WEBVTT 00:00:07.254 --> 00:00:07.504 Right, good afternoon 00:00:07.817 --> 00:00:12.360 It is the lightning talks sessions at DebConf Hamburg 2018 00:00:13.019 --> 00:00:17.895 We've got seven speakers, and I guess we'll just get going 00:00:18.352 --> 00:00:22.107 Starting with Tobias Platn???, talking about Debian on Power9. 00:00:27.528 --> 00:00:36.302 Yesterday I, hm no, on friday, I received my new Power9 machine. 00:00:36.519 --> 00:00:37.710 A Talos 9 (II). 00:00:40.456 --> 00:00:44.680 And it has an IBM Power9 processor 00:00:45.658 --> 00:00:52.946 So, the only distro that I know that will work is Debian. 00:00:55.748 --> 00:01:01.820 Then, this is a new PowerPC 64 bits architecture, 00:01:02.330 --> 00:01:06.553 that can run in little-endian mode. 00:01:07.255 --> 00:01:10.823 I downloaded a Debian installer. 00:01:11.834 --> 00:01:16.531 First, I chosed the stable version, but 00:01:17.492 --> 00:01:21.211 that crashed during install. 00:01:21.733 --> 00:01:28.208 And, then I retried a different version, a daily version. 00:01:29.265 --> 00:01:37.455 And this one, which is based on Buster, correctly installed. 00:01:38.264 --> 00:01:44.682 I can even have a graphical environment, working out of the box. 00:01:45.696 --> 00:01:52.899 And, the installer then complained that there is no boot partition 00:01:53.862 --> 00:02:04.744 for older PowerPCs, and this boot partition is not needed, since the TalosII 00:02:05.162 --> 00:02:13.166 has a newer systems starting with power7 used petitboot. 00:02:16.038 --> 00:02:22.581 So, that needs to be fixed in the Debian installer, 00:02:23.259 --> 00:02:29.066 that it doesn't produce the warning on Power machines. 00:02:32.143 --> 00:02:37.359 And now I have a working Debian installation, 00:02:38.079 --> 00:02:40.300 which I can use. 00:02:49.707 --> 00:02:52.912 (thanks) [applause] 00:02:54.093 --> 00:02:55.411 Thank you very much, that was very quick. 00:02:55.639 --> 00:02:57.328 Next up is Thimothée Jaussoin, 00:02:57.890 --> 00:03:01.721 talking about Movim, the XMPP social platform. 00:03:05.572 --> 00:03:07.427 Give him a moment to get set up. 00:04:32.681 --> 00:04:34.262 I think it's a bit better this way. 00:04:34.755 --> 00:04:36.976 Who already heard about the platform Movim? 00:04:38.679 --> 00:04:44.207 OK, so we have a couple of people that know about the project here. 00:04:45.054 --> 00:04:48.307 Just to present you what I ??? could be a parallel universe 00:04:48.481 --> 00:04:50.653 but is actually the current universe we're living with. 00:04:52.233 --> 00:04:54.307 Lots of different chat platforms. 00:04:54.594 --> 00:04:56.036 The same thing on social networks. 00:04:56.779 --> 00:05:00.051 We keep reinventing the wheel all the time. 00:05:02.563 --> 00:05:03.455 We don't have this problem with e-mails 00:05:03.742 --> 00:05:07.157 hopefully actually the e-mail standards came way before before all of those 00:05:08.182 --> 00:05:09.515 proprietary solutions 00:05:10.092 --> 00:05:15.089 So we have ??? and Google and Microsoft are still using SMTP, IMAP, for now. 00:05:15.567 --> 00:05:19.559 So everything is compatible, and we have a lot of clients on top of that. 00:05:19.773 --> 00:05:21.747 But for chat, and social networks, it's not the case. 00:05:22.750 --> 00:05:26.054 So the idea of Movim is to build a social platform. 00:05:28.958 --> 00:05:32.801 In there, we can put a little couple of ingredients. 00:05:33.414 --> 00:05:37.407 First, it needs to be Open-Source, for the transparency, for the fact that you can 00:05:37.584 --> 00:05:41.829 have feedback and improvements, for the security part. Bring some trust 00:05:42.035 --> 00:05:47.128 I think that you guys here know about the advantages of Free Software, and 00:05:47.578 --> 00:05:52.731 especially on the communication part, on social networks, but it's not enough. 00:05:53.745 --> 00:05:56.915 We also need to be in control, actually in this social network. 00:05:57.382 --> 00:05:59.249 So it need to be simple and transparent 00:05:59.532 --> 00:06:02.121 on the UI but also on the protocol level. 00:06:02.345 --> 00:06:07.222 On the really deep below stacks. 00:06:08.183 --> 00:06:10.276 So we'll need to have a strong and reliable encryption, 00:06:10.493 --> 00:06:14.743 so don't reinvent also an encryption - talking about Telegram, here - 00:06:15.987 --> 00:06:19.209 And, yeah, need some trusts in sights here. 00:06:19.439 --> 00:06:22.300 I mean a community, and not a company that you will blindly trust 00:06:22.844 --> 00:06:25.718 to take care of all of your communications. 00:06:25.937 --> 00:06:26.953 But it's not enough. 00:06:27.661 --> 00:06:32.071 It needs to be decentralized. Because centralized social networks, 00:06:32.274 --> 00:06:33.482 even if it's opensource, 00:06:33.687 --> 00:06:36.727 if it's only one instance, you have to still trust the instance. So would like to 00:06:36.917 --> 00:06:39.509 deploy your instance, you would like to trust someone else, 00:06:39.674 --> 00:06:42.656 you can only, sometimes, trust only yourself in seldom cases 00:06:44.050 --> 00:06:46.627 Decentralization also brings robustness 00:06:50.497 --> 00:06:54.605 So that's too many times that actually one server is failing, think Signal 00:06:55.078 --> 00:06:59.115 had an issue recently, about this kind of thing there. 00:06:59.272 --> 00:07:02.567 The issue was with the Amazon servers, the whole thing didn't worked 00:07:02.731 --> 00:07:04.077 for a couple of hours. 00:07:04.429 --> 00:07:06.660 And then, resist against censorship and control. 00:07:06.865 --> 00:07:09.145 Same thing with Telegram, I think in Russia. 00:07:09.307 --> 00:07:13.995 I'm talking more about the IM part, but it's also applicable to social networks. 00:07:14.179 --> 00:07:18.439 It's exactly the same thing, just that the exchanges of information are a bit different. 00:07:18.976 --> 00:07:20.749 So, you need these steps but 00:07:21.552 --> 00:07:23.845 all those platforms here 00:07:24.962 --> 00:07:33.484 (I just made this conference 3 years ago, just added Mastodon recently) 00:07:37.125 --> 00:07:43.934 So i might talk about different sorts of platforms 00:07:44.452 --> 00:07:46.932 There is communication between those platforms, kind of standards that are 00:07:47.108 --> 00:07:50.036 starting to come in, especially between Diaspora and Mastodon, 00:07:50.257 --> 00:07:51.944 but there is still a lot of work to do there. 00:07:52.828 --> 00:07:56.406 So, the secret ingredient is about compatibility, about extensibility. 00:07:56.885 --> 00:07:58.634 Don't try to reinvent the wheel again, 00:07:58.843 --> 00:08:00.232 don't try to create another social network, 00:08:00.612 --> 00:08:03.790 or another IM platform that will have all those communication troubles. 00:08:04.145 --> 00:08:05.253 So, I mean a long-term vision. 00:08:07.652 --> 00:08:10.517 And, actually, the secret ingredient is standardization, in these things. 00:08:11.240 --> 00:08:18.348 So, this standard should have a couple of features, 00:08:19.535 --> 00:08:23.706 support news feeds, communities, IM, chatroom presences, know who's online, profiles, 00:08:24.084 --> 00:08:26.961 video conferencing security, bridges to the Web. 00:08:28.240 --> 00:08:29.524 And then it will be real-time. 00:08:31.799 --> 00:08:32.973 And, 1 minute? 00:08:33.451 --> 00:08:35.350 This protocol actually exists, it's called XMPP. 00:08:36.176 --> 00:08:40.060 So the goal of the project is: - take XMPP implemented 00:08:40.710 --> 00:08:43.859 - and doing a lot of innovation on top of the project 00:08:44.493 --> 00:08:48.857 So, server-side it's a simple XMPP client, webserver, simple to install 00:08:49.342 --> 00:08:51.121 (PHP, MySQL PostgreSQL) 00:08:51.684 --> 00:08:55.472 And user-side, it's also super simple to use, you need simply a browser, 00:08:57.505 --> 00:09:02.207 it's responsive, it's light, it's fast and is built actually for small communities. 00:09:03.426 --> 00:09:05.195 There are pods all around the world. 00:09:05.471 --> 00:09:07.347 You're really invited to deploy your own pods. 00:09:07.834 --> 00:09:11.255 There is already ten thousands accounts on the official pod 00:09:11.470 --> 00:09:12.417 30 languages 00:09:12.651 --> 00:09:13.889 Debian packages coming soon 00:09:14.137 --> 00:09:16.619 Thanks to the help of some people in this room. 00:09:17.506 --> 00:09:19.666 And, that's it ! 00:09:20.578 --> 00:09:22.690 So if you want more information, everything is on the website, 00:09:22.913 --> 00:09:25.174 you can join the chat room. 00:09:25.385 --> 00:09:26.527 Or, the twitter. 00:09:27.210 --> 00:09:30.576 [applause] 00:09:31.005 --> 00:09:32.163 Thank you very much. 00:09:32.620 --> 00:09:35.902 Next up is Thomas Lange, Mrfai, talking about dracut. 99:59:59.999 --> 99:59:59.999 Today, I'm not talking about FAI but about dracut. 99:59:59.999 --> 99:59:59.999 dracut is a replacement for initramfs which is used by most other distributions. 99:59:59.999 --> 99:59:59.999 If I'm correct, only Ubuntu and Debian and derivatives are using initramfs-tools 99:59:59.999 --> 99:59:59.999 All other distributions already moved to dracut. 99:59:59.999 --> 99:59:59.999 Today I want to show how you can get an experience with dracut 99:59:59.999 --> 99:59:59.999 without deinstalling initramfs-tools. 99:59:59.999 --> 99:59:59.999 Ben Hutchings did some patches, I think two years ago, so it's possible. 99:59:59.999 --> 99:59:59.999 What you have to do, there's a package called "dracut-core", 99:59:59.999 --> 99:59:59.999 which does not conflict with initramfs-tools. 99:59:59.999 --> 99:59:59.999 I have a virtual machine. 99:59:59.999 --> 99:59:59.999 So, debian/fai… 99:59:59.999 --> 99:59:59.999 On this machine, I will now install the dracut-core package 99:59:59.999 --> 99:59:59.999 and that's it. 99:59:59.999 --> 99:59:59.999 We still have one initrd. 99:59:59.999 --> 99:59:59.999 And now I can say… 99:59:59.999 --> 99:59:59.999 Oh no, first I have to copy the dracut version and then I can generate 99:59:59.999 --> 99:59:59.999 a new initrd with dracut. 99:59:59.999 --> 99:59:59.999 dracut uses the usual hooks or module system, 99:59:59.999 --> 99:59:59.999 it does not use the hooks from the initramfs things but it already includes 99:59:59.999 --> 99:59:59.999 a lot of hooks, so for example if you have a cryptsetup, 99:59:59.999 --> 99:59:59.999 you do not need the hooks for initramfs-tools from the cryptsetup package 99:59:59.999 --> 99:59:59.999 because dracut already includes this and a lot of other things. 99:59:59.999 --> 99:59:59.999 After generating a new initrd, you update your grub and you see 99:59:59.999 --> 99:59:59.999 we have now two entries in the grub. 99:59:59.999 --> 99:59:59.999 One with the old initrd which was created by… 99:59:59.999 --> 99:59:59.999 the default one is the initrd which is created by initramfs-tools 99:59:59.999 --> 99:59:59.999 and here you have the boot entry for the new dracut initrd 99:59:59.999 --> 99:59:59.999 and it boots up and works. 99:59:59.999 --> 99:59:59.999 What we need is that more people are using it and giving it a try. 99:59:59.999 --> 99:59:59.999 In your environment, on your hardware, does dracut work? 99:59:59.999 --> 99:59:59.999 We had a discussion, like 5 years ago, if Debian… 99:59:59.999 --> 99:59:59.999 When will Debian switch from initramfs-tools to dracut? 99:59:59.999 --> 99:59:59.999 And still there's no real need because initramfs-tools works for everybody 99:59:59.999 --> 99:59:59.999 but I think in the long term, we will switch it, 99:59:59.999 --> 99:59:59.999 so please help us, write bug reports 99:59:59.999 --> 99:59:59.999 or just give it a try, if it works for you or not. 99:59:59.999 --> 99:59:59.999 That's it. 99:59:59.999 --> 99:59:59.999 [Applause] 99:59:59.999 --> 99:59:59.999 Next up is TecKids talking about their organization. 99:59:59.999 --> 99:59:59.999 Ok, those of you who attended the Skolelinux talk already heard about TecKids. 99:59:59.999 --> 99:59:59.999 I want to give a few details about what else we do. 99:59:59.999 --> 99:59:59.999 TecKids is a non-profit organization based in Germany, but 99:59:59.999 --> 99:59:59.999 we're working internationally and 99:59:59.999 --> 99:59:59.999 we are completely centered around free software and we do basically everything 99:59:59.999 --> 99:59:59.999 concerning free software in education in the context of children and adolescents, 99:59:59.999 --> 99:59:59.999 young people. 99:59:59.999 --> 99:59:59.999 More than 50% of our active members are minors. 99:59:59.999 --> 99:59:59.999 There's an "s" missing, sorry. 99:59:59.999 --> 99:59:59.999 They are of course not minor but they are minors. 99:59:59.999 --> 99:59:59.999 Sorry, kids, if you are watching this. 99:59:59.999 --> 99:59:59.999 They're minors and we are a fully democratic organization 99:59:59.999 --> 99:59:59.999 like in the FOSS spirit 99:59:59.999 --> 99:59:59.999 and the most important thing is that we get children involved with all the parts 99:59:59.999 --> 99:59:59.999 of the organization, both operational and tutoring and workshops 99:59:59.999 --> 99:59:59.999 and working with free software projects, giving presentations. 99:59:59.999 --> 99:59:59.999 Normally some children would be here but as this conference was right in the middle of 99:59:59.999 --> 99:59:59.999 schooltime, this was not so easy. 99:59:59.999 --> 99:59:59.999 So what do we do. 99:59:59.999 --> 99:59:59.999 First of all, we want to get children interested in programming, in coding, 99:59:59.999 --> 99:59:59.999 in technical stuff and also in free software. 99:59:59.999 --> 99:59:59.999 This we do by running youth programs at free software conferences 99:59:59.999 --> 99:59:59.999 like the FrOSCon where normally around 100 to 120 children attend and 99:59:59.999 --> 99:59:59.999 use Debian and all that cool stuff and learn what they can do with it. 99:59:59.999 --> 99:59:59.999 We do peer learning, so those children who already know many things and 99:59:59.999 --> 99:59:59.999 are very interested, they start tutoring other children. 99:59:59.999 --> 99:59:59.999 Of course we have non-tech fun together, we are outside, 99:59:59.999 --> 99:59:59.999 there is a social program with staying over night, having a barbecue and 99:59:59.999 --> 99:59:59.999 all that stuff that helps building a community. 99:59:59.999 --> 99:59:59.999 Those who are even more interested can get actively involved in preparing workshops, 99:59:59.999 --> 99:59:59.999 organizing events, preparing talks, looking at open source projects, 99:59:59.999 --> 99:59:59.999 helping others get a free messenger instead of WhatsApp, 99:59:59.999 --> 99:59:59.999 working on HowTo, how to spread the word among youths and all of that. 99:59:59.999 --> 99:59:59.999 And then ??? at conference and raise awareness, 99:59:59.999 --> 99:59:59.999 this is our presentation team from the Chemnitz Linux Days 99:59:59.999 --> 99:59:59.999 and they are presenting the whole ??? of free software in education 99:59:59.999 --> 99:59:59.999 at our SchulFrei booth which is "School free" in German. 99:59:59.999 --> 99:59:59.999 They are presenting all projects that are involved in this common booth and 99:59:59.999 --> 99:59:59.999 care for free software education. 99:59:59.999 --> 99:59:59.999 If you are interested in that, maybe because you have children or 99:59:59.999 --> 99:59:59.999 want to have children or are involved in education in some way, 99:59:59.999 --> 99:59:59.999 there are quite a few things that you can do. 99:59:59.999 --> 99:59:59.999 You can help working on projects, you can work with mentoring the children 99:59:59.999 --> 99:59:59.999 in coding or organisational activities. 99:59:59.999 --> 99:59:59.999 You can help spreading the word, also raising awareness that 99:59:59.999 --> 99:59:59.999 many many software projects do have some involvement with children, 99:59:59.999 --> 99:59:59.999 even indirectly, like a web browser like Firefox, 99:59:59.999 --> 99:59:59.999 such applications are used by children and they may have other needs, 99:59:59.999 --> 99:59:59.999 and they may have other views on that, 99:59:59.999 --> 99:59:59.999 so it's very important to at least think about what children or schools or 99:59:59.999 --> 99:59:59.999 teachers as well do with this software. 99:59:59.999 --> 99:59:59.999 Pardon? One minute, thank you. 99:59:59.999 --> 99:59:59.999 We need help with presentations at conferences, 99:59:59.999 --> 99:59:59.999 so not every time the same people have to get a day off at work and travel to conferences 99:59:59.999 --> 99:59:59.999 there's much more manpower needed. 99:59:59.999 --> 99:59:59.999 And of course, every ngo, every non-profit organization is lacking money, 99:59:59.999 --> 99:59:59.999 so if you have already donated to Debian and still have money left, 99:59:59.999 --> 99:59:59.999 you might want to give your money to the future, which is children. 99:59:59.999 --> 99:59:59.999 Don't forget donating to Debian. 99:59:59.999 --> 99:59:59.999 I don't know if I am shot if I don't say that. 99:59:59.999 --> 99:59:59.999 [laughter] 99:59:59.999 --> 99:59:59.999 And there's also liberapay, it's a free donation platform, 99:59:59.999 --> 99:59:59.999 just have a look at it and if you want to help us, actively just go to our web site, 99:59:59.999 --> 99:59:59.999 find some communication means or just talk to someone you find 99:59:59.999 --> 99:59:59.999 at any conference who is wearing this shirt with our logo. 99:59:59.999 --> 99:59:59.999 Thank you. 99:59:59.999 --> 99:59:59.999 [Applause] 99:59:59.999 --> 99:59:59.999 Next up is Thomas Koch, talking about containers. 99:59:59.999 --> 99:59:59.999 Almost ready. 99:59:59.999 --> 99:59:59.999 We do have one more space at the end if anybody feels, you know, 99:59:59.999 --> 99:59:59.999 inspired to tell us all the things. 99:59:59.999 --> 99:59:59.999 I mean, we did have one very last minute sign up. 99:59:59.999 --> 99:59:59.999 Meanwhile, I guess I can make announcements while I'm here. 99:59:59.999 --> 99:59:59.999 Front desk will be available again after lunch, as will t-shirts. 99:59:59.999 --> 99:59:59.999 Anybody who hasn't had a t-shirt yet, 99:59:59.999 --> 99:59:59.999 basically, if you signed up, you're allowed to get a t-shirt, come see me, 99:59:59.999 --> 99:59:59.999 yes, free of charge, 99:59:59.999 --> 99:59:59.999 come see me at front desk when it's open again after lunch. 99:59:59.999 --> 99:59:59.999 Because I do know some people been reticent to come up and, you know, 99:59:59.999 --> 99:59:59.999 ask one… 99:59:59.999 --> 99:59:59.999 I've probably given effectively a lightning talk on not giving… 99:59:59.999 --> 99:59:59.999 I think so. 99:59:59.999 --> 99:59:59.999 Right, here we go. 99:59:59.999 --> 99:59:59.999 Ein, zwei, ok. 99:59:59.999 --> 99:59:59.999 Hello, I'm Thomas Koch, I work for Google, 99:59:59.999 --> 99:59:59.999 I work in support for Google Container Engine, Google kubernetes engine. 99:59:59.999 --> 99:59:59.999 Who knows what Kubernetes is? 99:59:59.999 --> 99:59:59.999 Oh, so few, ok. 99:59:59.999 --> 99:59:59.999 It's a thing to orchestrate containers on many many nodes, 99:59:59.999 --> 99:59:59.999 up to thousands of nodes. 99:59:59.999 --> 99:59:59.999 It was started by Google, open sourced by Google in 2015 I believe. 99:59:59.999 --> 99:59:59.999 First contributor was Red Hat, it is 100% open source, it's written in Go 99:59:59.999 --> 99:59:59.999 and by now it has won the market of managing containers on large nodes. 99:59:59.999 --> 99:59:59.999 I just was at the KubeCon in Copenhagen with 4300 participants and 99:59:59.999 --> 99:59:59.999 every company you can imagine has an offering about Kubernetes. 99:59:59.999 --> 99:59:59.999 Just some logos of companies that use or contribute to Kubernetes 99:59:59.999 --> 99:59:59.999 and even more logos and these slides are outdated, so there are even more. 99:59:59.999 --> 99:59:59.999 Kubernetes, you have some masters that control kubelet on every node. 99:59:59.999 --> 99:59:59.999 A kubelet can start containers and can set up networking stuff 99:59:59.999 --> 99:59:59.999 and can set up volumes and the basic concept of computation, 99:59:59.999 --> 99:59:59.999 the basic primitive is a pod. 99:59:59.999 --> 99:59:59.999 A pod is one to many containers running together in one environment 99:59:59.999 --> 99:59:59.999 so that you have the possibility to have sidecars running beside your main containers 99:59:59.999 --> 99:59:59.999 that does additional stuff. 99:59:59.999 --> 99:59:59.999 It has proven useful in Google's internal ??? container management engine 99:59:59.999 --> 99:59:59.999 that you want to have certain containers always running containers 99:59:59.999 --> 99:59:59.999 and sharing resources. 99:59:59.999 --> 99:59:59.999 An other important primitive is volumes. 99:59:59.999 --> 99:59:59.999 Kubernetes can manage your storage and provision storage to be accessible 99:59:59.999 --> 99:59:59.999 to your containers. 99:59:59.999 --> 99:59:59.999 You can combine many parts that provide the same service to be accessible 99:59:59.999 --> 99:59:59.999 under the same IP address and so have failover enable like this 99:59:59.999 --> 99:59:59.999 and of course then you have controlers that scale your services, 99:59:59.999 --> 99:59:59.999 scale down your services, restart failed pods 99:59:59.999 --> 99:59:59.999 or drain nodes that you want to take away 99:59:59.999 --> 99:59:59.999 And my question now is what is the role of Debian in a world where 99:59:59.999 --> 99:59:59.999 Kubernetes becomes more and more popular even if not that many of you have heard about it 99:59:59.999 --> 99:59:59.999 I believe that Kubernetes will become even more popular 99:59:59.999 --> 99:59:59.999 and even as a Debian Maintainer, I'm enthusiastic about how easy it becomes now 99:59:59.999 --> 99:59:59.999 to run your stuff in Kubernetes. 99:59:59.999 --> 99:59:59.999 But you only need a very minimal host operating system to install Kubernetes 99:59:59.999 --> 99:59:59.999 on your servers, afterwards you need a bare image, a base image for your container 99:59:59.999 --> 99:59:59.999 which is normally also a very minimal image 99:59:59.999 --> 99:59:59.999 and you don't do "apt-get install apache2" anymore to have a web server, 99:59:59.999 --> 99:59:59.999 you take an apache container image and then you extend this image and 99:59:59.999 --> 99:59:59.999 put your app onto this image, so you don't need an apache Debian image anymore 99:59:59.999 --> 99:59:59.999 in such a world. 99:59:59.999 --> 99:59:59.999 Will we still need this in Debian? 99:59:59.999 --> 99:59:59.999 However, nothing is perfect. 99:59:59.999 --> 99:59:59.999 On KubeCon, I also saw companies offering 99:59:59.999 --> 99:59:59.999 "Oh, we scan you container images for outdated libraries" and 99:59:59.999 --> 99:59:59.999 you have long times to update your cluster because all the containers need to be stopped 99:59:59.999 --> 99:59:59.999 you download new images, you start whole new environments 99:59:59.999 --> 99:59:59.999 so there are optimizations possible there 99:59:59.999 --> 99:59:59.999 and people are wondering 99:59:59.999 --> 99:59:59.999 "Ok, where does my stuff come from? Is it from a trusted source?" 99:59:59.999 --> 99:59:59.999 And my crazy thoughts, maybe it's an opportunity here 99:59:59.999 --> 99:59:59.999 if Debian would become a source of trusted binaries or even container images. 99:59:59.999 --> 99:59:59.999 Thank you. 99:59:59.999 --> 99:59:59.999 [Applause] 99:59:59.999 --> 99:59:59.999 Next up, Pierre Pronchery, talking about Manticore, DeepState and DeforaOS 99:59:59.999 --> 99:59:59.999 Are you pretty much ready? 99:59:59.999 --> 99:59:59.999 I think so. 99:59:59.999 --> 99:59:59.999 Meanwhile, does anybody know any dance routines, you know, 99:59:59.999 --> 99:59:59.999 just to bridge over the time, because I'm not going to. 99:59:59.999 --> 99:59:59.999 I don't think I know any Jerks. 99:59:59.999 --> 99:59:59.999 Hopefully nearly there. 99:59:59.999 --> 99:59:59.999 You fling my phone from me. 99:59:59.999 --> 99:59:59.999 It's ok, nobody calls me anyway. 99:59:59.999 --> 99:59:59.999 I'm afraid I haven't got any more announcements. 99:59:59.999 --> 99:59:59.999 We are pleased to announce that there are no current announcements available. 99:59:59.999 --> 99:59:59.999 The news has been called off. 99:59:59.999 --> 99:59:59.999 Do you actually have slides? 99:59:59.999 --> 99:59:59.999 I'm wondering if we should your round. 99:59:59.999 --> 99:59:59.999 Ok, right, we have the interval act, an interpretive dance by Andrew Shadura 99:59:59.999 --> 99:59:59.999 on the nature of git crecord being for the win. 99:59:59.999 --> 99:59:59.999 Well, you know, anything to bridge the time, right? 99:59:59.999 --> 99:59:59.999 If in doubt, make the font bigger. 99:59:59.999 --> 99:59:59.999 Maybe I should give a lightning talk about that. 99:59:59.999 --> 99:59:59.999 I think I might, just at the very end, I'll just disguise it as an announcement. 99:59:59.999 --> 99:59:59.999 Ready? 99:59:59.999 --> 99:59:59.999 There, no. 99:59:59.999 --> 99:59:59.999 I prefer that. 99:59:59.999 --> 99:59:59.999 Yes, but we don't. 99:59:59.999 --> 99:59:59.999 Why? 99:59:59.999 --> 99:59:59.999 Did you see what happened earlier? 99:59:59.999 --> 99:59:59.999 What happened earlier? 99:59:59.999 --> 99:59:59.999 Please use the hand microphone. 99:59:59.999 --> 99:59:59.999 Ok. 99:59:59.999 --> 99:59:59.999 Alright, listen to a man but not me. 99:59:59.999 --> 99:59:59.999 [laughter] 99:59:59.999 --> 99:59:59.999 Can you hear me? 99:59:59.999 --> 99:59:59.999 So, I'm just going to show you a small utility I wrote. 99:59:59.999 --> 99:59:59.999 Actually, I didn't write it from scratch, I just ported it from… Anyway. 99:59:59.999 --> 99:59:59.999 Let's see, we've got a git diff of 99:59:59.999 --> 99:59:59.999 things with a Debian package. 99:59:59.999 --> 99:59:59.999 Lot's of changes, and I forgot to commit them individually. 99:59:59.999 --> 99:59:59.999 There's lots of patches and things, 99:59:59.999 --> 99:59:59.999 I just want to, somehow, sort this out. 99:59:59.999 --> 99:59:59.999 So I just run "git crecord" and suddenly I can see all the things here. 99:59:59.999 --> 99:59:59.999 I can unwrap the diffs… 99:59:59.999 --> 99:59:59.999 What's happening with the ??? 99:59:59.999 --> 99:59:59.999 I can basically select individual bits of the diff and… 99:59:59.999 --> 99:59:59.999 Let's just deselect all things, commit those, just a few. 99:59:59.999 --> 99:59:59.999 There were just a few patches ??? 99:59:59.999 --> 99:59:59.999 so I'm going to commit them now, yes, like refresh patches. 99:59:59.999 --> 99:59:59.999 Let's say just "Refresh", just enough. 99:59:59.999 --> 99:59:59.999 Oh, mmh. 99:59:59.999 --> 99:59:59.999 It's not going to work, because I haven't got a card 99:59:59.999 --> 99:59:59.999 and I forgot to disable the… 99:59:59.999 --> 99:59:59.999 I don't think I can, I don't remember, I probably can't disable PGP signing unfortunately 99:59:59.999 --> 99:59:59.999 it's not implemented yet. 99:59:59.999 --> 99:59:59.999 Anyway. 99:59:59.999 --> 99:59:59.999 Using this thing you can, it's better than… 99:59:59.999 --> 99:59:59.999 How is it properly called. 99:59:59.999 --> 99:59:59.999 It's better than the builtin ??? 99:59:59.999 --> 99:59:59.999 I can't even remember it's name. 99:59:59.999 --> 99:59:59.999 That one. 99:59:59.999 --> 99:59:59.999 I didn't exactly hear exactly what he said, like "git patch something" 99:59:59.999 --> 99:59:59.999 "git add --patch" 99:59:59.999 --> 99:59:59.999 And there's an other one which is… 99:59:59.999 --> 99:59:59.999 There's one a bit more interactive and one which is a bit less interactive. 99:59:59.999 --> 99:59:59.999 This is ??? interactive and there will be more features. 99:59:59.999 --> 99:59:59.999 It is actually, it was originally written for mercurial 99:59:59.999 --> 99:59:59.999 and this was a thing I really missed when I had to use git 99:59:59.999 --> 99:59:59.999 and now I don't have to anymore. 99:59:59.999 --> 99:59:59.999 This is it. 99:59:59.999 --> 99:59:59.999 It's in Debian, you can apt install it if you prefer. 99:59:59.999 --> 99:59:59.999 It's in Debian, you can apt install it if you prefer, 99:59:59.999 --> 99:59:59.999 or you can install it from source and there would be more features later. 99:59:59.999 --> 99:59:59.999 That's it. 99:59:59.999 --> 99:59:59.999 Thank you 99:59:59.999 --> 99:59:59.999 [Applause] 99:59:59.999 --> 99:59:59.999 Now, Pierre Pronchery talking about all the things that I said 99:59:59.999 --> 99:59:59.999 he was going to talk about earlier. 99:59:59.999 --> 99:59:59.999 One moment please. 99:59:59.999 --> 99:59:59.999 [Applause] 99:59:59.999 --> 99:59:59.999 Sorry about that, I didn't really plan for this, 99:59:59.999 --> 99:59:59.999 so I made the slides 5 minutes ago. 99:59:59.999 --> 99:59:59.999 So, I'm Pierre Pronchery, thank you for having me, 99:59:59.999 --> 99:59:59.999 even if I'm actually an officiel NetBSD developer, 99:59:59.999 --> 99:59:59.999 but I'm been using Debian since 1999, so maybe I'm alowed, 99:59:59.999 --> 99:59:59.999 I'm also a security consultant, interested in Kernel development, 99:59:59.999 --> 99:59:59.999 security integration, and so on. 99:59:59.999 --> 99:59:59.999 What you cannot see on the slides right now is that 99:59:59.999 --> 99:59:59.999 I'm also on the board of directors of NetBSD. 99:59:59.999 --> 99:59:59.999 So actually I'm in a good position to talk about the project if you'd like to. 99:59:59.999 --> 99:59:59.999 I would like to talk to you about Manticore today. 99:59:59.999 --> 99:59:59.999 It's a symbolic execution tool, 99:59:59.999 --> 99:59:59.999 basically, it uses a CPU emulator, which can be hardware assisted of course, 99:59:59.999 --> 99:59:59.999 to run and analyze programs or algorithms, so parts of programs on a simulated system 99:59:59.999 --> 99:59:59.999 and one of the aims is actually to make them crash 99:59:59.999 --> 99:59:59.999 so to make extensive fuzzing and be very efficient at fuzzing by possibly tracing 99:59:59.999 --> 99:59:59.999 instructions and so on, whatever is going on inside the program. 99:59:59.999 --> 99:59:59.999 It supports static Linux binaries in 32-bits and 64-bits modes, 99:59:59.999 --> 99:59:59.999 also it supports ARM 32-bits, support is ongoing for ARM 64-bits, 99:59:59.999 --> 99:59:59.999 it also works with Ethereum bytecode. 99:59:59.999 --> 99:59:59.999 There are official releases on GitHub, it's already packaged in PkgSrc by myself 99:59:59.999 --> 99:59:59.999 and I'm actually looking for volunteers to package it for Debian 99:59:59.999 --> 99:59:59.999 or possibly help me to do so. 99:59:59.999 --> 99:59:59.999 I'm actually sponsored by Trail of Bits, the developer of Manticore, 99:59:59.999 --> 99:59:59.999 to work on this, which is also why I'm here. 99:59:59.999 --> 99:59:59.999 The companion to Manticore is called DeepState, 99:59:59.999 --> 99:59:59.999 it's specifically meant for Unit Testing with symbolic execution. 99:59:59.999 --> 99:59:59.999 It supports not just Manticore but also an other backend for analyzing 99:59:59.999 --> 99:59:59.999 running binaries, 99:59:59.999 --> 99:59:59.999 It's called angr, this other backend, which was developed as a side node 99:59:59.999 --> 99:59:59.999 for the Cyber Grand challenge of DARPA last year. 99:59:59.999 --> 99:59:59.999 DeepState is currently packaged in 2 separate packages in PkgSrc 99:59:59.999 --> 99:59:59.999 by myself again, 99:59:59.999 --> 99:59:59.999 unfortunately not yet fully upstream in PkgSrc, 99:59:59.999 --> 99:59:59.999 but basically I made one package with ??? binaries and then the Python bindings. 99:59:59.999 --> 99:59:59.999 This is also on GitHub but with no official release yet, 99:59:59.999 --> 99:59:59.999 because this is a very young project still 99:59:59.999 --> 99:59:59.999 so I'm also for a volunteer in Debian to help me package that. 99:59:59.999 --> 99:59:59.999 And then, a shameless addition, I'm also a developer of, the main developer of 99:59:59.999 --> 99:59:59.999 DeforaOS, an open source desktop environment, and with some more parts 99:59:59.999 --> 99:59:59.999 in the project, 99:59:59.999 --> 99:59:59.999 I have about 50 repositories now in this. 99:59:59.999 --> 99:59:59.999 I'm therefore also looking for volunteers to package that into Debian, 99:59:59.999 --> 99:59:59.999 there are still projects we haven't packaged yet, as far as I know. 99:59:59.999 --> 99:59:59.999 So, since I'm here, I figured I could as well get my PGP key signed, 99:59:59.999 --> 99:59:59.999 I suppose it's one of the steps to become a developer 99:59:59.999 --> 99:59:59.999 and if there are more, I've heard there are plenty, 99:59:59.999 --> 99:59:59.999 then please help me out with this, I'll welcome any assistance doing that. 99:59:59.999 --> 99:59:59.999 Alright. Thank you. 99:59:59.999 --> 99:59:59.999 [Applause] 99:59:59.999 --> 99:59:59.999 Thank you very much. 99:59:59.999 --> 99:59:59.999 I guess that's it. 99:59:59.999 --> 99:59:59.999 The next lightning talk session that I'm aware of is at DebConf18 in Taiwan. 99:59:59.999 --> 99:59:59.999 I hope to see as many of you as possible there. 99:59:59.999 --> 99:59:59.999 Off you go, lunch time. 99:59:59.999 --> 99:59:59.999 [Applause]