Presentations

As an app developer, my goal is to serve my users. I may love my tech stack, but secretly, I am terrified of the data layer.

These days we have more and people building apps and the database is only given the thought of a prompt or simple setup. The database should be loved and enjoyed, not feared. In this talk, I'll share how approachable PostgreSQL can be for app developers using the tools that we know and love, like ORMs and AI.

Learn how to securely and efficiently install Asterisk and FreePBX using declarative, idempotent instructions stored in a version-controlled cloud-init.yaml file. This approach minimizes arbitrary commands, reduces risks of command injection and privilege escalation, and ensures validation and error handling through cloud-init. In this session, we’ll walk you through a cloud-init.yaml configuration for installing FreePBX with robust management and security best practices.

The Apereo Foundation supports the development and sustainability of open source software in higher education through a global, community-led model. Indeed, several Apereo projects enjoy 20+ years of success. This session introduces Apereo’s evolving approach and roles in fostering open technologies that power critical academic services, research computing, and administrative systems, including authentication/authorization, online learning, video capture and editing, calendaring, scheduling, and registration, as well as data management. Attendees will learn how Apereo supports projects through granting and corporate funding, incubation and health metrics, community development and management, unique to higher education, but applicable to any open source community of practice. Specific initiatives, such as Apereo Micro-Conferences as an awareness and engagement strategy, and the emerging “Community as a Service” model toward self-sustainability, will be introduced.

This talk presents a multikernel Linux architecture where multiple independent Linux kernel instances execute on a single machine with kernel-enforced resource partitioning. Unlike previous replica-based multikernel design, our isolation-based design addresses dynamic resource management through device tree based allocation and Linux hotplug operations. We discuss the architectural design, implementation leveraging existing kernel infrastructure: kexec, device tree, hotplug subsystems. Use cases include AI agent sandbox, zero-downtime kernel updates and automatic crash recovery with backup kernel. This design maintains full Linux compatibility while providing strong isolation without virtualization overhead.

AI is changing how developers learn, collaborate, and contribute.

Are AI coding tools eroding community participation? Is Stack Overflow’s decline a warning sign? Will AI-generated contributions overwhelm maintainers? How do people contribute to open source when using AI tools?
This session uses real data on developer behavior, GitHub contribution patterns, and changes in project development. You’ll learn what’s actually changing, where AI is truly supporting open source work, and where it risks undermining long-term sustainability.

FreePBX is a key component of many VoIP deployments, making its security essential. This session covers real-world vulnerability discovery, responsible disclosure, and remediation based on Horizon3.ai's research.

Join Cindy Cohn, Executive Director of the Electronic Frontier Foundation for a SCaLE 2026 keynote presentation.

Join Mark Russinovich, CTO, Azure for a SCaLE 2026 keynote presentation.

This session will guide participants through the essential steps of setting up Docker on a fresh server installation. Attendees will learn how to deploy a simple application within Docker containers, link a custom domain, and secure their server with Tailscale, a modern VPN solution. By the end of the demonstration, participants will gain practical skills in application deployment and private networking, empowering them to enhance their projects and professional environments with modern technologies. Whether you’re a novice or seasoned user, this session offers valuable insights into containerization and secure application management.

Language learning apps are used by millions of people around the world. Many of these of these apps operate on a freemium model and pay for their free versions with ads. The infrastructure for these ads can possibly bleed into the infrastructure of the paid versions. This study seeks to verify, using open-source tools, that the paid versions of Duolingo, Busuu, and Memrise are not broadcasting user data to advertisers.

Leveraging LLMs (Large Langage Models)/machine learning in an embedded environment can be riddled with surprises and challenges due differences on embedded devices and expectations. This session will look at challenges encountered by an embedded developer evaluating LLMs on an embedded Linux device along with trade offs in trying to fit an open LLM on an embedded device. The challenges will be illustrated with data from different attempts attempts on embedded Linux. Combination of both hardware and software will be looked at to address the challenges.

When ClickHouse Cloud was launched - we still had Persistent Volume Claims (PVCs) backed by EBS (and other equivalent) volumes to store critical metadata in the hot path. We did not have true separation of Compute and Storage. 

Over the course of the last few years, we have been slowly but surely working our way to remove this limitation. This talk is the culmination of everything that was done - important fixes in the Core database as well as the cloud database Operator - to finally get rid of those volumes. Now when we allocate database server pods in the cloud - there are no Network Block Volumes attached to them. 

This talk documents the challenges of implementing such a critical feature in the journey of a cloud database, as well as the subsequent migration of customers in this cloud to this mode of operation. We will cover important topics such as S3-based Storage Engine, Catalog and S3-Plain Re-writable Disks as well as the Kubernetes Operator changes to enable these features in the Cloud.

In this talk, Joshua will share his insights and experiences with OpenTelemetry, an open-source project that offers protocols, APIs, and SDKs for collecting metrics, traces, and logs from applications and services. He will cover the comprehensive toolkit provided by the OpenTelemetry community, including language SDKs, the Collector, and the OTLP formats for metrics, traces, and logs.

He will demonstrate how to instrument and monitor a microservices application running on a Kubernetes cluster, utilizing the full potential of OpenTelemetry. Attendees will learn how to use powerful open-source tools like Jaeger and Prometheus to effectively analyze telemetry signals from their applications.

By the end of this session, attendees will have a solid understanding of how to implement OpenTelemetry in their projects, enhancing their debugging and observability practices. Join us as we delve into the world of OpenTelemetry, unlocking the capabilities of this powerful technology for your development needs.

To track state-sponsored malware and combat the stalkerware of abusive partners, you need tools. Safe, reliable, and fast tools. For the dark corners of the Android ecosystem, we couldn’t find a good tool to download packages on the command-line. So we made one.

Rather than just solve our own problem, we decided to make our new tool, apkeep, generically useful for everyone. We also wanted it to be reliable, safe, and fast. So writing it in async Rust made a lot of sense, and allowed us to deploy to a wide range of architectures and platforms. But we wanted to download not only from Google Play, but other app stores as well. And supporting these often necessitated employing Android reverse engineering techniques and dynamic analysis to look at real-time traffic being sent over HTTPS.

This talk aims to introduce apkeep as a tool, explore some of the novel obstacles we faced in building out this tool, and show some of the results of those who have incorporated it into their toolboxes.

You could be watching a training video in your pajamas, but you chose to be here because you want real, lasting connections that can transform your career. In a world where AI blurs reality, face-to-face networking gives you an edge that online courses can’t match. Whether you’re an introvert or an extrovert, this session will help you set a conference goal and turn networking from daunting to delightful. We’ll cover how to keep conversations going, exit gracefully, and make connections that last, with practical tips and interactive exercises that boost your confidence and help you make the most of every event.

Some have dreamed of the day where we can plug our complex systems into stereo speakers and know when there's trouble just by listening to the result. Monteverdi is a new Open Source platform that rethinks Observability and gets us closer to the dream.

This talk is a tour of application features, the pattern matching algorithm, a modular Plugin system that enables MIDI output, the TDD-based approach in Golang, and a look at its own metrics in OpenTelemetry. Along the way we dig into technical details like using GitHub Actions with GoReleaser to publish separate objects, or how it can be extended with Plugins to employ AI. The app will be displayed live and demoed, making sound through a MIDI device and DIY setup, using live system metrics to power the music.

Migrating existing services to OpenTelemetry is rarely just a “drop-in” change—especially when you’re trying to standardize across teams with different stacks, maturity levels, and release rhythms. This talk covers the practical challenges we hit while moving to OpenTelemetry at scale, and how we addressed them with a home-grown, self-service solution built on Pulumi.

Cloud-Native platforms are exponentially scaling across clusters, clouds, and teams. Enforcing consistent policies and resilient operations becomes a critical challenge for platform teams. In this session, we explore how Kyverno, combined with ClusterAPI and k0rdent enables secure, declarative governance without the complexity of admission webhooks or custom tooling. 

Through real-world examples, we demonstrate how this integration powers developer self-service, enforces platform standards, supports AI/ML workloads, and reduces operational overhead showcasing policy-driven platform engineering done right.

The storage directory settings in systemd help define where services store their data. Two important features have been implemented for these directories. The first one is id-mapped mounts, which is a filesystem feature that allows a mount namespace to show a different UID than what is stored on a file. Storage directories now support id-mapping, so that the files within the mount namespace of a service defined with DynamicUser=yes are owned by its unprivileged UID/GID. The second feature is storage quota support. Storage limits can now be defined in terms of percentages or absolute values to enforce quotas on the consumption of State, Cache, and Logs directories. These features enhance the security and resource management of systemd services.

Arm64 instances offer the best price/performance on every cloud these days, but application migration can be a bit scary for the uninitiated. This presentation will walk you through the basics of why and how to migrate applications to multi-architecture Kubernetes clusters.  

In this presentation, we will run through the basics of how to start running your Kubernetes applications on hybrid arm64 and x86 clusters, including:  

- Why add Arm64 compute nodes to your Kubernetes clusters?
- Building multi-arch container manifests
- Workload placement and orchestration in Kubernetes
- Easing migration with continuous delivery patterns 

By the end of this presentation, you will have the confidence to build and run your own applications on the fastest growing architecture for cloud deployments.

SLAC National Lab uses particle accelerators to run the world's most powerful X-ray laser. We also process Vera C. Rubin Observatory images - the largest-ever astronomy dataset. This talk is an infrastructure-focused introduction to Scientific Computing. Learn about how open source is at the core of how we collect, store, and process data for cutting-edge scientific research.

I never had a need for home automation, until I got a cabin in the woods. I wanted a simple camera security system, sensors, and other automation so I could monitor my cabin when I wasn't there, and tell whether I remembered to lock the door! I wanted control over my personal data, so I went with Home Assistant, open source home automation software that's easy to use, can run from a Raspberry Pi, doesn't depend on cloud services, and has wide compatibility with home automation hardware.

In this talk I will explain how I set up Home Assistant to monitor my cabin including camera security, remote sensors, and how to set up alerts to keep me up to date on the family of foxes that visit my property.

Doc Searls, co-founder of Customer Commons and lead of the IEEE P7012 “MyTerms” effort, explains how machine-readable personal privacy terms can flip the script so sites accept user-set terms, replacing opaque cookie banners with true first-party control.

Deploying machine learning models on diverse ARM64 SoCs is currently hindered by fragmented, vendor-specific hardware pipelines. This session presents a standardized workflow to overcome these bottlenecks by critically comparing dominant runtimes like LiteRT and ONNX Runtime (ORT). We explore the technical shift from legacy Delegates to native Execution Providers (EPs) to fully utilize on-chip GPUs and NPUs, with attention to the portability. Attendees will learn to navigate trade-offs and select the optimal portability strategy for high-performance edge inference.

For a lot of students and early-career developers, the hardest part of “breaking into tech” isn’t learning syntax or picking up new tools, it’s answering one paradoxical question: “How do I get experience when every job already expects experience?” Open source already solves this, but most newcomers enter projects feeling overwhelmed, unsure where to contribute, and worried about bothering maintainers. The truth is that open source can function as a student's first real engineering job when they know how to approach it, and when mentors and maintainers create environments where newcomers can succeed.