Videos from NUUG

Forening NUUG er for alle som er interessert i fri programvare, åpne standarder og Unix-lignende operativsystemer.

Visit web pages for NUUG

  • EuroBSDCon 2019, Lillehammer: Advanced ports toolkit: near-perfect packing-list generation - Marc Espie (0:40:42)
  • NUUG
  • The OpenBSD ports tree uses an unique approach. Instead of ad-hoc scripts that manipulate textual information, we do have a semantic parser that creates objects for each element in the plist. The last year saw a complete rewrite of the most complicated piece of machinery, namely update-plist. There are lots of interesting challenges, specifically how to write a generic tool that will handle all the semantic annotations that currently figure in packing-lists with minimal special-casing: variables that expand to nothing for some flavors, ambiguous variable expansions, directories that may not exist for python2 ports, automatic dispatching to the right subpackage and fragment, shared libraries, smart file type handling for libraries, icon themes, etc Before and after comparison shows a new tool that requires minimal human intervention (perfect packing-list re-generation in over 95% of the cases), where the old update-plist required hand-holding over half the time. Marc Espie Researcher/Teacher in development security at Epita. Architect of the OpenBSD packages and ports system.
  • EuroBSDCon 2019, Lillehammer: NUMA Optimizations in the FreeBSD Network Stack - Drew Gallatin (0:40:30)
  • NUUG
  • will discuss optimizations to keep network connections and their resources local to NUMA domains. These changes include: Allocating NUMA local memory to back files sent via sendfile(9). Allocating NUMA local memory for Kernel TLS crypto buffers. Directing connections to TCP Pacers and kTLS workers bound to the local domain. Directing incoming connections to Nginx workers bound to the local domain via modifications to SO_REUSEPORT_LB listen sockets. I will present data from real Netflix servers showing an improvement of almost 2x on AMD EPYC (85Gbs - 165Gbs), and 1.3x on Intel Xeon (140Gb/s - 180Gbs). I will present data from the Xeon system showing a 50% reduction in cross-domain traffic. Drew Gallatin Drew started working on FreeBSD at Duke in the 90s, and was one of the people behind the FreeBSD/alpha port. He worked on zero-copy TCP optimizations for FreeBSD and was sending data at over 1Gb/s before gigabit Ethernet was generally available. He spent a decade at Myricom, optimizing their drivers. After a brief hiatus at Google, he landed at Netflix, where he works on optimizing the FreeBSD kernel and network stack for content delivery. He worked on the optimizations to serve unencrypted Netflix traffic at 100Gb/s, and then on more optimizations to send encrypted traffic at 100Gb/s.
  • EuroBSDCon 2019, Lillehammer: Wireless Fidelity with bwfm(4) - Patrick Wildt (0:41:50)
  • NUUG
  • The Broadcom Wireless FullMAC chip has been one of the biggest hurdles in properly supporting Apple MacBooks in the recent years. But that has not been the only place where this chip has popped up. bwfm(4) is a new OpenBSD driver that supports these chips and was also ported to NetBSD. This talks gives an overview of the chip, an in-depth view into how one communicates with the chip on the three different supported busses, and the higher layer protocol that’s being run on top. It also shows issues properly combining the driver with the OpenBSD net80211 stack, which isn’t written to handle FullMACs. The talk also shows the Firmware and NVRAM distribution issues.
  • EuroBSDCon 2019, Lillehammer: KernelTLS - Hans Petter Selasky, Drew Gallatin (0:43:16)
  • NUUG
  • Kernel TLS and TLS hardware offload TLS (Transport Layer Security) is a widely-deployed network protocol used for providing cryptographically proven security and authentication of TCP sessions. A kernel implementation of TLS will provide access to TLS hardware offload, ability to access unencrypted bytes of data in the kernel, and a reduction in copies to and from userspace by allowing the use of the sendfile(9) system call for TLS encrypted data. This talk will start from explaining the basics of TLS protocol, using OpenSSL as an example, cover the advantages and motivation for kernel TLS (KTLS) and later will dive in to the implementation. One of the major advantages of KTLS is the ability to offload TLS symmetric crypto processing to the network device. This talk will cover TLS hardware offload approaches, like TOE and inline TLS acceleration. We will close with some performance numbers comparing OpenSSL, KTLS and hardware offloaded TLS with data taken from Netflix servers. Drew Gallatin Drew started working on FreeBSD at Duke in the 90s, and was one of the people behind the FreeBSD/alpha port. He worked on zero-copy TCP optimizations for FreeBSD and was sending data at over 1Gb/s before gigabit Ethernet was generally available. He spent a decade at Myricom, optimizing their drivers. After a brief hiatus at Google, he landed at Netflix, where he works on optimizing the FreeBSD kernel and network stack for content delivery. He worked on the optimizations to serve unencrypted Netflix traffic at 100Gb/s, and then on more optimizations to send encrypted traffic at 100Gb/s.
  • EuroBSDCon 2019, Lillehammer: Rust: Systems Programmers Can Have Nice Things - Arun Thomas (0:39:02)
  • NUUG
  • Arun Thomas presents. Rust is a new programming language, originally from Mozilla, that combines the safety and productivity of a high-level language with the performance and low-level control of a traditional systems language. Rust achieves this combination through clever and pragmatic programming language design — along with awesome tooling and libraries. In this talk, I will dive into the features that make Rust the right choice for 21st-century systems programming. I will give a general introduction to the language and an overview of the Rust ecosystem. I will also walk through the process of developing Rust on BSD. Arun Thomas Arun Thomas is an operating systems researcher and an open source developer. He got his first taste of BSD in 2002. Arun is a Principal Scientist at Draper Laboratory. At Draper, Arun leads the DARPA-funded SSITH/HOPE project, a research collaboration with the University of Pennsylvania, MIT, PSU, INRIA, Dover Microsystems, and Dornerworks to develop a hardware security architecture that enables flexible, verified policy enforcement on RISC-V. Recently, he has been exploring the use of Rust as a foundational technology for building secure systems. Arun has spoken about systems programming topics at ARM TechCon, the Embedded Systems Conference (ESC), BSDCan, EuroBSDcon, BSDTW, FOSDEM, Systems We Love, the RISC-V Workshop, and the Oxidize Embedded Rust Conference.
  • EuroBSDCon 2019, Lillehammer: OpenBSD: Add VMM to Packer - Phillip Buehler (0:43:23)
  • NUUG
  • OpenBSD: add VMM to ‘packer’ The sysadmin view of virtualization usually starts at a hypervisor running some kind of “image”. Packer is a framework to create such an image using various host and virtualized operating systems and adding some more bolts. This talk shows the efforts and pitfalls of building a plugin for packer using the VMM framework on OpenBSD. Some details go down the rabbit hole (or reducing it) to provide a Go binary runnable as a plugin. For ease of installation, the ways how to package this as an OpenBSD ‘port’ are shown. On top a bigger picture is provided on how to provide configurable OpenBSD images “at scale” by using the above accomplishments. Philipp Buehler Philipp uses Unix since mid 1990s and OpenBSD since 2000. Born and working in Germany mainly in Unix/Linux/BSD areas including ISP services and networking. Been an OpenBSD developer from 2002 to 2005, trying to cleanup and test pf(4). Co-founder of sysfive.com GmbH having the technical lead in designing and operating FOSS-based business plattforms.
  • EuroBSDCon 2019, Lillehammer: Paul Vixie talks about DNS over HTTPS (0:54:11)
  • NUUG
  • Paul Vixie was responsible for BIND from 1989 to 1999, and is the author of a dozen or so IETF RFC documents about DNS. He also started the first anti-spam company (MAPS) where he co-invented the DNS RBL (Realtime Blackhole List), and was the founder and later president of the first U.S.-based commercial Internet Exchange (PAIX). Today he serves as CEO of Farsight Security, home of the Security Information Exchange (SIE) and the world’s leading Passive DNS database (DNSDB). He wrote the Cron software used on all UNIX-type computers today. He is also co-inventor of the DNS Response Rate Limiting (RRL) and Response Policy Zone (RPZ) feature-sets now in wide use to protect the operational Internet Domain Name System against online attacks. He received his Ph.D. from Keio University in 2011, and was inducted into the Internet Hall of Fame in 2014.
  • EuroBSDCon 2019, Lillehammer: Embedded Ethics - Patricia Aas (0:46:41)
  • NUUG
  • Patricia is a programmer who has worked mostly in C++ and Java. She has spent her career continuously delivering from the same code-base to a large user base, from working on two browsers (Opera and Vivaldi), to working on embedded telepresence endpoints for Cisco. She is focused on the maintainability and flexibility of software architecture, and how to extend it to provide cutting edge user experiences. Her focus on the end users has led her work more and more toward privacy and security, and she has recently started her own company, TurtleSec, hoping to contribute positively to the infosec and C++ communities. She is also involved in the #includeC++ organization hoping to improve diversity and inclusion in the C++ community
  • My personal fight against the modern laptop - Hamish Coleman (0:50:41)
  • NUUG
  • Hamish Coleman presents. This talk will take you through some tools and techniques I used to reverse engineer the keyboard controller in my Thinkpad x230 laptop. I was driven to start this project when the laptops currently on sale just did not meet my requirements. Even the durable Thinkpad laptops I preferred in the past are being dumbed down. Eventually, I will need a new laptop - and with the available offerings, I just do not want anything that currently can be purchased off the shelf. To keep the project achievable, I reduced my gripes to just the keyboard - asking the question: "Can I shoehorn an older keyboard in a modern laptop?" Taking you through UEFI, ARCompact CPUs, Firmware Reversing, big structure dumping, SMM and custom virtual machines to answer that with "maybe." I hope to inspire others to address their hardware gripes too - and offer some tools and the confidence that they can.
  • FSCONS 2017 - Eireann 'bsb' Leverett - Untapped Malicious Potential (0:43:13)
  • NUUG
  • Sounds crazy to even try to estimate right? This presentation will cover the details of the calculation, and how we can track these numbers over time. We will also do some visualisation of this data and initiate discussion of where our resources should be spent best in fighting the threat of rDDoS attacks. The key contribution is an extensible methodology for measuring global potential for rDDoS attacks, in realistic terms of throughput. Why might this matter to DDoS mitigation, and what can we learn by watching these trends over time? Recorded by NUUG for FSCONS.
  • FSCONS 2017 - Devyn Remme - New Materialism (0:37:57)
  • NUUG
  • The popular narrative of salvation through technological innovation is comfortable because it doesn't confront the institutionalized inequalities, abuses, and violence endemic to modernity’s strategic relations of power and production. The dominant discourse assimilates the values and goals of sustainability with the mainstream economic paradigm of growth, and relies on technoscientific innovation to achieve these goals. Advocates for framing sustainability as a problem which can be described, confronted and resolved with technology and innovation argue that there is a need for a steady growth in consumption which can only be sustained by the drive of innovation. A key tenet of neoliberal economic theory is the push to privitize everything. The commons represent an increasingly contested site. It is our task to prevent the capture of the commons by private advantage both in material and digital spaces and corridors. Recorded by NUUG for FSCONS.
  • FSCONS 2017 - Pål Taule Bentebråten - Towards a Global Cryptocurrency Infrastructure: A Revolutionary Sharing Economy (0:37:50)
  • NUUG
  • Yesterday we bartered with favors. If you do something for me, I will do something for you in return. Today giant tech companies has commercialised the favor for a favor economy. They have built strong platforms with algorithms to match two parties in a market. Uber matches drivers with people that need a ride, AirBnB matches people that are in need of a place to stay with people that are renting out their apartments. They call this the sharing economy, but there is no such thing as sharing in it. Tomorrow, we will build the true sharing economy on decentralized platforms that is owned by the people and not giant tech corporations. We will build platforms where the value is not extracted by a third party, but distributed right back into the network. We will build bottom up organizations with structures of collaboration and sharing rather than top down hierarchies of command and control. * A brief history of the sharing economy * How the sharing economy works today * How blockchain can transform the sharing economy * Hurdles ahead, challenges of using blockchains * Think big, think ahead, see a world of opportunities How cryptocurrencies can enable a true sharing economy. Challenges ahead: Infrastructure and global adoption Regulation vs Innovation What’s next? Universal Basic Income (UBI) A decentralized Internet Nexus Filmed by NUUG for FSCONS.
  • FSCONS 2017 - Jérémie Zimmermann - Love Against the Machine (0:48:17)
  • NUUG
  • An open discussion as an attempt at building a common understanding and a narrative around the questions of technological colonialism, the loss of control over our devices, and the need to rethink the way we liberate our computing. Computers changed over the last 20 years, from friendly machines we could understand, control and improve upon to black-boxed prisons designed at controlling us. How come we are now an increasing number to *hate* these machines, when we remember a past in which we used to passionately love them? From mobile computers (aka "smartphones") containing black-boxed baseband processors enabling remote control, and kicking the user away from properly owning his device, to generalized Intel CPUs and their "Management Engine" providing also a way for "real masters" of our machines to monitor and control all we do online, the age of the technological optimism is long gone. It is almost impossible today to buy a computer that isn't designed and built as an enemy of its user. This shift of modern computing towards "enemy machines" has a profound impact on geopolitics (think "Trump's NSA"), on power relationships (think "We know what you did online for the last 15 years") but also on our humanities and the way we relate to each other: If I cannot understand how a machine works, how will I ever improve it? How will I ever have a chance to participate in a society run by such black boxes? This open discussion will offer an attempt at a narrative to help us (re)frame the issues surrounding Free/Libre software, and the way we participate in these projects. From a purely technological perspective to a holistic vision based on understanding the ways we interact with each other, at large. Recorded by NUUG for FSCONS.
  • FSCONS 2017 - Karl Trygve Kalleberg - Taking back control of the software running on your hardware (0:43:49)
  • NUUG
  • Open technology is a fantastically appealing dream. Here in the real world, however, many of us struggle to get by with the increasingly closed platforms that define our digital life. In this talk, we discuss how to combat closed technology with open technology, through the supernerdy activity of reverse engineering.g is just a fancy name for taking things apart to understand how they work. We demonstrate how this can be done to closed-source software running on various different platforms. As part of our demonstration, we cover a handful of topics relevant for the intrepid hacktivist who wants to survive in the age of gated communities: * investigative capabilities available on closed mobile platforms (focus on Android and IOS) * trends in application sandboxing and digital rights management * gotchas of interoperating with proprietary protocols We’ll approach these topics through a series of adventures on the console, alongside our favourite traveling companion: Frida. She’s an awesome (libre!) tool for inject JavaScript to explore native apps on Windows, macOS, Linux, iOS, Android, and QNX. The examples throughout the talk may be somewhat technical, but taken from everyday examples most of the audience should be able to relate to. Even if programming and reverse engineering is not your thing, you still risk learning something by showing up. Recorded for FSCONS by NUUG.
  • FSCONS 2017 - Gustav Eek - Communication Infrastructure - a form of resistance (0:38:52)
  • NUUG
  • In this lecture the democratic principles of Fripost, the free email association (founded in 2010) will be presented. Infrastructure for electronic communication will be resembled with a common good (a resource). That using a critique of the public–private dichotomy, and the tragedy of the commons. I will then demonstrate how also complicated resources can (and must) be made subject to democratic control. The importance of Internet as communication medium can not be questioned. For those who take user freedom seriously it is saddening to see how the Internet has changed from being a common and highly distributed network to the increasingly privatised web we encounter today. In this lecture I will present the democratic principles of Fripost, the free email association which was founded as a reaction to that development. I will resemble infrastructure for electronic communication with a common good (a resource), and I will demonstrate how also complicated resources can (and must) be made subject to democratic control. Fripost and its foundation and democratic principals has been presented several times since its constitution in 2010, also at FSCONS. This is why the lecture also will take a different and broader stand, inspired by some recent readings. The Fripost initative will also be put in context of local struggles with global implication. In short, the idea that every resource needs an single responsible and managing owner is unsatisfactory as well as the dichotomy public–private. What is not managed can not yield profit. But some things are to important even to be managed. Naturally this touches on a critique (which has been presented many times before) of Hardin’s classical tragedy of the commons. Regarding the enclosure of the commons, management in it self causes the scarcity, The commons are not scarce resources that requires management. See ref url for further details. Recorded by NUUG for FSCONS.
  • FSCONS 2017 - Joakim Lundborg - Why we need free password managers (0:17:13)
  • NUUG
  • This talk will be about my experience building uis for the pass password manager, and some related concerns: * Why usability is a security feature *The need for free software password manages * Can this be a path to drive GPG adoption? Recorded by NUUG for FSCONS. https://github.com/cortex/gopass https://github.com/cortex/ripasso Recorded for FSCONS by NUUG.
  • FSCONS 2017 - Bradley Kuhn - The Crumbling Intellectual Infrastructure of Free Software & Free Culture Licensing (0:50:44)
  • NUUG
  • The license-importance-divide seems almost generational: the older generation cares about licenses and the younger generation does not. Yet, the historical focus on licensing in Free Software and Free Culture, while occasionally prone to pedantry to a degree only software developers can love, stemmed from serious governance considerations regarding how community members interact. Most importantly, a license choice of the project bears more heavily than any other decision on the inherent power dynamics that occur within a Free Software or Free Culture community. This talk explores both the historical motivations and modern reactions to licensing matters, and digs deep into understanding how the plethora of policy decisions around licensing, including not just the main license choice, but also CLAs, CAAs, promise documents, and even license bullying tactics, have impacted Open Source, Free Software, and Free Culture communities for both good and ill. The structure of Free licensing, which formed the bedrock for Free Software and Free Culture, remains more fragile than most people realize. With the advent of for-profit corporate interest in leveraging community-created freely licensed works, a fervor of excited community response to such interest has weakened community social structures. These structures, which historically supplemented the legally-backed licensing infrastructure to assure community resilience. Changes in both cultural perception and licensing education will likely be necessary to help rebuild these crumbling foundations. Recorded for FSCONS by NUUG.
  • FSCONS 2017 - Petter Joelson - Digidem Lab -- bringing together hackers and activists for social change (0:38:35)
  • NUUG
  • We live in a turbulent time, where many countries in Europe face the long term effects of austerity, the rising threat of right wing populism and a lack of or deteriorating trust in political process or impact. But in places like Iceland and Spain this trend has partly been countered thanks to collaboration between social movements and the civic tech community, by creating new forms of direct democratic participation with digital tools. In the workshop we explore successful examples of digital democracy projects and their relevance to our Nordic countries. How can we change the political landscape by a more extensive engagement in new technology for participation and how do we best collaborate between hackers and social movements? Digidem Lab is a new space in Gothenburg, Sweden, where young people come together to develop tech products for participation, as well as promoting and building on existing tools. We work in cooperation with social movements and bring together young activists, developers, designers and anyone who believes another world is possible. We believe new forms of participation need to come from below and spread to all sectors of society.
  • FSCONS 2017 - Patrice Riemens - Cryptocurrency meets Universal Basic Income (0:41:30)
  • NUUG
  • The concept of an Universal, unconditional Basic Income (UBI) is getting increasing traction in many political and economic circles, this in view of the major ('disruptive') changes society in general and the 'labor market' in particular are set to experience in the (very) near future. Though in its essence absurdly simple - the name says it all - UBI forms a complex tangle of issues, and is the subject of fierce debate. Demands for UBI are an outcome of a general discontent with the present dispensation and especially the role of finance in it. UBI also narrowly connects with the rise of a new - 'and dangerous' social class-in-forming (-Guy Standing): the 'Precariat.' Some developers of cryptocurrencies, often also members of the precariat themselves (even if the upper tier of it) -- being by definition adverse to the existing forms of (fiat) money, by now the private property of 'banksters' -- view UBI as being a uniquely appropriate platform to push thru the monetary transformation they envisage, by advocating to pay it out in (their) cryptocurrency . One of these cryptocurrencies, Duniter (1,2), even makes its own existence more or less contingent upon the existence of UBI. I am not so sure this is a good idea, and this has to do with the still unresolved, and, immo, quite fundamental problems with the 'usability' of cryptocurrencies with the population at large, and the likewise largely unresolved economic issues with the concept of cryptocurrency itself in general. Since doubt expresses uncertainty and a wish to discuss, I want to format my talk, just like I did when I discussed Bitcoin at the Göteborg FSCONS in 2015, as a dialogue with the audience, and then especially with the potentially 'tech solutionist' component in it. (1) https://duniter.org/en/presentation/ (2) http://basicincome.org/news/2017/01/interview-time-digital-basic-income/ Recorded for FSCONS by NUUG.
  • FSCONS 2017 - Vladan Joler - Networks of Metal, Sweat and Neurons (0:50:59)
  • NUUG
  • We will explore how they defined new forms of labor, exploitation and generation of enormous amount of wealth and power for their owners creating a deep economic gap between the ones who own and control the means of production and others who often live below the poverty line. We will explore different forms of immaterial labor, but also forms of hard physical labor and exploitation hidden behind fractal supply chains and invisible infrastructures of contemporary capitalism. Recorded for FSCONS by NUUG.
  • FSCONS 2017 - Maria Xynou - Collect evidence of Internet Censorship (1:07:18)
  • NUUG
  • Since 2012, the Open Observatory of Network Interference (OONI) project has been invesnsorship around the world. OONI's network measurement software has shed light on many scary, yet interein how information controls are being deployed. From Deep Packet Inspection (DPI) technology being used to block media websites during heavy political protests, to country-wide internet blackouts during elections and other events. This talk will highlight some of the most striking internet censorship events that have been detected by OONI over the last years, and will include a discussion of their relation and relevance to social and political events. This talk will also explain how you can take action to uncover evidence of internet censorship in your country and beyond. Recorded by NUUG for FSCONS.