Videos in category Samfunn

  • EuroBSDCon 2019, Lillehammer: Advanced ports toolkit: near-perfect packing-list generation - Marc Espie (0:40:42)
  • NUUG
  • The OpenBSD ports tree uses an unique approach. Instead of ad-hoc scripts that manipulate textual information, we do have a semantic parser that creates objects for each element in the plist. The last year saw a complete rewrite of the most complicated piece of machinery, namely update-plist. There are lots of interesting challenges, specifically how to write a generic tool that will handle all the semantic annotations that currently figure in packing-lists with minimal special-casing: variables that expand to nothing for some flavors, ambiguous variable expansions, directories that may not exist for python2 ports, automatic dispatching to the right subpackage and fragment, shared libraries, smart file type handling for libraries, icon themes, etc Before and after comparison shows a new tool that requires minimal human intervention (perfect packing-list re-generation in over 95% of the cases), where the old update-plist required hand-holding over half the time. Marc Espie Researcher/Teacher in development security at Epita. Architect of the OpenBSD packages and ports system.
  • EuroBSDCon 2019, Lillehammer: NUMA Optimizations in the FreeBSD Network Stack - Drew Gallatin (0:40:30)
  • NUUG
  • will discuss optimizations to keep network connections and their resources local to NUMA domains. These changes include: Allocating NUMA local memory to back files sent via sendfile(9). Allocating NUMA local memory for Kernel TLS crypto buffers. Directing connections to TCP Pacers and kTLS workers bound to the local domain. Directing incoming connections to Nginx workers bound to the local domain via modifications to SO_REUSEPORT_LB listen sockets. I will present data from real Netflix servers showing an improvement of almost 2x on AMD EPYC (85Gbs - 165Gbs), and 1.3x on Intel Xeon (140Gb/s - 180Gbs). I will present data from the Xeon system showing a 50% reduction in cross-domain traffic. Drew Gallatin Drew started working on FreeBSD at Duke in the 90s, and was one of the people behind the FreeBSD/alpha port. He worked on zero-copy TCP optimizations for FreeBSD and was sending data at over 1Gb/s before gigabit Ethernet was generally available. He spent a decade at Myricom, optimizing their drivers. After a brief hiatus at Google, he landed at Netflix, where he works on optimizing the FreeBSD kernel and network stack for content delivery. He worked on the optimizations to serve unencrypted Netflix traffic at 100Gb/s, and then on more optimizations to send encrypted traffic at 100Gb/s.
  • EuroBSDCon 2019, Lillehammer: Wireless Fidelity with bwfm(4) - Patrick Wildt (0:41:50)
  • NUUG
  • The Broadcom Wireless FullMAC chip has been one of the biggest hurdles in properly supporting Apple MacBooks in the recent years. But that has not been the only place where this chip has popped up. bwfm(4) is a new OpenBSD driver that supports these chips and was also ported to NetBSD. This talks gives an overview of the chip, an in-depth view into how one communicates with the chip on the three different supported busses, and the higher layer protocol that’s being run on top. It also shows issues properly combining the driver with the OpenBSD net80211 stack, which isn’t written to handle FullMACs. The talk also shows the Firmware and NVRAM distribution issues.
  • EuroBSDCon 2019, Lillehammer: KernelTLS - Hans Petter Selasky, Drew Gallatin (0:43:16)
  • NUUG
  • Kernel TLS and TLS hardware offload TLS (Transport Layer Security) is a widely-deployed network protocol used for providing cryptographically proven security and authentication of TCP sessions. A kernel implementation of TLS will provide access to TLS hardware offload, ability to access unencrypted bytes of data in the kernel, and a reduction in copies to and from userspace by allowing the use of the sendfile(9) system call for TLS encrypted data. This talk will start from explaining the basics of TLS protocol, using OpenSSL as an example, cover the advantages and motivation for kernel TLS (KTLS) and later will dive in to the implementation. One of the major advantages of KTLS is the ability to offload TLS symmetric crypto processing to the network device. This talk will cover TLS hardware offload approaches, like TOE and inline TLS acceleration. We will close with some performance numbers comparing OpenSSL, KTLS and hardware offloaded TLS with data taken from Netflix servers. Drew Gallatin Drew started working on FreeBSD at Duke in the 90s, and was one of the people behind the FreeBSD/alpha port. He worked on zero-copy TCP optimizations for FreeBSD and was sending data at over 1Gb/s before gigabit Ethernet was generally available. He spent a decade at Myricom, optimizing their drivers. After a brief hiatus at Google, he landed at Netflix, where he works on optimizing the FreeBSD kernel and network stack for content delivery. He worked on the optimizations to serve unencrypted Netflix traffic at 100Gb/s, and then on more optimizations to send encrypted traffic at 100Gb/s.
  • EuroBSDCon 2019, Lillehammer: Rust: Systems Programmers Can Have Nice Things - Arun Thomas (0:39:02)
  • NUUG
  • Arun Thomas presents. Rust is a new programming language, originally from Mozilla, that combines the safety and productivity of a high-level language with the performance and low-level control of a traditional systems language. Rust achieves this combination through clever and pragmatic programming language design — along with awesome tooling and libraries. In this talk, I will dive into the features that make Rust the right choice for 21st-century systems programming. I will give a general introduction to the language and an overview of the Rust ecosystem. I will also walk through the process of developing Rust on BSD. Arun Thomas Arun Thomas is an operating systems researcher and an open source developer. He got his first taste of BSD in 2002. Arun is a Principal Scientist at Draper Laboratory. At Draper, Arun leads the DARPA-funded SSITH/HOPE project, a research collaboration with the University of Pennsylvania, MIT, PSU, INRIA, Dover Microsystems, and Dornerworks to develop a hardware security architecture that enables flexible, verified policy enforcement on RISC-V. Recently, he has been exploring the use of Rust as a foundational technology for building secure systems. Arun has spoken about systems programming topics at ARM TechCon, the Embedded Systems Conference (ESC), BSDCan, EuroBSDcon, BSDTW, FOSDEM, Systems We Love, the RISC-V Workshop, and the Oxidize Embedded Rust Conference.
  • EuroBSDCon 2019, Lillehammer: OpenBSD: Add VMM to Packer - Phillip Buehler (0:43:23)
  • NUUG
  • OpenBSD: add VMM to ‘packer’ The sysadmin view of virtualization usually starts at a hypervisor running some kind of “image”. Packer is a framework to create such an image using various host and virtualized operating systems and adding some more bolts. This talk shows the efforts and pitfalls of building a plugin for packer using the VMM framework on OpenBSD. Some details go down the rabbit hole (or reducing it) to provide a Go binary runnable as a plugin. For ease of installation, the ways how to package this as an OpenBSD ‘port’ are shown. On top a bigger picture is provided on how to provide configurable OpenBSD images “at scale” by using the above accomplishments. Philipp Buehler Philipp uses Unix since mid 1990s and OpenBSD since 2000. Born and working in Germany mainly in Unix/Linux/BSD areas including ISP services and networking. Been an OpenBSD developer from 2002 to 2005, trying to cleanup and test pf(4). Co-founder of sysfive.com GmbH having the technical lead in designing and operating FOSS-based business plattforms.
  • EuroBSDCon 2019, Lillehammer: Paul Vixie talks about DNS over HTTPS (0:54:11)
  • NUUG
  • Paul Vixie was responsible for BIND from 1989 to 1999, and is the author of a dozen or so IETF RFC documents about DNS. He also started the first anti-spam company (MAPS) where he co-invented the DNS RBL (Realtime Blackhole List), and was the founder and later president of the first U.S.-based commercial Internet Exchange (PAIX). Today he serves as CEO of Farsight Security, home of the Security Information Exchange (SIE) and the world’s leading Passive DNS database (DNSDB). He wrote the Cron software used on all UNIX-type computers today. He is also co-inventor of the DNS Response Rate Limiting (RRL) and Response Policy Zone (RPZ) feature-sets now in wide use to protect the operational Internet Domain Name System against online attacks. He received his Ph.D. from Keio University in 2011, and was inducted into the Internet Hall of Fame in 2014.
  • EuroBSDCon 2019, Lillehammer: Embedded Ethics - Patricia Aas (0:46:41)
  • NUUG
  • Patricia is a programmer who has worked mostly in C++ and Java. She has spent her career continuously delivering from the same code-base to a large user base, from working on two browsers (Opera and Vivaldi), to working on embedded telepresence endpoints for Cisco. She is focused on the maintainability and flexibility of software architecture, and how to extend it to provide cutting edge user experiences. Her focus on the end users has led her work more and more toward privacy and security, and she has recently started her own company, TurtleSec, hoping to contribute positively to the infosec and C++ communities. She is also involved in the #includeC++ organization hoping to improve diversity and inclusion in the C++ community
  • FSCONS 2017 - Devyn Remme - New Materialism (0:37:57)
  • NUUG
  • The popular narrative of salvation through technological innovation is comfortable because it doesn't confront the institutionalized inequalities, abuses, and violence endemic to modernity’s strategic relations of power and production. The dominant discourse assimilates the values and goals of sustainability with the mainstream economic paradigm of growth, and relies on technoscientific innovation to achieve these goals. Advocates for framing sustainability as a problem which can be described, confronted and resolved with technology and innovation argue that there is a need for a steady growth in consumption which can only be sustained by the drive of innovation. A key tenet of neoliberal economic theory is the push to privitize everything. The commons represent an increasingly contested site. It is our task to prevent the capture of the commons by private advantage both in material and digital spaces and corridors. Recorded by NUUG for FSCONS.
  • FSCONS 2017 - Gustav Eek - Communication Infrastructure - a form of resistance (0:38:52)
  • NUUG
  • In this lecture the democratic principles of Fripost, the free email association (founded in 2010) will be presented. Infrastructure for electronic communication will be resembled with a common good (a resource). That using a critique of the public–private dichotomy, and the tragedy of the commons. I will then demonstrate how also complicated resources can (and must) be made subject to democratic control. The importance of Internet as communication medium can not be questioned. For those who take user freedom seriously it is saddening to see how the Internet has changed from being a common and highly distributed network to the increasingly privatised web we encounter today. In this lecture I will present the democratic principles of Fripost, the free email association which was founded as a reaction to that development. I will resemble infrastructure for electronic communication with a common good (a resource), and I will demonstrate how also complicated resources can (and must) be made subject to democratic control. Fripost and its foundation and democratic principals has been presented several times since its constitution in 2010, also at FSCONS. This is why the lecture also will take a different and broader stand, inspired by some recent readings. The Fripost initative will also be put in context of local struggles with global implication. In short, the idea that every resource needs an single responsible and managing owner is unsatisfactory as well as the dichotomy public–private. What is not managed can not yield profit. But some things are to important even to be managed. Naturally this touches on a critique (which has been presented many times before) of Hardin’s classical tragedy of the commons. Regarding the enclosure of the commons, management in it self causes the scarcity, The commons are not scarce resources that requires management. See ref url for further details. Recorded by NUUG for FSCONS.
  • FSCONS 2017 - Joakim Lundborg - Why we need free password managers (0:17:13)
  • NUUG
  • This talk will be about my experience building uis for the pass password manager, and some related concerns: * Why usability is a security feature *The need for free software password manages * Can this be a path to drive GPG adoption? Recorded by NUUG for FSCONS. https://github.com/cortex/gopass https://github.com/cortex/ripasso Recorded for FSCONS by NUUG.
  • FSCONS 2017 - Bradley Kuhn - The Crumbling Intellectual Infrastructure of Free Software & Free Culture Licensing (0:50:44)
  • NUUG
  • The license-importance-divide seems almost generational: the older generation cares about licenses and the younger generation does not. Yet, the historical focus on licensing in Free Software and Free Culture, while occasionally prone to pedantry to a degree only software developers can love, stemmed from serious governance considerations regarding how community members interact. Most importantly, a license choice of the project bears more heavily than any other decision on the inherent power dynamics that occur within a Free Software or Free Culture community. This talk explores both the historical motivations and modern reactions to licensing matters, and digs deep into understanding how the plethora of policy decisions around licensing, including not just the main license choice, but also CLAs, CAAs, promise documents, and even license bullying tactics, have impacted Open Source, Free Software, and Free Culture communities for both good and ill. The structure of Free licensing, which formed the bedrock for Free Software and Free Culture, remains more fragile than most people realize. With the advent of for-profit corporate interest in leveraging community-created freely licensed works, a fervor of excited community response to such interest has weakened community social structures. These structures, which historically supplemented the legally-backed licensing infrastructure to assure community resilience. Changes in both cultural perception and licensing education will likely be necessary to help rebuild these crumbling foundations. Recorded for FSCONS by NUUG.
  • FSCONS 2017 - Petter Joelson - Digidem Lab -- bringing together hackers and activists for social change (0:38:35)
  • NUUG
  • We live in a turbulent time, where many countries in Europe face the long term effects of austerity, the rising threat of right wing populism and a lack of or deteriorating trust in political process or impact. But in places like Iceland and Spain this trend has partly been countered thanks to collaboration between social movements and the civic tech community, by creating new forms of direct democratic participation with digital tools. In the workshop we explore successful examples of digital democracy projects and their relevance to our Nordic countries. How can we change the political landscape by a more extensive engagement in new technology for participation and how do we best collaborate between hackers and social movements? Digidem Lab is a new space in Gothenburg, Sweden, where young people come together to develop tech products for participation, as well as promoting and building on existing tools. We work in cooperation with social movements and bring together young activists, developers, designers and anyone who believes another world is possible. We believe new forms of participation need to come from below and spread to all sectors of society.
  • FSCONS 2017 - Patrice Riemens - Cryptocurrency meets Universal Basic Income (0:41:30)
  • NUUG
  • The concept of an Universal, unconditional Basic Income (UBI) is getting increasing traction in many political and economic circles, this in view of the major ('disruptive') changes society in general and the 'labor market' in particular are set to experience in the (very) near future. Though in its essence absurdly simple - the name says it all - UBI forms a complex tangle of issues, and is the subject of fierce debate. Demands for UBI are an outcome of a general discontent with the present dispensation and especially the role of finance in it. UBI also narrowly connects with the rise of a new - 'and dangerous' social class-in-forming (-Guy Standing): the 'Precariat.' Some developers of cryptocurrencies, often also members of the precariat themselves (even if the upper tier of it) -- being by definition adverse to the existing forms of (fiat) money, by now the private property of 'banksters' -- view UBI as being a uniquely appropriate platform to push thru the monetary transformation they envisage, by advocating to pay it out in (their) cryptocurrency . One of these cryptocurrencies, Duniter (1,2), even makes its own existence more or less contingent upon the existence of UBI. I am not so sure this is a good idea, and this has to do with the still unresolved, and, immo, quite fundamental problems with the 'usability' of cryptocurrencies with the population at large, and the likewise largely unresolved economic issues with the concept of cryptocurrency itself in general. Since doubt expresses uncertainty and a wish to discuss, I want to format my talk, just like I did when I discussed Bitcoin at the Göteborg FSCONS in 2015, as a dialogue with the audience, and then especially with the potentially 'tech solutionist' component in it. (1) https://duniter.org/en/presentation/ (2) http://basicincome.org/news/2017/01/interview-time-digital-basic-income/ Recorded for FSCONS by NUUG.
  • FSCONS 2017 - Vladan Joler - Networks of Metal, Sweat and Neurons (0:50:59)
  • NUUG
  • We will explore how they defined new forms of labor, exploitation and generation of enormous amount of wealth and power for their owners creating a deep economic gap between the ones who own and control the means of production and others who often live below the poverty line. We will explore different forms of immaterial labor, but also forms of hard physical labor and exploitation hidden behind fractal supply chains and invisible infrastructures of contemporary capitalism. Recorded for FSCONS by NUUG.
  • FSCONS 2017 - Maria Xynou - Collect evidence of Internet Censorship (1:07:18)
  • NUUG
  • Since 2012, the Open Observatory of Network Interference (OONI) project has been invesnsorship around the world. OONI's network measurement software has shed light on many scary, yet interein how information controls are being deployed. From Deep Packet Inspection (DPI) technology being used to block media websites during heavy political protests, to country-wide internet blackouts during elections and other events. This talk will highlight some of the most striking internet censorship events that have been detected by OONI over the last years, and will include a discussion of their relation and relevance to social and political events. This talk will also explain how you can take action to uncover evidence of internet censorship in your country and beyond. Recorded by NUUG for FSCONS.
  • Machine Learning for Security - Alan Saied (0:47:37)
  • NUUG
  • The ability to mathematically classify patterns, predict events and/or identify abnormalities within a wide range of data is known as Machine Learning. For the purpose of this conference , we explain the power of data and how it can be used with Machine Learning models to identify abnormal behaviour within complex environments. We also explain the ingredients and the steps required to build a Machine Learning models to serve security tasks. This will further be followed by its complications in terms of false positives, accuracy of detection and validity of model and how this can be improved. Recorded at the OWASP Norway Day by NUUG.
  • What We’ve Learned From Billions of Security Reports - Scott Helme (0:59:29)
  • NUUG
  • Running one of the largest security reporting platforms of its kind, we handle billions of security reports for our customers every single month. Come and learn how we've scaled from handling 10,000 reports per month to 10,000 reports per second and the many evolutions our infrastructure has gone through. Alongside that come and see how, with our bird’s-eye view of such a diverse ecosystem, we’ve helped identify malware in a multinational organisation, had a malicious browser plugin taken down and much more! Recorded at the OWASP Norway Day by NUUG.
  • FSCONS 2017 - Trust, Elections and Twitter - Patricia Aas (1:04:06)
  • NUUG
  • What happened from beginning to end. What made the news and what didn't. How did it feel to be in it and how I was treated by the public, by the government and by the media. How transparency and suspiciousness is fundamental to an election system and how the lack of transparency drove me to dig further into the ballot counting system in Norway.