Presentations

Technical societies increasingly struggle with governance capture by large corporations and entrenched interests, especially in news deserts where transparency is low. This talk presents an actionable, open-governance alternative: sortition, or democratic lotteries, paired with publicly governed digital infrastructure for collective self-rule. Drawing from real-world examples (including the lottery-selected board of Democracy Without Elections and open-source governance work from Metagov), we explore how engineering and professional organizations can use stratified random selection and participatory technology to build representative, trustworthy, transparent, and capture-resistant leadership structures. Participants will learn concrete steps to implement sortition-based boards or committees supported by legitimate, publicly governed tools.

The challenge of bridging technical divides in government is universal: modern systems exclude paper-based stakeholders, while simplified tools limit potential. In The Gambia, known as 'Africa's smiling coast', we confronted this reality head‑on: institutions with full‑blown ERPs exist alongside those relying on paper, the digital divide is stark. Discover the novel 4‑level framework, "from API to manual entry", architected as the operational blueprint for The Gambia’s National Higher Education Management Information System (HEMIS), designed to integrate all stakeholders without sacrificing capability or perpetuating inequality.

From scrappy sysadmins and early SRE teams to DevOps and today’s platform engineering wave, this talk traces how operations have evolved—and why the next frontier is treating your platform as a real internal product for developers. This talk will unpack what a modern platform actually is (and isn’t), show how ideas like Team Topologies, golden paths, and “glue as a service” fit together, and share concrete strategies for success: adopting a product mindset, obsessing over developer experience, measuring with DevEx/DORA-style signals, and ruthlessly stripping away incidental complexity so autonomous teams can move faster with less coordination. You’ll leave with a practical mental model and a set of patterns you can apply immediately to build a better loop between developers, platform, and the business. 

PlanetScale for Postgres is a database as a service, launched in July of 2025, composed largely of open source materials. In this talk, we'll discuss how we approached this project, what factors informed our technology choices, some of the nuances and sharp edges we've encountered because of those choices, and some interesting ways that we've stitched these components together into a cohesive system.

Discover how to transform Asterisk into a real-time Voice AI platform by integrating SIP telephony, WebRTC, and OpenAI Realtime. This session will showcase a low-latency, secure architecture for conversational intelligence, including a live demo of Voice AI handling calls, generating structured data, and integrating STIR/SHAKEN for secure communications. Key takeaways include building scalable Voice AI systems, securing SIP/AI architecture, and creating call management dashboards with summaries and analytics.

Modern softphones have gone beyond user interfaces and SIP endpoints, becoming distributed, fault-tolerant communication systems designed for global scale. As organizations adopt hybrid Asterisk environments, there's a need for scalable softphone architectures connecting WebRTC, SIP, mobile, and AI platforms.

This session will use SIPERB as a case study to explore the challenges and patterns of building a large-scale softphone platform. We’ll examine the backend ecosystem, including SIP proxies and media relays, and explain why scalability and interoperability are crucial from the start.
You'll learn to build a reliable softphone for browsers and mobile devices, using modern WebRTC architectures to keep your Asterisk core lightweight and secure. We'll also demonstrate how a standards-based, event-driven architecture allows integration with platforms like WhatsApp and OpenAI for AI analysis and cross-platform communication.

Modern SRE work depends on knowing what resources exist across clouds and services, how they are configured, and how they change, but that data is often scattered across tools and systems. This talk shares how we built a unified, continuously updated cloud inventory using CloudQuery to normalize cloud and SaaS data into relational tables. We will explain how we integrated the framework into our infrastructure, extended it with custom plugins, and applied the resulting visibility to incident response, investigations, capacity reviews, and broader reliability practices. Attendees will learn practical approaches for building an internal asset inventory, scaling it in production, and using shared data to improve reliability and collaboration across SRE, Product, and GRC teams.

As organizations adopt generative AI, platform teams must support multi-node inference, GPU-based model serving, and growing API sprawl while keeping the developer experience simple. This session explores Kubernetes-native approaches like kserve, high-throughput frameworks like vLLM, and gateways like LiteLLM for standardized model access. Attendees will learn concrete patterns for supporting AI at scale while preserving the principles that made their platforms successful.

This session presents a practical blueprint for building a SageMaker-like AI Factory using only upstream open source projects. 

We walk through a complete architecture that combines Kubernetes, Kubeflow, MLflow, KServe, vLLM, and a modern Cloudscape-based console, secured with Keycloak and FreeIPA for enterprise-grade IAM and SSO. 

On the data side, we leverage Ceph, Apache Iceberg/Hudi, Kafka, Spark/Flink, and Feast to create a robust lakehouse and feature platform. We then show how to orchestrate the full ML lifecycle—from data ingestion and feature engineering to training, model registry, deployment, monitoring, and cost visibility—using GitOps, Prometheus/Grafana, OpenCost, and policy-as-code. 

Attendees will leave with a clear, vendor-neutral reference architecture and a concrete checklist of upstream components to assemble their own open, portable, and sovereign AI Factory across on-prem, cloud, and edge environments.

The Open Floor Protocol (OFP) is an open standard (Linux Foundation AI & Data) enabling heterogeneous conversational agents to interoperate via universal JSON message formats—Conversation Envelopes. This talk introduces OFP's core components: Envelopes, Dialog Events, and Assistant Manifests. I'll demonstrate advanced use cases (delegation, mediation, orchestration, discovery) and Beaconforge—an open-source Python framework for building OFP-compliant agents—with practical multi-agent collaboration examples.

With the recent improvements to Asterisk's ARI and the introduction of chan\_websocket, it's easier than ever to build your voice services with Asterisk. You can now build a complete solution, including control and audio, using only websockets. This talk covers how these new features are designed to work together to make Asterisk the go-to platform for your IP telephony services.

As much as we need to and should support students with adopting new technologies such as AI, educators are being thrown into the deep end and expected to swim with very little instruction or support. From working with educators while at GitHub and as part of Internet-in-a-Box (IIAB), it is clear that we ask much of our teachers. They are expected to learn not only basic computing and software development, but also version control, collaborative software development, and now, how to teach about and with AI. This is daunting anywhere and even more daunting in the developing world where experienced mentors and resources can be scarce.

Wikipedia, GitHub, and arXiv show us that free and open access can be transformative and lower barriers of access to entry to new skills and careers. We will share educational experiences with GitHub, Internet-in-a-Box, and AI and our work to provide online and offline tooling and content to remote regions worldwide. A model of federated ecosystems can empower educators, learners, and community organizers everywhere, turning passive learners into active creators in the AI era.

Whether you're a fresh graduate or a career transitioner, breaking into tech can feel like getting stuck in an infinite loop: 
while need_job:
   if not have_experience:
       need_job = True 

In this talk, I’ll share how I demonstrated my value to potential employers - and got noticed - by transforming my personal blog into a living portfolio that showcased more than just my burgeoning technical skills.

Attendees will learn how to check their own boxes by showing off transferable skills, creating visible proof of competence, and highlighting how their learning process can be a strength rather than a limitation. I’ll discuss the practical steps I used to craft my blog to meet my needs as a career transitioner and how I positioned my seemingly-unrelated skills - like copywriting and photography - as useful and relevant to my development as a programmer. My blog got me noticed at networking events, served as a talking point in interviews, and bolstered my confidence. I’ll give attendees the tools to develop their own strategy to break the cycle and land their first job in tech.

Kwaai's Call to Action for Personal AI

CloudNativePG is an open-source Kubernetes operator for PostgreSQL, which has officially been accepted into the Cloud Native Computing Foundation (CNCF) Sandbox.

CloudNativePG manages the full lifecycle of PostgreSQL clusters, configured with a primary/standby setup using native streaming replication for high availability. It is fully declarative and Kubernetes-native. The operator avoids StatefulSets, managing Pods and PersistentVolumeClaims directly. This gives it granular control over storage, instance lifecycle, and automated failover procedures.

We will cover its core design philosophy and key features—including automated deployment, self-healing, and integrated backup/recovery. We will also demonstrate how easy it is to spin up, manage, and scale robust PostgreSQL clusters using CloudNativePG.

Recently, several open source companies attracted a lot of attention after their announcements of license changes. Not surprisingly, these shifts sparked backlash from open source enthusiasts, prompting some to create community-driven forks under open source foundations.

Now there is growing skepticism toward (single) company backed open source projects, with many arguing that open source projects should be run by neutral foundations to prevent future bait-and-switch tactics. In this session, we'll explore if a foundation is always the right model for open source projects. 

“Confidential Vector Search: Knowledgebase Homomorphic Encryption” introduces a practical path to RAG systems that can search sensitive embeddings without ever revealing them. Building on the SIAM study “Maturing Homomorphic Encryption (HE) to Enable Privacy Preserving Vector Search,” Sulimon Sattari will unpack how techniques like dimensional scrambling, noise injection, CKKS, and chaotic mapping can be combined with new schemes such as DIEHARD and ROME to preserve inner products while keeping queries and documents encrypted.
 

Step into the world of stream processing, where events arrive sporadically and timing matters.

This talk explores managing the journey and lifetime of an events during stream processing. We will discuss data events from ingestion to output and examine what happens along the way.

Using a movie theater metaphor, we will explain key ideas like time windows, late arrivals, and dead letter queues. The talk connects high-level concepts to practical implementation notes. You will leave with a clear and useful mental model for working with real-time data.

“Consent Chain: Towards MyTerms” explores how we can finally escape cookie banners and move to user‑set, cryptographically provable privacy terms. Drawing on his work at Kasm, Jaymes Davis will unpack the ConsentChain model shown in this session’s poster: users define a universal privacy profile once; a browser plugin then auto‑negotiates consent with websites and records a tamper‑proof hash of the agreement on a public blockchain, giving enterprises auditable compliance while eliminating banner fatigue for individuals.
 

Over the past few years, OCI containers and Kubernetes have become the backbone of Meta’s open-source cloud infrastructure. This talk explores the complexities of safely running containers inside containers (“nested containers”) without root privileges. It demystifies OCI container internals, highlights the latest open-source advancements enabling rootless deployments, and addresses the unique challenges posed by nested environments. Through production case studies, it shares lessons for secure, efficient container-in-container deployments.

This talk will discuss different ways to crack passwords. There will be a brief history of how passwords are hashed, how hashing works, how long a password should be, how to pick a good password, password managers, and defense against passwords being cracked.

Three ways to crack passwords will be described. Custom open source tools I wrote to help manage password cracking will be described.

I will discuss statistics on 1 billion passwords I have found including password length, use of different character classes such as all lowercase, all uppercase and more. Password patterns will be discussed.

Everyone is running their applications on Kubernetes these days, most of the time the application servers are stateless so it is easy to do so because the database behind the application is responsible for storing the state. What if you would also want to run you database on the same Kubernetes stack. Will you use stateful sets? Will you use network attached storage? These types of storage are introducing a lot of disk latency because of the mandatory network hops. This is why in many environments the database servers still are dedicated machines that are treated as pets while the rest of the fleet is more like cattle.

In this session I will speak about how we run our databases on Kubernetes by using the local ephemeral storage to store your data and also how we are confident we will not loose it in the process of doing so!

This session is a presentation of Data4Citizen, the new disruptive Open Data Platform used by Governments to deploy Open Data Portals, powered by AI and LLM This session explians how Data4Citizen can help users to value the public data, anywhere - anytime, through easy-to-use interfaces and AI companions

Data4Citizen provides more than a simple data catalog, with modules and tools to create maps, interactives Dashboards, etc

“Decentralized Trust for People and AI Agents: A Report from Linux Foundation Trust Over IP (ToIP)” dives into how we can give both humans and AI agents durable, portable trust on the open internet. Drummond Reed—co‑author of the Trust Over IP stack and co‑founder of the First Person Project—will explain ToIP’s four‑layer architecture, which pairs a technical stack (DIDs, verifiable credentials, agent protocols) with a governance stack (community‑defined trust frameworks) so that trust isn’t left to ad‑hoc policies or single vendors.
 

API Priority and Fairness (APF) is a core feature in Kubernetes designed to protect the API server from overload and ensure critical requests are processed even during high traffic. It works by classifying, prioritizing, and managing inbound API requests using a flow control mechanism.