Presentations
Having a trustworthy boot process is the foundation of the rest of your system's security. If your BIOS, kernel, or initrd have been tampered with, an attacker can hide their backdoor from the rest of the system. This talk will discuss the security threats against the boot process and briefly cover some other approaches to protect against boot-time attacks but the talk will primarily focus on Heads, an open source project that provides tamper-evident boot. I will discuss how Heads works, how it differs from other secure boot approaches, and demonstrate how it protects against tampering.
This tutorial will show you how IEEE SA Open offers a flexible, scalable open source development environment backed by exclusive IEEE service and support. Learn how to launch an open source project (standards and non-standards related) and how IEEE SA and IEEE Foundation can be a 501(c)3 nonprofit fiscal home for future open source work. Come see how IEEE SA Open can empower you to raise the world’s standards in open source development. This session is sponsored by the IEEE.
Since commercialization and privatization of the Internet first began in the 1990's, there has been a steady push to move access side DNS (called "recursive") away from customer networks and towards first ISP's and later Cisco, Google, IBM, and Cloudflare. What are the real motives for this trend? What are the risks and costs, and who pays them? Dr. Vixie has worked in the DNS field since 1989 and has invented many of the monitoring and filtering capabilities now used by nearly all DNS services, and he will try to explain what's happening.
Advances in technology always have us striving for performance, shiny new features, and cool gadgets to play with. What happens to the Isle of Misfit Toys when the customers want the sexy new social media integrations and the developers don’t want to tinker with that LAMP stack when there are containers to orchestrate?
Mentoring still stands as one of the most requested programs in open source and across industries. The traditional 1:1 approach doesn’t scale yet it’s the status quo – why? We can build systems that have the weight of the world but we have problems building our own people up. In this talk, Paris and Josh will talk about examples of mentoring programs that Kubernetes has built – both successfully and lessons learned in a large 26000 person contributor community.
This talk goes over an introduction to Amazon Elastic Container Service for Kubernetes (Amazon EKS) on AWS. Learn how to easily manage, deploy and scale containerized applications on Amazon EKS. We’ll dive into a hands-on demonstration on how to initially provision new k8s clusters or manage a long running cluster using eksctl, an open source CLI tool for Amazon EKS. We will explore how eksctl can be used to provision a fully managed k8s control plane and on demand right size computing for pods.
When you think of Kubernetes, you probably don't think about mainframes, but modern mainframes can run Linux and the careful observer may have already discovered that the mainframe architecture (s390x) is one of the architectures that's built for every Kubernetes release.
Recently, the process of FOSS license creation has been politicized from all directions, primarily by for-profit companies. We now see companies and their lawyers promulgating seemingly-FOSS but non-commercial-use only licenses. Even worse, some companies seek to redefine copyleft into a toxic system that is inoculated only by a separate proprietary license. Activists have meanwhile created well-meaning licenses that use denial of software freedom to advance important causes, but are ultimately non-FOSS. This talk discusses what we should do next about this complex confluence of events.
Mobile phone applications have provided countless opportunities for people, but most of the success lies in the User Interface. Iconic Framework provides free and easy-to-use tools for anyone looking to develop an app. This toolkit builds hybrid apps which are apps that are accessed through low-level browser shells.
Whether you’re a software engineer or data scientist, dealing with dependency hell is often an unavoidable problem when building complex projects that require 3rd packages. This talk will explore a classic case of dependency hell, known as the diamond dependency problem, and if SAT-solvers are adequate enough to address these issues.