All Things Open 2023
Presented at All Things Open 2023
Presented by Deb Bryant - Open Source Initiative, Patrick Masson - Apereo Foundation, Stephen Jacobs - Rochester Institute of Technology, Ruth Suehle - SAS, & Greg Wallace - FreeBSD Foundation
Title: Open Source and Public Policy
Abstract: New regulations in the software industry and adjacent areas such as AI, open science, open data, and open education are on the rise around the world. Cyber Security, societal impact of AI, data and privacy are paramount issues for legislators globally. At the same time, the COVID-19 pandemic drove collaborative development to unprecedented levels and took Open Source software, open research, open content and data from mainstream to main stage, creating tension between public benefit and citizen safety and security as legislators struggle to find a balance between open collaboration and protecting citizens.
Historically, the open source software community and foundations supporting its work have not engaged in policy discussions. Moving forward, thoughtful development of these important public policies whilst not harming our complex ecosystems requires an understanding of how our ecosystem operates. Ensuring stakeholders without historic benefit of representation in those discussions becomes paramount to that end.
Please join our open discussion with open policy stakeholders working constructively on current open policy topics. Our panelists will provide a view into how oss foundations and other open domain allies are now rising to this new challenge as well as seizing the opportunity to influence positive changes to the public’s benefit.
Topics: Public Policy, Open Science, Open Education, current legislation in the US and EU, US interest in OSS sustainability, intro to the Open Policy Alliance
Find more info about All Things Open:
On the web: https://www.allthingsopen.org/
Twitter: https://twitter.com/AllThingsOpen
LinkedIn: https://www.linkedin.com/company/all-things-open/
Instagram: https://www.instagram.com/allthingsopen/
Facebook: https://www.facebook.com/AllThingsOpen
Mastodon: https://mastodon.social/@allthingsopen
Threads: https://www.threads.net/@allthingsopen
2023 conference: https://2023.allthingsopen.org/
Open Source Software is the major rival in the software market previously dominated by proprietary software products. Open Source Software(OSS) is available in various forms including web servers, Enterprise Resource Planning systems (ERPs), Academic management systems and network management systems and the development and uptake of such software by both commercial and non-commercial companies and institutions is still on the rise. The availability of OSS applications for every common type of enterprise, minimal licensing issues and availability of source code as well as ease of access has made the technology even more attractive in learning and teaching of software based courses in institutions of learning. Through embracing this technology, institutions of learning have been able to minimize general operations cost that could have otherwise been incurred in procuring similar proprietary software. Students and teaching staff can nowadays interact and modify the readily available source code hence making learning and teaching more practical.
OPEN SOURCE TECHNOLOGY: AN EMERGING AND VITAL PARADIGM IN INSTITUTIONS OF LEA...ijcsit
Open Source Software is the major rival in the software market previously dominated by proprietary software products. Open Source Software(OSS) is available in various forms including web servers, Enterprise Resource Planning systems (ERPs), Academic management systems and network management systems and the development and uptake of such software by both commercial and non-commercial companies and institutions is still on the rise. The availability of OSS applications for every common type of enterprise, minimal licensing issues and availability of source code as well as ease of access has made the technology even more attractive in learning and teaching of software based courses in institutions of learning. Through embracing this technology, institutions of learning have been able to minimize general operations cost that could have otherwise been incurred in procuring similar proprietary software. Students and teaching staff can nowadays interact and modify the readily available source code hence making learning and teaching more practical
Innovate and Collaborate- Harnessing the Power of Open Source Software.pdfYashikaSharma391629
Unlock innovation with open source! Collaborate globally, harness community power. Discover the future of tech. Dive in now!
In the dynamic landscape of technology, innovation is the lifeblood of progress. One of the most significant phenomena driving innovation today is open source software (OSS). This article explores the intricacies of open source collaboration and its pivotal role in fostering innovation in the tech industry.
Open Source Software is the major rival in the software market previously dominated by proprietary software products. Open Source Software(OSS) is available in various forms including web servers, Enterprise Resource Planning systems (ERPs), Academic management systems and network management systems and the development and uptake of such software by both commercial and non-commercial companies and institutions is still on the rise. The availability of OSS applications for every common type of enterprise, minimal licensing issues and availability of source code as well as ease of access has made the technology even more attractive in learning and teaching of software based courses in institutions of learning. Through embracing this technology, institutions of learning have been able to minimize general operations cost that could have otherwise been incurred in procuring similar proprietary software. Students and teaching staff can nowadays interact and modify the readily available source code hence making learning and teaching more practical.
OPEN SOURCE TECHNOLOGY: AN EMERGING AND VITAL PARADIGM IN INSTITUTIONS OF LEA...ijcsit
Open Source Software is the major rival in the software market previously dominated by proprietary software products. Open Source Software(OSS) is available in various forms including web servers, Enterprise Resource Planning systems (ERPs), Academic management systems and network management systems and the development and uptake of such software by both commercial and non-commercial companies and institutions is still on the rise. The availability of OSS applications for every common type of enterprise, minimal licensing issues and availability of source code as well as ease of access has made the technology even more attractive in learning and teaching of software based courses in institutions of learning. Through embracing this technology, institutions of learning have been able to minimize general operations cost that could have otherwise been incurred in procuring similar proprietary software. Students and teaching staff can nowadays interact and modify the readily available source code hence making learning and teaching more practical
Innovate and Collaborate- Harnessing the Power of Open Source Software.pdfYashikaSharma391629
Unlock innovation with open source! Collaborate globally, harness community power. Discover the future of tech. Dive in now!
In the dynamic landscape of technology, innovation is the lifeblood of progress. One of the most significant phenomena driving innovation today is open source software (OSS). This article explores the intricacies of open source collaboration and its pivotal role in fostering innovation in the tech industry.
Open Source Software: Perspectives for Development (World Bank & Paul Dravis)Paul Dravis
Open Source Software: Perspectives for Development addresses 1) the opportunities and challenges from the dramatic growth of open source software, 2) how developing country policy makers and other key stakeholders make informed decisions and 3) the benefits, costs and implications of choosing open source solutions.
What is Fintech Open Source Foundation_ - Bahaa Abdul Hussein.pdfBahaa Abdul Hussein
Bahaa Abdul Hussein brings our attention to Fintech Open Source Foundation and explains about it in this article.
Digital Currency has the power to transform the economies connecting government, people, businesses, organizations, and people globally and locally with the help of technology. It had a significant impact over a while with more advances in the future. We must share information freely and openly across borders, institutions, and industries to achieve success. It will create a robust database that strikes decision-making and innovation.
This month, there are two important events taking place – one in Mumbai (India) and other one in Abu Dhabi (UAE) and ICISS is Event Partner for both of them! While the seminar in Mumbai, “Secutech India Safety & Security Conclave 2014” is focusing on Security Solutions for Vertical Markets, the “Global Energy Security Conference 2014” in Abu Dhabi will have in-depth discussions on Corporate Security Integration with the Business, Security Mitigation Measures for International Companies and Ensuring Security at Oil & Gas Infrastructure in High Risk Areas against Terrorism.
The Pinkerton initiatives in India have been very useful in identifying the real threats faced by various sectors and strategies to mitigate them. The past survey results have been found very useful by the Corporates operating in India and for those wishing to set-up their operations in India in formulating their Security & Risk Policies and the measures to counter the treats. Like last year, the ICISS has partnered in this survey and we request all our readers to positively respond to this survey.
Capt S B Tyagi
For ICISS
Open Source and Open Innovation - Dr. Sabine Brunswicker - Red Hat Summit 2016Purdue RCODI
From Open Source Towards Open Innovation: Fostering Corporate Innovation with Open Source Software (OSS) Communities presented by Dr. Sabine Brunswicker.
Dr. Sabine Brunswicker presented the latest work on how firms and individuals collaborate in an open source software community in the Red Hat Summit 2016. In particular, she highlighted how firms, whether they are OSS vendors or OSS uses, and also the individual developer, can support each other in order to successfully integrating new features in the software. Red Hat Summit is the premier open source technology event to showcase the latest and greatest in cloud computing, platform, virtualization, middleware, storage, and systems management technologies.
Open source software (OSS) is booming. Working the OSS way has become the new standard of software development. This trend has also changed the nature of OSS communities. While originally the domain of hobbyists and hackers, OSS communities are now attracting the participation of firms, both small and large ones. Indeed, OSS communities offer firms the opportunities to engage in what experts call ‘open innovation’. They open up to OSS communities and participate in OSS communities in order to create direct and indirect corporate innovation benefits. This presentation will focus on open innovation for new ‘industrial’ OSS communities, which bring together OSS vendors, OSS customers, as well as independent developers. One of the prominent examples of these new OSS communities is the OpenStack community in the area of cloud computing. These communities create unique opportunities not only for vendor but also for OSS customers to actively shape the agenda of the development activities and also implement this agenda. At the same time, these communities also expose firms to new management challenges given the size and diversity of the actors involved. In my talk I will provide very recent insights gained from a big data analysis focused on the ‘inner working mechanism’ of the OpenStack community. A deep dive into the contribution behavior of different vendors and OSS customers suggest that firms need to align their open innovation strategy with their idiosyncratic innovation interest, the development capabilities of their own employees, and their role in the community. For example, firms that seek to drive more radical changes in the OSS software should behave differently than those firms that are more focused on immediate quality improvements. In sum, the presentation will give those firms, which already participate in new ‘industrial’ OSS communities, as well as those ones, that only use OSS products, practical guidelines in how to use open innovation for the new ‘breed’ of OSS communities. Concrete examples will depict what kinds of features contributors suggested and how OSS vendors, OSS customers and independent developers collaborate in implementing those features.
Building Reliability - The Realities of ObservabilityAll Things Open
Presented at the ATO RTP Meetup
Presented by Jeremy Proffit, Director of DevSecOps & SRE for Customer Care and Communications, Ally
Title: Building Reliability - The Realities of Observability
Abstract: Join me as we discuss true observability, learn what works and what doesn't. We'll not only discuss dashboards, monitoring and alerting, but how these can be built by automation or included in your IAC modules. We'll talk about how to properly alert staff based on priority to keep your staff and yourself sane. And even discuss architecture and how it impacts reliably and why serverless isn't always the best at being reliable.
Presented at the ATO RTP Meetup
Presented by Peter Zaitsev, Founder of Percona
Title: Modern Database Best Practices
Abstract: There are now more Database choices available for developers than ever before - there are general purpose databases and specialized databases, single node and distributed databases, Open Source, Proprietary databases and databases available exclusively in the cloud. In this presentation we will cover the best practices of choosing database(s) for your applications, best practices as it comes to application development as well as managing those databases to achieve best possible performance, security, availability at the lowest cost.
Open Source Software: Perspectives for Development (World Bank & Paul Dravis)Paul Dravis
Open Source Software: Perspectives for Development addresses 1) the opportunities and challenges from the dramatic growth of open source software, 2) how developing country policy makers and other key stakeholders make informed decisions and 3) the benefits, costs and implications of choosing open source solutions.
What is Fintech Open Source Foundation_ - Bahaa Abdul Hussein.pdfBahaa Abdul Hussein
Bahaa Abdul Hussein brings our attention to Fintech Open Source Foundation and explains about it in this article.
Digital Currency has the power to transform the economies connecting government, people, businesses, organizations, and people globally and locally with the help of technology. It had a significant impact over a while with more advances in the future. We must share information freely and openly across borders, institutions, and industries to achieve success. It will create a robust database that strikes decision-making and innovation.
This month, there are two important events taking place – one in Mumbai (India) and other one in Abu Dhabi (UAE) and ICISS is Event Partner for both of them! While the seminar in Mumbai, “Secutech India Safety & Security Conclave 2014” is focusing on Security Solutions for Vertical Markets, the “Global Energy Security Conference 2014” in Abu Dhabi will have in-depth discussions on Corporate Security Integration with the Business, Security Mitigation Measures for International Companies and Ensuring Security at Oil & Gas Infrastructure in High Risk Areas against Terrorism.
The Pinkerton initiatives in India have been very useful in identifying the real threats faced by various sectors and strategies to mitigate them. The past survey results have been found very useful by the Corporates operating in India and for those wishing to set-up their operations in India in formulating their Security & Risk Policies and the measures to counter the treats. Like last year, the ICISS has partnered in this survey and we request all our readers to positively respond to this survey.
Capt S B Tyagi
For ICISS
Open Source and Open Innovation - Dr. Sabine Brunswicker - Red Hat Summit 2016Purdue RCODI
From Open Source Towards Open Innovation: Fostering Corporate Innovation with Open Source Software (OSS) Communities presented by Dr. Sabine Brunswicker.
Dr. Sabine Brunswicker presented the latest work on how firms and individuals collaborate in an open source software community in the Red Hat Summit 2016. In particular, she highlighted how firms, whether they are OSS vendors or OSS uses, and also the individual developer, can support each other in order to successfully integrating new features in the software. Red Hat Summit is the premier open source technology event to showcase the latest and greatest in cloud computing, platform, virtualization, middleware, storage, and systems management technologies.
Open source software (OSS) is booming. Working the OSS way has become the new standard of software development. This trend has also changed the nature of OSS communities. While originally the domain of hobbyists and hackers, OSS communities are now attracting the participation of firms, both small and large ones. Indeed, OSS communities offer firms the opportunities to engage in what experts call ‘open innovation’. They open up to OSS communities and participate in OSS communities in order to create direct and indirect corporate innovation benefits. This presentation will focus on open innovation for new ‘industrial’ OSS communities, which bring together OSS vendors, OSS customers, as well as independent developers. One of the prominent examples of these new OSS communities is the OpenStack community in the area of cloud computing. These communities create unique opportunities not only for vendor but also for OSS customers to actively shape the agenda of the development activities and also implement this agenda. At the same time, these communities also expose firms to new management challenges given the size and diversity of the actors involved. In my talk I will provide very recent insights gained from a big data analysis focused on the ‘inner working mechanism’ of the OpenStack community. A deep dive into the contribution behavior of different vendors and OSS customers suggest that firms need to align their open innovation strategy with their idiosyncratic innovation interest, the development capabilities of their own employees, and their role in the community. For example, firms that seek to drive more radical changes in the OSS software should behave differently than those firms that are more focused on immediate quality improvements. In sum, the presentation will give those firms, which already participate in new ‘industrial’ OSS communities, as well as those ones, that only use OSS products, practical guidelines in how to use open innovation for the new ‘breed’ of OSS communities. Concrete examples will depict what kinds of features contributors suggested and how OSS vendors, OSS customers and independent developers collaborate in implementing those features.
Building Reliability - The Realities of ObservabilityAll Things Open
Presented at the ATO RTP Meetup
Presented by Jeremy Proffit, Director of DevSecOps & SRE for Customer Care and Communications, Ally
Title: Building Reliability - The Realities of Observability
Abstract: Join me as we discuss true observability, learn what works and what doesn't. We'll not only discuss dashboards, monitoring and alerting, but how these can be built by automation or included in your IAC modules. We'll talk about how to properly alert staff based on priority to keep your staff and yourself sane. And even discuss architecture and how it impacts reliably and why serverless isn't always the best at being reliable.
Presented at the ATO RTP Meetup
Presented by Peter Zaitsev, Founder of Percona
Title: Modern Database Best Practices
Abstract: There are now more Database choices available for developers than ever before - there are general purpose databases and specialized databases, single node and distributed databases, Open Source, Proprietary databases and databases available exclusively in the cloud. In this presentation we will cover the best practices of choosing database(s) for your applications, best practices as it comes to application development as well as managing those databases to achieve best possible performance, security, availability at the lowest cost.
Weaving Microservices into a Unified GraphQL Schema with graph-quilt - Ashpak...All Things Open
Presented at All Things Open 2023
Presented by Ashpak Shaikh & Lucy Shen - Intuit
Title: Weaving Microservices into a Unified GraphQL Schema with graph-quilt
Abstract: The magic of GraphQL is that it provides data access through a single endpoint—clean and easy. But as the number of GraphQL microservices your tech stack depends on starts to grow, that single-endpoint purpose becomes a new multi-endpoint problem. Ideally, we would have an orchestrator that could aggregate schemas from multiple microservices into a unified GraphQL schema and route the requests to the appropriate microservice.
Enter graph-quilt, an open source Java library that provides recursive schema stitching and Apollo Federation style schema composition. In this talk, we’ll walk through our GraphQL journey and show you how to use graph-quilt to simplify your data orchestration needs. We will also share our open sourced reference implementation of a highly performant graph-quilt gateway currently being used in production here at Intuit, where we’ve had incredible success in scaling the gateway with 50+ microservices and 150+ clients.
Find more info about All Things Open:
On the web: https://www.allthingsopen.org/
Twitter: https://twitter.com/AllThingsOpen
LinkedIn: https://www.linkedin.com/company/all-things-open/
Instagram: https://www.instagram.com/allthingsopen/
Facebook: https://www.facebook.com/AllThingsOpen
Mastodon: https://mastodon.social/@allthingsopen
Threads: https://www.threads.net/@allthingsopen
2023 conference: https://2023.allthingsopen.org/
The State of Passwordless Auth on the Web - Phil NashAll Things Open
Presented at All Things Open 2023
Presented by Phil Nash - Sonar
Title: The State of Passwordless Auth on the Web
Abstract: Can we get rid of passwords yet? They make for a poor user experience and users are notoriously bad with them. The advent of WebAuthn has brought a passwordless world closer, but where do we really stand?
In this talk we'll explore the current user experience of WebAuthn and the requirements a user has to fulfil to authenticate without a password. We'll also explore the fallbacks and safeguards we can use to make the password experience better and more secure. By the end of the session you'll have a vision of how authentication could look in the future and a blueprint for how to build the best auth experience today.
Find more info about All Things Open:
On the web: https://www.allthingsopen.org/
Twitter: https://twitter.com/AllThingsOpen
LinkedIn: https://www.linkedin.com/company/all-things-open/
Instagram: https://www.instagram.com/allthingsopen/
Facebook: https://www.facebook.com/AllThingsOpen
Mastodon: https://mastodon.social/@allthingsopen
Threads: https://www.threads.net/@allthingsopen
2023 conference: https://2023.allthingsopen.org/
Total ReDoS: The dangers of regex in JavaScriptAll Things Open
Presented at All Things Open 2023
Presented by Phil Nash - Sonar
Title: Total ReDoS: The dangers of regex in JavaScript
Abstract: Regular expressions are complicated and can be hard to learn. On top of that, they can also be a security risk; writing the wrong pattern can open your application up to denial of service attacks. One token out of place and you invite in the dreaded ReDoS.
But how can a regular expression cause this? In this talk we’ll track down the patterns that can cause this trouble, explain why they are an issue and propose ways to fix them now and avoid them in the future. Together we’ll demystify these powerful search patterns and keep your application safe from expressions that behave in a way that is anything but regular.
Find more info about All Things Open:
On the web: https://www.allthingsopen.org/
Twitter: https://twitter.com/AllThingsOpen
LinkedIn: https://www.linkedin.com/company/all-things-open/
Instagram: https://www.instagram.com/allthingsopen/
Facebook: https://www.facebook.com/AllThingsOpen
Mastodon: https://mastodon.social/@allthingsopen
Threads: https://www.threads.net/@allthingsopen
2023 conference: https://2023.allthingsopen.org/
What Does Real World Mass Adoption of Decentralized Tech Look Like?All Things Open
Presented at All Things Open 2023
Presented by Karl Mozurkewich - Storj
Title: What Does Real World Mass Adoption of Decentralized Tech Look Like?
Abstract: We delve into the transformative potential of decentralized technology. Beginning with a brief overview of the rise of centralization with the advent of the internet and the counter-shift marked by blockchain we explore the intrinsic characteristics of decentralized and distributed systems, such as trustless operations, peer-to-peer networks, and enterprise application scalability. Various sectors, including finance, supply chains, media and entertainment, data science and cloud infrastructure are on the brink of disruption. The societal implications are vast, with the potential for greater individual empowerment, a greener planet and more viable resource utilization, but concerns about data security persist.
Find more info about All Things Open:
On the web: https://www.allthingsopen.org/
Twitter: https://twitter.com/AllThingsOpen
LinkedIn: https://www.linkedin.com/company/all-things-open/
Instagram: https://www.instagram.com/allthingsopen/
Facebook: https://www.facebook.com/AllThingsOpen
Mastodon: https://mastodon.social/@allthingsopen
Threads: https://www.threads.net/@allthingsopen
2023 conference: https://2023.allthingsopen.org/
Presented at All Things Open 2023
Presented by Anastasia Lalamentik - Kaleido
Title: How to Write & Deploy a Smart Contract
Abstract: In this talk, Anastasia Lalamentik, Full Stack Engineer at Kaleido, will walk through how Ethereum smart contracts work and go over related concepts like gas fees, the Ethereum Virtual Machine (EVM), the block explorer, and the Solidity programming language. This is vital to anyone who wants to build a blockchain app and is a great introduction to blockchain technology for newcomers to the space.
By the end of the talk, attendees will better understand how to:
- Write a simple smart contract
- Deploy their smart contract to an Ethereum test network through the latest tools like Hardhat and the MetaMask wallet
- Test interactions with their deployed smart contract and ensure that everything is working properly
Additionally, participants will get to interact with Anastasia's deployed smart contract at the end of the talk. Anastasia’s past talks have attracted and have been attended by a diverse group of participants with a range of experience in the space.
Find more info about All Things Open:
On the web: https://www.allthingsopen.org/
Twitter: https://twitter.com/AllThingsOpen
LinkedIn: https://www.linkedin.com/company/all-things-open/
Instagram: https://www.instagram.com/allthingsopen/
Facebook: https://www.facebook.com/AllThingsOpen
Mastodon: https://mastodon.social/@allthingsopen
Threads: https://www.threads.net/@allthingsopen
2023 conference: https://2023.allthingsopen.org/
Spinning Your Drones with Cadence Workflows, Apache Kafka and TensorFlowAll Things Open
Presented at All Things Open 2023
Presented by Paul Brebner - Instaclustr (by Spot by NetApp)
Title: Spinning Your Drones with Cadence Workflows, Apache Kafka and TensorFlow
Abstract: In this talk we’ll build a Drone delivery application, and then use it to do some Machine Learning “on the fly”.
In the 1st part of the talk, we'll build a real-time Drone Delivery demonstration application using a combination of two open-source technologies: Uber’s Cadence (for stateful, scheduled, long-running workflows), and Apache Kafka (for fast streaming data).
With up to 2,000 (simulated) drones and deliveries in progress at once this application generates a vast flow of spatio-temporal data.
In the 2nd part of the talk, we'll use this platform to explore Machine Learning (ML) over streaming and drifting Kafka data with TensorFlow to try and predict which shops will be busy in advance.
Find more info about All Things Open:
On the web: https://www.allthingsopen.org/
Twitter: https://twitter.com/AllThingsOpen
LinkedIn: https://www.linkedin.com/company/all-things-open/
Instagram: https://www.instagram.com/allthingsopen/
Facebook: https://www.facebook.com/AllThingsOpen
Mastodon: https://mastodon.social/@allthingsopen
Threads: https://www.threads.net/@allthingsopen
2023 conference: https://2023.allthingsopen.org/
Presented at the All Things Open 2023 Inclusion and Diversity in Open Source Event
Presented by Efraim Marquez-Arreaza - Red Hat
Title: DEI Challenges and Success
Abstract: In today's world, many companies and organizations have Diversity, Equity and Inclusion (DEI) communities. Red Hat Unidos is a DEI community focused on advocating for the Hispanic/Latine community. In this talk, we would like to share our challenges and success during the past 4-years and plans for the future.
Find more info about All Things Open:
On the web: https://www.allthingsopen.org/
Twitter: https://twitter.com/AllThingsOpen
LinkedIn: https://www.linkedin.com/company/all-things-open/
Instagram: https://www.instagram.com/allthingsopen/
Facebook: https://www.facebook.com/AllThingsOpen
Mastodon: https://mastodon.social/@allthingsopen
Threads: https://www.threads.net/@allthingsopen
2023 conference: https://2023.allthingsopen.org/
Presented at All Things Open 2023
Presented by Lydia Cupery - HubSpot
Title: Scaling Web Applications with Background Jobs: Takeaways from Generating a Huge PDF
Abstract: Do you need to perform time-consuming or CPU-intensive processes in your web application but are concerned about performance? That’s where background jobs come in. By offloading resource-intensive tasks to separate worker processes, you can improve the scalability of your web application.
In this talk, I'll share my experience of using background jobs to scale our web application. I'll discuss the challenges my team faced that led us to adopt background jobs. Then, I'll share practical tips on how to design background jobs for CPU-intensive or time-consuming processes, such as generating huge PDFs and batch emailing. I'll wrap up by going over the performance and cost tradeoffs of background jobs.
I'll use Typescript, Express, and Heroku as examples in this talk, but the concepts and best practices that I'll share are applicable to other languages and tools.
Find more info about All Things Open:
On the web: https://www.allthingsopen.org/
Twitter: https://twitter.com/AllThingsOpen
LinkedIn: https://www.linkedin.com/company/all-things-open/
Instagram: https://www.instagram.com/allthingsopen/
Facebook: https://www.facebook.com/AllThingsOpen
Mastodon: https://mastodon.social/@allthingsopen
Threads: https://www.threads.net/@allthingsopen
2023 conference: https://2023.allthingsopen.org/
Presented at All Things Open 2023
Presented by Robert Aboukhalil - CZI
Title: Supercharging tutorials with WebAssembly
Abstract: sandbox.bio is a free platform that features interactive command-line tutorials for bioinformatics. This talk is a deep-dive into how sandbox.bio was built, with a focus on how WebAssembly enabled bringing command-line tools like awk and grep to the web. Although these tools were originally written in C/C++, they all run directly in the browser, thanks to WebAssembly! And since the computations run on each user's computer, this makes the application highly scalable and cost-effective.
Along the way, I'll discuss how WebAssembly works and how to get started using it in your own applications. The talk will also cover more advanced WebAssembly features such as threads and SIMD, and will end with a discussion of WebAssembly's benefits and pitfalls (it's a powerful technology, but it's not always the right tool!).
Find more info about All Things Open:
On the web: https://www.allthingsopen.org/
Twitter: https://twitter.com/AllThingsOpen
LinkedIn: https://www.linkedin.com/company/all-things-open/
Instagram: https://www.instagram.com/allthingsopen/
Facebook: https://www.facebook.com/AllThingsOpen
Mastodon: https://mastodon.social/@allthingsopen
Threads: https://www.threads.net/@allthingsopen
2023 conference: https://2023.allthingsopen.org/
Presented at All Things Open 2023
Presented by K.S. Bhaskar - YottaDB LLC
Title: Using SQL to Find Needles in Haystacks
Abstract: Database journal files capture every update to a database. A database of a few hundred GB can generate GBs worth of journal files every minute at busy times. Troubleshooting and forensices, especially of rare and intermittent problems, such as which process made what update and when, is an exercise of finding needles in haystacks. A similar problem exists with syslogs. A solution is to load the journal files and syslogs into a database, and use SQL to query the database. Bhaskar will present and demonstrate this with a 100% FOSS stack.
Find more info about All Things Open:
On the web: https://www.allthingsopen.org/
Twitter: https://twitter.com/AllThingsOpen
LinkedIn: https://www.linkedin.com/company/all-things-open/
Instagram: https://www.instagram.com/allthingsopen/
Facebook: https://www.facebook.com/AllThingsOpen
Mastodon: https://mastodon.social/@allthingsopen
Threads: https://www.threads.net/@allthingsopen
2023 conference: https://2023.allthingsopen.org/
Configuration Security as a Game of Pursuit InterceptAll Things Open
Presented at All Things Open 2023
Presented by Wes Widner - Automox
Title: Configuration Security as a Game of Pursuit Intercept
Abstract: In this session we will take a look at the emerging field of cloud security posture management and how we can approach the problem space using a class of board games known as pursuit/intercept. Using the game Scotland Yard as a visual illustration we'll explore the cognitive and technical limitations that all CSPM systems face and what you should look for when evaluating the strengths and weakness of CSPM vendors and approaches.
Find more info about All Things Open:
On the web: https://www.allthingsopen.org/
Twitter: https://twitter.com/AllThingsOpen
LinkedIn: https://www.linkedin.com/company/all-things-open/
Instagram: https://www.instagram.com/allthingsopen/
Facebook: https://www.facebook.com/AllThingsOpen
Mastodon: https://mastodon.social/@allthingsopen
Threads: https://www.threads.net/@allthingsopen
2023 conference: https://2023.allthingsopen.org/
Presented at All Things Open 2023
Presented by Carol Huang & Mike Fix - Stripe
Title: Scaling an Open Source Sponsorship Program
Abstract: We already know this: the open-source ecosystem needs further monetary investment from the companies that benefit most from it. Likewise, companies say they want to participate in these initiatives, but find it hard to dedicate resources to open source funding when there isn’t a clear ROI.
This talk discusses how the Open Source Program Office at Stripe built a scalable, sustainable open source sponsorship model that aligns internal company incentives with those of open source maintainers and the community at large. We go over the unique “platformization” of our OSPO that allowed us to create multiple funding models, such as BYOB (Bring Your Own Budget), and share lessons learned from this experience as well as other OSPOs.
Find more info about All Things Open:
On the web: https://www.allthingsopen.org/
Twitter: https://twitter.com/AllThingsOpen
LinkedIn: https://www.linkedin.com/company/all-things-open/
Instagram: https://www.instagram.com/allthingsopen/
Facebook: https://www.facebook.com/AllThingsOpen
Mastodon: https://mastodon.social/@allthingsopen
Threads: https://www.threads.net/@allthingsopen
2023 conference: https://2023.allthingsopen.org/
Build Developer Experience Teams for Open SourceAll Things Open
Presented at All Things Open 2023
Presented by Arundeep Nagaraj - Amazon Web Services (AWS)
Title: Build Developer Experience Teams for Open Source
Abstract: Open Source has become the default strategy for many IT organizations and Enterprises. However, the constant challenge with Open Source leaders of these organizations has been -
How is my product's developer experience?
Is this the right metric to track?
How can I scale my team to support our products better?
How can I add automation to scale redundant workflows?
If my product involves working with developers, how can I scale to the complexity of the requests and reduce Engineering bandwidth?
The challenges within support of open source products continues to magnify depending on the end user persona whether they are consumers or contributors to your product. Consumers utilize your product, SDK's and API's and are blocked with using it or run into issues, whereas contributors are advanced users of your software that understands the codebase to provide a meaningful contribution back to the product.
The answer to the above is to look at Open Source support as a first-class citizen of your corporate support strategy. To employ the right level of developer focused support as opposed to traditional infrastructure based support is key to scale to the amount of developers using your product. Supporting customers in the open involves more than pure support - building customer / developer experiences (DX) in the open (across platforms and communities) that pivots over the ability of your product's users or developers to be focused on the end-to-end value add. This helps with your active developer growth and retention of users.
Key Takeaways:
- IT leaders of Open Source will learn to employ strategies to build a DX team that engages on multiple platforms
- Work on identifying accurate metrics for product and organization
- Innovate on platforms such as Discord to build a bot and a dashboard
- Ability to leverage customer feedback and iterate over the customer success flywheel
- Distinguish between DX and Developer Advocacy (DA)
Find more info about All Things Open:
On the web: https://www.allthingsopen.org/
Twitter: https://twitter.com/AllThingsOpen
LinkedIn: https://www.linkedin.com/company/all-things-open/
Instagram: https://www.instagram.com/allthingsopen/
Facebook: https://www.facebook.com/AllThingsOpen
Mastodon: https://mastodon.social/@allthingsopen
Threads: https://www.threads.net/@allthingsopen
2023 conference: https://2023.allthingsopen.org/
Presented at All Things Open 2023
Presented by Danny McCormick - Google
Title: Deploying Models at Scale with Apache Beam
Abstract: Apache Beam is an open source tool for building distributed scalable data pipelines. This talk will explore how Beam can be used to perform common machine learning tasks, with a heavy focus on running inference at scale. The talk will include a demo component showing how Beam can be used to deploy and update models efficiently on both CPUs and GPUs for inference workloads.
An attendee can expect to leave this talk with a high level understanding of Beam, the challenges of deploying models at scale, and the ability to use Beam to easily parallelize their inference workloads.
Find more info about All Things Open:
On the web: https://www.allthingsopen.org/
Twitter: https://twitter.com/AllThingsOpen
LinkedIn: https://www.linkedin.com/company/all-things-open/
Instagram: https://www.instagram.com/allthingsopen/
Facebook: https://www.facebook.com/AllThingsOpen
Mastodon: https://mastodon.social/@allthingsopen
Threads: https://www.threads.net/@allthingsopen
2023 conference: https://2023.allthingsopen.org/
Sudo – Giving access while staying in controlAll Things Open
Presented at All Things Open 2023
Presented by Peter Czanik - One Identity
Title: Sudo – Giving access while staying in control
Abstract: Sudo is used by millions to control and log administrator access to systems, but using the default configuration only, there are plenty of blind spots. Using the latest features in sudo let you watch some previously blind spots and control access to them. Here are four major new features, which arrived since the 1.9.0 release, allowing you see your blind spots:
- configuring a working directory or chroot within sudo often makes full shell access redundant
- JSON-formatted logs give you more details on events and are easier to act on
- relays in sudo_logsrvd make session recording collection more secure and reliable
- you can log and control sub-commands executed by the command run through sudo
Let us take a closer look at each of these.
Previously, there were quite a few situations where you had to give users full shell access through sudo. Typical examples include when you need to run a command from a given directory, or running commands in a chroot environment. You can now configure the working directory or the chroot directory and give access only to the command the user really needs.
Logging is a central role of sudo, to see who did what on the system. Using JSON-formatted log messages gives you even more information about events. What is even more: structured logs are easier to act on. Setting up alerting for suspicious events is much easier when you have a single parser to configure for any kind of sudo logs. You can collect sudo logs not only by local syslog, but also by using sudo_logsrvd, the same application used to collect session recordings.
Speaking of session recordings: instead of using a single central server, you can now have multiple levels of sudo_logsrvd relays between the client and the final destination. This allows session collection even if the central server is unavailable, providing you with additional security. It also makes your network configuration simpler.
Finally, you can log sub-commands executed from the command started through sudo. You can see commands started from a shell. No more unnoticed shell access from text editors. Best of all: you can also intercept sub-commands.
These are just a few of the most prominent features helping you to watch and control previous blind spots on your systems. See these and other possibilities in action in some live demos during our presentation.
Find more info about All Things Open:
On the web: https://www.allthingsopen.org/
Twitter: https://twitter.com/AllThingsOpen
LinkedIn: https://www.linkedin.com/company/all-things-open/
Instagram: https://www.instagram.com/allthingsopen/
Facebook: https://www.facebook.com/AllThingsOpen
Mastodon: https://mastodon.social/@allthingsopen
Threads: https://www.threads.net/@allthingsopen
2023 conference: https://2023.allthingsopen.org/
Fortifying the Future: Tackling Security Challenges in AI/ML ApplicationsAll Things Open
Presented at All Things Open 2023
Presented by Christine Abernathy - F5, Inc.
Title: Fortifying the Future: Tackling Security Challenges in AI/ML Applications
Abstract: As Artificial Intelligence (AI) and Machine Learning (ML) applications continue to surge, it is crucial to be aware of and address the security risks associated with these technologies. In this talk, Christine will explore AI/ML failure modes, threats, and mitigation strategies. She will guide you through the fundamentals of ML models then introduce you to key security challenges such as adversarial attacks, data poisoning, model inversion, model stealing, and membership inference attacks, using real-world examples to demonstrate their potential impact.
Christine will also discuss privacy and ethical considerations in ML, touching upon techniques like federated learning and shedding light on the current regulatory landscape surrounding security risks. If you are developing AI/ML applications or incorporating AI/ML components into your technology stack, check out this talk. You will walk away with a deeper understanding of the current AI/ML security landscape and a toolkit to help you address these risks, enabling you to build safer, more secure, and privacy-aware applications.
Find more info about All Things Open:
On the web: https://www.allthingsopen.org/
Twitter: https://twitter.com/AllThingsOpen
LinkedIn: https://www.linkedin.com/company/all-things-open/
Instagram: https://www.instagram.com/allthingsopen/
Facebook: https://www.facebook.com/AllThingsOpen
Mastodon: https://mastodon.social/@allthingsopen
Threads: https://www.threads.net/@allthingsopen
2023 conference: https://2023.allthingsopen.org/
Securing Cloud Resources Deployed with Control Planes on Kubernetes using Gov...All Things Open
Presented at All Things Open 2023
Presented by Carlos Santana - AWS
Title: Securing Cloud Resources Deployed with Control Planes on Kubernetes using Governance and Policy as Code
Abstract: Are you concerned about the security of your cloud resources deployed on Kubernetes? Are you struggling to ensure compliance with regulatory requirements while managing your cloud infrastructure? If yes, then this talk is for you!
We will discuss how to secure cloud resources deployed with Crossplane on Kubernetes using Governance and Policy as Code. We will explore how to leverage Governance and Policy as Code tools like Rego, Kyverno, and OPA to ensure security and compliance.
By the end of this talk, you will have a better understanding of the challenges associated with securing cloud resources deployed with Crossplane or ACK on Kubernetes, the importance of Governance and Policy as Code in ensuring security and compliance, and why it is critical to use open source and open standards in these technologies.
Find more info about All Things Open:
On the web: https://www.allthingsopen.org/
Twitter: https://twitter.com/AllThingsOpen
LinkedIn: https://www.linkedin.com/company/all-things-open/
Instagram: https://www.instagram.com/allthingsopen/
Facebook: https://www.facebook.com/AllThingsOpen
Mastodon: https://mastodon.social/@allthingsopen
Threads: https://www.threads.net/@allthingsopen
2023 conference: https://2023.allthingsopen.org/
Building AlmaLinux OS without RHEL sources codeAll Things Open
Presented at All Things Open 2023
Presented by benny Vasquez - AlmaLinux OS Foundation
Title: Building AlmaLinux OS without RHEL sources code
Abstract: AlmaLinux OS has historically been built to be an exact copy of RHEL, using RHEL's provided resources. With RedHat's shift away from sharing the full building blocks on git.centos.org, the AlmaLinux team has been hard at work to find a new, reliable path forward. Come hear about what we've been doing since June, and what we're planning for the future.
Find more info about All Things Open:
On the web: https://www.allthingsopen.org/
Twitter: https://twitter.com/AllThingsOpen
LinkedIn: https://www.linkedin.com/company/all-things-open/
Instagram: https://www.instagram.com/allthingsopen/
Facebook: https://www.facebook.com/AllThingsOpen
Mastodon: https://mastodon.social/@allthingsopen
Threads: https://www.threads.net/@allthingsopen
2023 conference: https://2023.allthingsopen.org/
Key Trends Shaping the Future of Infrastructure.pdfCheryl Hung
Keynote at DIGIT West Expo, Glasgow on 29 May 2024.
Cheryl Hung, ochery.com
Sr Director, Infrastructure Ecosystem, Arm.
The key trends across hardware, cloud and open-source; exploring how these areas are likely to mature and develop over the short and long-term, and then considering how organisations can position themselves to adapt and thrive.
"Impact of front-end architecture on development cost", Viktor TurskyiFwdays
I have heard many times that architecture is not important for the front-end. Also, many times I have seen how developers implement features on the front-end just following the standard rules for a framework and think that this is enough to successfully launch the project, and then the project fails. How to prevent this and what approach to choose? I have launched dozens of complex projects and during the talk we will analyze which approaches have worked for me and which have not.
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Tobias Schneck
As AI technology is pushing into IT I was wondering myself, as an “infrastructure container kubernetes guy”, how get this fancy AI technology get managed from an infrastructure operational view? Is it possible to apply our lovely cloud native principals as well? What benefit’s both technologies could bring to each other?
Let me take this questions and provide you a short journey through existing deployment models and use cases for AI software. On practical examples, we discuss what cloud/on-premise strategy we may need for applying it to our own infrastructure to get it to work from an enterprise perspective. I want to give an overview about infrastructure requirements and technologies, what could be beneficial or limiting your AI use cases in an enterprise environment. An interactive Demo will give you some insides, what approaches I got already working for real.
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf91mobiles
91mobiles recently conducted a Smart TV Buyer Insights Survey in which we asked over 3,000 respondents about the TV they own, aspects they look at on a new TV, and their TV buying preferences.
Neuro-symbolic is not enough, we need neuro-*semantic*Frank van Harmelen
Neuro-symbolic (NeSy) AI is on the rise. However, simply machine learning on just any symbolic structure is not sufficient to really harvest the gains of NeSy. These will only be gained when the symbolic structures have an actual semantics. I give an operational definition of semantics as “predictable inference”.
All of this illustrated with link prediction over knowledge graphs, but the argument is general.
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...DanBrown980551
Do you want to learn how to model and simulate an electrical network from scratch in under an hour?
Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)!
During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook.
PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides:
- A fully editable and extendable library for grid component modelling;
- Visualization tools to display your network;
- Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses;
The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well.
What you will learn during the webinar:
- For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills;
- For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Ramesh Iyer
In today's fast-changing business world, Companies that adapt and embrace new ideas often need help to keep up with the competition. However, fostering a culture of innovation takes much work. It takes vision, leadership and willingness to take risks in the right proportion. Sachin Dev Duggal, co-founder of Builder.ai, has perfected the art of this balance, creating a company culture where creativity and growth are nurtured at each stage.
Let's dive deeper into the world of ODC! Ricardo Alves (OutSystems) will join us to tell all about the new Data Fabric. After that, Sezen de Bruijn (OutSystems) will get into the details on how to best design a sturdy architecture within ODC.
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
JMeter webinar - integration with InfluxDB and GrafanaRTTS
Watch this recorded webinar about real-time monitoring of application performance. See how to integrate Apache JMeter, the open-source leader in performance testing, with InfluxDB, the open-source time-series database, and Grafana, the open-source analytics and visualization application.
In this webinar, we will review the benefits of leveraging InfluxDB and Grafana when executing load tests and demonstrate how these tools are used to visualize performance metrics.
Length: 30 minutes
Session Overview
-------------------------------------------
During this webinar, we will cover the following topics while demonstrating the integrations of JMeter, InfluxDB and Grafana:
- What out-of-the-box solutions are available for real-time monitoring JMeter tests?
- What are the benefits of integrating InfluxDB and Grafana into the load testing stack?
- Which features are provided by Grafana?
- Demonstration of InfluxDB and Grafana using a practice web application
To view the webinar recording, go to:
https://www.rttsweb.com/jmeter-integration-webinar
2. Today’s public policy panelists
Deb Bryant
Open Source Initiative
Board Member Emeritus
OSI Policy Director - US
Former State of Oregon
Deputy CIO
Greg Wallace
Director of Partnerships
and Research,
FreeBSD Foundation
Ruth Suehle
Executive Vice-President,
Apache Software
Foundation &
Director of Open Source,
SAS
Patrick Masson
Apereo Foundation
Executive Director
Formerly…
General Manager, OSI
CTO, University of
Massachusetts
CIO, State University
of New York
Stephen Jacobs
Director
Open@RIT
2024
3. The Open Policy Alliance is a new
initiative (2023) born out of request
from non-profit community
members to join together to better
understand the changing landscape
of public policy where it effects open
source stakeholders and to provide
a platform from which to
constructively contribute to the
public dialog.
Its members are non-profit
organizations with a stake in open
domains and intersectional interests
in open source software.
The Alliance focuses on
● The need to educate public
policy-makers on open source
to inform their development
and deliberation of new policy
concepts.
● Assist in the development of
good public policy, and to help
avoid under-informed policy
with unintended consequences
due to a lack of understanding
of how open collaboration
works in practice.
4. Open@RIT
Open@RIT https://openr.it
Open Programs Office and Research Center for the Rochester Institute of Technology.
Co-creator of Open Work Definition (https://openworkdefinition.com) with Karsten Wade and other contributors.
Funded by Alfred P. Sloan Foundation to support Academic Open Work of All kinds.
Ran Summit on Open Work in Academia Summit.
Founding member Open 3D Engine foundation and International Game Developers Association Open Source SIG.
Policy interests include internal policies to academia, science and research civic and federal government and do work in
and across those silos.
FOSS and Open Work policies have been growing in influence in these spaces. The most recent example of this is the
effort to crowd source federal policy for science and research by the Foundation of American Scientists, the Center for
Open Science and the Wilson Center.
Help shape the next decade of open science
6. Cyber Resilience Act
“In order not to hamper innovation or research, free and open-source
software developed or supplied outside the course of a commercial activity
should not be covered by this Regulation. This is in particular the case for
software, including its source code and modified versions, that is openly
shared and freely accessible, usable, modifiable and redistributable. In the
context of software, a commercial activity might be characterized not only
by charging a price for a product, but also by charging a price for technical
support services, by providing a software platform through which the
manufacturer monetises other services, or by the use of personal data for
reasons other than exclusively for improving the security, compatibility or
interoperability of the software.”
7. The Source for Open Source in Higher Education…
Founded in 2012, with roots dating back to 1999
Fiscal sponsor of 20 open source edtech solutions including:
Central Authentication Service (CAS) Bedework enterprise calendar system
Opencast video capture, editing, & management Sakai learning management system
uPortal enterprise portal framework Xerte content authoring & publishing
300+ participating academic institutions
2500+ contributors: developers, system administrators, faculty, instructional designers, deans,
department heads, campus administrators, students, commercial affiliates…
8. Open Source Policy and Practice Impacting Academic Institutions
Higher education technology is extremely distributed.
Requirements in public grants for outputs to be “open.”
Increased interest and investment in cross-discipline, multi-resourced, “open initiatives.”
Open source adoption on campuses tends to be bottom-up.
Regulating bodies don’t see universities as digital businesses that use and develop open source.
All of the above means many “campus decision makers” are unaware of policy and impacts.
9. Open Source Policy and Practice: What Apereo is Doing…
Contracting with dedicated policy analyst/advisor.
Engaging membership: universities, consortia, projects, commercial affiliates, etc.
Partnering with subject matter experts: Eclipse, OW2, OSPO.Alliance, OSPO++, etc.
Reaching out to higher education organizations, e.g., AXIES, EDUCAUSE, ESUP Portail, German U15.
10. www.FreeBSDFoundation.org
The FreeBSD
Foundation is
dedicated to
supporting the
FreeBSD Project, its
development, and
its community
FreeBSD is a
complete open
source Unix-like
operating system.
The FreeBSD Project is a welcoming open source
community with hundreds of committers and
thousands of contributors around the world
Descended from UC Berkeley,
FreeBSD powers much of the
technology we all use daily to stay
connected, informed, and
entertained
11. Policy areas
● Sonotype found OSS n 96% of ALL
scanned codebases
● This means that virtually every
company bidding for govt digital
contracts relies on open source
● Can govt. agencies use procurement
power to favor software companies
that support the open source they
use?
www.FreeBSDFoundation.org
Government procurement Security by design
a few areas that every software
company should investigate. First, …
The Capability Hardware Enhanced
RISC Instructions (CHERI) … gives
memory unsafe languages like C and
C++ protection against many widely
exploited vulnerabilities.
https://www.cisa.gov/news-events/news/urgent-need-memory-safety-software-products
The Urgent Need for Memory
Safety in Software Products
12. Rust & CHERI
The One-Two punch for memory safety protection
www.FreeBSDFoundation.org
● Millions of
applications are
written in C / C++
● Leaving users at
risk of memory
safety
vulnerabilities
● With minimal mods,
port C/C++ apps to
CHERI
● And users are
protected against
nearly 70% of
memory safety
vulnerabilities
THE PROBLEM
● Rust for NEW
systems apps
● BUT what about
all the millions of
existing apps
written in C / C++?
RUST FOR NEW APPS CHERI SECURES EXISTING APPS
13. Resources
★ Open Policy Alliance announcement and membership application
★ US Office of the National Cyber Director (ONCD) RFI on OSS sustainability
★ EU Cyber Resilience Act and references
★ OpenWork
★ Apero Foundation
★ FreeBSD Foundation
★ Apache Software Foundation