Presentations

In this hands-on workshop, we'll explore RPM, the native package format used by Fedora, CentOS, and RHEL.  RPM is a powerful and flexible tool that plays a vital role in the management and distribution of software for these operating systems. This workshop is ideal for developers, sysadmins, and engineers who want to understand how native packages are built and maintained.  By the end of this session, you'll have the knowledge and confidence to create and maintain RPM packages effectively.

Akash network is an open source project which lets users run their containers across a global set of compute providers.  It's the middle layer inbetween people who need compute resources (buyers) and people willing to sell access to their compute resources (suppliers).  Anyone can participate on either side, with a net result of less waste of idle compute resources on the supplier side, and lower costs on the buyer side.

The "unit of compute" is a buyer-provided container, and the length of time that container needs to be used to complete its task.  Buyers include enthusiasts who just want to run a minecraft server all the way up to professional compute jobs such as training an LLM.

The supplier can be a professionally-supported server in a datacenter with dedicated GPUs, all the way down to a spare home computer running in a home environment.

Akash network is the coordinator inbetween, and it utilizes a blockchain for compute commitments, checksums, and payments between suppliers and buyers of compute.

Switched Careers? Unlock Your Hidden Coding Superpowers!
Ever taken a detour on your path to becoming a developer? Maybe you started out in teaching, marketing, design, retail, or, like me, as a paramedic. Surprise: those experiences are your secret weapons!

In this energizing session, I’ll share how my journey from the fast-paced world of emergency medicine to the dynamic landscape of software development revealed a treasure trove of transferable skills such as problem-solving under pressure, rapid decision-making, teamwork, and clear communication. We’ll explore how the unique talents you picked up in your previous careers can make you a more creative, effective, and resilient developer.

Whether you came from the ambulance, the classroom, or the boardroom, you already have a toolkit full of valuable experience, and now it’s time to put it to work. Join me and discover how to uncover, embrace, and maximize your non-traditional background to supercharge your developer journey.

A hands-on space where middle and high school students explore open source technology through drop-in interactive activities and demostrations led by mentors and volunteers. Activities and demonstrations include 3D printing, coding with micro:bits, learning the Linux command line, AI Generative Art, working with NASA data, robotics, and an open source "petting zoo."

Scaling a telephony platform to handle tens of thousands of concurrent calls is a complex challenge for any deployment. This session shares real-world experiences from ASTPP, an open source billing and routing platform, highlighting strategies for high concurrency, load balancing, monitoring, and maintaining resilience under heavy traffic. Attendees will walk away with practical, transferable insights that can be applied to Asterisk, FreePBX, or other open source telephony platforms.

Secure boot has been around for many years now, having been introduced into the UEFI spec in 2006.  It is one of those things that tends to be turned off when installing Linux. There are different opinions around secure boot and whether it solves a problem or not. It is becoming more common for environments to require keeping secure boot turned on. Secure boot is not going away in the near future. It is now being used in the cloud. We need to get to know our frenemy.

Millions of financial events. Zero room for error. Learn how template-driven prompt engineering turns noisy cloud transaction streams into explainable, policy-safe automation, faster incident triage, smarter anomaly detection, instant schema-drift recovery, and audit-ready trails.

In this session, we will share the methodology, toolchains, and collaborative workflows that make this possible, including the use of simulation platforms, pre-silicon verification environments, and CI/CD integration for early kernel testing. Attendees will learn how these efforts accelerate software-hardware co-design, reduce bring-up cycles, and ensure that by the time silicon arrives, the kernel is already upstream-ready.

Many cloud products have security as an afterthought.  What if you put security first?  From hand-held to stored data?  And did it all with Open Source? And made it quantum proof?

Set up an agentic loop to program the firmware in a microcontroller or SBC. Shorten the research and development cycle by extending your basic electronics knowledge to solve real world problems. Concepts demonstrated with Gemini-CLI, RAG, MCP, but applies to many stacks.

What if your SQL queries could process data as it happens instead of after it's stored? Apache Flink speaks SQL fluently, but it's not a database – think of it as a conductor orchestrating endless streams of data rather than a librarian managing stored records.

This session bridges the gap between traditional SQL and stream processing. We'll explore:

•  Flink SQL in Action: How familiar operations like SELECT, JOIN, and GROUP BY work on infinite data streams, plus temporal joins, time windows, and watermarks
   
• Table API: Programmatic control with declarative simplicity, bridging SQL and complete programming flexibility
• Flink AI: Real-time feature engineering and model inference on streaming data using SQL-like patterns
   
• Real-World Patterns: Fraud detection during transactions, live analytics dashboards, and event-driven architectures"
   
• Perfect for developers and data engineers ready to make their queries travel through time! 

Ever want to dig into Tailscale but haven't had time? If that's you, then join us in this workshop where you will learn the basics of Tailscale and get some hands-on experience deploying Tailscale into cloud resources on AWS. Participants will learn how to deploy Tailscale locally and into an AWS environment using infrastructure-as-code (Terraform, OpenTofu, etc.).  You will also learn how to configure Tailscale for various use cases like Subnet Routing and Exit Nodes, as well as implement fine-grained access controls with Tailscale ACLs and Grants, and lastly learn how to integrate Tailscale with AWS services (like RDS databases) for secure private access over the public internet by leveraging WireGuard under the hood, powered by Tailscale.

Hardening a Linux system is straightforward in concept and surprisingly complex in practice. Most teams rely on Ansible playbooks, custom scripts, and manual STIG checklists that are difficult to maintain, hard to audit, and prone to drift over time.

This workshop takes a practical, side-by-side look at Linux hardening: we start with a fresh Rocky Linux install and walk through the manual hardening process — SSH configuration, kernel tuning, password policy, SELinux, and compliance frameworks like DISA-STIG and CIS. We then explore what Rocky Linux from CIQ — Hardened (RLC-H) delivers out of the box: kernel runtime guards, hardened memory allocation, pre-remediated compliance images, Secure Boot, and commercially backed CVE remediation — by design, not by configuration.

This is not a lecture. Attendees of all experience levels are welcome, and those with deep security backgrounds are especially encouraged to bring their perspective. The goal is an honest conversation about where the traditional DIY approach holds up, where it falls short, and what a purpose-built hardened distribution changes.

No CIQ Portal access required. All hands-on exercises use community Rocky Linux.

As NixOS evolves from a passionate community project into a globally adopted platform, strong governance and clear vision are essential. Join leaders from the NixOS Foundation and the Steering Committee for an insider’s look at how we’re:

Structuring for Sustainability
Scaling Collaboration
Thinking through the future of security

“Taxonomy for Agent Systems (T4AS)” introduces a simple but powerful way to tame today’s chaotic landscape of AI agents. Steve Vitka presents T4AS as a reference architecture that cleanly separates three roles: the Agent (“strategist” that plans but never acts), the Workflow (“general” that orchestrates tools), and the Workspace (“battlefield” where certified tools and APIs actually run). By enforcing these boundaries, T4AS turns ad‑hoc agent stacks into secure, auditable, and composable systems rather than brittle prompt‑spaghetti.
 

Get a tour of the build system we're building for Shopify's "World" Monorepo. Tectonix is Nix plumbing that assembles git sparse-checkouts, the NixOS module system, and a whole pile of supplemental tools into a working Nix-based monorepo.

The recent open sourcing of Apple Containerization Framework and container Tooling projects enable developers to create and run Linux container images directly on their Mac in a way that focuses on security and privacy. In this talk we’ll talk about the container CLI tool and how it utilizes Containerization to provide simple yet powerful functionality to build, run and deploy Linux containers on Mac. We’ll talk about the architecture, why we wrote the framework and tool in Swift, what future development looks like for Kubernetes use cases, and how the community can get involved.

As recently as 2015, Alex Balashov was on record saying that SS7 and TDM steadfastly remain as the essential building blocks of a reliable PSTN, and that the triumphant proclamations of IP peering were something of a laughingstock, or at least premature.  Well, the much-vaunted move to IP peering in the core of the PSTN itself has finally happened, and has been rapidly gaining steam in the last 5-10 years. The ILEC tandems do not play the role they once did, and the landscape is shifting rapidly.

The Fedora Council recently approved a Community Initiative to completely revamp how we build, maintain, and structure our documentation. In this interactive session, we will briefly cover our progress in modernizing the Fedora Docs toolchain and lowering the barrier to entry for new contributors. Then, we will hand the microphone over to you: attendees will vote on their favorite Fedora topics to drive live breakout discussions on how we can build better guides for the community. Join us to share your ideas, tell us what is missing, and learn how to get involved!

Ever looked inside /nix/store and felt immediate confusion? You aren't alone. For many, the "magic" of Nix is hidden behind cryptic hashes and the mysterious "derivation." This talk strips away the jargon to explain how Nix actually works using a simple metaphor: a giant, immutable LEGO set. We’ll explore how Nix builds software in total isolation, why your system can’t "break" like traditional distros, and how every package is just a recipe waiting to be snapped into place.

Ever wondered how MySQL and MariaDB handle the myriad internal temporary tables they create to process your queries? This session pulls back the curtain on this often-overlooked aspect of database performance. 

Prepare to have your assumptions challenged as we delve into the baffling behavior of MySQL's TempTable storage engine. We'll analyze the key configuration variables and internal mechanisms that influence this crucial decision.

Through practical examples and insightful explanations, you'll gain a deeper understanding of:

- When are internal temporary tables used
- How MySQL and MariaDB choose the storage engine
- The specific triggers and thresholds that cause MySQL engine to move data to disk and the performance impact
- Practical tips and configuration adjustments to optimize temporary table usage and avoid unexpected disk I/O.

Whether you're a seasoned DBA, a curious developer, or anyone interested in the inner workings of MySQL and MariaDB, this session will equip you with valuable knowledge to better understand and optimize your database performance.

Attendees will learn about the history of censorship evasion throughout the development of the internet, the current state of internet censorship and evasion tactics around the world, and the future of evasion methods to protect the free and open Internet.

“If it were measured as a country, then cybercrime — which is predicted to inflict damages totaling $6 trillion USD globally in 2021 — would be the world’s third-largest economy after the U.S. and China.” – Steve Morgan, Editor-in-Chief of Cybercrime magazine

 On average, companies experience about 21 to 24 days of downtime after a ransomware attack, highlighting the significant impact of such incidents on business operations. Everyday technology is advancing at a faster rate than we can educate the general population. If a HongKong bank can be convinced to wire transfer 35 million dollars by a deep fake how do we protect grandma? Most people under 35 get their news and information from TikTok and social media platforms. How do we educate and safe guard the future?

Nix gives you all the primitives you need to have robust and scalable builds, except the actual build distribution piece. In this talk we will cover what Nix does right for distributed builds, what options you have to implement build distribution, and how the project could fill this gap.

“The Path to Robust deAGI” asks what it would take to build artificial general intelligence that is both powerful and structurally aligned with human flourishing—not just steered by after‑the‑fact safety patches. Ben Goertzel, CEO of SingularityNET and a founding member of the Artificial Superintelligence (ASI) Alliance, will outline how a decentralized, token‑coordinated ecosystem—combining ASI:Chain, Hyperon AGI, and community‑owned GPU clouds—can prevent AGI from being captured by any single corporation or state.