of my own. That's NeuG.For better control of hardware resource, I develop a thread library named Chopstx.In 2016, at OpenPGP.conf, I realized that people generally hesitate new hardware. Thus, in 2017, I modified Chopstx so that it can run on GNU/Linux as emulation. Now, a user can run Gnuk on normal GNU/Linux as an emulation, by USBIP, without real physical hardware device.In short, my talk is: Everything is free software (firmware on the device, driver on host), and hardware has free hardware design, but that's not enough. Emulation is useful, hopefully. +: +B:1517748000 +E:1517748900 +S:Vis Editor +C:Lightning Talks +L:H.2215 (Ferrer) +D:The vis editor extends vi's modal editing with built-in support formultiple selections and combines it with sam's structural regularexpression based command language and Lua scripting capabilities. Theintention is not to be bug for bug compatible with vi(m), instead weaim to provide more powerful editing features based on an elegant designand clean implementation. +: +B:1517748000 +E:1517750400 +S:Perl 6 on Jupyter +C:Perl Programming Languages +L:K.4.601 +D:The Jupyter project provides a language-agnostic client-server protocol for a Read-Eval-Print Loop (REPL) and a serialization format for a REPL session. In this talk, we explore the use and implementation of a Perl 6 server ("kernel") and how it interacts with various clients, such as a web client ("notebook") and a console client. We focus on distinctive aspects of using Rakudo Perl 6 in this environment, such as using the Perl 6 metamodel's introspection capabilities for autocompletion, discovery and entry of unicode operators, and using Perl 6's asynchronous primitives for concurrent operations. We also investigate possibilities for widgets, magics, and interactive data visualization. +: +B:1517748000 +E:1517749500 +S:Moldable analysis with Moose +C:Source Code Analysis +L:UD2.119 +D:Software systems are widely diverse. Each has its unique structure, stakeholders and requirements. Given this reality, often successfully extracting valuable insights from a software system requires software analyses tailored to the context of that system. This is the main goal of Moose, an open-source platform for software and data analysis: empower programmers to craft custom analyses cheaply. Instead of providing predefined tools, Moose focuses on moldable tools that enable programmers to create their own analyses. We can measure the cost of a custom analysis in terms of minutes, instead of days. This demo will show ways in which Moose can enable custom analyses. For example, we'll look into extracting dependencies between components in Angular, explore how services in the Symfony PHP framework communicate with each other, and reverse engineer code to visualise domain concepts. +: +B:1517748300 +E:1517749800 +S:C++ Code Generation with GRC +C:Software Defined Radio +L:AW1.120 +D:This talk introduces C++ output functionality for the GNU Radio Companion, which was my ESA Summer of Code in Space project this summer. +: +B:1517748300 +E:1517749800 +S:Tizen:RT +C:Internet of Things +L:AW1.125 +D:Overview of Tizen ecosystem, focus on constrained devices support, how to get started with Tizen:RT plus demo on actual device. +: +B:1517748300 +E:1517749500 +S:Building a WebRTC gateway +C:Real Time Communications +L:H.1309 (Van Rijn) +D:Using WebRTC on the server side for bridging calls to traditional VoIP. (including transcoding)After experimenting and reaching the stage where we can send and receive samples from a native app running on a server we have reached the point where this seems feasible without forking using a webRTC audio device module.We can already demo the work in progress and given our high expertise in MediaStreamer2/oRTP it should not be very hard to reach a working proof of concept before Fosdem 2018.The signaling gateway part will be rudimentary and could be replaced by Kamailio or anything else later. +: +B:1517748300 +E:1517749500 +S:LTTng: The road to container awareness +C:Containers +L:UD2.120 (Chavanne) +D:The LTTng kernel and user-space tracer were designed for traditional Linux hosts but can alsobe used in a container environment. While we currently lack high-level functions and integrationwith container technologies, the raw data can be gathered and analysed by the seasoned lttnguser. This talk will detail what is currently available, what we would like to add and hopefully whatthe community would expect from a container aware version of LTTng. +: +B:1517662200 +E:1517664000 +S:The LTTng approaches to solving complex problems +C:Monitoring and Cloud +L:UD2.120 (Chavanne) +D:The LTTng kernel and user-space tracer can help solve a wide variety ofproblems (especially those hard to reproduce ones). There are four main ways ofextracting and processing an LTTng trace, and each of them addresses adifferent use-case. In this presentation we will demonstrate these modes andpresent real-world situations where they can be used. If you already know howto use LTTng you will learn new ways this tool can help you, and if you don't,you will probably discover a new way to address these complex problems.The modes we will demonstrate are: post-processing mode (default), snapshotmode, live mode and the new rotation mode.All of these modes have their pros and cons in a context of monitoring andcloud and we will be happy to discuss with the crowd to see how to addresstheir particular use-cases and help them gain a full-system insight.The intended audience is devops engineers having to deal with complexproblems and look for a way to scale their monitoring and debugging methodon a small or large fleet of servers. +: +B:1517662200 +E:1517665200 +S:Mir 2018 +C:Graphics +L:K.4.401 +D:A review of the progress of, and plans for the Mir project. +: +B:1517662200 +E:1517663700 +S:strace: new features +C:Debugging tools +L:AW1.121 +D:strace is a diagnostic, debugging and instructional utility for Linux. It is used to monitor and tamper with interactionsbetween processes and the Linux kernel, which include system calls, signal deliveries, and changes of process state.In this talk the maintainer of strace will describe new features implemented since FOSDEM 2017. +: +B:1517662200 +E:1517663700 +S:Top Ten Metrics for Evaluating your Garbage Collector +C:Free Java +L:UD2.208 (Decroly) +D:There's an old joke about a new bride who prepares her first bigdinner for her new husband. She's making her mother's brisket recipewhich starts by cutting the ends off of the roast. Her husband asksher why she cuts the ends off. She says she does it because that's theway her mother always did it. She asks her mother and her mother says"That's the way your grandmother always did it". She asks hergrandmother and her grandmother says "That's the only way it would fitin my pan". There's a lot of folklore and myth surrounding Javagarbage collection performance, most of which is obsolete, irrelevantto your application, or was never really right in the first place.So how do we evaluate a GC algorithm? We can measure various metrics: end to end run time, maximum pause time, average pause time,percentage of the cpu given to the Java threads, memory footprint,micro benchmarks, ... This talk will focus on ten (give or take)metrics/tools we can use to evaluate garbage collection performance.This isn't a comparison of OpenJDK collectors, it's a discussion ofwhat characteristics are important in a good garbage collector and howto measure them. +: +B:1517662200 +E:1517663400 +S:Maintaining accessibility through testing? +C:Open Document Editors +L:AW1.120 +D:Accessibility in free software has been much improved between 2004 and 2009thanks to Sun, which massively invested for it. Since it has disappeared, bigfree software projects have experienced many regressions in this matter. Someof their maintainers consider that there is not enough money to deal with thematter.Given the complexity of code such as Libreoffice, and given thestatus of accessibility of software in modern society, it becomes impossibleto invest millions of euros to pay for someone which would fix current bugsand track future ones in millions of code lines, through hundreds of commits,and permanently. All the more since beyond this task, a paid expert shouldrather work about improvements of assistive technologies themselves and pipes(at-spi, atk), instead of fixing miscoding of unaware developers. So to hopea free and accessible software, major projects need to take responsibility ofthis. Non-regression tests could be a way to make this duty lighter, even if nota complete solution. What kind of tests could be set? +: +B:1517662500 +E:1517664000 +S:What community can learn from marketing +C:Community devroom +L:K.4.601 +D:It's true, community isn't marketing. But we should adopt and adapt good ideas when they have the power to make us more effective.In this talk I'll look at how both non-commercial and commercial developer communities can use some of those ideas from the world of marketing to create, implement, measure and report on a strategic plan that provides a clear path from newcomer to community leader. Not only that, I'll also show how to measure and then report that effectiveness to commercial sponsors and the community itself. +: +B:1517749200 +E:1517750700 +S:CrateDB: A Search Engine or a Database? Both! +C:HPC, Big Data, and Data Science +L:H.1302 (Depage) +D:In this talk, I will give an introduction to CrateDB, its architecture, and demo a few things that people have built with it. +: +B:1517749200 +E:1517750700 +S:People can't care when they don't know +C:Legal and Policy Issues +L:UA2.220 (Guillissen) +D:We go through a lot of work and angst as a community over licensing --what is free, what is not, what is open source, what is compatiblewith what, which software is to use which license. Then, after all thework put into these decisions, the result is hidden away, only to beseen or become relevant in the event of some legal challenge orinsider decision. Licensing information is by and large notsufficiently communicated to end users, even though we are trying tobuild a movement of users who prefer freely licensed software. +: +B:1517662800 +E:1517664600 +S:Firefox: How to ship quality software +C:Mozilla +L:UA2.118 (Henriot) +D:Developped by a huge community of developers and users, Firefox is one of the biggest software ever created.In every release, a crazy number of patches (~6000) lands into the code base. The changes can be C, C++, Java, Rust, Javascript, XML, HTML, CSS, etc.In order to avoid regressions, over years, Mozilla created a number of tools, method and process to make sure the release in a good shape at release day. +: +B:1517662800 +E:1517664600 +S:Barometer: Taking the pressure off of assurance and resource contention scenarios for NFVI +C:SDN and NFV +L:H.1301 (Cornil) +D:If fixed function appliances are going to be replaced and complemented by a mix of physical and virtualized appliances, the manageability and service assurance capabilities need to remain consistent or improve on what is available today.The ability to monitor the Network Function Virtualization Infrastructure (NFVI) where VNFs are in operation will be a key part of Service Assurance within an NFV environment.It is vital to monitor systems for malfunctions that could lead to users' application service disruption and promptly react to these fault events to facilitate improving overall system performance and user experience.The relevant events and metrics must be reported to higher level fault management systems, to detect violations (and enforce SLAs), as well as faults or degradation in the performance of NFVI resources.Additional statistics facilitate more resilient and performant telco/NFV clouds.By exposing system statistics to collectd, there is more data available, which can be used for monitoring, performance analysis, fault detection, failure prediction, etc. using OPNFV, action can then be taken to negate the effects of any faults in the deployment.This talk will include:- a short overview of the Barometer (NFVI Service Assurance) project in OPNFV- A demo of how quickly you can start monitoring the NFVI with Barometer.- How OPNFV and ONAP are taking these changes on board +: +B:1517662800 +E:1517664300 +S:Modern tools to debug GStreamer applications +C:Open Media +L:H.1309 (Van Rijn) +D:GStreamer is a framework to develop multimedia applications such as media players, transcoders or video editors.Recent GStreamer releases gained new tools making it easier to debug and gather data about the running pipeline. +: +B:1517662800 +E:1517665800 +S:Load testing web services at Mozilla with Molotov +C:Python +L:K.1.105 (La Fontaine) +D:This talk presents the different challenges Mozilla faces when deploying web services for millions of users, and how load testingis used to prevent the most common pitfalls, through the usage of Molotov. +: +B:1517749200 +E:1517751000 +S:Building OSM based web app from scratch +C:Geospatial +L:AW1.126 +D:There are a lot of tools to build a web app from scratch - as a novice you have to find your way through alle these tools and pick the right ones. +: +B:1517662800 +E:1517665800 +S:Digital Archaeology +C:History +L:Janson +D:In a few years time, it will be impossible to study the history of retro-computers since its software was either proprietary, closed-source, written in a now-obsolete language, or encumbered by software “protection” to prevent copying. Furthermore, the hardware upon which it ran is dying, and the cassette tapes holding the software are physically disintegrating. +: +B:1517749200 +E:1517750700 +S:Writing Node.js Modules in Rust +C:Rust +L:H.2214 +D:There's always some use cases where you need a systems language inside your node.js application. Neon is Rust bindings for writing safe and fast native Node.js modules. This talk is mainly about Neon, I'll go through the current state of project, a few examples, problems and also the future of the project. +: +B:1517749200 +E:1517751600 +S:Developing applications with Swift as Storage System +C:Software Defined Storage +L:H.2213 +D:Swift comes with a wide variety of API features to build extremely scaleable and durable applications. It uses an RESTful API, making it easy to use and embed in your own applications.One of the great characteristics of (web) applications using Swift as a backend is the separation between application logic and data path. This helps a lot to write lightweight apps in a scaleable way.During this talk we'll give you an overview about the included features, how to use them and examples how implementations might look like. An example web application walktrough &amp; demo will showcase why all of these features help you to build your own application. +: +B:1517749200 +E:1517750400 +S:Icon Themes +C:Open Source Design +L:K.4.201 +D:Software platforms need to be highly extensible and customizable, since developers need to build on top of them and provide the best experience for users. Some users put more focus on the styling and visual aspect of their customization, others need it to be highly accessible or responsive, while others just like to have diversity in their choices.Being able to provide multiple icon sets inside a platform is still a difficult task because of the variety of ways icons can be provided: as images, as font sets, as SVG, etc. I will present a solution for creating and using icon themes, also mentioning the limitations and the difficulties we had in implementing such a solution on our platform. Several icon libraries will be compared, showcasing the reasons, decisions and the compatibility and mapping issues we faced during the process. +: +B:1517662800 +E:1517664300 +S:Package management over Tor +C:Package Management +L:K.3.201 +D:Tor has become a popular choice for privacy-oriented services such as the Debian project or Tails. Unfortunately, not many package management systems integrate Tor. In this talk, we will try to address this issue as we will walk through Tor-aware setup using pkgsrc from NetBSD. You will learn how to "go under the radar" when building packages from source and installing binary packages from your own hidden service. +: +B:1517662800 +E:1517664300 +S:Automated system partitioning based on hypergraphs for 3D stacked integrated circuits +C:CAD and Open Hardware +L:K.4.201 +D:With the evolution of integrated circuits (ICs), 3D integration is becoming a short and middle term viable solution to increase the system performance, functional density per unit area and reduce system power, as an alternative to costly sub 7nm CMOS technologies. However, as trendy as it may turn, there is no viable Electronic Design Automation (EDA) toolchain that allows to design ICs in 3D. Our work aims at developing tools that could be used in standard 2D EDA chains to deal with 3D ICs. Such tools will automatically transform any 2D design into an optimized 3D architecture by extracting a graph from the DEF file coming out from 2D synthesis and place&amp;route flow. Afterward, this graph can be partitioned automatically using state-of-the art graph partitioning tools.In order to create the toolchain, we developed a custom DEF parser to answer specific and limited needs that existing solutions such as Verilog-perl or PyVerilog did not allow. The software scans the DEF to find all the gates, pins and nets in the given design. When analyzing nets, it also parses the routing information to determine the total length of the net, which will be needed in the partitioning phase.In parallel with the DEF parsing (design input), the LEF technology file (technology input) is also parsed to fetch the characteristics of the gates that will be used later on in the clustering and partitioning steps.Once the design has been parsed, it can be clusterized to reduce the problem complexity and the output is formatted to extract the underlying hypergraph.The extraction makes use of standard Python structures such as dictionaries in order to quickly find links in the design and establish references between the vertices (i.e. clusters or gates) and edges (i.e. nets). When building the hypergraph, some metadata are linked to each vertex/edge (e.g. area, power, total length, total connections) to later set their weights that will be needed in the partitioning phase.As soon as the design has been converted into a hypergraph, it is formatted in such a way so that it can be fed to the hMETIS package. Using the weights sets extracted during DEF/LEF parsing phase, hMETIS partitions the graph. The output is processed into TCL directives that are then interpreted by a proprietary tool handling the 3D P&amp;R, or they can be used to automatically partition the post-synthesis gate-level netlist and thus be used with any EDA flow, including the open-source ones.Quentin Delhaye, Dragomir Milojevic, Université libre de Bruxelles, Brussels, Belgium +: +B:1517662800 +E:1517664600 +S:Android Real Life experience in Production +C:Embedded, mobile and automotive +L:UD2.218A +D:Nowadays one of the most powerful and used OS is also a pain for the developers. Too many devices and customizations makes the management of your app in production a very tough job: users are increasingly demanding, and time to market is required to be at flash speed. How to manage all this madness? How to get information of a particular device that you don't own in order to reproduce the problem and fix it? Is there a global solution? Well, we'll share our experiences gained with an application that is distributed to more than 40000 users, and we'll show some interesting cases we faced with. +: +B:1517749200 +E:1517752200 +S:Security Theatre +C:Security and Encryption +L:Janson +D:Security is but a feeling. A feeling that the admin has when he's leaving at beer o'clock. And mostly the biggest risks for the assets he has to protect are not of technical nature. +: +B:1517749200 +E:1517752800 +S:Blockchain developers meet&greet +C:BOFs (Track A - in H.3227) +L:H.3227 +D:Meet and greet for blockchain developers. (Follows the talk on Monero in Janson.) +: +B:1517749200 +E:1517751000 +S:Improving Linux Laptop Battery Life +C:Hardware Enablement +L:K.4.401 +D:Modern laptops can use a lot less energy then laptops from a decade ago. But in order to actually get this low energy usage the operating system needs to make efficient use of the hardware. Linux supports a lot of hardware power-saving features, but many of them are disabled by default because they cause problems on certain devices or in certain, often corner-case, circumstances. This talk will describe and look into recent efforts to enable more power-saving features by default in such a way that this will not cause regressions. The end goal of these efforts is to shave of at least 2 watt of the typical idle power-consumption of 6-9 watt for recent (Hasswell or newer) laptops. The goal is to achieve this saving on an OOTB Fedora Workstation install without the user needing to do any manual tweaks. +: +B:1517662800 +E:1517665800 +S:JITing PostgreSQL using LLVM +C:PostgreSQL +L:H.1302 (Depage) +D:In a number of workloads, primarily of analytical nature, several parts of postgres' query execution are limited by CPU speeds. One way to address that is by allowing queries to be processed by more than one core at a time; which the project started to enable with 9.6, extended a lot in version 10, with significant additional features expected in 11. But that does not address the efficiency / economics of overall query execution.This talk will focus on increasing the efficiency of query execution by just in time compiling parts of queries. That is, instead of having roughly interpreter like code to execute the queries, emit native code doing precisely the work needed for a specific query.The current goal of the project is to use LLVM to perform JIT of two main parts of query execution:- expression evaluation (WHERE clause, aggregates, GROUP BY clauses, etc)- tuple deforming (converting on-disk tuples into a more efficiently accessible in-memory representation)and to integrate as much of that work as possible into PostgreSQL 11.We'll discuss:- how the above parts of the system were identified as the primary bottlenecks- how JIT compilation can help resolve them- which structural changes to postgres were required to allow for JIT compilation- how JIT compilation is currently implemented, including the current development state- the problems faced using LLVM for this task, and which improvements to it could make it better for the use-caseDepending on the available time, we'll also discuss possible future avenues for optimization. +: +B:1517749200 +E:1517752200 +S:Highly Available Foreman +C:Config Management +L:UA2.114 (Baudoux) +D:This talk will demo a 2 node Foreman cluster with a separate 2 node Smart Proxy Cluster. I will start by presenting some of the architecture choices. I will then demo some of the tips and tricks you can use to achieve HA. I will finally share some of the future planned designs for HA and how this process could be simplified in the future. +: +B:1517662800 +E:1517664600 +S:The case for interface{} +C:Go +L:H.1308 (Rolin) +D:The empty interface (interface{}) is one of the most interesting, powerful, and easily abused features of Go, but there are use cases for which it is uniquely and excellently suited. In this talk for the Go devroom, I will propose a set of rules which can be used to see if your use of interface{} will be the elegant and simple API that interface{} promised, or merely lead to a maintainability nightmare down the road. +: +B:1517662800 +E:1517665800 +S:Contract-based Programming: a Route to Finding Bugs Earlier +C:Ada +L:AW1.125 +D:Contract-based programming is a software development technique, where you include assertions of program properties as a part of the compiled source text. In the strict form, the assertions are checked at compile-time, but in this presentation I will focus on the more common, less strict, form, where at least some of the assertions aren't checked until run-time. Ada gives us a lot of help, so we can write the our assertions about the program properties once, and then have the compiler insert actual run-time checks wherever there is a possibility that the assertion is violated. +: +B:1517662800 +E:1517663700 +S:Making electronics +C:Lightning Talks +L:H.2215 (Ferrer) +D:Open source electronics is only useful if you actually know how to make and assemble a given design. In this lightning talk Kaspar will walk through the build of an electronic circuit assembly: from ordering or making the board, getting the parts and soldering them on to get to a working project. +: +B:1517749200 +E:1517756400 +S:GPG Keysigning +C:Keysigning +L:UD2.Corridor +D:The FOSDEM 2018 GPG Keysigning +: +B:1517749200 +E:1517752800 +S:Image capture on embedded linux systems +C:Embedded, mobile and automotive +L:UB2.252A (Lameere) +D:Image capture is one of the most broad and complex fields of today'scomputing applications. Capturing and displaying images with an embeddedplatform poses additional challenges, introduced by the rapidly increasingcomplexity of dedicated hardware blocks often found on modern Systems On Chipdesigned for mobile and industrial computing. Using real world examples of imagesensors, connection buses and processing blocks this presentation provides anoverview of current industry standard technologies with an introduction toVideo4Linux2 kernel framework for driver development and its userspace APIs. +: +B:1517749200 +E:1517752200 +S:Why I forked my own project and my own company +C:Community +L:K.1.105 (La Fontaine) +D:This talk will describe the reasons why ownCloud was founded as an open source project. The good and bad things when it was turned into a venture capital founded company, the thing that Frank and the core team does differently with Nextcloud and how the business model, licensing and community relations improved. +: +B:1517749200 +E:1517756400 +S:Mozilla TechSpeakers CFP-help +C:Global Diversity CFP Day +L:K.Level.2 +D:Ask Mozilla TechSpeakers your public speaking, conference- and CFP (call-for-proposals)-related questions at the Mozilla booth, hear some tips &amp; tricks about public speaking and some inspiration for nailing your next conference submission. +: +B:1517749200 +E:1517750700 +S:The Invisible Internet Project +C:Decentralised Internet and Privacy +L:H.1301 (Cornil) +D:In this talk I will discuss what is the Invisible Internet Project (I2P), why I2P network is needed, will provide an insight on how the I2P network works, how it is different from Tor. Some use cases and safety tips will be discussed as well as discussion on some new features.Intended audience: everyone interested in I2P. +: +B:1517749200 +E:1517750100 +S:Viva, the NoSQL Postgres ! +C:Lightning Talks +L:H.2215 (Ferrer) +D:PostgreSQL is the first relational database, which recognized the need of non-atomic data types to support developers of applications from science to Web. Jsonb in Postgres is the attractive feature for modern application developers, who want to work with json documents without sacrificing a strong consistency and ability to use all the power of proven relational technology. +: +B:1517749500 +E:1517751300 +S:Developing software on ORIC microcomputers +C:Retrocomputing +L:AW1.121 +D:The ORIC SDK by Defence Force is used to write demos and games for the ORIC range of microcomputers. Along with the Oricutron emulator, they make it possible to cross-develop C and asm programs for these machines.We'll show you how. +: +B:1517663400 +E:1517666100 +S:Simplifying the contribution process for both contributors & maintainers +C:Testing and automation +L:H.2213 +D:Despite platforms like GitHub &amp; co, several hurdles remain for wannabe contributors,on top of whatever skills were required to puzzle together the contribution,especially for people that are not software developers themselves.Examples include:minimal experience with the VCS used by the project (Git, Mercurial, ...);some familiarity with the platform where the project repository is located (GitHub, GitLab, Bitbucket, ...);being aware of the project-specific contribution policy (for example feature &amp; target branches, how to ;Although these hurdles can be overcome with a reasonable amount of effort,for example by reading the project's documentation or following some basic tutorials,they turn out to be a showstopper for some people.Possible reasons include:limited interest in getting familiar with all required details, especially for first-time or infrequent contributors;a lack of time to learn how to overcome these hurdles;becoming demotivated quickly because of problems encountered while following the contribution process;This can result in a significant amount of (potentially very useful) lost contributions...In addition, project maintainers often lack the time required to process all incoming contributions.Doing so not only requires a visual review of the code changes, but also testing, enforcing code style requirements, providing feedback, etc.In this talk, I will outline the extensive GitHub integration that has been implemented in EasyBuild,a framework implemented in Python for building and installing (scientific) software on High Performance Computing (HPC) systems.The EasyBuild command line interface has been extended to add support for:previewing pull requests by comparing with current state of the project repository;fully automatically creation of new pull requests (covering both the Git workflow &amp; GitHub interface);updating existing pull requests to resolve problems or implement suggestions made by maintainers;testing contributions by pulling in the changes from GitHub for local testing;uploading test reports back into pull requests to efficiently communicate whether the contribution works on other systems;reviewing pull requests by cross-referencing with existing relevant files (if any);merging pull requests after checking that all requirements are met (approval by Travis CI, successful test report, visual review by a maintainer, correct target branch, milestone set, ...)In addition a bot was implemented to automatically notify contributors &amp; maintainers that the Travis CI build for a pull request is failing (which is not supported by Travis CI itself).These features have been implemented by leveraging the GitPython library, the GitHub REST API, and the Travis CI API.They have proven invaluable for both contributors (regardless of experience) and EasyBuild maintainers, by streamlining the contribution process.In addition, this has resulted in:significantly reduced effort to contribute (even for experienced contributors);an increase in contributors &amp; contributions;better consistency in contributions;less time spent by maintainers to process contributions.I hope this talk can motivate other projects (large &amp; small) to implement similar features to simplify their contribution process, since this is a critical part of building a community around a software project.The EasyBuil features that are outlined can also be implemented in other projects, regardless of the programming language being used and the scope of the project. +: +B:1517749800 +E:1517751300 +S:Kubernetes Security Best Practices +C:Containers +L:UD2.120 (Chavanne) +D:Containers give developers the ability to isolate applications from one another, but that’s not enough. Resource isolation is much different that security isolation. How do we make applications deployed in containers more secure? How do we apply existing tools like SELinux and AppArmor, and seccomp to our containers running in Kubernetes? How can we apply policy to our network and services to make sure applications only have access to what they need and nothing more?Kubernetes provides the ability to secure containers, and secure access to the API. But it also has a flexible enough architecture to allow for applying network and service policy to various pods and services.In this talk we will learn about the risks and attack surfaces and how to use tools like SELinux, AppArmor and seccomp to improve the security of containers deployed in Kubernetes. We’ll then go up the stack and learn how to apply network policy to containers to further improve security. Finally we will look at the Istio service mesh and how we can add authentication, mutual TLS, and access policies to whole services greatly reducing application attack surfaces. +: +B:1517749800 +E:1517751300 +S:Langkit: source code analyzers for the masses +C:Source Code Analysis +L:UD2.119 +D:Langkit is a framework that aims to make it easy to create a source code analyzer for a language, by specifying its syntax and high level semantics in a domain specific language, and compiling this specification to a library that clients can use to implement any tool that needs syntactic and information about source code for that language. +: +B:1517749800 +E:1517751300 +S:Instant ADD COLUMN for InnoDB in MariaDB 10.3+ +C:MySQL and Friends +L:H.1308 (Rolin) +D:Normally, adding a column to an InnoDB table requires the full table to be rebuilt. The complexity of the operation is proportional to the size of the table. Online implementation of ALTER in MySQL 5.6+ or 3rd party tools like gh-ost or pt-online-schema-change may help to continue working while this change happens, but do not reduce the amount of work to do.With InnoDB in MariaDB 10.3.2+ instant ADD COLUMN was implemented as backward-incompatible change. During this talk I am going to present some details about it and share simple benhcmarks results demonstrating the impact of this new feature. Further possible improvements to ALTER along the lines of are also discussed. +: +B:1517663400 +E:1517665800 +S:SaMBa-AD, it works +C:Identity and Access Management +L:UD2.119 +D:Samba Active Directory is now battle ready for enterprise identity and access management. +: +B:1517663400 +E:1517664600 +S:Maximizing UX for Customizing +C:Open Document Editors +L:AW1.120 +D:Past, present, and the future of LibreOffice's Customize dialog. +: +B:1517749800 +E:1517751000 +S:Whisper and Swarm Protocol for RTC +C:Real Time Communications +L:H.1309 (Van Rijn) +D:Whisper is the “plausibly deniable routing” protocol within Ethereum. We will outline its intended use cases, it’s advantages, topology and the uses to which it is being put today.When it comes to pear to pear and person to person communication in an untrusted network cryproeconomicly incentivised and decentralised system are a viable alternative to altruistic services like Tor or proprietary systems like whatsapp etc.The Swarm protocol (which is largely designed for the storage and dissemination of larger amounts of data) contains PSS (Postal Service over Swarm)with the following GoalsEnable messaging between nodes that are not directly connected through IP.Allow full, partial and no disclosure of addresses of communicating nodes. ("luminosity")Asymmetric and symmetric encryption using ephemeral keys.Transparent implementation of devp2p protocols over pss.Decentralized storage of undelivered messages. (mailserver)Create a fully decentralized end-user messaging platform that's end-to-end encrypted.Status, is an ethereum light client for Android and iOS (and soon for desktop) which uses Whisper for text based chat applications. Conceived as a mobile OS for Ethereum, status now combines a messenger, a browser and a chatbot interface that can act as a chat like, command line tool. Status is a user friendly, privacy respecting, gateway for everyday smartphone users to begin consuming, routing and serving Ðistributed Application on ethereum. +: +B:1517750100 +E:1517752800 +S:Finding your way through the QEMU parameter jungle +C:Virtualization and IaaS +L:UD2.218A +D:This talk provides a survey of the different ways that can be used to configure devices, backends and other interfaces of QEMU via its command line options. +: +B:1517750100 +E:1517752800 +S:LoRa Reverse Engineering and AES EM Side-Channel Attacks using SDR +C:Software Defined Radio +L:AW1.120 +D:LoRa is a novel wireless modulation scheme designed for low data rate, low-power and long-range communications. In this presentation, we will discuss the various processing stages taking place on the LoRa PHY layer, including coding, whitening, interleaving, modulation and preamble detection. We will subsequently learn how hardware LoRa radios can be reverse engineered in order to build our own LoRa decoder with GNU Radio and software defined radios. The concept of PHY-layer fingerprinting will also be briefly explained, showing how we can identify individual LoRa radios using only their raw radio signals and a neural network. Finally, we will see how software defined radios can be leveraged to perform electromagnetic side-channel attacks on the AES encryption scheme, which is used by LoRa and various other wireless protocols. Such attacks enable the recovery of an unknown secret key given a set of known plaintexts and proximal measurements of the electromagnetic spectrum taken during the encryption process. +: +B:1517663700 +E:1517665800 +S:Efficient Graph Algorithms in Neo4j +C:Graph Processing +L:H.2214 +D:We recently released a graph algorithms library for Neo4j.You can use these graph algorithms on your connected data to gain new insights more easily within the transactional database and to improve query results from your graph data, for example by focusing on particular communities or favoring popular entities.We developed this library as part of our effort to make it easier to use Neo4j for a wider variety of applications. Many users expressed interest in running graph algorithms directly on Neo4j without having to employ a secondary system.We also tuned these algorithms to be as efficient as possible in regards to resource utilization as well as streamlined for later management and debugging.In this session, we'll look at some of these graph algorithms and the types of problems that you can use them for in your applications and the implementation choices we made. +: +B:1517663700 +E:1517666400 +S:Leveraging Software Defined Network for virtualization +C:Virtualization and IaaS +L:UB2.252A (Lameere) +D:Software Defined Networking seems to be a natural fit for virtual data centers. Centralized management along with flexibility and speed of provisioning are traits of both virtualization and SDN.The oVirt team aims at making this a reality with OVN, a new network virtualization extension to Open vSwitch.The integration is accomplished by the "network provider for OVN", which uses OVN through an OpenStack Neutron-like API, allowing the use of OVN through Neutron abstractions.This concept is already being used in the oVirt project, and there's work in progress to implement it in the ManageIQ projectThe session will look into utilising Software Defined Network concepts in a virtualization project through the oVirt perspective. +: +B:1517664000 +E:1517664900 +S:Introduction into the ppci project +C:Lightning Talks +L:H.2215 (Ferrer) +D:Ppci is a compiler written entirely in Python. This allows for easy compiler development, portability and installation. The compiler is able to process C code into WASM, WASM into xtensa code, but there are more possible code paths. During this session a demo will be shown on how to compile some webassembly to the riscv platform. +: +B:1517750400 +E:1517752800 +S:The Dynamo After Diffie +C:Perl Programming Languages +L:K.4.601 +D:The talk will be a 40 minute walkthrough of a perl6 Diffie-Hellman based example solution for biharmonic equations including references/quotes to a small number of mathematicians, a few concepts surrounding the Reimann conjecture and its fallacy of synchronicity without a grounded base, and then promoting the potential of a perfect solution to the biharmonic equation as satisfying the crux of Arzela's theorem I(Phi(n)) >= I(U) with a ubiquitous potential data structure (Phi).The code in question is currently in use in the Nuclear Industry in FORTRAN, C/#/++ &amp; Python, I'm retailoring the talk with students &amp; my takeaway goal is to get a feel on how extension into a rapid development framework might be received in the community. The talk will be very flexible and there will absolutely be an option of not going very deep at all into the maths if the reception is not there. +: +B:1517750400 +E:1517752800 +S:LLVM @RaincodeLabs +C:LLVM Toolchain +L:K.3.401 +D:Raincode labs is the largest independent compiler company in the world, with a wide scope of products and services and more than 25 years of experience. Some of our products are based on LLVM and in this presentation I will talk about how we are currently using LLVM as well as presenting some plans on how we will use LLVM in the future. This talk is given from the point of view of users of LLVM, aiming to show which parts have been of help to us and where we have found things lacking. It aims to provide relevant information to both developers and users of LLVM. +: +B:1517750400 +E:1517751300 +S:SiriDB - Time Series Database +C:Lightning Talks +L:H.2215 (Ferrer) +D:SiriDB is a highly-scalable, robust and fast time series database. Build from the ground up SiriDB uses a mechanism to operate without a global index and allows server resources to be added on the fly. SiriDB’s query language includes dynamic grouping of time series for easy analysis over large amounts of time series.SiriDB is optimized for inserts and queries and build to be robust by a clustering function that provides the possibility to update and maintain the database while remaining online. This is done by having two servers in one pool, the scalability is high since the number of pools can be expanded as many times as needed. With its own query language you are able to get the data in a fast and easy way. +: +B:1517664000 +E:1517665500 +S:Graal: How to use the new JVM JIT compiler in real life +C:Free Java +L:UD2.208 (Decroly) +D:With JEP 317: Experimental Java-Based JIT Compiler it is very likely that Graal will be part of JDK 10. In fact, Graal is already available in JDK 9 due to JEP 243: Java-Level JVM Compiler Interface. Graal is itself written in Java and that brings some new properties and behavior to the table which we haven’t seen with existing HotSpot JIT compilers. This talk will show how to use Graal with JDK 9, how to compile an upstream Graal version and what to look out for when using it for benchmarking or even in production. +: +B:1517664300 +E:1517665800 +S:You’ve Got Some Explaining to Do! So Use An FAQ! +C:Community devroom +L:K.4.601 +D:Doing something controversial? Have lots of stakeholders with conflicting needs? Changing course in a way that makes people suspicious or concerned? Write an FAQ! If you can answer the hard questions publicly, honestly, and confidently, you’ll foster trust and build good will even when your audience does not hear the exact answers they want. What’s more, the feedback will give you the input you need to correct any errors you have in fact made. We’ll use real world examples to look at some best practices, including Sun’s comprehensive FAQ for open sourcing Java. +: +B:1517664300 +E:1517665800 +S:Debugging realtime application with Ftrace +C:Debugging tools +L:AW1.121 +D:Introducing Ftrace and using it for Linux realtime application +: +B:1517664300 +E:1517666100 +S:pkgsrc on ChromeOS +C:BSD +L:K.3.401 +D:pkgsrc (the NetBSD package collection) supports more than a dozen platforms. On a Chromebook in Dev Mode, you can install "arbitrary" Linux software. Obviously, pkgsrc is the perfect fit for that! +: +B:1517750700 +E:1517752200 +S:FOSS Platform for Cloud Based IoT Solutions +C:Internet of Things +L:AW1.125 +D:The Internet of things (IoT) is expected to connect billions of devices. The demand for an open IoT platform technology is increasing to enable and accelerate the development of cross-domain/cross-vendor use cases and face the accompanying challenges like connectivity with a wide range of heterogeneous protocols and large scale messaging. Eclipse IoT on top of today's cloud technology like Kubernetes is a promising software stack for this goal. However, it will only be successful if it is widely adopted. This talk describes the status quo and gives an outlook for future development. +: +B:1517751000 +E:1517752200 +S:Interface Animation from the Future +C:Open Source Design +L:K.4.201 +D:Animation can make interfaces better because it allows interface changes to explained visually, making them easier to grasp. However, when animating interfaces is important to consider the spatial model that is created by animations. Otherwise, it can lead to contradictions that make an interface more instead of less confusing. This talk introduces semantic animation, a way of designing interfaces that avoids contraditions by thinking about interfaces as a collection of components rather than a series of screens. +: +B:1517751000 +E:1517752500 +S:Demystifying Rust parsing +C:Rust +L:H.2214 +D:Usually, the topic of parsing the Rust source code is associated with the Rust compiler itself, which for many is an uncharted territory. However, parsing by itself can (and should) be used out of the context of the Rust compiler: given the wealth of information that we can extract out of the code, we can do a lot of thing with it.In this talk, we'll discuss several interesting applications for the Rust parser and the abstract syntax trees it produces, with practical examples of Mozillabindgen(automatic generation of Rust library bindings based on C source code) and a Java binding generator written by the author for a large-scale open source library. +: +B:1517664600 +E:1517666100 +S:KiCad Version 5 New Feature Demo +C:CAD and Open Hardware +L:K.4.201 +D:A demonstration of the new features in version 5 of KiCad, along with a quick state of the union, by KiCad's project leader. +: +B:1517751000 +E:1517754300 +S:Distributing OS Images with casync +C:Distributions +L:K.3.201 +D:casync is a project that combines the idea of the rsync algorithm with git's idea of a content-addressable file systems into one tool for efficient delivery of OS images over the Internet. It has a focus on simplicity, accuracy and security. +: +B:1517664600 +E:1517666400 +S:The challenges of XDP hardware offload +C:SDN and NFV +L:H.1301 (Cornil) +D:To improve the historically mediocre performances of the Linux kernel regarding high-speed networking, the community has been working hard over the last years. In particular, eBPF (extended Berkeley Packet Filter) programs, when attached to XDP (eXpress Data Path) hooks at the driver level, provide a fast in-kernel programmable data plane.Because XDP is so low-level, the only way to move packet processing further down to earn additional performances is to involve the hardware. In fact, it is possible since kernel 4.9 to offload eBPF programs directly onto a compatible NIC, thus offering acceleration while retaining the flexibility of such programs.Building the compatible NIC, and optimising the offload process are not trivial. The objective of this talk is to present the current state of eBPF offload, the challenges that have been overcome, and the ones that lay ahead. +: +B:1517664600 +E:1517666400 +S:The many ways of using Guix packages +C:Package Management +L:K.3.201 +D:The GNU Guix package manager offers some useful and exciting features and properties, but with this comes some options about how to make use of these.This talk will explore different ways in which Guix packages can be used, and what these different ways offer in terms of distributing, reproducing, versioning and isolating packages. +: +B:1517751000 +E:1517752800 +S:Privacy aware city navigation with CityZen app +C:Geospatial +L:AW1.126 +D:Presenting the reasons of the initiation of the CityZen project and the vision for the near future featuring blockchain principles. +: +B:1517664600 +E:1517666400 +S:Componolit - a component-based open-source platform for trustworthy mobile devices +C:Embedded, mobile and automotive +L:UD2.218A +D:Googlehref="">tracks youeven with location service disabled. Your smartphone can be taken over remotelyhref="">via WiFi. Opening media files remains an (unpredictable risk)[]. Despite all the effort put into mitigation techniques we don't seem to make good progress with the privacy and security of our mobile devices.We present our vision of Componolit, an open-source platform for trustworthy mobile devices. Based on the Genode OS framework, the component-based system will provide strict isolation between apps, services and drivers. The platform will enable users to run arbitrary unmodified Android apps without giving up control of their devices. This is realized by trustworthy policy objects implemented and formally proven in the SPARK language. +: +B:1517751000 +E:1517752800 +S:Adding support for a mouse in libratbag +C:Hardware Enablement +L:K.4.401 +D:Libratbag is a daemon to configure on-board settings on gaming mice. It has drivers to support many different mice vendors and models. Clients, like the GUI application Piper, interact with the daemon via DBUS. The on-board settings include button-mappings, resolutions, and LED colors and patterns.The vendors all use different protocols to configure the mice, and every mouse model must have a separate .SVG and configuration file. This talk will cover the steps to add support for a mouse. From reverse engineering the protocol, writing the driver for libratbag, and creating a .SVG to be displayed in Piper.If you own an unsupported device then you can bring it to the conference, and we can look at adding support for it after the talk. +: +B:1517664600 +E:1517665800 +S:Proposal for better font handling in LibreOffice +C:Open Document Editors +L:AW1.120 +D:The LibreOffice' bugtracker lists hundreds of tickets regarding fonts. Besides rendering issues many tickets are related to what is bundled, how missing fonts are substituted, and how to deal with installed fonts. The talk will give an overview of the problems, shows how competitors solve it, and presents a proposal to improve LibreOffice. +: +B:1517664600 +E:1517666400 +S:Reducing CPU usage of a Toro Appliance +C:Microkernels +L:AW1.126 +D:Toro is a x64 kernel that dedicates all system resources to the embedded user application. The result of the compilation of Toro is an image that contains both the kernel and the application. The kernel image can be booted by all majors hypervisors Hyper-V, KVM, VMWare ESXi, and emulators Qemu, VMWare WorkStation, VirtualBox. In these environments, the application runs directly inside the kernel without the need of a general purpose operating system. In this talk, I will present recent experimentation in which the scheduler of Toro is optimized to reduce the CPU usage of a VM. It has been identified three cases in which the scheduler can be optimized to reduce the impact of idle loops. To validate these techniques, I will present the impact of the improvements on a live running Toro VM on top of QEMU and Hyper-V. Open questions are welcome throughout the session to discuss the benefits and drawbacks of this approach but also take-away lessons. +: +B:1517751000 +E:1517752500 +S:Scaling Deep Learning to hundreds of GPUs on HopsHadoop +C:HPC, Big Data, and Data Science +L:H.1302 (Depage) +D:Scaling out deep learning training is the big systems challenge for the deep learning community.Backed by a high performance distributed file system (HopsFS) and the support for GPU sharing and management in the cluster manager (HopsYarn), the HopsWorks platform provides different flavors of Tensorflow-as-a-Service and it offers several possibilities for parallelizing and scaling out deep learning.In this talk we are going to present how data scientists can use the Hops to perform parallel hyperparameter searching, or how they can run traditional distributed Tensorflow on a big data cluster with the TensorflowOnSpark framework.In particular, during the talk, we are going to focus on the last generation of distributed Tensorflow architectures which borrow topology and communication pattern from the HPC field. In the Ring-AllReduce architecture, workers are organized in a ring topology and communicate gradients updates without incurring in the communication bottleneck with the parameter server(s) that traditional distributed Tensorflow suffers from. Ring-AllReduce has been used by Facebook and IBM to reduce the training time on Imagenet from 2 weeks to ~45minutes/1 hour.Finally, we will show how you can recreate the popular game "Quick, Draw!" using HopsWorks and Tensorflow services provided the platform.The code is available on Github at +: +B:1517751000 +E:1517752500 +S:Encrypted communication for mere mortals +C:Decentralised Internet and Privacy +L:H.1301 (Cornil) +D:The LEAP Encryption Access project is dedicated to giving all Internet users access to secure communications. Our focus is on adapting encryption technology to make it easy to use and widely available. Not only end users deserve useable programs, the barriers to entry for aspiring service providers are pretty high. LEAP's goal is to transform the existing frustration and failure into an automated and straightforward process. +: +B:1517664600 +E:1517666400 +S:The RED Method: How To Instrument Your Services. +C:Monitoring and Cloud +L:UD2.120 (Chavanne) +D:The RED Method defines three key metrics you should measure for every microservice in your architecture; inspired by the USE Method from Brendan Gregg, it gives developers a template for instrumenting their services and building dashboards in a consistent, repeatable fashion.In this talk we will discuss patterns of application instrumentation, where and when they are applicable, and how they can be implemented with Prometheus. We’ll cover Google’s Four Golden Signals, the RED Method and the USE Method. We’ll also discuss why consistency is an important approach for reducing cognitive load. Finally we’ll talk about the limitations of these approaches and what can be done to overcome them. +: +B:1517751000 +E:1517752500 +S:Public money, public code, the Italian way +C:Legal and Policy Issues +L:UA2.220 (Guillissen) +D:FSFE has recently launched the campaign "Public Money, Public code”, which promotes legislation requiring that publicly financed software developed for the public sector is made publicly available under a Free and Open Source Software licence. However, under the Italian Digital Administration Code, we already have a provision (amended in 2016) which seems to have similar effects. We tried to use it as a legal hack to make available the source code of publicly financed whistleblowing software. +: +B:1517664600 +E:1517666400 +S:Google’s approach to distributed systems observability for Go +C:Go +L:H.1308 (Rolin) +D:The progression of microservices in the industry resembles me the way microservices progressed at Google. First, a common container format. Then, a way to express complicated systems in terms of containers. Then, tools to deploy them and services to schedule them. Then, core networking services to support the complicated networking requirements of our highly large systems with complex dependencies. Then, observability: collecting diagnostics data not just to recognize and debug production problems, but also to provide critical signals about usage to our highly adaptive and scalable environment. +: +B:1517664600 +E:1517666400 +S:Photon Performance +C:Mozilla +L:UA2.118 (Henriot) +D:I'll share things we've learned while working on improving browser front-end performance. Techniques, best practices, what to definitely avoid, etc. There won't be a deep dive into any specific tool, but examples of how we measured performance and avoided / eliminated regressions during the Quantum / Photon development cycle, and what things we learned along the way. +: +B:1517664600 +E:1517666100 +S:What's new in Upipe +C:Open Media +L:H.1309 (Van Rijn) +D:This presentation will go over all the recent additions to Upipe, what's coming, how easy it is to add new modules and why it is the best multimedia framework in the universe. +: +B:1517751300 +E:1517752500 +S:The RTP bleed and what can we do? +C:Real Time Communications +L:H.1309 (Van Rijn) +D: +: +B:1517751600 +E:1517753100 +S:Turbocharging MySQL with Vitess +C:MySQL and Friends +L:H.1308 (Rolin) +D:Vitess has been in development since 2010, and has recently started gaining traction in the community. In this session, we'll cover the three major problems it solves: protecting MySQL instances, moving to the Cloud, and scaling indefinitely. +: +B:1517665200 +E:1517666100 +S:i3 window manager +C:Lightning Talks +L:H.2215 (Ferrer) +D:i3 is a tiling window manager aimed at developers for maximizing their productivity and control on their windows appearance, while maintaining maximum simplicity. +: +B:1517751600 +E:1517753400 +S:Retro-uC +C:Retrocomputing +L:AW1.121 +D:Presentation about a micro-controller with the proper instruction set for the retro enthusiast and a pilot project to testing the grounds for an open silicon movement. +: +B:1517751600 +E:1517752500 +S:NoSQL Means No Security? +C:Lightning Talks +L:H.2215 (Ferrer) +D:New systems are always interesting targets since their security model couldn’t mature yet. NoSQL databases are no exception and had some lurid articles about their security, but how does their protection actually look like? +: +B:1517751600 +E:1517752800 +S:Forwarding system calls to userspace +C:Containers +L:UD2.120 (Chavanne) +D:In this talk, I will describe SECCOMPUSERNOTIF, a new seccomp return type under development to forward syscalls to another userspace daemon. This would allow container engines to transparently hook syscalls like mount or modprobe, enabling applications inside containers to use these syscalls without modification. +: +B:1517751600 +E:1517752800 +S:Finding inter-procedural bugs at scale with Infer static analyzer +C:Source Code Analysis +L:UD2.119 +D:Infer is a static analysis tool - if you give Infer some Java or C/C++/Objective-C code it produces a list of potential bugs. Anyone can use Infer to intercept critical bugs before they have shipped to users, and help prevent crashes or poor performance. Infer has been successfully deployed at Facebook, where it identifies hundreds of potential bugs per month in mobile apps and backend code.This talk will present Infer, and how it can be used to help developers move fast and with more confidence. +: +B:1517751900 +E:1517753400 +S:Ceph & ELK +C:Software Defined Storage +L:H.2213 +D:Ceph is a distributed storage platform that is a contender to become the future of software defined storage, providing unified access to block, object and file interfaces.However like any complex systems there are various subsystems that may fail and analyzing logs is generally the first line of action.This is where the ELK stack comes in; to search, analyze and process logs and metadata. From the Kraken release of Ceph, Ceph's Object Storage (Radosgw/RGW)has integration for metadata search using ElasticSearch making it very easy to get much needed insights into how the object storage is being used for operators and users alike. +: +B:1517665800 +E:1517667000 +S:Native GTK3 UI +C:Open Document Editors +L:AW1.120 +D: +: +B:1517665800 +E:1517668800 +S:Generic Graphics Tablets in Linux +C:Graphics +L:K.4.401 +D:Presentation on the DIGImend project's efforts to improve Linux support for generic graphics tablets. +: +B:1517665800 +E:1517667300 +S:JVM startup: why it matters to the new world order +C:Free Java +L:UD2.208 (Decroly) +D: +: +B:1517666100 +E:1517667600 +S:Technical Writing for Non-Writers +C:Community devroom +L:K.4.601 +D:You need to write (technical) texts now and then? But you are not sure how to structure them, how to phrase your content, or how to best address your readers? This workshop shows you how to optimize texts to make them easier to understand (and translate). Get to know universal principles that can be applied to a wide variety of text types - including release notes, bug reports, error messages, or e-mails. +: +B:1517666100 +E:1517667900 +S:Samba AD in Fedora +C:Identity and Access Management +L:UD2.119 +D:Samba AD is a free software implementation of Microsoft's Active Directory solution. It took more than five years to port Samba AD to MIT Kerberos and now it is a part of Fedora 27 release. However, the work does not stop here. Active Directory is a complex set of technologies and one of driving factors behind Fedora Server work is to make them easier to deploy and manage. The talk will go into details what is needed to be done to make Fedora a preferred distribution to deploy Samba AD. +: +B:1517666100 +E:1517668500 +S:DTrace for Linux +C:Debugging tools +L:AW1.121 +D:DTrace for LinuxDTrace is a dynamic tracing tool that allows kernel and userspace tracing inoperating systems. It was first implemented for Sun's Solaris and later adoptedby other operating systems (Mac OS X, BSD). The Linux port is still ongoing.In this talk, I would like to introduce the D language and its features. After abrief introduction the talk will focus on the architecture of the DTrace itself.Last part of the talk will be focused on the current status of the project.DTrace is able to process data directly in kernel like eBPF. This allows us toperform some actions at the time an event has occured rather than during postprocessing of the records later in userspace. It allows also more precise selectionof events of interest.It is possible to use DTrace in many use cases:- A kernel hacker may precisely monitor the Linux kernel- A system administrator might use DTrace as an underlying technology for observing system behavior.- Participation in distributed tracing of complex scenariosI would like to show some real life examples how DTrace can be used to inspectrunning system or as source for external telemetric system. +: +B:1517752800 +E:1517754300 +S:rustfix +C:Rust +L:H.2214 +D:Rust programmers often seem happy to get compiler errors. Understandably so, the compiler is known to not just catch what would in other languages become a run time bug, but also to be quite helpful. On top of that, thehref="">clippyproject adds more than 200 additional lints, to catch even more errors, but also help guide users towards writing more idiomatic code. This talk is about the dream of automatically fixing many of these errors (based on compiler-provided suggestions) withhref="">rustfix. +: +B:1517752800 +E:1517756400 +S:ARM64 + FPGA and more: Linux on the Xilinx ZynqMP +C:Embedded, mobile and automotive +L:UB2.252A (Lameere) +D:The Xilinx Zynq UltraScale+ MPSoC (aka ZynqMP) is a powerful and complex chip featuring 64-bit cores, 32-bit realtime cores, a large FPGA, a GPU, video codecs and dedicated power management and security units.Luca will first give a brief overview of the hardware architecture and how it differs from other SoCs.Then he will explain with technical details how Linux can fully leverage the SoC resources. FPGA and booting issues will be covered in detail, but using the hardware accelerators and software support will also be discussed. +: +B:1517666400 +E:1517668200 +S:Creating GopherJS Apps with gRPC-Web +C:Go +L:H.1308 (Rolin) +D:This presentation will introduce gRPC, gRPC-Web and GopherJS to attendees. At the end of the presentation, they will know how to create a GopherJS frontend and leverage GopherJS gRPC-Web bindings for the communications with a generic Go gRPC backend. +: +B:1517752800 +E:1517753700 +S:Your Build in a Datacenter +C:Lightning Talks +L:H.2215 (Ferrer) +D:Projects such as ccache and distcc drastically lower the duration of C/C++builds by caching and distributing the work on many servers. These programs arefocused on C++ or C-like languages. Bazel, Google's open source build system, ismulti-language and has been used with a distributed caching and execution servicefor almost ten years inside of Google. Recently Google and others have built onthat experience to design an open-source remote caching and execution system forBazel.This talk will introduce remote caching and execution in Bazel, and the BuildFarmproject, a distributed remote caching and execution backend that is open source andavailable for everyone to use. +: +B:1517752800 +E:1517756400 +S:LibreOffice Exam Session 3 +C:Certification +L:UB2.147 +D:LibreOffice Certifications are designed to recognize professionals in the areas of development, migrations and trainings who have the technical capabilities and the real-world experience to provide value added services to enterprises and organizations deploying LibreOffice on a large number of PCs. +: +B:1517752800 +E:1517754300 +S:Improving the SecureDrop system architecture +C:Decentralised Internet and Privacy +L:H.1301 (Cornil) +D:SecureDrop is designed to address a threat model including nation state adversaries. Journalists and system administrators understand the tradeoff and are ready to make significant efforts because usability is difficult to improve without sacrificing security. We explore novel approaches to deploy the recommended hardware that significantly improves usability without compromising security. +: +B:1517752800 +E:1517753700 +S:Real Time Clustering with OpenSIPS +C:Real Time Communications +L:H.1309 (Van Rijn) +D:An in-depth view of the feature set of the upcoming OpenSIPS 2.4 clustering support (release due March 2018!). Built with targets in mind such as flexibility, robustness, stability and ease-of-use while also being easy to provision and reuse by higher-level modules, the latest OpenSIPS cluster is better than ever! +: +B:1517666400 +E:1517667900 +S:Designing PCBs with code +C:CAD and Open Hardware +L:K.4.201 +D:An overview and history of various tools and languages that allow you to use code rather than CAD software to design circuits. +: +B:1517752800 +E:1517754600 +S:Every subway network in the world +C:Geospatial +L:AW1.126 +D:The first subway station was mapped in OpenStreetMap eleven years ago. Since then, people have been adding station and routes in each of 170 cities with subway or light rail systems. But only a few months ago the mapped routes were first used for routing. Unsurprisingly, the quality of data was bad. In this talk Ilya will explain the subway mapping principles, show common errors, talk about the community's reaction to tidying up metro systems, and present the tool to extract metro routes from OSM into easy-to-use data structures, which is used for the MAPS.ME application. +: +B:1517752800 +E:1517754000 +S:The case against "It just works" or how to avoid #idiocracy +C:Open Source Design +L:K.4.201 +D:Design is more than usability testing and click analytics. Design always carried the dominant ideas of the era and championed them, forming cultures along the way. Today's design is immensely influenced by Steve Jobs and his "Just Works" and "Automagically" mantras. While recognizing the significance of the democratization of technology, it was done in a way that for the first time completely hides the way things work from their users. In fact it goes to great lengths to lock users out of their gadgets.Open source is about, among other things, freedom to study. In this spirit open source design isn't only about the sources of design documents, it's about facilitating the study of the inner workings: Let's create designs that are easy to use yet teach the user how the system we are designing works. Informed users will be able to better understand why a result is not what they expected, will be able to solve more of the possible problems, and the result is being happier both with the system and with themselves. +: +B:1517666400 +E:1517667300 +S:Godot 3, libre gamedev for everyone +C:Lightning Talks +L:H.2215 (Ferrer) +D:Community driven and fully FOSS, Godot Engine has established itself as the main 2D and 3D game engine in the FOSS ecosystem, and one of the key players in the game development industry as a whole. Its third installment brings 18 months of hard work from over 400 contributors, and so many features that we can't possibly showcase them all during a lightning talk - still, we will give a quick overview of the engine, its strength and the most striking features that may light in you the spark of game development using FOSS tools! +: +B:1517752800 +E:1517755500 +S:diskimage-builder: Building Linux Images for Cloud / Virtualization / Container +C:Virtualization and IaaS +L:UD2.218A +D:diskimage-builder: Building Linux Images for Cloud / Virtualization / ContainerEach virtualization, cloud or container platform needs images as base. There are many (specialized) tools to generate them. If your organization needs a set of e.g. different distributions with the same packages installed and the same configuration, diskimage-builder might be the tool to choose: it can generate a wide range of different distributions (e.g. RedHat/CentOS, Ubuntu, Debian, OpenSuse, Gentoo, ...) as a virtual machine or even docker images for a couple of architectures. Images are known to run on a wide range of virtualization and cloud services, like OpenStack, VmWare, AWS EC2, OTC, KVM, docker. diskimage-builder is highly configurable by means of 'elements': predefined and/or easy to write extensions.The talk is a general (technical) introduction to diskimage-builder with an in-depth chapter about the new block device layer like: images, loop devices, partitioning, lvm, mounting, fs, and fstab handling. +: +B:1517752800 +E:1517754300 +S:What's the difference between all those open data licenses? +C:Legal and Policy Issues +L:UA2.220 (Guillissen) +D:My talk will briefly review the major open data licenses including the differences between them and their interaction with free software licenses. Particular emphasis will be placed on thier application to databases.There are only a few popular open data licenses with a focus on open database licensing, but there is very little guidance on the differences between them. This talk will explain the differences between them, why they exist, and when you might prefer one over the other. I will also discuss sui generis database right, why it exists and how is it different than the traditional copyrights. +: +B:1517666400 +E:1517669400 +S:SPARK Language: Historical Perspective & FOSS Development +C:Ada +L:AW1.125 +D:SPARK started in 1987 as a restricted subset of Ada 83, defined by its own grammar rules. The overhaul of the language and toolset starting in 2010 increased greatly the language subset, dropping in effect the need for separate grammar rules. Since then, SPARK has progressively adopted most of the Ada features, to a point where the last remaining non-SPARK significant Ada feature today is pointers. We have started work on including safe pointers in SPARK, borrowing the ideas of pointer ownership from Rust. So one can legitimately wonder what difference remains between SPARK and Ada. +: +B:1517666400 +E:1517670000 +S:Package Management Unites Us All +C:Package Management +L:K.3.201 +D:This talk will present a high-level, consistent view of the properties of programming languages that are relevant to the design of language package (dependency) managers - and the communities that form around them. The talk is drawn from my experience in leading the efforts around Go's package management, and the ongoing and evolving efforts to take language package management from an incidental thing that languages "just have," up to a domain of inquiry and engineering that is about programming languages, but also independent of them (much like compilers). Writing I have already done ( is considered by a lot of folks who work in this area to be foundational in this new phase; I hope to have a number of new thoughts and writing to present by the time FOSDEM 2018 comes around. +: +B:1517666400 +E:1517668200 +S:syspatch(8) +C:BSD +L:K.3.401 +D:While installing and upgrading OpenBSD releases has always been a breeze,keeping a stable installation up-to-date with security and reliability patchesrequired fetching and applying cvs(1) diffs then build a new release which hadto be deployed on every maintained systems.In this talk I will introduce a new base system utility: syspatch(8). It is usedto fetch, verify, install and revert OpenBSD "binary" patches. +: +B:1517666400 +E:1517669400 +S:Configuration Revolution +C:Miscellaneous +L:K.1.105 (La Fontaine) +D:Free software is proud of its diversity, choices, and resulting variety,including but not limited to configuration. In this talk we will reflecton the last 13 years of experiences based on a user survey (286 answers),code analysis of 16 projects (comprising about 50 million lines of code),and our experience with Elektra. +: +B:1517666400 +E:1517668200 +S:Logging IoT +C:Embedded, mobile and automotive +L:UD2.218A +D:Logging events is important for every device connected to the Internet or a network. The syslog-ng application is an enhanced logging daemon, with a focus on portability and central log collection. It collects logs from many different sources, processes and filters them, and finally it stores them or routes them for further analysis. IoT developers can get started with it quickly, as its configuration language is similar to programming languages. +: +B:1517666400 +E:1517668200 +S:The future of the internet from a Mozilla perspective +C:Mozilla +L:UA2.118 (Henriot) +D:Mitchell Baker, executive chairwoman of the Mozilla Foundation and Mozilla Corporation, will share the organization's vision on the future of the internet. +: +B:1517666400 +E:1517668500 +S:Handling Billions Of Edges in a Graph Database +C:Graph Processing +L:H.2214 +D:The complexity and amount of data rises. Modern graph databases are designed to handle the complexity but still not for the amount of data. When hitting a certain size of a graph, many dedicated graph databases reach their limits in vertical or, most common, horizontal scalability. In this talk I'll provide a brief overview about current approaches and their limits towards scalability. Dealing with complex data in a complex system doesn't make things easier... but more fun finding a solution. Join me on my journey to handle billions of edges in a graph database. +: +B:1517666400 +E:1517667900 +S:GPAC: Support for High Efficiency Image Format (HEIF) +C:Open Media +L:H.1309 (Van Rijn) +D:This talk will focus on the High Efficiency Image Format.HEIF is an image format based on HEVC compression technology, and standardized by MPEG. The GPAC team is a contributor and provides tools to support it. +: +B:1517666400 +E:1517668200 +S:Fast Packet Processing in Linux with AF_XDP +C:SDN and NFV +L:H.1301 (Cornil) +D:Deep Packet Inspection (DPI) and other specialized packet processingworkloads are often run in user space due to their complexity and/orspecialization. With the increase of Ethernet speeds from 40, 100 to200 Gbits/s, the need for high-speed raw Ethernet frame delivery toLinux user-space is ever increasing. In this talk, we present AFXDP(formerly known as AFPACKET V4) designed to scale to these highnetworking speeds through the use of true zero-copy, lock-less datastructures, elimination of syscalls and other techniques, while stillabiding to the isolation and security rules of Linux. AF_XDP iscurrently an RFC on the Linux netdev mailing list with the goal toget it accepted upstream.In our evaluation, AFXDP provides a performance increase of up to 40xfor some microbenchmarks and 20x for tcpdump compared to previousAFPACKET (raw socket) versions in Linux. To illustrate the approach,we have implemented support for Intel I40E NICs and veth, but it shouldhopefully be easy to port to other NICs and virtual devices aswell. AFXDP is designed as an extension to the existing XDP supportin Linux so that XDP enabled devices will be able to use this. We alsoshow how SW networking libraries and SDKs such as DPDK can benefitfrom AFXDP to achieve increased robustness, ease-of-use and HWindependence. +: +B:1517752800 +E:1517754600 +S:Intro to Open Source Radio Telescopes +C:Software Defined Radio +L:AW1.120 +D:The Open Source Radio Telescope initiative is a group of educators and radio astronomy enthusiasts, trying to bring the world of radio astronomy closer to the people. We provide projects and education to anyone who wants to join.Find more about the project at: +: +B:1517752800 +E:1517755800 +S:SatNOGS: Crowd-sourced satellite operations +C:Space +L:Janson +D:An overview of the SatNOGS project, a network of satellite ground station around the world, optimized for modularity, built from readily available and affordable tools and resources. +: +B:1517752800 +E:1517755800 +S:Sustainability of Open Source in International Development +C:Community +L:K.1.105 (La Fontaine) +D:Today’s global climate of international development funding cuts, along with growing challenges in sustainability of FOSS projects generally, means we need to focus on co-investment in shared resources for those projects -- the mission of the DIAL Open Source Center.Duplication of effort, flawed funding models, and overall lack of project maturity has led to the failure of most free &amp; open source software projects in the international development space. In this talk, we'll discuss the new Open Source Center at the Digital Impact Alliance (DIAL), an initiative of the United Nations Foundation. The Center's aim is to help increase those projects' maturity, quality, and reach -- with a goal of advancing an inclusive digital society using FOSS for the poorest places on the planet. +: +B:1517752800 +E:1517754000 +S:Thunderbolt 3 and Linux +C:Hardware Enablement +L:K.4.401 +D:Thunderbolt 3 is a relatively new technology to connect peripherals to a computer. Devices connected via Thunderbolt can be DMA masters and thus read system memory without interference of the operating system (or even the CPU). Version 3 of the interface provides security levels in order to mitigate the aforementioned security risk that connected devices pose to the system. As result of this connected devices need to be to be authorized by userspace via a new kernel interface. The new kernel interface additionally supports updating the firmware of devices and the host controller.After an overview of the thunderbolt technology the specifics of the userspace enablement on GNU/Linux will be presented. +: +B:1517752800 +E:1517755200 +S:Presenting the Sympa Mailing List Manager and the new Sympatic CPAN module +C:Perl Programming Languages +L:K.4.601 +D:Sympa is a mailing list management software, and as such it provides a couple of standard features which most mailing list software programs provide. In addition to this basic set of features, you may customize the software given the specifications you have for your mailing service. +: +B:1517752800 +E:1517755800 +S:Network Automation Journey +C:Config Management +L:UA2.114 (Baudoux) +D:Network devices play a crucial role; they are not just in the Data Center. It's the Wifi, VOIP, WAN and recently underlays and overlays. Network teams are essential for operations. It's about time we highlight to the configuration management community the importance of Network teams and include them in our discussions. This talk describes the personal experience of systems engineer on how to kickstart a network team into automation. Most importantly, how and where to start, challenges faced, and progress made. The network team in question uses multi-vendor network devices in a large traditional enterprise. +: +B:1517666400 +E:1517669400 +S:Reimagining EDSAC in open source +C:History +L:Janson +D:We have recreated one of the first modern computers using a low cost FPGA board, Arduinos, 3D printing and simple discrete electronics. Aimed at schools and hobbyists, this open source project allows a new generation to experience the operation of a computer from 1948.This talk will tell the story of the project, culminating in the three day extravaganza that was ChipHack 2017. I will be demonstrating all the components of the system: the delay line, the 3D printed peripherals and the processor core on FPGA. At the end of this talk, I hope you will understand more about this historic computer and be inspired to build your own EDSAC. +: +B:1517666400 +E:1517669100 +S:Keeping It Real (Time) +C:Virtualization and IaaS +L:UB2.252A (Lameere) +D:Real-time in OpenStack is a thing now. Let's explore what this actually looks like to a user, and (in brief) how it works under the hood. +: +B:1517666400 +E:1517669400 +S:Blue elephant on-demand: Postgres + Kubernetes +C:PostgreSQL +L:H.1302 (Depage) +D:So, you've chosen Postgres to manage your data; next challenge is where to run it at scale? Want to avoid vendor lock-in and take advantage of the latest Postgres features and popular extensions not available in managed services from commercial vendors? Need to integrate your Postgres databases with existing monitoring and deployment tools? Interested in building your own database as a service?In fact, you can do it with existing open-source components. Our talk is a story of how the database team at Zalando created company-wide database-as-a-service based on Postgres, Kubernetes and various open-source tools we developed on our own. We will share how we run hundreds of high-availability Postgres clusters on Kubernetes and automate routine operations using our open-source Postgres operator, providing developers easy-to-use tools to create, manage and monitor their database instances.We are going to cover, among other things:Kubernertes Postgres operatorPostgres HA with PatroniPostgres web-based realtime monitoringPostgres pam authentication with Oauth2 tokensand other open-source components. We will also show a live demo. +: +B:1517752800 +E:1517754300 +S:AI on Microcontrollers +C:HPC, Big Data, and Data Science +L:H.1302 (Depage) +D:The deployment of Deep learning technology today normally limited to GPU clusters, due to their computational requirements. For AI to be truly ubiquitous, its cost and energy efficiency needs to be improved. With the recent developments made in algorithms and MCUs, we introduce a deep-learning inferencing framework which runs TensorFlow models on MCU powered devices (with Mbed). In comparison to GPUs and mobile CPUs, MCU based devices are much more cost and power efficient. We believe this will open a new paradigm to AI and edge computing. +: +B:1517753100 +E:1517754300 +S:Exploring container image distribution with casync +C:Containers +L:UD2.120 (Chavanne) +D:Container engines like Docker and rkt download container images containing applications to be executed. With Kubernetes – a container orchestration system – updates to a new version of an application can be propagated on the nodes automatically. When the new version has only a few changes compared to the previous versions, this results in downloading the same content again, wasting network bandwidth. With casync – a content-addressable data synchronization tool – we could do better. +: +B:1517753100 +E:1517754600 +S:IoT.js - A JavaScript platform for the Internet of Things +C:Internet of Things +L:AW1.125 +D:IoT.js - A JavaScript platform for the Internet of ThingsIoT.js is a javascript platform that aims to provide inter-operable services for IoT world. Powered by JerryScript, an ultra-lightweight modular JavaScript engine, the platform is designed to bring the success of Node.js to constrained IoT devices. To address interoperability, IoT.js has provided a Node.js friendly architecture and comes with a subset of Node.js APIs. Since Samsung OSG first presented IoT.js in FOSDEM in 2016, the platform has been through a rapid growth in last couple of years. With a lot active high-quality contributions from the IoT.js and JerryScript open source community, IoT.js has released version 1.0 in July 2017 which presented a rich set of features, hardware and tool supports for developers. In this talk, we are looking at recent developments in IoT.js and share our vision for future plans. The talk is supported by a demo of iot.js running on constrained device seamlessly connects to node.js for third party cloud access. +: +B:1517753100 +E:1517755500 +S:How to cross-compile with LLVM based tools +C:LLVM Toolchain +L:K.3.401 +D:In theory the LLVM tools support cross-compilation out of the box, with all tools potentially containing support for all targets. In practice getting it to work is more complicated, configuration options have to be given and the missing parts of the toolchain need to be provided. In this presentation we will go through the steps needed to use an X86 linux host to cross-compile an application to run on an AArch64 target, using as many of the LLVM tools as possible. We'll cover:- Getting hold of the LLVM tools and libraries.- Providing the missing bits that LLVM doesn't provide.- The configuration options needed to make it work.- Running the application using an emulator.This talks is primarily aimed at users of LLVM based tools on Linux, with no specific knowledge of LLVM internals required for the majority of the material. +: +B:1517753100 +E:1517754300 +S:Tree-sitter +C:Source Code Analysis +L:UD2.119 +D:Developer tools that support multiple languages generally have very limited regex-based code-analysis capabilities. Tree-sitter is a new parsing system that aims to change this paradigm. We're in the process of integrating Tree-sitter into both and Atom, which will allow us to analyze code accurately and in real-time, paving the way for better syntax highlighting, code navigation, and refactoring support. We'll demo some new features that Tree-sitter has enabled in and Atom, discuss its implementation, and share thoughts on ways it could be used in the future. +: +B:1517666700 +E:1517669400 +S:Testing and Validating distributed systems +C:Testing and automation +L:H.2213 +D:As distributed data parallel systems, like Spark, are used for more mission-critical tasks, it is important to have effective tools for testing and validation. This talk explores the general considerations and challenges of testing systems like Spark through spark-testing-base and other related libraries. +: +B:1517753400 +E:1517754900 +S:Orchestrator on Raft: internals, benefits and considerations +C:MySQL and Friends +L:H.1308 (Rolin) +D:Orchestrator operates Raft consensus as of version 3.x. This setup improves the high availability of both the orchestrator service itself as well as that of the managed topologies, and allows for easier operations.This session will briefly introduce Raft, and elaborate on orchestrator's use of Raft: from leader election, through high availability, cross DC deployments and DC fencing mitigation, and lightweight deployments with SQLite.Of course, nothing comes for free, and we will discuss considerations to using Raft: expected impact, eventual consistency and time-based assumptions.orchestrator/raft is running in production at GitHub, Wix and other large and busy deployments. +: +B:1517667000 +E:1517668800 +S:LO URI 101 +C:Open Document Editors +L:AW1.120 +D:This talk will be a short refresher on the various functionality available in LibreOffice for (textual) URI processing. For historical reasons, that functionality is more arcane and error-prone than it needs to be. We will be looking at the typical pitfalls and fixes. +: +B:1517667000 +E:1517668800 +S:Evolving Prometheus for the Cloud Native World +C:Monitoring and Cloud +L:UD2.120 (Chavanne) +D:As the industry moves towards more cloud based and containerised solutions such as Kubernetes, monitoring tools have to keep up. These new environments are far more dynamic than the hand-maintained machines of old, requiring more sophisticated and scalable approaches. This talk will look at how Prometheus has evolved over the past 5 years to be better able to cope with these challenges, including the 2.0 release and practices that we encourage in a cloud native world. +: +B:1517667000 +E:1517669100 +S:Rust On L4Re +C:Microkernels +L:AW1.126 +D:Rust is a modern systems programming language with compiler-enforcedmemory-safety guarantees, safe concurrency and a powerful type system. L4Reoffers safety features on the operating system level through isolation andvirtualisation. Both together can form a unique combination for reliable andsecure services. In this talk, I will present my port of Rust to L4Re and discuss some of thechallenges of integrating the compiler Rustc into a different build system. Iwill also discuss future work on how to apply Rust's strong type system to L4ReIPC. +: +B:1517753700 +E:1517756100 +S:CephFS Gateways +C:Software Defined Storage +L:H.2213 +D:This talk will cover how NFS-Ganesha and Samba can be used to exportCephFS to NFS and SMB clients such as Windows, macOS, etc.Challenges, including active-active clustering, failover, cross-protocolcaching and access control lists will be discussed, with a look atcurrent and future solutions. +: +B:1517753700 +E:1517755500 +S:NetBSD - A modern operating system for your retro battlestation +C:Retrocomputing +L:AW1.121 +D:The NetBSD operating systems focus on portability means that over the yearssince its inception it has ammassed support for a large body of platforms acrossmany CPU architectures with continued support to this day. +: +B:1517754000 +E:1517755200 +S:Open Source BIOS at Scale +C:Hardware Enablement +L:K.4.401 +D:At Online/Scaleway, we built a BIOS based on coreboot, FSP and TianoCore. We are using it at scale in our datacenters. This talk will go through Why and How we did it. We will detail the Pros and Cons of the approach. Spoiler: we’re happy with the result! +: +B:1517667600 +E:1517668500 +S:i++: run your FOSS off +C:Lightning Talks +L:H.2215 (Ferrer) +D:Once a year, the students of Leuven congregate to run like hell. Teams of students compete against each other in a 24 hour relay race. ULYSSIS is a student organisation that voluntarily provides many IT services for other students, like providing the automatic lap counting system at the 24 hour run, using their own software called i++. This talk will describe how this lap counting system works and describe the dream I have of a cheap user-friendly system using free and open source software, that would enable other organisations to organise similar events. +: +B:1517754000 +E:1517754900 +S:Enroll 2FA to thousands of users with privacyIDEA +C:Lightning Talks +L:H.2215 (Ferrer) +D:privacyIDEA is an Open Source Multi Factor Authentication System. It supports a wide variety of 2nd factor types like Smartphone Apps, key fob tokens, U2F, YubiKeys, Nitrokeys but also managing SSH keys and x509 certificates.Important features are several simple ways to automate processes and thus easily enroll, personalize or revoke authentication object in existing workflows. +: +B:1517754000 +E:1517754900 +S:HOMER 7 +C:Real Time Communications +L:H.1309 (Van Rijn) +D:HOMER 7 is the latest generation of our FOSS RTC and VoiP Capture Framework, focused on integration, modularity and multi protocol support. +: +B:1517667600 +E:1517669100 +S:Class Metadata: A User Guide +C:Free Java +L:UD2.208 (Decroly) +D:The OpenJDK JVM eats class bytecode and spits out Java heap objects andmachine code as part of normal execution. However, the JVM manages moredata than just bytecode, Java objects JITted code. In order to manageheap memory and to ensure correct execution, the JVM and JITted codeneed to retain and, occasionally, interrogate details of the loadedclass base. Bytecode is not a very 'efficient' representation for thispurpose, nor does it include details of runtime-derived info like classand method implementation dependencies, compile history and JITted codestatus, or execution profiles.So, the JVM throws away most bytecode after parsing, in its placeconstructing and maintaining its own 'efficient' in-memory (C++) datastructures which model both the loaded class and method base andruntime-derived state. This is what is known as Class Metadata. ClassMetadata is a significant component of the Native Memory storageallocated and managed by the JVM, alongside JIT Compiler Metadata, GCMetadata, Thread Metadata, etc. For small applications that don't createa large number of Java objects Metadata can constitute a large portionof a Java application's resident memory set.This talk will begin by describing how to use the jcmd tool to measuresummary JVM Native Memory storage costs, including overall ClassMetadata costs. It will also show how to use jcmd to obtain a detailedbreakdown of the latter costs, splitting the overheads along two axes:firstly, by class; and secondly, dividing per-class costs into separatesub-costs associated with different component subsets of the classmodel: classes per se, constant pools, methods and annotations.I will go on to explain how Class Metadata is carved out of the memoryregions managed by the JVM's Native Memory allocation routines anddetail the memory layout of the various C++ types which define theelements of the Class Metadata model, thereby clarifying some of themore detailed statistics available in jcmd output. Real-life use caseswill be employed to explain how specific costs arise from code designchoices and to suggest how alternative choices might increase ordecrease Class Metadata costs. +: +B:1517667900 +E:1517669400 +S:A Bug in Your Ear +C:Community devroom +L:K.4.601 +D:You notice a bug (problem or opportunity for improvement) and then you put a bug (metaphorical insect) into someone's ear. Most people don't like bugs (actual insects) so have you successfully bugged (bothered) them or have you done A Good Thing? When you find yourself with access to someone who could make things better for people who don't feel comfortable speaking up, how do you use this power in a way that contributes to real improvement without eclipsing other people's input? You also want to make sure that you aren't betraying confidences or triggering backlash to yourself or others. It seems like a tricky line to walk, but with a little diplomacy and lot of benefit of the doubt you can make tangible improvements to your corner of the free software community. +: +B:1517668200 +E:1517670000 +S:netmdev: mediated net_device +C:SDN and NFV +L:H.1301 (Cornil) +D:Unbinding Linux kernel drivers to allow userland IO through VFIO has a number of disadvantages such as another large touchy code base to deal with the hardware, loss of standard Linux tools (ifconfig, ethtool, tcpdump, SNMPd...) and impossibility to accelerate container networking. Mediated device introduced in Linux kernel 4.10 for GPUs and provisions for additional devices hold the promise of collaboration between kernel drivers and userland application in need of direct datapath steering.Packet frameworks such as OpenDataPlane, DPDK, VPP and Netmap may benefit from leveraging mediated devices.This sessions intends to discuss the practicalities and security aspects of such an approach and how ODP and DPDK communities may collaborate on userland IO. +: +B:1517754600 +E:1517756100 +S:Measuring security and privacy on the Web +C:Decentralised Internet and Privacy +L:H.1301 (Cornil) (in public beta since June 2017) is an automated website scanning platform that allows anyone to investigate websites for privacy and security issues. Users can use PrivacyScore to compare related websites (e.g., of all political parties in a country). We will present insights from running the platform, interesting results, and discuss future plans for the platform with the audience. +: +B:1517754600 +E:1517756100 +S:Productionizing Spark ML Pipelines with the Portable Format for Analytics +C:HPC, Big Data, and Data Science +L:H.1302 (Depage) +D:The common perception of machine learning is that it starts with data and ends with a model. In real-world production systems, the traditional data science and machine learning workflow of data preparation, feature engineering and model selection, while important, is only one aspect. A critical missing piece is the deployment and management of models, as well as the integration between the model creation and deployment phases.This is particularly challenging in the case of deploying Apache Spark ML pipelines for low-latency scoring, since the Spark runtime is ill-suited to the needs of real-time predictive applications. In this talk I will introduce the Portable Format for Analytics (PFA) for portable, open and standardized deployment of data science pipelines and analytic applications. I will also introduce and evaluate Aardpfark, a library I have created for exporting Spark ML pipelines to PFA, as well as compare it to other open-source alternatives available in the community. +: +B:1517668200 +E:1517670000 +S:Building and testing a distributed data store in Go +C:Go +L:H.1308 (Rolin) +D:This talk covers my experiences designing, building and testing a open-source distributed metrics store in Go.I'll explain:the system architecture and the trade-offs involved in distributed systemshow the design evolvedhow Go is well-suited to high throughput distributed systemsuseful libraries for building such systems in Gousing pprof to identify performance bottleneckshow data structures affect garbage collection in high-throughput systemstesting strategies and failure injection +: +B:1517754600 +E:1517757900 +S:Fedora Modularity II - The rise, the fall, and the happy future +C:Distributions +L:K.3.201 +D:Fedora Modularity decouples lifecycle of software from the core distribution, and allows packagers to build RPM packages for multiple releases from a single source branch. Come and learn about easier packager workflows, making multiple versions of packages available, but also about what we have learned while developing Modularity, what we have tried and failed, and our current direction. +: +B:1517754600 +E:1517755800 +S:Parsing Posix [S]hell +C:Source Code Analysis +L:UD2.119 +D:Parsing the POSIX shell language is challenging: lexical analysis depends on the parsing context ; parsing is specified by an ambiguous BNF grammar annotated with adhoc rules ; the language specification is informal... and, the icing on the cake: statically parsing a shell script is actually undecidable!Forget about your textbooks! Existing implementations of shell interpreters contain hand-crafted character-level non-modular syntactic analyzers and yes, their source code are very hard to read.What if you had to program the parser of a shell script verifier? Would you accept to throw away your favorite lexer and parser generators which had let you write high-level declarative implementations for decades? Would you accept to mix lexing, parsing and evaluation in a single large bowl of spaghetti code? Of course not. You would hardly trust such a parser.In this talk, we will introduce "Morbig", a modular, high-level and interoperable parser for POSIX shell. The implementation of Morbig relies on key features of Menhir, an LR(1) parser generator for OCaml. +: +B:1517754600 +E:1517755800 +S:Optimized container live-migration +C:Containers +L:UD2.120 (Chavanne) +D:LXD has supported container migration between hosts for a long time. Recently we have not just implemented optimized transfers of container storage for non-live migration and live migration but also optimized transfers of the container's memory state for the live migration case. This talk will give an overview how live and non-live migration works and what was done to tweak performance. +: +B:1517668200 +E:1517670300 +S:Samba authentication and authorization +C:Identity and Access Management +L:UD2.119 +D:Active Directory is Microsoft's implementation of the LDAP, DNS and Kerberos protocols. It is highly popular in corporate environments. Samba as an SMB server needs to integrate into AD to participate in the Active Directory Authentication and Authorization mechanisms. This talk will give an overview of the aspects of Active Directory that Samba utilizes and gives an introduction into winbind, the main component of Samba responsible for AD integration. +: +B:1517668200 +E:1517669700 +S:Matroska Low-Latency streaming +C:Open Media +L:H.1309 (Van Rijn) +D:Low-Latency video over HTTP using Matroska (or all the features of Matroska you never heard about) +: +B:1517668200 +E:1517670000 +S:Making the web faster with the JavaScript Binary AST +C:Mozilla +L:UA2.118 (Henriot) +D:Large websites and webapplications commonly provide pages that require loading of Megabytes (sometimes tens of Megabytes) of JavaScript code. That's bad both for the network and for the loading speed of the page. While source code minifiers can help, they make the code harder to read and debug, and sometimes slower to load. The JavaScript Binary AST is an ongoing work to extend the JavaScript Virtual Machines with a novel compression format that should make the code both smaller and faster to parse, without making it hard to read and debug.We'll present the JavaScript Binary AST, as well as the tradeoffs we need to make between parsing speed and file size to guarantee safety and make it compatible with future versions of JavaScript. +: +B:1517668200 +E:1517675400 +S:LPI Exam Session 2 +C:Certification +L:UB2.147 +D:LPI offers discounted certification exams at FOSDEM +: +B:1517754600 +E:1517755800 +S:Free your Weather Station! +C:Software Defined Radio +L:AW1.120 +D:Short presentation on hacking the Oregon Scientific WeatherStation with a proprietary interface.To free the data within. +: +B:1517754600 +E:1517756100 +S:Reaching const evaluation singularity +C:Rust +L:H.2214 +D:The Rust interpretermirihas been merged into rustc to be its new const evaluator. This merge not only fixed various bugs in the old const evaluator, it opened up the avenue for many new features. Ever wanted to do aforloop in a constant? Want to parse atomlfile into a staticConfigstruct and report parsing errors as compile-time errors? Well, now you can do all that (pending RFCs for the details). In this talk I will present miri's design, its usage in the compile-time evaluator as well as future features that are enabled by it +: +B:1517754600 +E:1517756400 +S:Rendering map data with Mapnik and Python +C:Geospatial +L:AW1.126 +D:Mapnik is an open source toolkit for rendering maps, probably best known for producing the map tiles for It provides a stylesheet language, input handlers for different GIS data formats, and C++ and Python API bindings. +: +B:1517668200 +E:1517670000 +S:Piece of cake - testing remote embedded devices made easy +C:Embedded, mobile and automotive +L:UD2.218A +D:Designing custom hardware, though might seem intimidating at first, can simplify many activities. It solves certain issues, but often raises many others. Paweł will present a fresh open hardware approach at providing remote access (including device flashing, debugging and power management) to embedded devices -href="">MuxPi, successor ofhref="">SD MUXboard (showcased during FOSDEM 2016 and Embedded Linux Conference 2016). +: +B:1517754600 +E:1517755800 +S:The Open Decision Framework +C:Open Source Design +L:K.4.201 +D:The Open Decision Framework is a process for making transparent and inclusive decisions in organizations that embrace open source principles. It was introduced by Red Hat in 2016 (see link below). I got involved in this project by translating the framework in French and then I started to use it in my own company to resolve complex situations. +: +B:1517754600 +E:1517756100 +S:The Future of Copyleft: Data and Theory +C:Legal and Policy Issues +L:UA2.220 (Guillissen) +D:Using (copylefted!) data from the 32 repositories and 2.5M projects covered by, we'll survey the state of copyleft. This will include the growth of AGPL, the reciprocal scope of the GPL, and what stacks copyleft has been most successful in. We'll then use the data to inform a look at theory and discuss where copyleft might be going: where is copyleft's success? where and how is that relevant in the modern software landscape? what directions might future copyleft licenses take? +: +B:1517668200 +E:1517669700 +S:horizon - a new star on the EDA sky +C:CAD and Open Hardware +L:K.4.201 +D:Horizon is a from-scratch EDA package with focus on useful parts management and rule-driven design. Even though it's still work in progress and some features are missing, it's already usable for small to medium-sized projects. +: +B:1517668500 +E:1517671200 +S:OpenBSD as house alarm system +C:BSD +L:K.3.401 +D:since 1998 I've developed an alarm system based on the velleman K8000 kit. I've first build it with Linux (slackware), in 2010 I've moved to OpenBSD. I'll describe why OpenBSD is better matching my needs than Linux. +: +B:1517755200 +E:1517756100 +S:The future of Sympa +C:Lightning Talks +L:H.2215 (Ferrer) +D:sympa is just 20 years old, it has a world wild large base and a small community of developpers. as a member of the community, i will explain the features that makes sympa worth to be actively developped and what are the next steps. +: +B:1517755200 +E:1517756700 +S:MyRocks roadmaps and production deployment at Facebook +C:MySQL and Friends +L:H.1308 (Rolin) +D:We recently finished migrating from InnoDB to MyRocks in our user database (UDB) at Facebook. We have been running MyRocks in production for a while and we have learned several lessons. In this talk, I will share several interesting lessons learned from production deployment and operations, and will introduce future MyRocks development roadmaps. +: +B:1517755200 +E:1517757600 +S:Software necromancy with Perl +C:Perl Programming Languages +L:K.4.601 +D:Making ancient software work again using Perl. I show two case studies of how I’ve recovered old software. First, I recover a late 80s 4GL using Regexp::Grammers to save vital software after it’s run-time died from bitrot. Second, I use Perl to glue some games written in Turbo Pascal to SDL. Code at +: +B:1517755200 +E:1517756100 +S:Using CGRateS as online Diameter/Radius AAA Server +C:Real Time Communications +L:H.1309 (Van Rijn) +D:Diameter and Radius are protocols heavily used by operators in today's communication networks (LTE, WiFi, etc).In this talk Dan will review CGRateS architectural components needed to create a complete and generic Diameter/Radius Authorization and Accounting server solution.CGRateS is a battle-tested Enterprise Billing Suite with support for various prepaid and postpaid billing modes. +: +B:1517668800 +E:1517669700 +S:Integration of Bikeshare Information into an Open-source Transportation App +C:Lightning Talks +L:H.2215 (Ferrer) +D:The General Bikeshare Feed Specification (GBFS) was launched by the North American Bikeshare Association (NABSA) in 2016 as a standardized way for apps to access information about the availability and location of rental bikes, as well as the capacity of racks where bikes can be returned. However, there currently aren't any open-source tools or projects that demonstrate how GBFS data can be consumed and visualized in a mobile app. The project implemented as part of Google Summer of Code 2017 successfully added support to GBFS to OneBusAway Android App. The lightning talk will walk through the details of how it was accomplished as well as challenges encountered during the process. +: +B:1517755200 +E:1517756400 +S:Automating Secure Boot testing +C:Hardware Enablement +L:K.4.401 +D:Short talk about the status and challenges of Secure Boot testing automation at Red Hat, done as part of the kernel UEFI testing.The talk aims to cover the tools and platforms used for testing, as well as the coverage that it currently provides. +: +B:1517668800 +E:1517671200 +S:Introduction to kmemleak +C:Debugging tools +L:AW1.121 +D:kmemleak (Kernel Memory Leak Detector) is a debugging tool integrated to the Linux kernel which provide a way to detect possible memory leaks. This talk is an introduction to kmemleak usage. +: +B:1517668800 +E:1517670000 +S:Hidden Gems in Draw/Impress Part 2 +C:Open Document Editors +L:AW1.120 +D:The Open Office Editors have a long history and mighty tools in their Draw/Impress applications. Due to the long development history, and the always changing UI of software, some of these mighty tools/helpers are pretty hidden nowadays. The Presentation gives an introduction over very useful Tools/Helpers in the current LibreOffice and how to use them to your advantage. There will be a short, abstract overview, but the main part will be demonstrating/presenting these tools in direct usage. This presentation is an advanced version of the original presentation held at the LibreOffice conference 2016 in Brno. Due to the huge echo I got from the first presentation, I decided to refine it and offer it at FOSDEM this year. +: +B:1517669100 +E:1517671800 +S:Distributed File Storage in Multi-Tenant Clouds using CephFS +C:Virtualization and IaaS +L:UB2.252A (Lameere) +D:OpenStack deployments are increasingly embracing distributed file storage solutions for virtual servers to provide fault-tolerance, mobility, and sharedstate between servers. The Ceph distributed file system (CephFS) has taken aleading role in providing this as a cache-coherent, horizontally scalable, and POSIX-compatible file store for OpenStack operators, leveraging Ceph's dominance and flexibility in OpenStack deployments where it already providesobject and block storage solutions.The OpenStack Shared File Systems service, Manila, provides a modular framework for securely exporting file shares to tenants in the cloud. In this session we will describe how Manila has been extended to support export of shares backed by CephFS via the NFS protocol to tenant VMs. We’ll discuss reasons for using NFS instead of or in addition to doing native CephFS exports and cover current and planned approaches to such issues as multi-tenancy, performance, and scale out of services.This talk will be of immediate practical interest to cloud operators who have or are planning use Ceph clusters for object and block storage and want to use the same cluster for shared file services as well as to those more generally interested in Manila, distributed file systems, or Ceph evolution. +: +B:1517669100 +E:1517672100 +S:Kodi and Embedded Linux +C:Graphics +L:K.4.401 +D:In a world where a new single board computer (SBC) comes out every month it has become impossible to maintain all the proprietary methods that are used with the boards. A movement towards a unified windowing method and unified decoding methods has started. For Kodi version 18 a Direct Rendering Manager / Kernel Mode Setting (DRM/KMS) windowing method has been implemented. This allows any device that has a Linux kernel DRM driver to run kodi. The next step is video decoding, where each SBC has it's own specific decoder and software to run it. The Linux kernel implements a Video4Linux2 (V4L2) subsystem where drivers can register a decoder to be used under a common API. Kodi needs to be able to use a zero-copy path in order to display these decoded frames on the screen. For this to happen we need to use DRM-PRIME buffer sharing and specific EGL extensions to present the frames. All this together will allow Kodi 18 to run on a vast variety of SBCs that have DRM driver and a V4L2 driver available. +: +B:1517669100 +E:1517671200 +S:It's a Trie... it's a Graph... it's a Traph! +C:Graph Processing +L:H.2214 +D: +: +B:1517755500 +E:1517757000 +S:The dark side of Internet of things +C:Internet of Things +L:AW1.125 +D:With the advent of the Internet of things, monitoring and controlling everything such as coffee maker, lights, TV, Fridge,etc. over the internet has become a child's play. But are we really making our lives simpler or diving ourselves in a vast ocean which is getting deeper and deeper? In today's world where the security of our data of a major concern, the number of websites are always tracking what we search for, what we watch, our location and now when things are limited to only data, adding another dimension i.e. physical entities is really a big question.From this talk audience will take away an understanding of the privacy concerns related to IoT, and how they may be putting their personal information at risk by connecting my physical entities to the internet. Is it really safe to connect things to the internet? +: +B:1517755500 +E:1517758200 +S:Openstack compliance with GDPR +C:Virtualization and IaaS +L:UD2.218A +D:The General Data Protection Regulation (GDPR) is already effective but will be enforced starting from 25th of May 2018, this leave companies few months to ensure compliance for their Openstack deployments.In this session we'll discuss best practices and challanges of this task. +: +B:1517755800 +E:1517757600 +S:Game development for the ColecoVision and Sega 8-bit systems +C:Retrocomputing +L:AW1.121 +D:The ColecoVision and Sega Master System are popular video game systems of the 1980s. The central part of the free toolchain is the Small Device C Compiler (SDCC), which features some optimizations particularly suited to the irregular architectures, allowing SDCC to generate efficient code for the Z80.Hardware similarities between the ColecoVision and the Sega 8-bit systems allow to target both in game development, which is supported by cross-platform libraries. +: +B:1517755800 +E:1517756100 +S:Easy::jit: just-in-time compilation for C++ +C:LLVM Toolchain +L:K.3.401 +D:Finally! The wonders of just-in-time compilation are available in C++:runtime specialization, code derived from data structures, and many more!Easy::jit provides a simple interface over the LLVM's just-in-time compiler.No specific compiler knowledge is required!A single function call serves as the specification for the generated code andentry point for the just-in-time compiler.The user can precisely control when the compilation is launched,do it in a separate thread if desired or cache the generated code,and manage the lifetime of the generated baz(int a, int b) { ... }int foo(int a) {// compile a specialized version of baz auto baz_2 = easy::jit(baz, _1, 2); // mimics std::bindreturn baz_2(a); // run !}The call toeasy::jitgenerates a mix of compiler directives and runtimelibrary calls, that are picked up by an especial LLVM pass.This pass embeds metadata and bitcode versions of the C++ code in theresulting binary.A runtime library parses the metadata and bitcode, and generates assemblycode based on the runtime library calls in the code.This talk introduces the Easy::jit library, the approach of a compiler-assisted library,its current limitations, and tries to gather feedback from experts and potential users. +: +B:1517669400 +E:1517670900 +S:Java in a World of Containers +C:Free Java +L:UD2.208 (Decroly) +D:Container technologies such as Docker are rapidly becoming the de-facto way to deploy cloud applications, and Java is committed to being a good container citizen. This talk will cover some of the new the tools and techniques for reducing container size (jlink, Alpine/musl support), for improving startup time and sharing of data between JVMs (AppCDS and ahead-of-time compilation), and the recent work that has gone into interacting with container resource limitations. +: +B:1517669400 +E:1517671200 +S:Graphite at Scale at Criteo: BigGraphite +C:Monitoring and Cloud +L:UD2.120 (Chavanne) +D:Graphite meets Cassandra to Scale Monitoring at CriteoThis talks is about the BigGraphite project: love or hate Graphite (,, and whatever might be your take on it, it's huge part of the open source monitoring ecosystem.Graphite store data in it's own database, called whisper. But managing whisper at scale can become a challenge. BigGraphite original goals where to reduce the human cost of maintaining Graphite at scale by allowing SRE teams to easilly add and remove machines.This talk will explain how we did it, how we use Graphite at Criteo, and our future plans for BigGraphite. +: +B:1517756100 +E:1517757300 +S:JavaParser: where should we head? +C:Source Code Analysis +L:UD2.119 +D:As developers we provide great tools to automatize the tasks done by others but we still do most of our work manually. We have the possibility to taste our own medicine and build tools to process code. We could do that for generating reports, verifying code quality, or even migrating code. For example, we could build tools to adapt the code to use a new version of a certain library. We can do all of this using JavaParser and JavaSymbolSolver, two open-source libraries. +: +B:1517669700 +E:1517671200 +S:XWiki: a case study on managing corporate and community interests +C:Community devroom +L:K.4.601 +D:In this talk we will look at how XWiki SAS has been able over 14 years to build XWiki as Open Source and also launch recently the CryptPad project while keeping an honest community open and a fair Open Source model. What has been the challenges to make this happen and what questions have been asked internally. We will also discuss what criteria are or not compatible with an Open Source project and an fair and honest community oriented process. +: +B:1517756100 +E:1517757600 +S:Everything you need to know about containers security +C:Containers +L:UD2.120 (Chavanne) +D:Security is important but not everyone cares about it until something bad happens. In this talk, I’ll speak about main tips for integrating Security into Containers.I will share my knowledge and experience and help people learn to focus more on Containers Security.In this talk I will review the state of the art of application security practices and talk about best security practices to create more secure containers. And we look at organizational, process, and technology innovations to secure applications in ways that incorporate, but go beyond, testing for vulnerabilities, by looking at what developers can do before checking in code and what application security looks like in production. +: +B:1517669700 +E:1517671500 +S:Rux: Development of a Hobbyist Rust Microkernel +C:Microkernels +L:AW1.126 +D:Rux is a hobbyist microkernel written in Rust. This talk will give a short overview over the Rux microkernel design and something I learned from it along the way. Besides a capability-based resource management system similar to seL4, Rux also tries to take full advantage of Rust's memory safety features. By "abusing" a little bit of the interrupt handlers, Rux is able to restore Rust's threading model during normal kernel runtime. +: +B:1517756400 +E:1517757900 +S:Rust - embedding WebAssembly for scripting +C:Rust +L:H.2214 +D:Rust is associated with performance, memory safety and control of memory usage. Embedding dynamic runtimes such as for Lua or Javascript for dynamic scripting within the Rust-App would introduce an huge overhead. A WebAssembly-engine seems to be a good choice as compact and portable runtime environment. JIT-compiler may be used in future to transform WASM files to native code.The talk will present WebAssembly technology and the benefits and pitfalls integrating it into a Rust-app. Small routines are implemented in C++/Rust and compiled to Wasm. The Rust-App is loading the wasm-code as plugin at runtime to execute dynamic tasks. +: +B:1517756400 +E:1517758800 +S:How to backup Ceph at scale +C:Software Defined Storage +L:H.2213 +D:In this talk I would like to share my experience with large-scale backups of RBD images in Ceph clusters at OVH.I will talk about challenges that we have faced when developing such solution and provide some practical guidelines for everyone willing to implement similar solution.This talk is intended for everyone who would like to be extra safe with their software defined storage. +: +B:1517670000 +E:1517671800 +S:Industrialisation of applications build in embedded environement +C:Embedded, mobile and automotive +L:UD2.218A +D:In order applications to reach an industrial production grade level, a significant effort for automation build and test is required. This lecture provides an overview of necessary architecture to automate AGL applications build using Jenkins pipeline and XDS (X(cross) Development System) in a multi targets environement. +: +B:1517756400 +E:1517759400 +S:Zero Downtime Deployment with Ansible +C:Config Management +L:UA2.114 (Baudoux) +D:Ansible is a radically simple and lightweight provisioning framework which makes your servers and applications easier to provision and deploy. By orchestrating your application deployments you gain benefits such as documentation as code, testability, continuous integration, version control, refactoring, automation and autonomy of your deployment routines, server- and application configuration. Ansible uses a language that approaches plain English, uses SSH and has no agents to install on remote systems. It is the simplest way to automate and orchestrate application deployment, configuration management and continuous delivery.In this talk you will be given an introduction to Ansible and learn how to provision Linux servers with a web-proxy, a database and some other packages. Furthermore we will automate zero downtime deployment of a Java application to a load balanced environment.We will cover how to provision servers with:* an application user* a PostgreSQL database* nginx with a load balanced reverse proxy* an init script installed as a service* zero downtime deployment of an application that uses the provisioned infrastructure +: +B:1517670000 +E:1517673000 +S:MySQL: Scaling & High Availability Production experience for the last decade +C:Performance +L:Janson +D:Percona are known as the MySQL performance experts, and with over 4,000 customers, we have a list of how to scale and ensure your application is highly available. Come learn from our playbook, and leave this talk ensuring your MySQL database is running faster and more optimised than before. +: +B:1517756400 +E:1517759400 +S:New GPIO interface for linux user space +C:Embedded, mobile and automotive +L:UB2.252A (Lameere) +D:Since linux 4.8 the GPIO sysfs interface is deprecated. Due to its many drawbacks and bad design decisions a new user space interface has been implemented in the form of the GPIO character device which is now the preferred method of interaction with GPIOs which can't otherwise be serviced by a kernel driver. The character device brings in many new interesting features such as: polling for line events, finding GPIO chips and lines by name, changing &amp; reading the values of multiple lines with a single ioctl (one context switch) and many more. In this presentation Bartosz will showcase the new features of the GPIO UAPI, discuss the current state of libgpiod (user space tools for using the character device) and tell you why it's beneficial to switch to the new interface. +: +B:1517670000 +E:1517673000 +S:IPC in 1-2-3 +C:Miscellaneous +L:K.1.105 (La Fontaine) +D:We introduce the Ouroboros prototype, a user-space system for synchronous and asynchronous inter-process communication (IPC). Ouroboros simplifies creating networked applications by providing a single abstraction that unifies IPC and networking APIs. Ouroboros provides a powerful networking subsystem that allows building secure overlay networks on top of UDP/IP and Ethernet. To increase scale and scope, overlays can be added on top of previously created overlays. Management of applications running on top of Ouroboros, such as making a server application available on a certain overlay, can be done on-the-fly and with great ease. +: +B:1517670000 +E:1517671800 +S:Calc: The challenges of scalable arithmetic +C:Open Document Editors +L:AW1.120 +D:We had a number of interesting problems threading the Calccomputation core, come and see how we addressed many of them andcheckout the result. +: +B:1517670000 +E:1517673000 +S:The Fabulous Destiny of 0000000200000008000000BB +C:PostgreSQL +L:H.1302 (Depage) +D:Hi, soon, i will be a WAL file. I am not born yet, but everything is ready for me.I have high expectations for my life, but what will it be?I may end up in a lonely server after a very long work, or I may finish frozen in the archives of a cold tape band.But what I really want is to be part of a replication stream, I want to travel!Some call me "transaction log", some others go with "Redo log", PostgreSQL community has chosen WAL. But whatever you name me, come to listen to all the lifes I could have! +: +B:1517756400 +E:1517756700 +S:Literate Programming meets LLVM Passes +C:LLVM Toolchain +L:K.3.401 +D:Where is the documentation of the LLVM Pass InstCombine? Is it accurate? Isthere any default example? Is it tested?Compiler guys love generated code. So in our obfuscating compiler, we have adeclarative format to specify tons of stuff on our passes: its name, it'sapplication level, its documentation, a sample usage, its options (with defaultvalues, help string etc), but also it's priority in the pass pipeline and a fewother stuff specific to a code obfuscator. And everything is consistent, fromsphinx-generated documentation to inline help and even tests! Let's have a lookat this, and maybe influence the way it's done in LLVM. +: +B:1517756400 +E:1517759400 +S:Love What You Do, Everyday! +C:Community +L:K.1.105 (La Fontaine) +D:Build a career doing what you love. Open source is an enabler and the community can be your best coach, mentor and referral. Whether you are a beginners or someone who has been working in open source for years, the speakers covers tips in building an open source career. On bringing out the best in yourself, the community and your project. +: +B:1517756400 +E:1517759400 +S:The story of UPSat +C:Space +L:Janson +D:During 2016 Libre Space Foundation a non-profit organization developing open source technologies for space, designed, built and delivered UPSat, the first open source software and hardware satellite. +: +B:1517756400 +E:1517757300 +S:Static Infrastructure Status with Jekyll and GitHub Pages +C:Lightning Talks +L:H.2215 (Ferrer) +D:Infrastructure services fail – At least from time to time.Providing users with a central point of information is vital in particular when your usual ways of communication (e.g. your website) are broken.While there are dedicated services, it can also be done using Jekyll and its data and collections features on GitHub Pages. +: +B:1517756400 +E:1517757600 +S:SIP based group chat with Linphone +C:Real Time Communications +L:H.1309 (Van Rijn) +D:For many years, Linphone has been one of the most active free communication software. Originally focused on voice, aditionnal functionalities were rapidly added like video, instant messaging and presence. From the beginning, Linphone follows IETF's standards, for both media and signaling. On the signaling part, Linphone does implements many SIP based RFC for call establishment, presence and instant Messaging. Today, group chat function is widely available on most popular communication applications, specially in the closed source world. As a free SIP communication application, Linphone aims to provide a free alternative for group communication.On SIP world, Group chat is handled as a particular case of realtime group communication. The basic RFC is the, Rich Communication Service (RCS) endorses many conferencing RFCs to specify how group functions shall be implemented. For Linphone, we decided to follow the same path, but with always keeping in mind to avoid complex development not bringing essential functionality. Resulting implementation can be defined as an "Adhoc pager mode conferencing" with the idea of Long Term Conference leveraging on SIMPLE IM for message transport instead of MSRP.This discussion will focus on both interpretation we made of existing SIP standards, implementation challenges and future extensions. +: +B:1517756400 +E:1517757600 +S:Teleport: Local filesharing app +C:Open Source Design +L:K.4.201 +D:Teleport is an app for quickly sending files on the local network. It is designed with user experience in mind and to integrate nicely with GNOME. I'll talk about my journey developing Teleport, my first GTK app, in collaboration with Tobias Bernard. +: +B:1517756400 +E:1517757900 +S:CryptPad +C:Decentralised Internet and Privacy +L:H.1301 (Cornil) +D:CryptPad is the world's first web based realtime collaborative editing platform where the server never sees the plaintext content. The realtime synchronization happens entirely in the client and the content is encrypted so that the server cannot read it. This lecture will present the encryption and key-management model, the sandboxing architecture which prevents a majority of CryptPad code from accessing the secret keys and some research into a solution to prevent backdoors in the javascript sent from the server. There will also be a discussion of how to reuse the CryptPad architecture (and source code) in developing other security/privacy conscious webapps. +: +B:1517756400 +E:1517758200 +S:Efficient and interactive 3D point cloud processing +C:Geospatial +L:AW1.126 +D:I will demonstrate the tools we use to process large scale point cloud datasets, and our interactive workflow which enables us to quickly fine-tune custom 3D modelling algorithms. +: +B:1517670000 +E:1517673000 +S:Writing REST APIs with OpenAPI and Swagger Ada +C:Ada +L:AW1.125 +D:The OpenAPI specification is an emerging specification to describe RESTful web services. The Swagger suite is a collection of tools to write such API descriptions and have the code generated in more than 29 languages, including Ada. The presentation will describe how to write a REST operation with OpenAPI, generate the Ada client with Swagger Codegen and use the generated code to interact with the server. We will also describe the generated Ada server code and how to implement the server side and run a complete REST server. +: +B:1517670000 +E:1517671800 +S:Meet purl: a "mostly" universal software package URL that purrs. +C:Package Management +L:K.3.201 +D:Let's debabelize the way we identify and locate software packages across tools, databases and APIs with the new purl aka. package URL! +: +B:1517756400 +E:1517757900 +S:Accelerating Big Data Outside of the JVM +C:HPC, Big Data, and Data Science +L:H.1302 (Depage) +D:Many popular big data technologies (such as Apache Spark, BEAM, Flink, and Kafka) are built in the JVM, and many interesting tools are built in other languages (ranging from Python to CUDA). For simple operations the cost of copying the data can quickly dominate, and in complex cases can limit our ability to take advantage of specialty hardware. This talk explores how improved formats are being integrated to reduce these hurdles to co-operation. +: +B:1517670000 +E:1517671800 +S:Computer Vision Using Go And OpenCV +C:Go +L:H.1308 (Rolin) +D:It is easier to see what comes next for the Internet of Things (IoT) when you have eyes on the world. Computer Vision (CV) software, in particular the powerful open source OpenCV (href=""> has made big leaps in power and usability, and is ready to come into its own as a key part of an advanced IoT solution.At the same time the Go programming language aka Golang has won over fans with clean code, high-performance, and portability. But there has not been any way to unlock the most state-of-the-art CV libraries using the most state-of-the-art programming language... until now.Introducing GoCV (href=""> a new package for letting Go programmers create computer vision applications using OpenCV.In this talk I will show how to use GoCV to build the next generation of computer vision applications, with live code demonstrations. +: +B:1517670000 +E:1517671500 +S:Introduction to LibrePCB +C:CAD and Open Hardware +L:K.4.201 +D:This talk will give you a short introduction to LibrePCB, a new software for designing printed circuit boards. The goal of the LibrePCB project is to create a modern, powerful and easy-to-use EDA package for everyone. The project is still in a quite early development stage, but is already usable for creating simple PCBs.In addition to a short live demonstration, I'd like to talk about the motivation behind LibrePCB, explain some of its concepts and what plans we have for the future. +: +B:1517756400 +E:1517758200 +S:Claim Space, the Libre Way, using SDRs +C:Software Defined Radio +L:AW1.120 +D:So many things happened from the FOSDEM 2017 in the SatNOGS project. The successful deployment and data reception of the UPSat satellite, high power amateur rocket launches and realtime telemetry decoding, automatic decoding of LEO satellite signals from our crowd-sourced network of ground stations are some of the milestones achieved. And all these with the help of Software Defined Radios!In this talk, we present briefly the UPSat and the High Power Rocketry project and then the version 3 of the SatNOGS project. In the new version we have developed several decoders that operate in realtime during a LEO satellite pass. Combined with the SatNOGS rotator that tries to point as accurate as possible to the satellite trajectory, the decoder searches for transmitted frames. The successfully decoded frames are then uploaded automatically on the SatNOGS database for visualization and further analysis.Currently, SatNOGS project incorporates decoders for many popular in LEO satellite missions transmission schemes such as AFSK1200, APRS1200, (G)FSK9600, APRS9600, APT, DUV, CW, LRPT using the GNU-Radio toolkit. In addition, decoders for APT and LRPT are producing on the fly the weather images transmitted by the corresponding meteorological satellites. For the most interesting of the available decoders, we present the design and the implementation details among with a live decoding demo from a IQ captured observation.All of the available decoders are running in realtime on the RPi3 platform. To achieve this, several design decisions were made (RF performance vs realtime operation) and we discuss some of them. +: +B:1517670000 +E:1517670900 +S:Starviewer: FOSS DICOM Medical Imaging Software +C:Lightning Talks +L:H.2215 (Ferrer) +D:Starviewer is a user-friendly diagnosis application. Thanks to its versatility, it is able to combine, in the same environment, the day to day diagnosis interface with a more specific research application. The platform is the result of combining research knowledge of Graphics and Imaging Laboratory technicians, from the University of Girona, with the experience of the radiologists from Institut de Diagnòstic per la Imatge, a prestigious imaging institute located in the main Catalan public hospitals. Starviewer has been in use for more than 10 years and has about 600 daily active users.Starviewer integrates in the same environment basic and advanced image analysis techniques to assist radiologists in diagnosis. The modular design of the platform supports the integration of new funcionalities designed to diagnose any kind of pathology. Starviewer is a GPLv3+ multi-language and cross-platform application available on Windows, macOS and GNU/Linux. It supports the DICOM standard and IHE profiles. +: +B:1517670000 +E:1517671800 +S:The MDN Browser Compat Data Project +C:Mozilla +L:UA2.118 (Henriot) +D:The MDN team is creating a rich data set for browser compatibility information at how you help curating this data, where it can be embedded, and how compatible browsers really are. +: +B:1517670000 +E:1517672700 +S:Testing Red Hat Enterprise Linux the Microsoft way +C:Testing and automation +L:H.2213 +D:Pairwise (a.k.a. all-pairs) testing is a test case generation technique that is based on Microsoft's observation that most faults are caused by interactions of at most two factors. Pairwise-generated test suites cover all combinations of two therefore are much smaller than exhaustive ones yet still very effective in finding defects.I have taken the pairwise approach and applied it during an entire release cycle of Red Hat Enterprise Linux. I've made an experiment where I have reduced the test matrix for 9 product variants and 4 CPU architectures to a size suitable for execution by a single person. In this talk I will explain:- what is the background of the product and how it was traditionally tested- how I've constructed my experiment- how many test cases I was able to remove from the test matrix- how the results and risk level compare to the standard exhaustive test suite!I will also talk about bugs found and bugs missed by the two approaches. +: +B:1517756400 +E:1517757900 +S:Gutenberg to Google Fonts: the sordid history of typeface licensing issues +C:Legal and Policy Issues +L:UA2.220 (Guillissen) +D:Fonts sit at a peculiar crossroads in the software license-compliance world. They contain executable instructions as well as static, visual data. They are binary files that, even when "open", are often shipped without source code. They are sensitive to namespace collision problems but are only exposed in user interfaces by name. The files themselves are governed by copyright, but the design they encode is not considered copyrightable in the US and other jurisdictions. Furthermore, the typemaking industry has long vacillated on the appropriateness of reviving, reusing, and extending earlier works as new designs. This talk provides an overview of the intellectual-property law and the community norms that concern sharing, reusing, and extending typeface designs. It will help developers navigate the intellectual-property and license-compliance issues they may encounter when using and redistributing free-software and open-source fonts. +: +B:1517670000 +E:1517671800 +S:How to write your own NIC device driver (and why) +C:SDN and NFV +L:H.1301 (Cornil) +D:I will tell you the happy story of how we worked with Mellanox to publish the ConnectX NIC programming interface ("PRM") and then used it to write a tiny userspace device driver for Snabb (&lt;2 KLOC of Lua) that doesn't need OFED, mlx5_core, DPDK, or any other third party software dependencies. You will see how you can write your own driver if you want to, too. +: +B:1517756400 +E:1517758200 +S:Using KVM to sandbox firmwares from the Linux Kernel +C:Hardware Enablement +L:K.4.401 +D:This talk will present a proof of concept (and RFC) done on arm64 platforms to use KVM to isolate EFI Runtime Services from the Linux Kernel. Security improvements and limitations of this solution will be detailed. A strong focus will be kept on the flexibility of this approach and how it could be used on other architectures or for other types of firmwares isolation. +: +B:1517670000 +E:1517671500 +S:RAWcooked +C:Open Media +L:H.1309 (Van Rijn) +D:RAWcooked encodes RAW audio-visual data into the Matroska container (MKV), using the video codec FFV1 for the image and audio codec FLAC for the sound. The metadata accompanying the RAW data are preserved, and sidecar files, like MD5, LUT or XML, can be added into the Matroska container as attachments. This allows to manage these audio-visual file format in an effective and transparent way (e.g. native playback by VLC), while saving typically between one and two thirds of the needed storage, and speeding up the back-up on LTO cartridges. When needed, the source is retrieved bit-by-bit. +: +B:1517757000 +E:1517757300 +S:DragonFFI +C:LLVM Toolchain +L:K.3.401 +D:This talk will present DragonFFI, a Clang/LLVM-based library that allowscalling C functions and using C structures from any languages. It will showhow Clang and LLVM are used to make this happen, and the pros/cons againstsimilar libraries (like (c)ffi). +: +B:1517757000 +E:1517758500 +S:ProxySQL's internal: implementation details to handle millions of connections and thousands of servers +C:MySQL and Friends +L:H.1308 (Rolin) +D:ProxySQL is a MySQL protocol aware, reverse proxy for database servers using the MySQL protocol, ranging from standalone MySQL/MariaDB/Percona, to clustering solution like Galera/PXC and Group Replication, to cloud platforms like RDS and Aurora. It is designed to handle millions of distinct users, millions of connections, and thousands of servers.In this session we will cover the internals that allow to efficiently handle traffic of large scale-out MySQL deployments. Specifically we will cover:- threading model and connections handling- non-blocking, async network I/O- state machine related to session tracking and management- traffic routing- backends monitoring +: +B:1517670600 +E:1517672400 +S:Using Cryptographic Hardware +C:Identity and Access Management +L:UD2.119 +D:This presentation explains how cryptographic hardware allows the use of private keys while preventing them from being viewed or copied. It focuses primarily on the use of Yubikey cryptographic hardware, in both piv and gpg modes. It explains how to use this hardware with popular software like openssh and Postgres. +: +B:1517757600 +E:1517760000 +S:A unique processor architecture meeting LLVM IR and the IoT +C:LLVM Toolchain +L:K.3.401 +D:A typical LLVM backend consists of complex passes lowering LLVM IR into valid and efficient machine code (MC). Complexity of the translation process originates from the inherent gap between LLVM IR and any mainstream instruction set architecture (ISA). Processors and their ISAs have been designed historically to be programmed by human assembly developers. Recent ISAs gained more complex features based on hardware considerations. To date, ISAs are designed with no respect for the IR of compilers. Hence, translation between IR and MC keeps being a complicated task.What about lifting the target machine to meet LLVM Assembly instead of lowering LLVM IR to meet an unrelated ISA? A lifted target machine can simplify backend development. One may wonder, however, what else can be gained from such an endeavor? The answers to these questions might be relevant for those who are interested in hardware architectures and likewise for those working with compiler and application development.This talk reveals how we realize a processor whose ISA is tailor-made to suit LLVM IR; what we expect from a rich ISA matching LLVM Assembly; and how we plan to utilize this technology to implement a multi-purpose architecture for IoT devices. +: +B:1517671200 +E:1517672700 +S:Class Data Sharing +C:Free Java +L:UD2.208 (Decroly) +D:Class Data Sharing (CDS) is a feature that was introduced in Java 5 toimprove startup performance and reduce the memory footprint of the JVMby sharing the metadata of system classes between virtual machinesrunning on the same host. During the last years, this feature has beenconstantly improved. In OpenJDK 10 CDS will be extended by AppCDSwhich additionally allows the sharing of application classes betweenVM instances (see JEP 310: Application Class-Data Sharing [1]).In this talk I will briefly introduce CDS and AppCDS. Afterdemonstrating its various use cases, I will do a short deep-dive intothe implementation details and challenges. Finally I will brieflydescribe how Strings and Symbols can be stored in the CDS archive andshared across VM as well since OpenJDK 9.After the talk, the audience should have a better understand of theCDS/AppCDS feature and be able to decide whether it makes sense to useit for their own applications.[1] +: +B:1517757600 +E:1517758800 +S:Graph-based analysis of JavaScript repositories +C:Source Code Analysis +L:UD2.119 +D:Analyzing full JavaScript projects in real-time is hard. Writing maintainable and scalable tools is even harder. We'd like to provide instant feedback to the developers and our project presents a working prototype. The uniqueness of such a general framework consists of two rules:make the analysis incremental: do not run the full check on every commit, but on the changed and affected partswe achieve incremental evaluation based on thehref="">ingraph engineuse declarative queries: the common visitor-collector pattern results in bad developer experience, complex plugins/plugin system and huge maintenance overhead as the project growswe usehref="">openCypherto query the AST and ASG, this keeps the analysis rules as simple as possible +: +B:1517757600 +E:1517760000 +S:Recycle Parsers With Grammar::Common in Perl 6 +C:Perl Programming Languages +L:K.4.601 +D:Perl 6 grammars and regular expressions are incredibly powerful, but with great power comes great risk of mangling Spider-Man quotes. Let's look at some of the common language patterns and learn together how to refactor them into reusable modules, complete with pluggable actions including Abstract Syntax Trees and Just-In-Time evaluators, all ready for you to add to your language parser. +: +B:1517671200 +E:1517672100 +S:War Stories from the Automotive FLOSS Front +C:Lightning Talks +L:H.2215 (Ferrer) +D:We (Elektrobit automotive) do FLOSS based production projects in various car brands for several years. We’d like to entertain some of our most delightful encounters of the third kind in the automotive world and tell why we love bringing FLOSS on the road, where some aspects of FLOSS challenge all of us, and why we have lots of fun. +: +B:1517757600 +E:1517758500 +S:Snabb - A toolkit for user-space networking +C:Lightning Talks +L:H.2215 (Ferrer) +D:Snabb is a toolkit for developing user-space network functions. A network function (filtering, NAT, encapsulation) is any program that manipulates network traffic. Snabb eases the effort to write such programs. Snabb fits in the category of user-space networking. Snabb by-passes the Linux kernel talking directly to the hardware. This makes Snabb a very convenient tool for high-performance networking. Unlike other user-space toolkits such as DPDK or VPP, Snabb is entirely developed in Lua which significantly lowers the adoption barrier.In this talk I introduce the Snabb toolkit. Through real-world examples you will learn how Snabb works and even how to start prototyping your own network functions. +: +B:1517757900 +E:1517759100 +S:Containing container memory +C:Containers +L:UD2.120 (Chavanne) +D:This talk is about how CRIU deals with application memory during container checkpoint, restore and live migration. We present techniques we use to create exact snapshot of a process memory layout during checkpoint and then how we recreate that exact layout at the time of restore. We present optimizations for reducing the snapshots footprint and for making container live migration livelier. +: +B:1517757900 +E:1517759400 +S:OSS-7: an opensource DASH7 stack +C:Internet of Things +L:AW1.125 +D:In this talk we will introduce how the flexibility of the DASH7 Alliance Protocol can be used to solve a lot of IoT use cases. Starting from a simple embedded application which measures sensor values we will demonstrate how the full stack approach of DASH7 enables you to (re-)configure the behavior of the network stack and application, over the air, without touching the application code. Different communication schemes will be discussed together with the trade-offs for aspects like energy consumption and down-link latency. We show how the simple but powerful API (based on file operations) allows to approach a network like a distributed database which you can address based on data queries instead of using node addresses. Finally, we will also discuss the implementation of OSS-7, related tools and the road forward. +: +B:1517757900 +E:1517759100 +S:Fundraising and Crowdfunding for FreeRTC +C:Real Time Communications +L:H.1309 (Van Rijn) +D:Which projects would like to raise funds? What are the most important things you could achieve if people donate? Could we share the effort of running a crowdfunding campaign? +: +B:1517671500 +E:1517674200 +S:ZFS: Advanced Integration +C:BSD +L:K.3.401 +D:How to apply various FreeBSD technologies and features in combination with ZFS to get the most out of a system, be it a Server, Laptop, Embedded, or an Appliance. +: +B:1517757900 +E:1517759700 +S:ZX Spectrum in the New Millenium +C:Retrocomputing +L:AW1.121 +D:Present the challenges faced to work around the limitations of the existing ZX Spectrum Cartridge interface (limited by definition to 16KB), in order to be able to have up to 512KB using FLASH memory. +: +B:1517758200 +E:1517759700 +S:Testing in Rust +C:Rust +L:H.2214 +D:ABSTRACTRust is designed for building low-level systems processes that are reliable and safe. Nevertheless, it is still important for developers to ensure their code is doing the right thing. To achieve this, Rust has a rich set of built-in testing tools for writing unit tests.In this talk we cover general unit testing techniques for Rust. We will also demonstrate how to mock out complex dependencies using the double crate. Examples will range from simple cases to complex cases that you'll often see when testing real world systems.The talk is suitable for both novice and experienced Rust developers, as well as non-Rust developers who are interested in learning more about the language. +: +B:1517671800 +E:1517674200 +S:DWARF5 and GNU extensions +C:Debugging tools +L:AW1.121 +D:After several years a new DWARF debugging standard, DWARF5, has been released that incorporates various GNU extensions that allow to better express how to map various binary constructs created by optimizing compilers back to the original source code while reducing the size of the debugging information. This results in more expressive debuginfo, but also introduces more complexity that DWARF consumers need to deal with. +: +B:1517758200 +E:1517759700 +S:Servers can't be trusted, and thanks to tamper-proof journals EteSync doesn't need to! +C:Decentralised Internet and Privacy +L:H.1301 (Cornil) +D:Servers can't be trusted! Whether it's because of a malicious company, a rogue employee, a government agency, a random hacker or malware, your data is not safe if it's just sitting there exposed on a server.Luckily, there are ways to mitigate some of the threats, for example by making your server more secure, using a server you trust (self-host) and using end-to-end encryption, so the server doesn't have access to this information. While these are great, the server can still successfully manipulate your data, this is where tamper-proof journals come into play and help reducing even that.In this talk Tom will show some of the threats your data is facing on servers even when self-hosting and using end-to-end encryption, explain what tamper-proof journals are, how they can mitigate these threats, and how they are used by EteSync to better secure your data. +: +B:1517671800 +E:1517673600 +S:Make your Go go faster! +C:Go +L:H.1308 (Rolin) +D:This talk will preset a set of techniques to make your Go programs run faster.Starting with CPU profiling, moving through memory allocation profiling, to escape analysis,we will point out some less-well-known corners of the runtime, how they impact performance, and how to mitigate this impact. +: +B:1517671800 +E:1517673600 +S:High performance network functions with VPP +C:SDN and NFV +L:H.1301 (Cornil) +D:Vector Packet Processing is a high performance data-plane running on commodity hardware. VPP is a framework for building bespoke network functions. This talk will give an introduction to VPP architecture and function and give examples of how virtual network functions can be built with VPP. +: +B:1517671800 +E:1517673600 +S:GrayLog for Java developers +C:Monitoring and Cloud +L:UD2.120 (Chavanne) +D:For developers, application logs are critical to figuring out what’s going on inside the apps we create. We tail them. We search them. We analyze and graph them.In this talk I will show Graylog as an open source log management tool, providing central storage, processing, and analysis of log messages powered by Java,MongoDB and ElasticSearch +: +B:1517758200 +E:1517759700 +S:Organizer's Panel +C:Legal and Policy Issues +L:UA2.220 (Guillissen) +D:The organizers of the Legal &amp; Policy Issues DevRoom will reflect on recent developments in software freedom policy and law, and will discuss some of the topics and issues raised in this year's and past year's DevRooms. +: +B:1517671800 +E:1517673300 +S:Proposal for an open and democratic Design Rule format +C:CAD and Open Hardware +L:K.4.201 +D:In the topic of Electronic-Design-Automation (EDA) Design Rules are used to validate a drawing against constraints usually set by the manufacturer. In this talk I'd like to introduce a (file-)format proposal for such Design Rules focused on the usage in PCB design. +: +B:1517758200 +E:1517759400 +S:Pitch your project +C:Open Source Design +L:K.4.201 +D:This session has become a bit of a tradition in the Open Source Design devroom. Every year we close by inviting FOSDEM attendees to introduce their projects to the designers in the room, and tell them the type of the design contributions they need.I thought we might want to do this again. +: +B:1517671800 +E:1517673600 +S:Facing the Challenges of Updating Complex Systems +C:Embedded, mobile and automotive +L:UD2.218A +D:Over the past three years, the growing zoo of Open Source update frameworks made updating an embedded Linux system much easier. But, the availability of a robust update tool solves only one step in the complex chain from a software artifact to an updated and working system on your devices.Starting with a modern system consisting of a recent bootloader, kernel, init system and update tool, this talk ventures beyond the basic and already solved topics of A/B redundancy, atomicity, or simple update verification.Enrico will present strategies for creating a robust update chain from automated testing up to full rollout management and show how to solve these challenges with recent Open Source software such as barebox, RAUC, systemd, hawkBit, casync and labgrid. You will learn how to deal with more modular and complex system setups, restricted systems, error recovery, product variants, resigning for deployment, updating the bootloader itself and interaction with verified boot. +: +B:1517671800 +E:1517673000 +S:EPUB export in LibreOffice Writer +C:Open Document Editors +L:AW1.120 +D:LibreOffice Writer was always capable of exporting your document in a portableway in the form of the PDF filter. Today in the age of tablets, smart phonesand e-readers, many users read reflowable content in EPUB, which is the new PDFto some extent. LibreOffice Writer 6.0 has now basic and 6.1 will have improvedEPUB export support. This work is done by integrating the libepubgen DocumentLiberation library and by improving both the library and LibreOffice itselfalong the way. Come and see how it's implemented, where are the still roughedges and how you can help. +: +B:1517671800 +E:1517673600 +S:How To Make Package Managers Cry +C:Package Management +L:K.3.201 +D:In this talk, I will outline how (primarily scientific) software developers have found ways to complicatethe job of the people who are responsible for compiling, installing and/or packaging their software,mainly in the context of multi-user high-performance computing environments.Next to an overview of the commonly used techniques, the motivations behind them,and the excuses that software developers can use to get away with it,I will showcase a couple of examples of software applications that have done a great jobto make the life of package managers (in the broad sense) as miserable as possible.If you too want to make package managers cry (even more than they may already do), don't miss this talk! +: +B:1517671800 +E:1517673900 +S:Graph-based analysis of JavaScript source code repositories +C:Graph Processing +L:H.2214 +D:JavaScript is one of the decade’s most trending languages. It rankedhref="">#1 in popularity in Stack Overflow questionsand is consistently featured in thehref="">top 10 languages of the TIOBE Index. Originally intended for client-side scripting, the language is now widely used to build complex desktop applications, write server-side code and program IoT devices. The latest standards of the language are released yearly under thehref="">ECMAScript trademarkand contain sophisticated features and syntactical constructs.Static analysisis a software testing approach that is performed without compiling and executing the program itself. This allows developers to catch programming errors before building, testing and deploying the code. There is a wide range of static analysis tools: linters and code style analysers repeatedly perform checks in IDEs, while more complex analyzers, such as type checkers, run as part of the continuous integration (CI) process.As JavaScript is adynamic language, static analysis approaches are particularly useful: they can detect erroneous type usages that would not be revealed by building the code, but only occur during thorough testing or even worse, at production. Thanks to the popularity of the language, there are already numerous approaches for static analysis available, such ashref="">Tern, Facebook’shref="">Flowandhref="">TAJS. However, none of these fitted all of our requirements:Utilise both linter-style and complex global analysis rules.Evaluate rules in real-time, i.e. in sub-seconds upon each “save” operation.Allow users to easily extend the analysis rules.As none of the current approaches satisfied these requirements, we built our own solution that uses aproperty graph query engineto represent thecode graphsused for analysis andgraph queriesto evaluate the analysis rules. Compared to other static analysis frameworks, the novelty of our solution is twofold:Wecontinuously maintain code graphsbased on the latest changes on the source code.We use thedeclarative openCypher languageto define the static analysis and graph maintenance rules.Using declarative queries, our tool is able to perform the complex analysis queries quickly, including:Detecting asynchronous method calls with missing await statements (a common issue in thehref="">callback hell).Detecting unreachable code, i.e. code parts that cannot be reached through the control flow.The analysis can be easily extended by custom analysis rules defined in the openCypher language. Building the system on openCypher also allows us to use different query engines: both mature databases, such as Neo4j, and also experimental engines, such as our ownhref="">ingraph engine. The latter is our research prototype that supports live query evaluation for Cypher queries, which allows near instant answers even for complex analysis rules.In this talk, we give an overview of the steps involved in transforming the source code file to a syntax graph and converting it to a call flow graph. We demonstrate how openCypher queries can be used to capture complex analysis rules in a concise way, and how ingraph allows us to continuously evaluate these queries. +: +B:1517758200 +E:1517759100 +S:The half rolling repository model +C:Distributions +L:K.3.201 +D:Since shortly after its inception over 10 years ago, Chakra has been shipping based on a unique half-rolling repository model. We call it half-rolling, because even though we provide frequent updates to all the applications and the desktop environment we ship, we are more conservative in updating the packages at the core of the system. This model aims at providing a stable system to users while at the same time enabling them to enjoy the latest versions of their favorite applications and games. In this talk I will explain the details behind the half-rolling release model, the advantages and disadvantages it has for users and the challenges we face in Chakra's implementation. +: +B:1517671800 +E:1517673300 +S:Moby Project and Docker Inc — Balancing community and corporate needs +C:Community devroom +L:K.4.601 +D:Many open source projects are backed by commercial entities and this can lead to complications between the needs of the community and those of the corporations. This can be especially tricky for fast-growing projects where there are competing voices, pull-requests, and directions — all growing exponentially.Docker, Inc. is one such example that created the very popular open-source 'docker engine'. To help meet the needs of both commercial and open-source constituents, Docker announced in April 2017 that the open source work would happen under the banner of the Moby Project.This talk looks at the the different needs that drive an open source project and a product-based corporation. I'll cover what the Moby Project is and how it relates to Docker's commercial products and I'll highlight some of the experiences we had during and after the transition. +: +B:1517758200 +E:1517759400 +S:Crowdsupply EOMA68 Progress Report +C:Hardware Enablement +L:K.4.401 +D:2,500 people kindly backed the EOMA68 Libre Laptop and EOMA68-A20 Computer Card Crowdsupply Campaign last year. This talk will briefly outline the progress and some of the strange-seeming decisions that have had to have been made. It's also worth noting that at the beginning of the year, Intel! Announced! The World's! First! Ever! Modular! Computer Card! - in reality they're actually about 6th down a long list. We're not worried about them copying the concept, and will explain why during the talk (one hint: Intel backdoor spyware co-processor...)Also the reasoning behind why the project also includes the creation of an entirely new 3D Printer (the Riki200)andalso a new 3D printer Controller PCB will be explained (big hint: cost. Incredibly, an entire 3D printer's components can be sourced in Shenzhen for LESS money than a western-designed and manufactured DuetWifi 3D Controller Board!) +: +B:1517671800 +E:1517674500 +S:Moving PCI emulation inside of Xen +C:Virtualization and IaaS +L:UB2.252A (Lameere) +D:The talk will explain the reasons of the ongoing work to add PCI emulation support inside of Xen. This purpose of the PCI emulation layer is to allow passthrough of PCI devices from Xen to guests without involving a third entity in the system (so far this was done using QEMU). This should allow transparent PCI passthrough to guests without requiring a QEMU device model. +: +B:1517671800 +E:1517673300 +S:Current meta of video compression and probable futures +C:Open Media +L:H.1309 (Van Rijn) +D:Video compression has been around for many years now yet the basic structure of a video codec remains largely similar. And although the basis remains similar compression keeps improving. How long can this be worked on and improved before its simpler to start with something radically different. What technology would still work in a hypothetical new codec? What technology would stillrealisticallywork in a hypothetical new codec? Do software complexity, hardware area, feature needs and overall possible compression always balance out when creating video codecs?This talk shall attempt to answer most of these questions. +: +B:1517671800 +E:1517673600 +S:Beyond the screen +C:Mozilla +L:UA2.118 (Henriot) +D:VR works on the web and it takes 10 lines of pseudo HTML to start, it IS that simple.Yet, that's not enough, you might not just want to make a web page immersive, you might want to pull 3D interactive and animated content outside of your screen.This and more is what the new WebXR specifications is all about! +: +B:1517758200 +E:1517760000 +S:BYOR: Bring-your-own-radio hacking session +C:Software Defined Radio +L:AW1.120 +D:This will be a FOSDEM first: Instead of a panel, this year's interactive time slot will be a bring-your-own-radio hack session. Bring your stuff, show us what it can do! We will have the mic open for demonstrating, but you can also huddle (as far as the room permits) around your devices and show them off. +: +B:1517758200 +E:1517759700 +S:Nexmark A unified benchmarking suite for data-intensive systems with Apache Beam +C:HPC, Big Data, and Data Science +L:H.1302 (Depage) +D:NEXMark is an unpublished research paper that introduced a benchmarking suite for streaming systems. The Apache Beam community implemented (and enhanced) the examples of this paper as a series of benchmarks on top of Beam that can be run on different open source distributed processing engines e.g. Apache Spark, Apache Flink, etc. This talk discusses this experience and expects to engage new contributors to bring more ideas so we can eventually have a unified and semantically rich benchmarking standard for batch and streaming data-intensive systems a la TPC. +: +B:1517758200 +E:1517760000 +S:[AMENDMENT] Mapping FOSDEM for accessibility +C:Geospatial +L:AW1.126 +D:Since last edition of FOSDEM, different volunteers have been working to create an indoor map of FOSDEM, complete with routing for wheelchairs/accessibility/...This map is available at .It is created using C3NAV, an application built for the Chaos Communication Congress.In this application I want to focus on the application, how the map was built, why plain Openstreetmap was not sufficient, but especially I hope to get some feedback: where could we improve, how can we improve integration with OSM/other applications/...Please not that this talks replaces the talk "3D OSM Plugin API for ESA-NASA Web WorldWind" because unfortunately the presenter could not get a travel permit. +: +B:1517758500 +E:1517760000 +S:MySQL Point-in-time recovery like a rockstar! +C:MySQL and Friends +L:H.1308 (Rolin) +D:Point-in-time recovery can be very long when a large amount of binary logs must be replayed.During this session I will show how this can be accelerated without using any special external tool and how we can benefit from MySQL replication improvements even on a stand-alone server +: +B:1517672100 +E:1517674800 +S:Towards capabilities in HelenOS +C:Microkernels +L:AW1.126 +D:Capabilities can be found in most modern microkernel-based systems. Sometimes the capability pattern is masqueraded under a different name though. In this talk I will tell the story of how HelenOS unwittingly started with a primitive capability system embedded in its IPC, how it evolved into the present state in which capabilities are used as task-local names for an increasing amount of user-visible kernel objects and where this might lead in the future. +: +B:1517672400 +E:1517673300 +S:GASdotto: a platform for ethical purchasing +C:Lightning Talks +L:H.2215 (Ferrer) +D:Introduction to "ethical purchasing groups", presentation of the GASdotto application, and a call to extend the model in other countries. +: +B:1517672400 +E:1517673900 +S:The AMD Linux graphics stack, 2018 edition +C:Graphics +L:K.4.401 +D:Several years ago, AMD embarked on a long-term project to produce a first-class open-source graphics stack. While there is always more work to be done, the vast majority of our Linux users are now happily using the result of this effort. I will give a short look back at some milestones and present a non-technical overview of the components of our graphics stacks as they are today, with an emphasis on the open-source side.The talk will include an introduction to the recently open-sourced AMDVLK Vulkan driver. +: +B:1517758800 +E:1517759700 +S:FOSDEM Infrastructure Review +C:Lightning Talks +L:H.2215 (Ferrer) +D:FOSDEM infra review +: +B:1517672700 +E:1517674500 +S:Smart Cards in Linux and why you should care +C:Identity and Access Management +L:UD2.119 +D:Do you want to know how Smart Cards can help you improve security and work efficiently?Smart cards are among us for decades, but they are still not widely used on daily basis by most of us, even though they provide significant advantages for both security and usability and all the tools are open source in Linux. Smart cards are no longer only credit-card sized cards, but also more practical USB dongles which are frequently combined with other features such as OTP or U2F, which can take this even further.I will go through architecture of smart cards and show you how they can be used to simplify your work. +: +B:1517759100 +E:1517759700 +S:DIY Java Static Analysis +C:Source Code Analysis +L:UD2.119 +D:How can you build a static analyzer from scratch in Java for Java ? Let's go through different tools useful for this purpose : Syntax, Semantic and Symbolic Execution and find bugs without executing the code ! +: +B:1517759100 +E:1517760000 +S:Reasons to mitigate from NFSV3 to NFSV4/4.1 +C:Software Defined Storage +L:H.2213 +D:This talk will cover the differences between NFSv3 and NFSv4.What’s the Problem with NFSv3 and How NFSv4 is better suited to a wide range of datacenter and high performance compute than its predecessor NFSv3.This talk will also covers the advantages of extended capabilities of NFSV4 i.e NFSv4.1 and NFSv4.2 and its support with Gluster NFS-Ganesha +: +B:1517673000 +E:1517674200 +S:Dialog tunneling in LibreOffice Online +C:Open Document Editors +L:AW1.120 +D:Come and hear how we are bringing the advanced LibreOffice desktop functionality to the Online!LibreOffice on the desktop is very feature packed office suite. One of the complaints that power users make in Online is that it lacks many of them: they cannot add colored borders in their paragraphs, manage tracked changes/comments, correct the spelling and grammar in the document, etc. The question is how do we bring these functionalities to the cloud at your disposal in your browser tab?We at Collabora decided to come up with a plan to just tunnel all the hard work that developers have done for the past couple of decades: come up with appropriate infrastructure to open the dialog in headless mode, paint it as a bitmap in the backend, and tunnel the image to you in the browser. And then add life to them by tunnelling your mouse/key events back which will invalidate and update the new image you see in the browser. Of course we are not sending the whole dialog image back to your browser every time - only the part that needs updating in the dialog is sent back to the browser saving us precious time and network bandwidth improving your UX. +: +B:1517673000 +E:1517674500 +S: Hairy Security +C:Free Java +L:UD2.208 (Decroly) +D:Hairy SecurityIt's getting dangerous out there, it's all over the news, IT security is simply no longer something one can ignore.In this session we'll model all the threats to a typical web application powered by a Java back-end.We’ll have fun, state the obvious, debate and debunk a few security myths, because, remember, It’s not a question of 'if' but 'when' you’ll be hacked, at the end of this session, you’ll decide for yourself if it's really time for this Java web app to go live !It's a fun, pragmatic, very instructive talk we've been doing in the past (well received at Devoxx France for instance) +: +B:1517759400 +E:1517760000 +S:Spawny +C:Distributions +L:K.3.201 +D:Legacy displaymanagers are heavily relying on the design of the xserver, such as detecting if a window manager grabs the root window.Since wayland is getting more and more attention on modern distributions, its time for something which is, platform independent, toolkit independent and lightweight. +: +B:1517673300 +E:1517675400 +S:Building an integration testing framework +C:Testing and automation +L:H.2213 +D:Microservices are becoming very popular recently. But how to run automated end-to-end tests against your product when your architecture and deployment processes are complex? How to orchestrate your test environment when your product is a SaaS application but can also be installed on-premises on bare metal or deployed into the cloud on to your Kubernetes cluster?Using containers to automatically test your application is a great use case, but sometimes running tests only against containers might not be enough.We decided to create a click-driven, black-box integration testing framework, using Ruby, headless Chrome, Docker and Kubernetes, to test GitLab.This talk is a story about building this integration testing framework. It is about obstacles we had to overcome, essential complexity that we had to embrace, but also about problems that we still need to solve and our hopes for the future. +: +B:1517673600 +E:1517676600 +S:Elasticsearch (R)Evolution +C:Performance +L:Janson +D:Elasticsearch is a distributed, RESTful search and analytics engine built on top of Apache Lucene. After the initial release in 2010 it has become the most widely used full-text search engine, but it is not stopping there. The revolution happened and now it is time for evolution. +: +B:1517673600 +E:1517675400 +S:Virtio 1.1 +C:SDN and NFV +L:H.1301 (Cornil) +D:Virtio is a common framework for IO virtualization in hypervisors. It is part of DPDK accelerated Open vSwitch and allows for hardware abstracted VNFs. The virtio OASIS standard is going into the next round and the focus will be on performance improvements. We aim to make it work better on the underlying hardware but also allow for hardware implementations of virtio. This talk will give an update on the current developments and the progress made towards version 1.1. We will look into some of the new features, some benchmarking results and how these help with improving performance. +: +B:1517673600 +E:1517677200 +S:Multitasking on Cortex-M class MCUs +C:Embedded, mobile and automotive +L:UD2.218A +D:We're gonna look at multi-tasking on small Cortex-M class MCUs like the ARM Cortex-M0.After a brief general overview of the Cortex-M0 programming model, exception handling and other basics required,we'll start our deep-dive into one specific implementation in the Chromium-EC firmware.We'll look at startup code, how tasks are implemented, how to deal with priorities and peripheral interrupts.The Chromium-EC firmware is a little (RT)OS that runs (mostly) on ARM cores of the Cortex-M class (M0/M3/M4),and powers Google's Chromebooks as well as other devices (Project Sulfur SDR). It's permissive license makes it attractive for (ab)use inother projects, since Kernel and U-Boot integration are already existing. +: +B:1517673600 +E:1517676600 +S:Browser-as-GUI and Web Applications with Gnoga +C:Ada +L:AW1.125 +D:Gnoga is an all-Ada library that uses the features of modern web browsers as a portable GUI. The program may run on the same computer as the browser, or on a server over the internet. Participants will be introduced to using Gnoga to create such programs. +: +B:1517673600 +E:1517675100 +S:Asynchronous Decision Making - why and how +C:Community devroom +L:K.4.601 +D:The Asynchronous Decision Making techniques commonly used in open source projects enable efficient remote collaboration, in teams which have no boss, no schedule and often no cultural consistency yet produce world-changing software.This talk describes the key elements and tools of the Asynchronous Decision Making process, based on concrete examples from the Apache Software Foundation and from federated governments, which, interestingly, work in a similar way.We'll reflect on how Asynchronous Decision Making supports the efficiency of our projects, and how to refine it to be even more efficient. +: +B:1517673600 +E:1517675400 +S:Mozilla's DeepSpeech and Common Voice projects +C:Mozilla +L:UA2.118 (Henriot) +D:The human voice is becoming an increasingly important way of interacting with devices, but current state of the art solutions are proprietary and strive for user lock-in. Mozilla’s DeepSpeech and Common Voice projects are there to change this.In contrast to classic STT approaches, DeepSpeech features a modern end-to-end deep learning solution. Based on Baidu's Deep Speech research paper, it trains a model by machine learning techniques. This model directly translates raw audio data into text - without any domain specific code in between.To train systems like DeepSpeech, an extremely large amount of voice data is required. Most of the data used by large companies isn’t available to the majority of people. That's why Mozilla launched Common Voice, a project to help make voice recognition open to everyone. +: +B:1517673600 +E:1517677200 +S:Package Management Panel Discussion +C:Package Management +L:K.3.201 +D:Panel discussion with some of the speakers from the Package Management Devroom throughout the day, discussion the future of package management. +: +B:1517673600 +E:1517675100 +S:Developing an Open Source Hardware Laptop with KiCAD +C:CAD and Open Hardware +L:K.4.201 +D:A presentation on the design of the TERES Do-It_Yourself laptop, fully designed with KiCad. +: +B:1517673600 +E:1517674500 +S:Addressing the long tail of applications +C:Lightning Talks +L:H.2215 (Ferrer) +D:Every day we imagine some new apps we'd love to have: having an application to allow people to submit talks, to register new holiday requests, expense reports, simply get data from one site and combine it with data from another site and display that, etc. This is thehref="">long tail of application.However in most cases we just drop the idea and continue with our life because we know it would take days or weeks to be able to develop that quickly before you could reap the benefits.What if there was a way to have these apps developed and working in just a few minutes!We'll demonstrate how a next generation wiki platform allows to do just that by using thehref="">XWiki open source projectas an example. +: +B:1517673600 +E:1517675100 +S:AV1 Codec Update +C:Open Media +L:H.1309 (Van Rijn) +D:An update on the status of the AV1 codec, from the Alliance for Open Media. +: +B:1517673600 +E:1517676600 +S:Igniting the Open Hardware Ecosystem with RISC-V +C:Miscellaneous +L:K.1.105 (La Fontaine) +D:The RISC-V open standard ISA has been gaining traction in both academic and commercial circles over the last year, during which we've gotten our ports of binutils, GCC, and Linux merged upstream. Additionally, SiFive has announced a Linux-capable, 64-bit, quad core development board which will be available in Q1 2018. This talk discusses the history of the ISA, SiFive's open source RTL implementations of RISC-V, the state of RISC-V software, and our plans for the upcoming year. +: +B:1517760000 +E:1517763000 +S:The Spectre of CPU Meltdown +C:Keynotes +L:Janson +D: +: +B:1517673600 +E:1517675400 +S:Distributing DevOps tools using GoLang and Containers, for Fun and Profit! +C:Go +L:H.1308 (Rolin) +D:A look at our approach to distributing DevOps tools between many teams (and CI), using a GoLang app to launch containers. +: +B:1517673900 +E:1517675400 +S:Shaders in radeonsi +C:Graphics +L:K.4.401 +D:I will give an update on two topics involving shaders in radeonsi, the OpenGL driver for modern Radeon GPUs: the dynamic linking of shader parts, and the transition to the NIR intermediate representation. +: +B:1517674200 +E:1517676000 +S:Grafana Tips & Tricks & Whats New in v5 +C:Monitoring and Cloud +L:UD2.120 (Chavanne) +D: +: +B:1517674200 +E:1517675400 +S:LibreOffice for Haiku +C:Open Document Editors +L:AW1.120 +D:A short overview of what Haiku is, history of how this LibreOffice port came to be, challenges involved and what is its current status. +: +B:1517674500 +E:1517677200 +S:Configuring build base on FreeBSD +C:BSD +L:K.3.401 +D:FreeBSD has some knobs to set in order to build the base system or to avoid building some parts of the system. This way the build process could be optimized to avoid wasting time.With this procedure, the user has an easier way of configuring how to build the target system +: +B:1517674500 +E:1517676600 +S:Open Data With Neo4j +C:Graph Processing +L:H.2214 +D:Let's start from a simple product idea, add some Open Data sources and incrementally build and deploy an application with Kotlin and Neo4j. +: +B:1517674500 +E:1517676900 +S:Rust versus DWARF versus LLVM +C:Debugging tools +L:AW1.121 +D:Rust presents new challenges for the debugging ecosystem. This talk will cover some debugging peculiarities of Rust and how we plan to solve them. +: +B:1517674500 +E:1517677200 +S:QEMU in UEFI +C:Virtualization and IaaS +L:UB2.252A (Lameere) +D:UEFI is a firmware specification created by Intel with portability in mind. The UEFI way of doing that was to provide special UEFI byte code (EBC). Unfortunately nobody really cared so compiler, firmware support and providers of EBC option roms ceased and basically every UEFI option rom today contains native x86(_64) machine code.If you now want to plug a PCIe card into your shiny ARM server, that means even though firmware would be compatible it still can't execute the option rom. Until you add QEMU to the mix.Join me in exploring the depth of UEFI binary interfaces, marshalling between different architecture's function call ABIs on the fly and learn how to integrate all of this into a working firmware, running on real hardware, driving a real PCIe adapter. +: +B:1517674800 +E:1517676600 +S:SSSD: From an LDAP client to the System Security Services Daemon +C:Identity and Access Management +L:UD2.119 +D:SSSD is known in the OSS world as a client towards different LDAP-like databases. However, recently, we have started taking SSSD beyond its bread and butter LDAP client role to provide services that are usable in a broader context, as an application gateway or to a local machine. As a result, you might soon see SSSD enabled and running in your favourite distribution by default or quietly running on the background of another service.In the talk I will demonstrate what enhancements we already did in SSSD, such as how to use SSSD as a gateway between an application and a user database or why should you let SSSD manage your Kerberos credential caches .I'll also illustrate things we are working on for the future such how to add and access extra attributes of your local users or why it makes sense to let SSSD handle smart card logins even for local users.The talk will be useful to system administrators, mainly those who deal with user account management, but also to developers who work on services that integrate with user databases. +: +B:1517674800 +E:1517676300 +S:Hacking the JVM from Java +C:Free Java +L:UD2.208 (Decroly) +D:The JVM contains many interesting features that are frequently overlooked, not exposed through the Java standard library, or typically only accessible from native code. In this talk we will walk through a few of these features, and how they can be used from plain old java code. For example we will see how to access local variables from calling methods, as well as powerful ways to monitor what the JVM does when executing our code.Free Java allows us access to these features, as well as the ability to contribute towards improving their implementation and make them publicly available to other users. Together we can influence the direction of Java and help get more powerful features into the standard JDK. +: +B:1517674800 +E:1517675700 +S:Open Food Facts: the wikipedia of food products +C:Lightning Talks +L:H.2215 (Ferrer) +D:Open Food Facts is a free, online and crowdsourced database of food products from around the world, licensed under the Open Database License (ODBL). It was launched in 2012, and today it is powered by 5000 contributors who have collected data and images for over 380 000 products in 178 countries.Scan a product using your phone, take a picture, and you're already part of the Open Food Facts revolution !In this talk we'll show how Open Food Facts leverages open source technologies such as Perl, MongoDB,, Android, Swift as well as the great power of communities to open data of public interest for health &amp; science, as well as unforeseen applications in your daily life.We will also introduce you to the recently launched Open Beauty Facts, for freeing your cosmetic cupboard: shampoos, toothpastes, lipsticks, etc. +: +B:1517675400 +E:1517676900 +S:The UoC Radio Station Project +C:Open Media +L:H.1309 (Van Rijn) +D:In this talk we will present the technical challenges we have encountered while building an FM &amp; web radio station from scratch and the innovative solutions that we have applied to them, utilizing open source software, and - where possible - hardware, as well as developing our own components, such as our software FM MPX signal generator, our producer-friendly GTK desktop application and many more. Furthermore, we will elaborate on the technical processes of building a music and sample library using open-source software and services, and how we utilize this library to produce an automated broadcast using our custom GStreamer-based audio clip scheduler. +: +B:1517675400 +E:1517676900 +S:Analyzing developers network in a community +C:Community devroom +L:K.4.601 +D:According to Wikipedia, Community is "a small or large social unit (a group of living things) who have something in common". If we want to analyze any Open Source development community, it's key to understand the relationships of the people that define that community. Open Source communities provide many ways for peers collaboration beyond participation in forums and mailing lists. In any case, people graph or network analysis is one the methodologies used for social interaction analysis.During this talk, I'll show social network analysis with a free, open source software Kibanahref="(">plug-inintegrated inhref="">GrimoireLab. I started this project during my degree thesis, 6 months ago, and once it was released everything has changed. People started to download the plugin and contribute to it. Now, the repository hosting the plugin has more than a hundred thousand clones and a hundred of daily visits.The talk will show how to use thehref="">Network pluginin order to analyze open source projects. I'm going to show data retrieved from an open source project and I will show that with differents types of networks/graphs. +: +B:1517675400 +E:1517677200 +S:AMENDMENT DNA sequencing performance in Go, C++, and Java +C:Go +L:H.1308 (Rolin) +D:While Go is not primarily designed for parallel programming, it nevertheless has features that end up being beneficial for parallelism as well, especially the inclusion of a work-stealing scheduler for goroutines and a concurrent, parallel garbage collector. For this reason, we have recently included Go as one of several candidate programming languages in an evaluation of their suitability for expressing sequencing pipelines. Other programming languages we have evaluated were C++ and Java. Go hits a sweet spot of performing very close to the best results with little programming effort and few compromises in terms of safety and generality.This talk will present highlights of this experiments and the most important insights. +: +B:1517675400 +E:1517678100 +S:User-level networking on Genode +C:Microkernels +L:AW1.126 +D:Networking became a prominent aspect in Genode over the years. As common for microkernel-based systems the whole networking infrastructure, down from the drivers up to the socket implementation resides in the userland and comes in cleanly separated building bricks. Today, the framework provides various such building bricks to be combined into an individual solution for each use case. This includes components like an L2/L3-router component with NAT and DHCP functionality, a network-bridge component, a socket-filesystem server using VFS, NIC and Wifi-drivers, as well as libraries like the Lightweight IP and the Linux IP stack. The talk shall give an overview about the design of this ecosystem, how it can be used, how it evolved, and, last but not least, discuss its future. +: +B:1517675400 +E:1517676300 +S:Component Sourcing for Design and Manufacturing in Shenzhen +C:CAD and Open Hardware +L:K.4.201 +D:Bunnie Huang's "Guide to Shenzhen" is absolutely invaluable, but it assumes that you know exactly what you need to get, before you actually get it. If this isn't clear, for an example of exactly what the problem is, try an Internet search for "Laptop trackpad supplier". Did you find one? Did you find a source of trackpads for use in that laptop that you're thinking of designing? Or did your search queries instead get completely and utterly swamped with thousands upon thousands of aliexpress pictures of the EXACT SAME Apple Trackpad for a 13in Macbook Pro?What about LCDs? Do you even know what type of LCD is commonly available right now? Were you aware that MIPI is Cartelled? Or that the people telling you that eDP is "The Future" are trying to push a much higher-power-consumption design at you and they forgot to invite China-based Manufacturers to the closed-door meeting. How can youactuallyfind which LCDs are commonly manufactured and available in Shenzhen, so that you can begin the design right now before you take that expensive trip abroad.And what about components? If you've looked on taobao or aliexpress, you'll know that many of them are rip-offs, there's absolutely no datasheets, the vendors make pittance so they're extremely unlikely to answer your questions... so whatactualuse is this resource, to anyone?This talk will help answer the paradox of bridging the gap between Shenzhen market prices and the Western and Libre mindsets for hardware design, allowing attendees to take proper advantage of the lower pricing of Shenzhen-sourced parts, and to avoid the nightmare scenario of designing a PCB only to find that its parts went End-of-Life in the Shenzhen markets many years ago, and that the last remaining parts available must be bought from Digikey and IMPORTED (back into China from where they originated!) with a whopping lead time and huge import tariffs of up to 40 percent. +: +B:1517675400 +E:1517677200 +S:Moving from policy to action: +C:Mozilla +L:UA2.118 (Henriot) +D:The talk would be a workshop led by me, Larissa Shapiro, Head of Diversity and Inclusion at Mozilla, and designed to help others learn from our lived experience turning the theoretical community participation guidelines into an actually encouraged, enforced, educated on, living document. Hands on/experiential. +: +B:1517675400 +E:1517676600 +S:Gpg4Libre - OpenPGP signature and encryption support in LibreOffice +C:Open Document Editors +L:AW1.120 +D: +: +B:1517675400 +E:1517677200 +S:SRv6 Network Programming on VPP and Linux +C:SDN and NFV +L:H.1301 (Cornil) +D:SRv6 Network Programming on VPP and Linux +: +B:1517675700 +E:1517677200 +S:Kernel Graphics Development on Remote Machines +C:Graphics +L:K.4.401 +D:Availability of bleeding-edge and prototype hardware is always scarce. Local access to hardware is not always convenient to arrange when multiple members of a team are working on the issue across country and timezone borders. It would also be inefficient to allow much sought after hardware to idle when one team is not actively using it out of office hours for example, as traditionally happens when hardware is shipped. The author, who is currently working as one of the maintainers the Intel graphics i915 Linux kernel driver, has sought for an efficient solution when working as a home based employee for multiple companies. Some off-the-shelf solutions exist, but they're far off in the price range to be suitable for an average Open Source contributor. This talk will walk you through the gotchas in setting up an environment for your project and a demo of one system can be presented optionally. +: +B:1517676000 +E:1517676900 +S:LitOps: literature-as-software +C:Lightning Talks +L:H.2215 (Ferrer) +D:Book production, from inception to publication, is still very much trapped in writing-correction-production cycles that resemble how software was made much earlier. However, productivity would be very much increased if the writing-correction-publication would be taken a step (or two forward) to a continuous integration/continuous delivery DevOps-like environment where you define by software the whole pipeline a book is going to follow from writing to publication. LitOps is a transpiling of the DevOps culture to book production, using mainly software development tools, and rigging them so that you can produce and publish quality-checked books using as many automation tools as possible. +: +B:1517676600 +E:1517677500 +S:SystemTestPortal +C:Testing and automation +L:H.2213 +D:While test automation is desirable in every software project, not all tests can be automated well, e.g. testing software that requires specific hardware. Furthermore, manual system tests often unveil unexpected faults simply because humans are more sensitive in this regard. Actually, almost every developer does this kind of manual tests "somehow". However, due to the lack of a proper tool support, these tests happen in an unplanned, unsystematic way and without documentation. As a result, it is hard for users to find out which features of a product were tested in which environment, on which hardware, and with which result.We are working on a novel web application named SystemTestPortal for creating, running and analyzing manual system tests. The tool aims at being useful for developers, testers, test managers, and end-users. It is lightweight, written in Golang, available under the GPLv3 license, and developed in a student project. Many of its planned features are working already, and by the time of FOSDEM 2018 a mostly complete 1.0 version will be available. This lightning talk will give a brief introduction and demo how the tool can be used to test a typical free software application. +: +B:1517676600 +E:1517677200 +S:OpenMetrics - an industry standard for metrics +C:Monitoring and Cloud +L:UD2.120 (Chavanne) +D:Prometheus' exposition format is great, but its adoption is limited, in part, by political considerations. Creating an industry standard which is detached from Prometheus will hopefully help alleviate this issue. +: +B:1517763000 +E:1517763600 +S:Closing FOSDEM 2018 +C:Keynotes +L:Janson +D:Some closing words. Don't miss it! +: +B:1517676600 +E:1517678100 +S:G1 - Not^H^H^HNever Done! +C:Free Java +L:UD2.208 (Decroly) +D:In JDK 9 we made the G1 garbage collector the default OpenJDK garbagecollector. Does that mean G1 is done? Definitely not! The Oracle GC team is working on exciting changes to improvethroughput, latency and memory footprint for the G1 garbage collectorfor the next JDKs. We are excited to give you a heads up on a few ofthem:Faster Card ScanningParallel Full GC in G1Rebuild Remembered Sets On The FlyAbortable Mixed GCsAutomatic Thread SizingOf course, this is just what we are currently working on; we wouldalso like to share a few interesting ideas that would be interesting topick up and contribute. :) +: +B:1517676600 +E:1517678100 +S:An Open Platform for Collecting data for OpenSeaMap +C:CAD and Open Hardware +L:K.4.201 +D:The OpenSeaMap project is part of the OpenStreetMap project family and aims at leveraging crowd sourced information for leisure captains. As it targets a sepcific user and application group it also relies on additional data on top of traditionally used positional data. This presentation is about an effort to create a hard- and software platform capable of collecting the needed data for the OpenSeaMap project. We share early results yield with a prototype implementation of the proposed platform. +: +B:1517676600 +E:1517677800 +S:LibreOffice QA - One Year Overview +C:Open Document Editors +L:AW1.120 +D: +: +B:1517676900 +E:1517678700 +S:User Session Recording in Cockpit +C:Identity and Access Management +L:UD2.119 +D:Have you ever wished you could see how exactly a user broke your server? Have you wished to see how the user stumbled upon the problem they just reported? Would you like to have such a power within your easy reach, right in your browser, without the need for a pesky command-line setup? Wish no more, because we're going to handle that with User Session Recording support in Cockpit! +: +B:1517677200 +E:1517678400 +S:Easy Ada Tooling with Libadalang +C:Ada +L:AW1.125 +D:A lot of developers consider that a language is only as good as the tooling that accompanies it. Ada has been conceived as a language pretty well amenable to tooling, yet the tooling offer besides AdaCore's is not very extensive, at least when compared to other languages like Java, despite the existence of the ASIS project (Ada Semantic Interface Specification). +: +B:1517677200 +E:1517680800 +S:Go Lightning Talks +C:Go +L:H.1308 (Rolin) +D:The last hour of the day will be dedicated to lightning talks.Come watch great short talks, or come present yours! +: +B:1517677200 +E:1517678700 +S:Cooperative Communities +C:Community devroom +L:K.4.601 +D:This talk will explore mistakes everyone makes when trying to bring one or more communities together. Instead of starting from scratch, and creating a new community for every single cause, this talk will explore how existing communities can be brought together, if there is room for cooperation between projects and if the founders are ready to set their egos aside. It be based on the case study of the Social-Digital Innovation Initiative, which aims at bringing social good and tech together, also through communities. +: +B:1517677200 +E:1517679000 +S:The current EU copyright reform proposal: the end of FLOSS in Europe? +C:Mozilla +L:UA2.118 (Henriot) +D:The copyright reform proposal puts pressure on platforms to monitor and filter all content, proposes a 20yr license on news snippets, and limits who can access datasets -- including open data. Let's demand better copyright reform. +: +B:1517677200 +E:1517680200 +S:Optimizing Software Defined Storage for the Age of Flash +C:Performance +L:Janson +D:High-performance flash storage like NVMe SSDs are becoming commonplace in production environments. In this age of fast storage, inefficiencies in storage software stacks that were previously acceptable with slow spinning devices, are no longer tolerable. There are even faster technologies, like NVDIMMs, on the horizon. These developments are particularly challenging for distributed storage solutions like Gluster and Ceph, where network latencies are a fact of life.This talk is on performance analysis and troubleshooting tools and techniques for this age. +: +B:1517677200 +E:1517679600 +S:Infinity +C:Debugging tools +L:AW1.121 +D:Infinity is a platform-independent system for executables and shared libraries to expose functionality to debug, monitoring, and analysis tooling. It grew from a need to be able to debugmultithreaded applications without requiring libthreaddb. Other systems exist that use the libthreaddb paradigm, for example librtld_db and OPMD; Infinity was designed to replace this entireclass of library-tool interface with something more portable and robust. +: +B:1517677200 +E:1517677500 +S:Beyond string-based logging +C:Monitoring and Cloud +L:UD2.120 (Chavanne) +D:Traditional logs are okay for humans to read, but when the sheer volume of information generated is too much to be processed by a human being everything falls apart ... add distributed systems into the equation and you are pretty close to hell.Structured-logging proposes to take a bit more time when writing logging statements to make it easier to extract and process all this crucial information. Thanks to the rich log entries, new insight can be reached to understand the systems.In this talk I will talk about structured-logging and show how useful it can be with examples in C# and the open source library Serilog.No previous knowledge of C# or .NET is necessary. +: +B:1517677200 +E:1517679000 +S:The Chromium project's Way to Wayland +C:Embedded, mobile and automotive +L:UD2.218A +D:Wayland is the most advanced X11-alternative display protocol, shipping today in a variety of desktop and embedded environments. Although the Chromium browser on Linux still defaults to use the X11 window system, there have been efforts to port it to different environments.This effort happens in various fronts, including the development and stabilization of Ozone, an abstraction layer for graphics and input events, and the transitioning of some ChromeOS-oriented solutions to Linux, for example Chromium's new "UI service".Igalia has been actively contributing to this multi organizational collaboration, aiming at getting a full fledged Chromium browser running natively on Wayland. The work happens on Chromium's upstream repository so that the greater Chromium community can benefit from it.This presentation intends to show the Chromium project's way to Wayland. +: +B:1517677200 +E:1517678100 +S:EU-FOSSA 2 +C:Lightning Talks +L:H.2215 (Ferrer) +D:The EU-FOSSA project developed by European institutions is aiming at improving the security of Open Source Software. The next iteration of the project, EU-FOSSA 2, is continuing in 2017-2019 with a higher budget of 2.6 M€ and a novelty, the bug bounties. Information about the planning and status of the project will be given during this talk. +: +B:1517677200 +E:1517679900 +S:FFmpeg - The Media Swiss Army Knife +C:Open Media +L:H.1309 (Van Rijn) +D:FFmpeg is a FOSS, cross-platform, solution to record, convert and stream audio and video.This session will focus on using the CLI tools included in this project [ffmpeg and ffmprobe] to accomplish everyday video manipulation and streaming tasks. +: +B:1517677200 +E:1517679900 +S:Keys to deploy affordable virtual desktops with IsardVDI +C:Virtualization and IaaS +L:UB2.252A (Lameere) +D:We decided to build one solution from scratch that fully adapts to our needs and lets us take control over all layers involved. We tuned network, storage, hypervisors performance and viewers, focusing in desktops templates quick deployment. +: +B:1517677200 +E:1517680200 +S:Terra Bruciata +C:Miscellaneous +L:K.1.105 (La Fontaine) +D:In this talk I'm going to presentTerra Bruciata, an open source initiative aimed to bring hi-integrity techniques in the world of open source with the objectives of (i) providing to the world bug-free software (ii) developing hi-integrity techniques suitable for open source and (iii) showing to the world that bugs are not unavoidable... +: +B:1517677500 +E:1517680200 +S:Reflections on Teaching a Unix Class With FreeBSD +C:BSD +L:K.3.401 +D:I've been teaching an undergraduate "Unix for Software Developers" class at the University of Applied Sciences, Darmstadt, Germany for a number of years now. The last three years of them in English to allow exchange students to participate as well. I am using FreeBSD in my class and the lab exercises. Topics of the class include an introduction to the Unix shell, editors, filesystems (with a big focus on ZFS), shell programming, grep/sed/awk and since 2017, I also added Ansible. In this talk, I want to reflect on what I learned interacting with the students of various (Unix) backgrounds. I also want to discuss with the audience how to improve the class with relevant topics so that the students get the most out of the class and for their later Unix careers. I'll provide an insight into my labs and what we do there with FreeBSD, too. +: +B:1517677500 +E:1517679000 +S:Wayland client basics +C:Graphics +L:K.4.401 +D:Wayland, the next-generation display server protocol, is slowly but surely taking over the Linux desktop. Preexisting and new applications will have to adapt to this new environment that is fundamentally different from how things used to work on X11 for a long time. This talk gives you the basics of programming native Wayland clients in 2018: the Wayland architecture and protocol world including recent developments, what you can and cannot do, the steps to get something visible on the screen, and why you might not want to do a native application after all. +: +B:1517677800 +E:1517679000 +S:LibreOffice's automatic updater work +C:Open Document Editors +L:AW1.120 +D:Work on the automatic updater for LibreOffice has progressed and daily builds with the updater are provided already for Windows and Linux. However, the updater will not be available in the 6.0 major release. We will explain how the updater works, which problems have been addressed already and what still needs to be done. +: +B:1517677800 +E:1517678100 +S:What's new in Graphite 1.1 +C:Monitoring and Cloud +L:UD2.120 (Chavanne) +D:I'm going to talk about new features of upcoming Graphite 1.1 release - what's new and why it's still usable in 2018. The talk will be useful for current (and former) Graphite users and all persons interested in metrics/TSDB area. +: +B:1517678400 +E:1517678700 +S:oVirt Metrics and logs - in a unified solution +C:Monitoring and Cloud +L:UD2.120 (Chavanne) +D:We think Metrics and logs are not that different. Do you agree?This was our statement when searching for a unified monitoring solution with real-time analytics,for the oVirt data center virtualization project.This talk gives an introduction on how to integrate oVirt metrics with the EFK stack on top of OCP.Attendees of this session will be able to get an in depth look into the stack architecture and ways to utilize it in open source projects. +: +B:1517678400 +E:1517679300 +S:Tips & Tricks to finance an Open Source Project without selling your soul +C:Lightning Talks +L:H.2215 (Ferrer) +D:In this lightning talk the objective is to share actual implemented ideas that have helped financed the XWiki and Cryptpad open source projects without external capital. For now 14 years, XWiki has been able to self finance writing Open Source code and sharing it with the community. We will quickly share what has worked or not, what has proven difficult, what is tricky in order to keep the Open spirit and what has been miraculous ! +: +B:1517678400 +E:1517680800 +S:Wikilab, architecture & CNC +C:CAD and Open Hardware +L:K.4.201 +D:This talk will showcase how FOSS design tools such as FreeCAD were used during the WikiLab project in São Paulo, Brazil, and how this can change the game in the construction field. +: +B:1517678400 +E:1517680800 +S:OpenJDK Governing Board Q&A +C:Free Java +L:UD2.208 (Decroly) +D:An open Q&amp;A session with members of the OpenJDK Governing Board. +: +B:1517678400 +E:1517680800 +S:Why hardware and operating system engineers need to talk +C:Microkernels +L:AW1.126 +D:We want to share a couple of stories where hardware design choices designed to improve system security actually turn out to provide the contrary. This especially becomes prevalent in modern microkernel systems where the workaround for these design choices strongly contradicts the goal to reduce complexity. +: +B:1517678700 +E:1517680200 +S:Why People Don't Contribute To Your Open Source Project +C:Community devroom +L:K.4.601 +D:How to help users progress from filing bad issues to filing good issues to making simple contributions to making complex contributions to maintaining your open source project. Talks about the open source contribution funnel through which people progress and the best tips for maintainers and contributors to attract and retain more of them on a given project. +: +B:1517679000 +E:1517680800 +S:Bugmark +C:Mozilla +L:UA2.118 (Henriot) +D:Bugmark is a market that connects people who want better software to people who can build it. In order to make open collaboration more effective, we are using simple market mechanisms to add incentives to do useful work. +: +B:1517679000 +E:1517680800 +S:Fleet Commander: The efficient way of managing the Desktop profiles of your fleet! +C:Identity and Access Management +L:UD2.119 +D:This talk will go through what Fleet Commander is (and, consequently, what Fleet Commander isnotintended for), which are the solutions proposed by the project, how Fleet Commander interacts with SSSD and freeIPA and, plans for the future and finally provide a Demo of the current state of the project. +: +B:1517679000 +E:1517680800 +S:Lightning talk session +C:Open Document Editors +L:AW1.120 +D: +: +B:1517679000 +E:1517680800 +S:GStreamer for tiny devices +C:Embedded, mobile and automotive +L:UD2.218A +D:GStreamer is a complete Open Source multimedia framework, and it includes hundreds of plugins, including modern formats like DASH, HLS or the first ever RTSP 2.0 implementation. The whole framework is almost 150MB on my computer, but what if you only have 5 megs of flash available? Is it a viable choice? Yes it is, and I will show you how.Starting with simple tricks like only including the necessary plugins, all the way to statically compiling only the functions that are actually used to produce the smaller possible footprint. +: +B:1517679000 +E:1517680800 +S:Informal Discussions & Closing +C:Ada +L:AW1.125 +D:Informal discussion on ideas and proposals for future events. +: +B:1517679000 +E:1517679300 +S:Grafanalib - Dashboards as Code +C:Monitoring and Cloud +L:UD2.120 (Chavanne) +D:A lightning-fast introduction to Grafanalib, a small Python library that lets you create dashboards as code.Target audience for the library is people using and amending Grafana dashboards, but the underlying idea is of interest to anyone doing Ops or DevOps. +: +B:1517679300 +E:1517680800 +S:A Journey through Upstream Atomic KMS to achieve DP compliance +C:Graphics +L:K.4.401 +D:Ever hooked up a Linux Computer to a monitor only to experience...nothing? DP is far from being a dumb cable and requires that the entire graphics stack works together to gracefully handle mode failures and recover them. Achieving DP compliance requires that the kernel drivers, hotplug events and the userspace compositors all work together to render every frame at requested rate e.g by handling link failure. The Linux Kernel's atomic modesetting infrastructure on the other hand is a daunting beast of its own and understanding how all the pieces interact is a challenge itself. In this talk Manasi will present the ultimate technical solution for DP compliance ensuring a successful modeset that is recently upstreamed in Linux kernel (4.12) as well as Xserver (1.19.3) +: +B:1517679600 +E:1517680500 +S:FOSSology - OSS Project for License Compliance +C:Lightning Talks +L:H.2215 (Ferrer) +D:FOSSology is a popular tool for the end-to-end analysis of software components in a single Web server application. It can scan source code for: a) License information, b) Copyright notices, c) Export control relevant statements. It makes software analysis more efficient by offering high precision, greatly reducing overhead costs. FOSSology lets users generate compliance documentation according to the organization's needs, in a variety of data formats, emphasizing SPDX tag-value and RDF documents.FOSSology is Open Source Software licensed under GPL-2.0 and a Linux Foundation collaboration project. In the past year, FOSSology has improved in many areas such as reporting, license management and data exchange capabilities. This talk provides and update about The SPDX Import and Export Functionality. +: +B:1517680500 +E:1517680800 +S:Community DevRoom Concluding Remarks +C:Community devroom +L:K.4.601 +D:In which Leslie and Laura provide the concluding remarks for the day. +: +B:1517680500 +E:1517680800 +S:Video testing +C:BOFs (Track C - in J1.106) +L:J1.106 +D:This is to test the video processing system. The room will really be empty. +: diff --git a/agenda/main b/agenda/main @@ -0,0 +1,32 @@ +B:1514735700 +E:1514742600 +S:Paris Massy TGV +C:train +L:Rennes +D:not yet purchased 13€ +: +B:1517180400 +E:1517180400 +S:BSD Meetup +C:conference +L:Rennes +D:09:58 < Niamkik> josuah olivier_ petrus_lt: prochain meetup 29 janvier 2018 +D:- +: +B:1533942000 +E:1534028400 +S:BitreichCon +C:conference +L:France +D: +D:The phantom bitreichcon committee has decided on the date for bitreich- +D:con 2018. Bitreichcon 2018 will happen on 11th to 12th of August 2018. +D:The location will be announced separately. +: +B:1517612400 +E:1517698800 +S:FOSDEM +C:conference +L:ULB Solbosch Campus in Brussels, Belgium +D: +: diff --git a/bin/etc b/bin/etc @@ -1,5 +1,5 @@ #!/bin/sh -e -{ETC}=$(cd "${0%/*}/.." && pwd) +ETC=$(cd "${0%/*}/.." && pwd) case ${1} in (link) diff --git a/bin/listree b/bin/listree @@ -0,0 +1,40 @@ +#!/bin/sh +# list paths in a tree with some stat infos + +LC_COLLATE=C + +case $# in (0) ;; (1) cd "$1" || exit 1 ;; (*) exit 1 ;; esac + +du -a | grep -v -e/CVS -e/.git | sort -k2 -t' ' | +awk -v LINE='| ' -v NODE='|- ' -v TAIL='`- ' -v VOID=' ' ' +{ + count = split($0, path_v, "/"); + for (i = 2; i <= count; i++) + line_v[NR":"i] = LINE; + sub("\t.*", "", $0); + line_v[NR":"count] = NODE; + line_v[NR":"1] = sprintf("%10d ", $0); + line_v[NR"name"] = count == 1 ? "." : path_v[count]; +} + +END { + for (i = 2; !stop; i++) { + stop = tail = 1; + for (l = NR; l > 0; l--) { + if (line_v[l":"i] == LINE && tail) { + line_v[l":"i] = VOID; + stop = 0; + } else if (line_v[l":"i] == NODE && tail) { + line_v[l":"i] = TAIL; + tail = stop = 0; + } else if (!line_v[l":"i]) { + tail = 1; + } + } + } + for (l = 1; l <= NR; l++) { + for (i = 1; line_v[l":"i] != ""; i++) + printf("%s", line_v[l":"i]); + printf("%s\n", line_v[l"name"]); + } +}' | less -X diff --git a/bin/lt b/bin/lt @@ -1,40 +0,0 @@ -#!/bin/sh -# list paths in a tree with some stat infos - -LC_COLLATE=C - -case $# in (0) ;; (1) cd "$1" || exit 1 ;; (*) exit 1 ;; esac - -du -a | grep -v -e/CVS -e/.git | sort -k2 -t' ' | -awk -v LINE='| ' -v NODE='|- ' -v TAIL='`- ' -v VOID=' ' ' -{ - count = split($0, path_v, "/"); - for (i = 2; i <= count; i++) - line_v[NR":"i] = LINE; - sub("\t.*", "", $0); - line_v[NR":"count] = NODE; - line_v[NR":"1] = sprintf("%10d ", $0); - line_v[NR"name"] = count == 1 ? "." : path_v[count]; -} - -END { - for (i = 2; !stop; i++) { - stop = tail = 1; - for (l = NR; l > 0; l--) { - if (line_v[l":"i] == LINE && tail) { - line_v[l":"i] = VOID; - stop = 0; - } else if (line_v[l":"i] == NODE && tail) { - line_v[l":"i] = TAIL; - tail = stop = 0; - } else if (!line_v[l":"i]) { - tail = 1; - } - } - } - for (l = 1; l <= NR; l++) { - for (i = 1; line_v[l":"i] != ""; i++) - printf("%s", line_v[l":"i]); - printf("%s\n", line_v[l"name"]); - } -}' diff --git a/bin/mblaze-filter b/bin/mblaze-filter @@ -12,57 +12,62 @@ do mlist "$MAILDIR/INBOX" | mpick -t "$header ~~~ $glob" | xargs -rI % mv % "$MAILDIR/$dir/new" done << 'EOF' 2>&1 "List-Id" "**" "From" "*@amazon.*" "From" "*amnesty.*" "From" "*Cryo Chamber*" "From" "**" "From" "**" "List-Id" "**" "From" "**" "From" "**" "From" "*dropbox.*" "From" "*ebay.*" "From" "**" "From" "**" "From" "**" "From" "**" "From" "**" "From" "**" "From" "**" "From" "**" "From" "**" "From" "**" "List-Id" "**" "From" "**" "List-Id" "*gopher-project*" "List-Id" "**" "From" "**" "From" "**" "List-Id" "**" "From" "**" "From" "**" "List-ID" "**" "List-ID" "**" "List-ID" "**" "From" "*paypal.*" "From" "*@reddit.*" "Subject" "*\[\]*" "From" "*@researchgate.*" "From" "*@researchgatemail.*" "Mailing-List" "*sabotage**" "List-Id" "**" -transports "From" "**" -transports "From" "*BlaBlaCar*" -transports "From" "*flixbus*" -transports "From" "**" -transports "From" "*megabus*" -transports "From" "*ouibus*" -transports "From" "*ouigo*" -transports "From" "**" -transports "From" "**" "List-Id" "**" "From" "**" "From" "**" "From" "**" "List-Id" "**" "From" "*@amazon.*" "From" "*amnesty.*" "From" "*Cryo Chamber*" "From" "**" "From" "**" "List-Id" "**" "From" "**" "From" "**" "From" "*dropbox.*" "From" "*ebay.*" "From" "**" "From" "**" "From" "**" "From" "**" "From" "**" "From" "**" "From" "**" "From" "**" "List-Id" "**" "List-Id" "**" "List-Id" "**" "List-Id" "**" "From" "**" "From" "**" "From" "**" "List-Id" "**" "From" "**" "List-Id" "*gopher-project*" "List-Id" "**" "From" "**" "From" "**" "List-Id" "**" "From" "**" "From" "**" "List-ID" "**" "List-ID" "**" "List-ID" "**" "From" "*paypal.*" "From" "*@reddit.*" "Subject" "*\[\]*" "From" "*@researchgate.*" "From" "*@researchgatemail.*" "Mailing-List" "*sabotage**" "List-Id" "**" +transports "From" "**" +transports "From" "*BlaBlaCar*" +transports "From" "*flixbus*" +transports "From" "**" +transports "From" "*megabus*" +transports "From" "*ouibus*" +transports "From" "*ouigo*" +transports "From" "**" +transports "From" "**" "List-Id" "**" "From" "**" "From" "**" "From" "**" EOF diff --git a/bin/xdg-open b/bin/xdg-open @@ -185,8 +185,12 @@ esac mupdf "$1" & exit ;; -(*.jpg|*.jpeg|*.png) - feh -. "$1" & +(*.png|*.PNG) + png2ff < "$1" | lel & + exit + ;; +(*.jpg|*.jpeg|*.JPG|*.JPEG) + jpg2ff < "$1" | lel & exit ;; (*.gif) diff --git a/pack/farbfeld-resize/build b/pack/farbfeld-resize/build @@ -0,0 +1,6 @@ +#!/bin/sh -e + +make + +mkdir -p "$OPT/bin" +cp resize "$OPT/bin/resize" diff --git a/pack/farbfeld-resize/git b/pack/farbfeld-resize/git @@ -0,0 +1 @@ +git:// diff --git a/pack/lel/git b/pack/lel/git @@ -0,0 +1 @@ +git:// diff --git a/skel/crontab b/skel/crontab @@ -1,2 +1,3 @@ #*/15 * * * * mpop && mblaze-filter #*/15 * * * * monit step 800 +#*/15 * * * * update-agenda diff --git a/twt b/twt @@ -120,7 +120,7 @@ trevor tux0r tuxtimo twtxt -tx +tx gopher:// umonkey vinc vrmxm