WEBVTT

00:00.000 --> 00:10.680
All right, sorry for these slight delay in starting. Welcome to Lightning Lightning Talks.

00:10.680 --> 00:21.480
We have a set of very nice speakers who will speak for no more than 256 seconds. Yeah,

00:21.480 --> 00:25.200
and he over to you, he's guys.

00:25.200 --> 00:27.640
Thank you.

00:27.640 --> 00:31.480
My name is Salon Wilson. I'm part of the Permanent Racco Community.

00:31.480 --> 00:39.160
I've been at the stand in Billing K and you're still welcome, even it's only a few minutes left of the event.

00:39.160 --> 00:42.880
I'm here to present a contributing animal to you.

00:42.880 --> 00:47.040
But Piotr here is also here.

00:47.040 --> 00:52.720
Hi, I'm Piotr Carbash. I'm a part of the Apache Software Foundation.

00:52.720 --> 00:57.520
I work mostly on Apache the Khojai in common.

00:57.520 --> 01:05.440
So contributing animal, the question here of most of us who have been involved in open

01:05.440 --> 01:11.480
sources, I didn't help with my project, but this stuff that I don't know how to do.

01:11.480 --> 01:16.040
I can code, but I would love to have a website.

01:16.080 --> 01:19.720
I can make up, but it's kind of finding speakers.

01:19.720 --> 01:22.720
I'd like a logo for my project.

01:22.720 --> 01:26.200
I need help with translating and internationalization.

01:26.200 --> 01:29.360
Lots of types of problems.

01:29.360 --> 01:35.000
And we have a file out there in use called contributing.markdown.

01:35.000 --> 01:40.240
That covers how to do some contributions, but it doesn't go into details.

01:40.240 --> 01:46.360
Are we thinking, could we make this machine readable and add something extra in it?

01:46.360 --> 01:52.360
OK, so we changed the extension and call it contributing.jama.

01:52.360 --> 01:57.920
So what we want to do with this is help maintain this community kit, their project status,

01:57.920 --> 02:02.640
their support intentions, and their support needs.

02:02.640 --> 02:11.520
So by project status, we mean active archive, done, abandoned, adoptable, stuff that

02:11.520 --> 02:16.440
you're already finding some ecosystems, some of the statesmen can be done, but no, my

02:16.440 --> 02:17.440
trainer.

02:17.440 --> 02:22.040
Of course, I maintain and we will not say it's abandoned.

02:22.040 --> 02:28.360
With intentions, we could explicitly state that, yes, this project is actually maintained,

02:28.400 --> 02:33.880
or say something about how much it is maintained, casually, or not at all, or we only

02:33.880 --> 02:39.880
do security fixes, or this actually commercial support, or anything else that would

02:39.880 --> 02:43.720
be of that kind.

02:43.720 --> 02:52.320
By support needs, means everything that project can need besides code contributions like

02:52.320 --> 02:59.320
code review, community building, bug, and even security triage, graphic design, writing

02:59.320 --> 03:07.040
articles, mentoring, summer of code, and many, many more.

03:07.040 --> 03:14.080
This is actually part of a specification and standard session track at Ekmo.

03:14.080 --> 03:22.680
We are part of the TC 54 track, we call contribution dot EAMO, and we are creating the

03:22.680 --> 03:26.800
Jason schema that describes this information.

03:26.800 --> 03:36.080
Yes, so the number, the code number is TC 54, TG4.

03:36.080 --> 03:44.040
So something we want to ask users is to give us their use cases and stories,

03:44.040 --> 03:53.840
yeah, if you ever wish to have some kind of help, we have already a lot of examples, but

03:53.840 --> 03:58.680
there are many activities out there, so if you have good use of stories and experiences

03:58.680 --> 04:02.880
in running Europe, a source community, please switch out and tell us some of your stories

04:02.880 --> 04:09.560
so we can put this into the specification.

04:09.560 --> 04:19.800
The way we work, we have a bit of meeting, EO, evening morning in the US, we work as

04:19.800 --> 04:28.400
internally on the second stack, right now we have a shared Google doc, but once we

04:28.400 --> 04:34.200
advance it a bit more, we give it on.

04:34.200 --> 04:36.360
So we would love to join you in this work.

04:36.360 --> 04:42.380
This is Ekmo right here, we are already a bunch of people here, myself and the filter

04:42.380 --> 04:47.080
is mentioned since we are on stage, but we have not so support from Steve Springell from

04:47.080 --> 04:52.760
Chris Amelie and the host of all the people, but while we have many experienced in

04:52.760 --> 04:57.920
board and we don't have the complete experience, and if you would like to help us, you're

04:57.920 --> 05:02.360
super welcome.

05:02.360 --> 05:17.440
Hello, I'm Akie Braun, I'm a repertoire on a couple of different standards for the CRA,

05:17.440 --> 05:21.560
I'm here to talk about false heard, false heard, I have overheard from false to attendees

05:21.560 --> 05:26.360
about the CRA, I'm not going to give you my whole bio because we don't have time.

05:26.360 --> 05:30.320
There's more slides than we can get through, I'm going to see if I can get to the bonus

05:30.320 --> 05:31.320
round.

05:31.320 --> 05:35.920
Okay, first of all we're going to start with just talking about open source projects generally.

05:35.920 --> 05:41.280
First of all, I'll have to pay a big fine if I open source project has a vulnerability

05:41.280 --> 05:43.360
that I haven't mitigated.

05:43.360 --> 05:49.000
Totally false because open source projects that are not part of a commercial activity

05:49.040 --> 05:54.160
are exempt from all that, you don't have to do anything, you can just keep doing what you're

05:54.160 --> 05:55.160
doing.

05:55.160 --> 05:58.600
All right, donations are sponsorships for my work in open source, makes me personally

05:58.600 --> 05:59.600
liable.

05:59.600 --> 06:05.320
As of us, you can take donations for your work in open source, and you can cover your

06:05.320 --> 06:10.520
costs, the distinction of where something becomes a product that's placed on the market

06:10.520 --> 06:15.280
has to do with whether or not there's real economic activity, so just getting donations

06:15.280 --> 06:19.000
and GitHub sponsors is not the same thing.

06:19.000 --> 06:22.840
My work, oh, this one, my work on open source projects, my employer won't let me do

06:22.840 --> 06:25.720
anymore because they don't want to have your responsible.

06:25.720 --> 06:33.040
The CRA is product-related, it's product safety legislation or regulation, so it's really

06:33.040 --> 06:36.240
about the product that's placed on the market, doesn't really have anything to do with

06:36.240 --> 06:41.960
the individual people who are interacting with it.

06:41.960 --> 06:45.880
Using my open source project means I have to do compliance documents, if anybody integrates

06:45.880 --> 06:46.880
it.

06:46.880 --> 06:49.600
This one, I think a lot of us have heard the story about Daniel from Curl who got this

06:49.600 --> 06:55.480
lengthy form sent to him by some big software company, because hey, you need to fill out

06:55.480 --> 07:01.920
all of this information about the security pusher of Curl, and you have to get to us

07:01.920 --> 07:08.240
in two weeks because we need to be CRA conformant, and no, he doesn't.

07:08.240 --> 07:11.280
They're not paying him, he is not placing a product on the market.

07:11.280 --> 07:16.320
They are choosing to integrate Curl, and so it's not really his problem.

07:16.320 --> 07:20.520
He could choose to do that, and I think it's going to be better for the whole ecosystem

07:20.520 --> 07:26.080
if we, as open source maintainers, do try to provide that information, but it's not his

07:26.080 --> 07:27.360
responsibility.

07:27.360 --> 07:32.320
I have to find an open source steward from my project, also false.

07:32.320 --> 07:38.280
If you have a big project with lots of contributors and lots of complication, you might benefit

07:38.320 --> 07:43.400
from having an open source steward for somebody who's around who's there to make sure

07:43.400 --> 07:50.040
that you have clear vulnerability reporting processes and vulnerability management, but

07:50.040 --> 07:53.240
you don't have to do that.

07:53.240 --> 07:56.520
I'll just be an open source steward, not that simple.

07:56.520 --> 08:02.120
You have to generally be a legal entity, open source steward isn't just like a person

08:02.120 --> 08:06.360
who decides, especially if you're a maintainer, just focus on being a maintainer.

08:07.320 --> 08:10.360
Oh, the CRA requires projects to follow specific processes.

08:10.360 --> 08:15.320
I heard somebody talking about how they're going to have to change all of their

08:15.320 --> 08:19.320
pull request review processes because the CRA said, so the CRA doesn't really care what

08:19.320 --> 08:23.640
your processes are, as long as your product is secure, that's what the CRA cares about.

08:23.640 --> 08:30.120
It's all about whether or not your product is secure, so if your pull request process right

08:30.120 --> 08:37.480
now involves not reviewing them, okay, yeah, you probably should, but like you should anyway,

08:37.480 --> 08:42.120
change your processes. It has nothing to do with the tax of the CRA.

08:43.880 --> 08:50.520
Okay, next, on to products. Any CVE, on the integrative components will set me up for a big

08:50.520 --> 08:56.520
fine. Everything about the CRA is risk based, so what you need to do is look at your own risks.

08:56.520 --> 09:00.920
So if you have a product that's integrated or a component, it's integrated into your product

09:00.920 --> 09:06.840
and has a really high score CVE, but that actually doesn't have any risk in relation to the

09:06.840 --> 09:13.160
information your product processes or what it does, then your risk is null and you don't need to

09:13.160 --> 09:17.080
worry about it. Okay, a lot of time. I have stickers here that say, I'm a foster developer, zero

09:17.160 --> 09:19.800
series, obligations, lots of rights, come find me to get one.

09:29.240 --> 09:36.040
All right, thank you. Yes, don't go to smart TVs, watch your TV before watching you.

09:37.960 --> 09:44.680
Yeah, so you want to buy a new TV and you realize that most TVs is there is a smart TV,

09:44.680 --> 09:50.040
so you spend 52500 euros on a new TV, but it's integrated smart features and

09:51.080 --> 09:56.680
your reward, a unified platform that can do everything you want, say unified media platform,

09:56.680 --> 10:03.000
device control screencasting, etc. The price you are paying, where's ads on your home screen,

10:03.000 --> 10:09.720
even though you paid full price for the TV, there's blood wear, manufacturer is doing a

10:09.720 --> 10:14.120
funny thing about ACR, I'll touch up on that in a little bit, the infamous Netflix button

10:14.120 --> 10:20.680
on the remote and you're probably also paying your show as well. Yeah, so automatically content

10:20.680 --> 10:28.040
recognition, you buy a TV, literally anywhere from 2 to 100 times per second, it takes a low quality

10:28.040 --> 10:35.640
screen shot, it sends this over the internet to the manufacturer who then does some AI learning on

10:35.640 --> 10:42.440
it to detect what exactly you're watching, even if you're watching something from an

10:43.560 --> 10:48.120
ACR connected device that's not even like a streaming platform, and from this little

10:48.120 --> 10:53.560
fingerprinting and personalized advertising and who knows what, it just saw your data through

10:53.560 --> 11:01.800
third parties, this is a default setup when you connect this to the internet, and most of these

11:01.800 --> 11:07.880
remotes welcome with a Netflix button alongside Mary at the Photoshop offices,

11:12.280 --> 11:18.760
well then there's a non default setup, so if you love manualing through TV manuals with a

11:18.760 --> 11:26.520
shittery mode, then do all of these, think it's a bit too long of a list for this presentation,

11:26.760 --> 11:34.200
there will of them, if it's setting sounds like, improve and hands, personalize or recommend

11:34.920 --> 11:40.680
or something along that line, turn it off, from this whole list here,

11:40.680 --> 11:48.920
there's more to be where you allow you to turn off all of these things, and then the worst of all,

11:48.920 --> 11:53.160
if you do run an update at some point, some of these features, and I think you've disabled,

11:53.320 --> 11:57.560
don't just be enabled themselves, so in every update you're going to have to go through all the

11:57.560 --> 12:04.680
settings again, disable all the features, and sure, a temporary solution, just bind over TV,

12:04.680 --> 12:09.240
right, and this works great, and so all the TVs are also smart in a couple of years from now,

12:12.600 --> 12:16.040
you just just use it as a monitor where the smartphone factor computer, right, and don't

12:16.040 --> 12:20.920
connect it to the internet, this works great for your home setup, but if you visit friends or

12:21.000 --> 12:27.320
family, they might not want to invest in such a setup, and just opt for the convenience of having

12:27.320 --> 12:37.640
a all-in-one device, smart TV, then the realistic, realistic solution, perhaps, thank you, thank you.

12:41.160 --> 12:45.560
Yes, they're not connected to TV to the internet, this works great, and so many

12:45.560 --> 12:51.720
factors start requiring internet, or a subscription, even for the TV to work, sometimes this is

12:51.720 --> 12:56.920
referred to as hardware as a surface, there's some ratios with printer ink or weight

12:56.920 --> 13:01.160
car keys, I think Toyota does this, where if you subject your subscription, you're lost your

13:01.160 --> 13:06.920
car keys, but good luck, you can't find it now, also some homesick, GRT apps use this,

13:08.760 --> 13:11.880
literally a list of solutions is hack your TV, there's some initiatives for different

13:12.040 --> 13:16.760
manufacturers, often this involves opening up your TV, taking out the hard one,

13:16.760 --> 13:21.480
thinkering with it, there's a semigo for Samsung, there's some custom Android ROMs to replace

13:21.480 --> 13:27.240
anything that's running on Google TV, there's really much of your open LG TV for LG, or you can

13:27.320 --> 13:35.320
build your own hack, don't forget to check this out, and yeah, I think that's it, thank you.

13:42.600 --> 13:52.600
Hello, falls down, wow, my wife came and she's my inspiration, but also an inspiration for me

13:52.600 --> 14:02.760
is Wikipedia, because what an achievement that Wikipedia brings free and open access to the best

14:02.760 --> 14:10.120
articles in the world, to anyone in the world, what would be the equivalent for a personal fitness,

14:10.120 --> 14:17.320
like how can we give free and open access to not only fitness information, but also fitness

14:17.320 --> 14:22.920
applications that can help people with their personal fitness journey, so it's not just general

14:22.920 --> 14:30.120
content, but actually personalize as well. For this mission, I first needed some education because

14:30.120 --> 14:37.240
I'm a software engineer, so I decided to embark on basically the most advanced course that I could find,

14:37.240 --> 14:42.520
which was a personal trainer course, and it was kind of funny to be the single software engineer

14:42.600 --> 14:47.640
in this huge class full of personal trainers and professional athletes, and all of them are asking

14:47.640 --> 14:52.680
me like, why are you in this course again? But anyway, I learned a lot in that course.

14:54.840 --> 15:00.520
So the first thing I started building is a database that contains exercise definitions,

15:00.520 --> 15:06.760
which by itself is nothing new, but you know, I'm trying to license this as permissively as I can,

15:07.720 --> 15:12.920
so it has all the usual information that you find in other databases, but also it has

15:13.560 --> 15:20.760
tweaks that you can apply to your exercises to kind of enhance how they affect your body,

15:20.760 --> 15:26.760
like for personal injury reasons, or if you need a little bit of a different training focus,

15:26.760 --> 15:32.200
there's all kinds of tweaks you can make, and most of those are supported by studies, so there's

15:32.200 --> 15:36.600
link to the studies that there's links to YouTube videos that explain everything in more detail

15:36.600 --> 15:41.800
Instagram posts, and those actually come from other creators, I don't create those videos,

15:41.800 --> 15:46.680
but I can just link to them and I can include that in the database and still it's permissively licensed.

15:49.080 --> 15:55.400
Once I have that database, I started creating applications, so the first application is a program

15:55.400 --> 16:00.520
creator, so for anyone who wants to make their own weightlifting program or resistance training program,

16:01.480 --> 16:07.720
an important thing to keep in mind is that many exercises train different muscles to different

16:07.720 --> 16:12.280
extents, so it's kind of an interesting challenge, like how do you break it down, how do you make your

16:12.280 --> 16:18.520
selection of all your different exercises, such that you add up all your volumes of all your

16:18.520 --> 16:26.920
individual muscles to kind of the balance that you're looking for. Obviously any fitness app I think needs

16:27.000 --> 16:32.920
to have a calorie calculator, so this one has the same, but also it has a volume calculator, so

16:32.920 --> 16:39.240
based on your personal body, your age, all kinds of lifestyle factors, you can calculate your

16:39.240 --> 16:47.720
optimal volumes for your exercises. There's now also a mobile application for your phone where

16:47.720 --> 16:53.000
you can log your sets, your performance, you can analyze your performance over time,

16:53.800 --> 16:58.040
at the end of your session, you can see the breakdown of all the muscles you worked and with

16:58.040 --> 17:04.520
how much volume, and also I want to add functionality to loop that back into your program, so you

17:04.520 --> 17:10.520
can refine your workout program based on your actual performance data. Of course there's also weight

17:10.520 --> 17:18.520
logging, so pretty obvious, but weights, flux wage, flux to weights also every day, so there's

17:18.520 --> 17:23.560
moving averages, you can see your weekly trend, you can see your monthly trends, and so on.

17:25.400 --> 17:30.840
And yeah, for more information, check out the website, body.built. It's not only for bodybuilding,

17:30.840 --> 17:35.000
it's just for anyone who wants to get fit, although it is a little bit on the advanced side right now,

17:35.000 --> 17:39.320
but the.built domain name was available, so I thought it would be cool to buy it. That's why

17:39.320 --> 17:43.320
it's called Body.built. The applications are on App Store and Play Store,

17:44.120 --> 17:50.520
HEPL license code repository, and if you want to know more, please reach out to info at

17:50.520 --> 18:06.120
Body.built. Thank you so much. Hi, my name is Mayur. I started this project around one year ago.

18:06.520 --> 18:18.520
So the idea is to measure or quantify how far away your community postures equal is from

18:19.480 --> 18:27.160
any postures derivative, postures for or postures product that start up new start up selling.

18:27.560 --> 18:38.280
So this started with launch of when Amazon launch AWS launch are over a D-SQL, so there was a

18:38.280 --> 18:44.360
viral discussion that it doesn't have views, doesn't have constraint, doesn't have anything,

18:44.360 --> 18:51.960
but they were they had this postures compatible D-SQL in their marketing campaign.

18:52.280 --> 19:00.280
So we were discussing this that we need some kind of framework or some measuring stick,

19:01.160 --> 19:07.240
and because we have a lot of postures for postures derivatives, we have neon supobase,

19:07.240 --> 19:14.040
Yugabaid, even Cockrozy, we have all the animals and amphibians and insects.

19:14.760 --> 19:23.560
So this started with the idea of developing a framework, and it's because,

19:24.920 --> 19:32.520
I mean it's natural that postures now has 30 years of network effect, so it's pretty natural

19:32.520 --> 19:39.400
for new start-ups, new companies, try to cash in on that branding on that 30 years of network effect.

19:39.400 --> 19:45.160
And there is nothing wrong with it, but the original iconic postures project identity should

19:45.160 --> 19:52.760
not get dissolved. So and also there is nothing stopping from Oracle saying that they are the

19:52.760 --> 20:00.200
most world's most advanced postures compatible enterprise database, there is absolutely nothing.

20:01.160 --> 20:12.840
So this project kind of runs automated tests on whatever postures derivatives that can be plugged in

20:12.840 --> 20:21.080
or that can use this plug-in to run those tests, and comes up with scores based on missing features,

20:21.080 --> 20:26.200
missing behavior. It's basically kind of a behavior analysis for a database,

20:27.160 --> 20:34.200
and early days it used to look like this, just a Python program and missing feature and some

20:34.200 --> 20:43.160
score, but why not take it one step further? So now it's a website, pgscorecard.com,

20:43.880 --> 20:52.440
and you can scan now, and it has a lot of postures derivatives listed, I did not list obvious one,

20:52.520 --> 20:58.920
the postures, it's always going to be 100%, and then there are feature list, and you can toggle and play,

20:59.720 --> 21:08.440
you can even compare some of the derivative with other products. I have a lot of saying, okay,

21:08.440 --> 21:19.160
and I'm not a developer by profession, I'm a DBA, not backman as well. So I would, I would welcome any kind

21:19.160 --> 21:31.400
of help or any new ideas or any code contribution. So this is green one is for open source contribution,

21:32.120 --> 21:40.280
and if you're a startup or company that is selling postures, compatible things, and you want

21:40.280 --> 21:46.680
your startup to be listed, then you can just send one PR for this DBA edition,

21:47.000 --> 21:57.160
and this is my database comedy blog. It has this postures compatibility index flow and origin

21:57.160 --> 22:03.720
story in detail, and some other things as well. So I have 20 to 2 seconds, I can just skip it for 20 seconds,

22:05.320 --> 22:07.720
scan it, or I'm not leaving. Okay, fine.

22:08.120 --> 22:12.120
All right, thank you.

22:16.120 --> 22:24.840
Hey, full stem. So as you might know, there's this small Linux distribution called ARCH,

22:25.960 --> 22:37.160
and it uses users get updates nearly every day or hour, so you want like a fast way to get your updates,

22:37.960 --> 22:45.800
you get a lot of updates, or you get a lot of traffic, and maybe you have like multiple

22:45.800 --> 22:51.880
ARCH machines in your home land, you have a laptop, a desktop, and something, and you are starting

22:51.880 --> 22:57.880
to, you may might not have like the the biggest pipe to the internet, and but you do have a home

22:57.880 --> 23:04.680
server. So then I have a solution for you. So there's a very easy way to set up a way to share

23:04.760 --> 23:11.880
your Pac-Man cache. So the cache we're all the the packages live on your own local network.

23:13.320 --> 23:18.280
And the only thing you need is this new feature. Well, new feature is already a few years old in

23:18.280 --> 23:26.040
Pac-Man. So basically it's a cache server directive. You pointed to a web server,

23:26.920 --> 23:33.400
this is an HB server, and on your network. And what Pac-Man will do when it starts updating your

23:33.480 --> 23:42.120
system is first try to fetch the package from there, and if it cannot be found, it won't normally

23:43.400 --> 23:51.800
the servers where where packages aren't found are removed from your from from being checked.

23:52.360 --> 23:57.400
So with the cache server, it doesn't, it just, if there's four or four, it's all try your normal

23:57.400 --> 24:04.920
mirror. And it doesn't use the package, the repository database, the index where all the packages

24:04.920 --> 24:12.920
are, that it will capture from your mirror. And so with this new old config option,

24:14.040 --> 24:18.440
the only thing you would need is an arch server, container, virtual machine, whatever,

24:18.440 --> 24:25.800
something where you can keep a cache of. Pac-Man packages, an HB server, this can be anything,

24:26.520 --> 24:34.920
and the system detimer to pull in your packages in there. And then you can set up an easy server.

24:34.920 --> 24:42.760
So the HB server can just be a Python server, serving your Pac-Man cache. For example, your home server,

24:42.760 --> 24:49.800
if runes the arch, the client configuration is simply dropping this cache server directive.

24:50.760 --> 25:01.160
And that's basically it. Then you would want some timer to fetch the packages on your home

25:01.160 --> 25:07.240
server every night. So when you, for example, if they kill up top, it tries to fetch as the

25:07.240 --> 25:16.120
newest kernel from your from your home server. So you just created the daily timer and you used

25:16.280 --> 25:22.840
the checkup dates, the scripts, it doesn't interfere with normally running Pac-Man. It creates a

25:22.840 --> 25:31.640
lock file. And so it's a bit messy if you run Pac-Man in normally in a timer or a script or

25:31.640 --> 25:36.840
all the minutes scripts and you run it again as in the CLI, as yourself. So there's the checkup

25:36.840 --> 25:42.200
dates which uses some magic to prevent this. This will just download the packages you have

25:42.280 --> 25:50.840
installed on the system into the cache directory. And then you can go through, although

25:52.040 --> 25:56.840
it's only gigabit mine at work. So it's not really blue. But it's limited to whatever

25:56.840 --> 26:02.760
whatever network speak you have in your land. If you want to endure more, just check up the

26:02.760 --> 26:09.800
excellent wiki, there's configurations for any web server you might have. There's more alternative

26:09.800 --> 26:25.080
approaches. And yeah, that was all. Oh sorry. Hello, my name is Benjamin Hunter. I'm from Belgium.

26:25.880 --> 26:31.080
I've been attending all the first them since it exists when it was gold ors them. And I work on

26:31.080 --> 26:37.720
software patents since 1998. I'm president of a association which fought the software patent

26:37.720 --> 26:43.560
director 20 years ago. And this directive was rejected by the European Parliament because

26:43.560 --> 26:49.880
large companies saw the Parliament could vote a lot that they didn't like. So they pushed

26:49.880 --> 26:55.400
they asked a member of Parliament to drop this directive and push for the central patent court in 2005.

26:56.360 --> 27:01.400
In 2006, the commission proposed a reform of the patent system to

27:02.360 --> 27:06.920
centralize the the patent system in Europe and notably to remove national courts.

27:10.520 --> 27:14.680
So the law is the European patent convention. It's an international law between several

27:14.680 --> 27:21.800
member states of the EU plus some other states that Turkey. The law says article 52.2 is computer

27:21.880 --> 27:27.400
programs I exclude of patentability but the next article says they are to be considered a search.

27:28.120 --> 27:35.640
And the EPO since the 1980s ground software patents anyhow using this as such loophole.

27:37.480 --> 27:44.440
In 2006, my predecessor Mr. Pillish predicted what would happen. So in July 2005, I have several

27:44.440 --> 27:49.240
attempts to legalize software patents in Europe. The patent establishment changed strategy instead

27:49.240 --> 27:53.640
of explicitly seeking to sanction the material of software. Then I was seeking to create a

27:53.640 --> 27:58.360
central patent court for Europe which would establish and enforce patentability rules in their favor

27:58.360 --> 28:03.560
without any possibility of correction by competing courts or democratically elected legislatures.

28:04.120 --> 28:08.200
The last sentence is very important because the whole game here is to avoid the European

28:08.200 --> 28:13.320
court of justice and basically the European Parliament said it's fine so they are not legislator anymore.

28:13.640 --> 28:21.720
The unified patent court is a very strange beast where they invented they created new

28:22.280 --> 28:28.040
judges without a law degree called technical judges and those it appears that those judges are

28:28.040 --> 28:33.080
in fact patent lawyers who work for Nokia in the morning and become judges in the afternoon.

28:33.640 --> 28:38.520
It's self-finance before it was financed by the EU but now it's self-finance was very very expensive

28:38.520 --> 28:47.080
to go there to litigate or to be litigated to be sued there. The EPC is not EU law so the European

28:47.080 --> 28:53.560
Court of Justice doesn't have a say and basically they are blocking the appeals to the European

28:53.560 --> 29:01.080
Court of Justice on those questions. Now what we discovered by litigating against is that in the past

29:01.080 --> 29:06.600
the European Court of Justice killed their previous attempt because national courts cannot be removed

29:06.680 --> 29:14.680
of Eulo and in 2017 there was a case with investment courts that had to improve Eulo and the

29:14.680 --> 29:22.920
Court of Justice killed them because it's an infringement of Article 267. Now in October there's a

29:22.920 --> 29:27.240
company streaming company called Roku that tried to escalate this question of Eulo to the

29:27.240 --> 29:34.520
European Court of Justice and the UPC denied the questions saying there was no issue while all the

29:34.600 --> 29:43.480
experts say there is and actually it's a violation of Eulo Article 277.3 where courts are forced

29:43.480 --> 29:49.960
they must escalate the questions of Eulo and so in the past there was a famous case with Poland

29:51.080 --> 29:56.280
where the European Commission gave a heavy fine heavy daily fine to Poland for exactly the same

29:56.280 --> 30:02.520
problem. Now we know the European Commission is not in this file is not excluding their eyes

30:03.480 --> 30:09.960
and the question is whether someone can go to national court and try to escalate the problem

30:09.960 --> 30:16.520
to the European Court of Justice by changing the validity not of the UPC treaty but of the

30:16.520 --> 30:22.360
Brussels one regulation with contains the fake word of common court so in for investment courts

30:22.360 --> 30:28.360
that's what they killed. So it's going to be my project for this year. Thank you.

30:33.480 --> 30:45.560
Hello. So sometime ago I stumbled upon a project called Web A2E which basically allows you

30:45.560 --> 30:53.000
to run terminal applications built on top of Ratatouille framework inside a web browser which I found

30:53.000 --> 31:00.600
super cool but also I started wondering what would it take to turn this upside down and run

31:00.600 --> 31:09.400
a modern web browser inside a terminal. So web browsers don't put the pixels directly on the screen

31:09.400 --> 31:15.880
they communicate with a compositor which is a different process they talk to each other with a

31:15.880 --> 31:22.520
protocol like Wayland or X and it's the compositor that takes the pixels from multiple applications

31:22.520 --> 31:29.400
combines them together and actually puts them on a screen. So if only I could find a way to make a

31:29.400 --> 31:34.360
compositor that actually ran just to a terminal I would be golden I wouldn't need to change the

31:34.360 --> 31:43.480
web browser and I would get it in a terminal. So this sounded like a great way to dig into how

31:43.480 --> 31:50.920
this all works under the hood and it kind of went downhill from here. So I found Smithay which is an

31:50.920 --> 31:56.920
excellent Rust library for building without compositors which basically takes care of all the

31:56.920 --> 32:03.400
wayland parts. So I need to figure out how to actually put the pixels in the terminal I could use

32:03.400 --> 32:10.520
something like 6L or KT graphics protocol but there are some problems with this first of all somebody

32:10.520 --> 32:19.080
already made an X server that renders to 6L to a terminal so it was not interesting but also using

32:19.160 --> 32:27.240
either of this would be a smart idea and I was not interested in smart but funny. So instead of this

32:29.560 --> 32:39.240
I chose this beauty. This is a unique upper half block. If I combine this with Ansie escape sequences

32:39.240 --> 32:45.320
I can set background and foreground colors for the character and this way I encode two pixels

32:45.320 --> 32:53.080
on one character. And since this is just a normal character I can use two e-frame like Radatui

32:53.080 --> 33:01.000
and cross term to render this to a terminal and all I need is a bit of duct tape to connect those

33:01.000 --> 33:08.840
two together which I did and the result honestly was much better than I expected. Here the

33:08.840 --> 33:15.400
alacrity terminal emulator is actually able to render a full wayland display and running

33:15.400 --> 33:23.240
Western terminal and because I convinced alacrity to render characters as one by two pixels this

33:23.240 --> 33:34.280
is actually pixel perfect. So it was cool but it could be faster because obviously I tried running

33:34.280 --> 33:45.400
doing it and it works but the framework is clearly not enough for 2020. So I found out that the

33:45.400 --> 33:52.840
bottleneck is actually encoding as Ansie escape sequences on CPU it basically holds at 100% so I

33:52.840 --> 34:01.880
did the obvious thing and uploaded it to a GPU. And obviously I used Web GPU because at this point

34:02.040 --> 34:10.040
why not. And this actually proved a frame it quite a bit and I got something that can be

34:12.040 --> 34:18.520
that can be considered a smooth experience and right now I believe my bottleneck is actually the

34:18.520 --> 34:25.560
terminal emulator which can't keep up decoding those R&C sequences because I'm sending two

34:25.720 --> 34:33.560
modules. Anyway some other pretty pictures it can run itself and most importantly it can run

34:33.560 --> 34:47.560
the firefox. If you're interested here's a code run it yourself good luck and thank you.

34:48.200 --> 35:07.480
Okay. Hi everybody my name is Martin and today I have a story for you about my grandma and her computer.

35:09.240 --> 35:15.560
Those of you that manage a device for some of your family members. I'm guessing you had to deal with

35:16.440 --> 35:22.760
the end of support of Windows 10 back in October. Those of you that didn't the problem was that

35:23.480 --> 35:31.160
in order to officially upgrade your device needed to have some minimum hardware requirements. So doing

35:31.160 --> 35:37.560
nothing meant that you would receive no security updates for example. And there were some estimates

35:37.560 --> 35:45.080
that up to 400 million devices were affected but who really who really knows what I do know

35:45.080 --> 35:51.400
is that my grandma's computer was one of these devices and because I managed it for her

35:53.720 --> 36:00.760
because I managed it for her it was also my problem. To get you some context about my grandma and her

36:00.760 --> 36:06.200
relationship with tech let me actually start from the opposite direction and let's look at some

36:06.200 --> 36:13.960
populations statistics. So this is a small section from a 2023 survey about check households and

36:13.960 --> 36:22.520
their relationship with tech and for us the important part is that households with people over 65

36:22.520 --> 36:32.120
and no children only about a half of those even owned a computer right. If we go further and look

36:32.120 --> 36:41.000
at reported skills then in my grandma's age bracket only about 23% of people knew how to copy files

36:41.640 --> 36:49.560
and about 6% knew how to install a program. So knowing all this you would be right to assume

36:49.560 --> 36:58.040
that my grandma is not a technical person but let me just say that's okay. I mean we all have different

36:58.040 --> 37:06.920
hobbies right but unlike a large proportion of her peers she can copy files okay back in the day she

37:06.920 --> 37:15.720
also was able to install Windows 10 with just me on the phone but now all she really uses is a browser

37:15.720 --> 37:22.360
and office suite and a printer. But if we go back to the problem again the issue was that her

37:22.440 --> 37:30.680
computer was running out of support and there was no realistic way to go further and so what can we

37:30.680 --> 37:37.800
do about this? I mean by her a new computer well I don't know but there is an obvious solution right

37:38.440 --> 37:50.520
I mean here we are just install Linux so that's what I did. Thank you thank you

37:51.480 --> 37:59.160
my grandma is now a Linux user specifically her computers running Xorino S no affiliation by the way

37:59.640 --> 38:05.080
the reason I chose this distribution was because it's desktop environment seemed familiar

38:05.640 --> 38:11.640
or I thought it would be to her it also works out of the box seems difficult to mess up and it's also

38:11.640 --> 38:19.160
super simple to run updates through the software update or utility and it's been about six months

38:19.640 --> 38:25.640
there haven't really been any major issues so far my grandma was even able to print something

38:25.640 --> 38:31.880
completely on her own without me showing her how and I thought honestly I thought that was pretty impressive

38:31.880 --> 38:39.000
and a great testament to the UI of the whole system but I know that this whole example is not really

38:39.000 --> 38:44.600
serious and it's not something you would draw conclusions from but regardless you know it gave me

38:44.680 --> 38:50.360
tremendous hope about the state of Linux desktop especially for people like my grandma

38:51.320 --> 38:57.720
so to wrap this up it turns out that my grandma did not meet a new computer and if you're wondering

38:57.720 --> 39:04.280
whether some of your less technical family members would be able to use Linux just know

39:05.080 --> 39:10.920
that my grandma is doing fine. Thank you.

39:19.720 --> 39:25.160
Hi today I'll be presenting Simic which stands for Story or Mail in Get and it's

39:25.160 --> 39:30.120
basically a more unixy way of dealing with mail but the synchronization primitive is get rather than

39:30.120 --> 39:37.480
IMAP so I personally find mail user agents to be a bit of a pain because they all display

39:38.680 --> 39:44.200
almost without exception they all display mail as some organizations of photos usually on the

39:44.200 --> 39:50.440
left column of the user interface and then you have those opaque objects which are messages and they

39:50.440 --> 39:58.040
have IMAP flags and oftentimes I don't know at least for me I would like to treat them as actual

39:58.040 --> 40:05.400
normal files. What if they're actually files which can unlike in Moder which you basically

40:05.400 --> 40:10.760
needed to follow a particular structure what if they're files you can just copy around move around

40:10.760 --> 40:18.040
in your file system like any other file in a normal unix workflow and what if instead of IMAP

40:18.040 --> 40:24.360
which often has issues with conflicts when multiple devices modify the same mailbox with

40:24.360 --> 40:29.560
the same email at the same time what if we use a synchronization primitive that robustly handles

40:29.560 --> 40:35.560
conflicts which has been talked about quite a few times in foster morality. My answer is get

40:38.440 --> 40:45.560
and so I'm going to store each so we store the mail of each account inside one get repository

40:46.280 --> 40:51.240
and mailboxes are photos but we actually don't have this concept that the native concept of

40:51.240 --> 40:58.280
mailboxes because you can structure the repository however you want to do it. You could create a

40:58.280 --> 41:03.080
inbox directory and put your new mail into there or you can put mail at the

41:06.280 --> 41:12.760
or you could just literally make the inbox the route of the directory these are controlled by the

41:12.760 --> 41:19.160
Steve script and the delivery configuration rather than something hard-coded and you can even use

41:21.000 --> 41:25.400
rocketly organized archives or put everything in one directory although I don't know why you

41:25.400 --> 41:32.200
want to do that. So the delivery semantics are relatively simple. Each recipient

41:32.200 --> 41:38.440
resolves to get repository we fully resolve the head to a detached reference which go through a

41:38.520 --> 41:43.560
image so we fully resolve the symbolic references and all of the delivery work happens against

41:43.560 --> 41:50.200
that delivery dot commit snapshot that we found at the start of the delivery. So we read the delivery

41:50.200 --> 41:55.560
configuration and determine the found name format. We run the Steve script and determine which

41:55.560 --> 42:02.760
folder we deliver the email to and then sorry the delivery script decides the message format and the

42:02.840 --> 42:09.720
message found name and the target path is decided by the Steve script. We read the commit, read the

42:09.720 --> 42:17.160
tree, write the blob and then put the new email's blob into the tree and then write the tree

42:17.160 --> 42:23.720
and write the commit. And then because if you look at the man page of get update rough you can

42:23.720 --> 42:29.960
actually see that you can supply an old object ID for it to automatically compare and swap. So we

42:30.040 --> 42:36.520
compare the so we make it compared the ID of what we expected to be the original commit with

42:36.520 --> 42:42.120
it's actually in the current breath and then we update it if they match. Atomic. If on conflict

42:42.120 --> 42:47.720
it means that the user has recently pushed or recently forced push so you just retry on the new

42:47.720 --> 42:54.600
refette you don't need to rebase or merge. And the entire diamond's task is basically to accept

42:54.600 --> 43:01.080
mail over TPR, SMTP, resolve and expand aliases and resolve recipients and for each recipient

43:01.080 --> 43:07.000
deliver to its corresponding get repository. We need a lot of client utilities to make these work

43:07.000 --> 43:12.040
in a normal units workflow. So for example unpacking parts around my message and custom indexing

43:12.040 --> 43:19.080
because not much doesn't really work well in a flagless workflow. However, these are so under development

43:19.080 --> 43:22.440
they're not fully available yet but hopefully in a few months I should get them ready.

43:23.400 --> 43:27.400
And the repository is here if anyone wants to take a look. Thank you.

43:37.880 --> 43:44.280
Hey I'm Ruth and I'm going to do a very quick overview of the RCL configuration language which also

43:44.360 --> 43:52.600
happens to be quite a nice query tool. So are you ever in a situation where you have many configuration

43:52.600 --> 43:59.080
files that share some parts and you want to have a single source of truth? For example a repository

43:59.080 --> 44:04.920
full of rust grates and you want to synchronize a version number between them. Then instead of specifying

44:04.920 --> 44:11.000
everywhere you want it in a single place and then import it. Or maybe you have many parts that are

44:11.080 --> 44:17.960
very similar and you want to generate this with a loop. Then maybe you risk for string templating

44:17.960 --> 44:23.560
but now you have all kinds of escaping issues and if you use YAML now you also have white space

44:23.560 --> 44:29.800
issues and this happens because you're operating on the serialized form of some data structure

44:29.800 --> 44:37.720
but what you really want is to transform the data structure directly. So this is what RCL does

44:37.800 --> 44:43.960
and it turns out if you have a language that's good at transforming data it's quite a nice query

44:43.960 --> 44:55.880
tool as well. So RCL extends JSON by adding variables functions loops into a simple functional

44:55.880 --> 45:02.760
gradually typed programming language that you can use to have abstraction and reuse in your configuration.

45:02.760 --> 45:11.400
So on the left is an example we can for example import from other files and then reference parts

45:11.400 --> 45:17.800
of it so we can define a version number once and then reuse it. Or if there's a repetitive part

45:17.800 --> 45:23.960
then now we can just write a loop and if we want to turn on documentation it's we can switch it

45:23.960 --> 45:28.920
in one place. So how do you get from the thing on the left to the thing on the right?

45:29.080 --> 45:37.320
Well there's a command line tool you can run RCL evaluate kind of normal JSON YAML but now you have to

45:37.320 --> 45:42.280
update this thing all the time. So if you already have a build system or a task runner you can

45:42.280 --> 45:48.520
integrate it into that. If you don't then there's also a built in RCL build command that can

45:48.520 --> 45:56.840
update files for you. Then there's a query mode. So whoever curls something and then pipes it into

45:56.840 --> 46:05.720
JQ, raise your hand. Whoever had an expression that they wanted to write in JQ would be easy to

46:05.720 --> 46:13.960
write in Python or type script but couldn't figure it out. Right. So because every JSON document

46:13.960 --> 46:21.240
is also an RCL document you can use RCL to query and if you know Python type script or Rust you

46:21.320 --> 46:27.720
will find it's very natural. It takes an input document and then the query on the command line

46:29.320 --> 46:34.920
and this is what you can use it for. And finally if you're doing something more advanced and you're doing

46:34.920 --> 46:40.600
something in Python there's also Python module that's a drop-in replacement for the JSON module.

46:43.080 --> 46:48.280
If you want to learn more check out RCL Lang.org. There is also interactive demo there

46:48.280 --> 46:59.240
or come find me afterwards. Thanks.

46:59.240 --> 47:07.400
So for those who don't know 14 years ago I gave a few lightning talks and I was so nervous at the end

47:07.400 --> 47:14.280
of it I was drenched in sweat to my underwear. Now I stand in front of JOSO and even bigger rooms

47:14.280 --> 47:19.480
and I don't care. I might get a little bit emotional during some opening speeches but other than this

47:20.760 --> 47:26.280
the point here is get in front of people and speak about what you want to speak about. It takes

47:26.280 --> 47:31.720
a few years but at some point you just do it. Do I need to click something or do you click for me?

47:32.040 --> 47:45.480
What? Oh, there's a button.

47:49.160 --> 47:55.480
Yeah so anyway we should make this orange. Anyway this is a talk I gave 14 years ago

47:56.360 --> 48:00.920
and I wanted to just give an update on what change and what state to say. I'm going to rush through

48:00.920 --> 48:05.880
it a little bit but the slides are already available for download on the program. So what is

48:05.880 --> 48:10.520
good? I had to actually explain this 15 years ago this time I can't probably skip that one.

48:11.560 --> 48:19.000
ETCkeeper is a tool which stores slash ETC off your local file and yes we all have Kubernetes

48:19.000 --> 48:24.600
and containers and whatever but some of us also have desktop. Just install it. Thank me in five

48:24.600 --> 48:29.800
years when something breaks and you can just restore it. Just install it. Don't question just

48:29.800 --> 48:36.760
install it. If you use after anything it automatically makes checks and check in of your data

48:36.760 --> 48:41.320
every single time you install something and change something it is glorious. Install it right now.

48:43.000 --> 48:51.240
Yeah this is too long. But honestly I failed at using buff. It stores backups in in get.

48:52.840 --> 48:57.720
It's too complicated and also pruning stuff is just painful so that didn't work out over the last 14

48:58.360 --> 49:04.840
years. ETCkeeper back then a completely wild idea of storing a website source in get and then

49:04.840 --> 49:09.480
compiling a static website. I'm not using this anymore but also I'm not using anything else because

49:09.480 --> 49:15.800
just to much work today I would probably be using Google but same difference that one and 15 or 14

49:15.800 --> 49:23.640
years later still valid. Get annex. Who here knows what get annexes? Okay that should be 100%.

49:23.800 --> 49:32.280
You can store stuff in get but the large files are kept only as references and you can copy

49:32.280 --> 49:37.800
big stuff back and forth across 10 different external hard drives across the internet. It is super

49:37.800 --> 49:42.600
reliable. It is used in the rainforest to distribute learning materials between different

49:42.600 --> 49:49.080
indigenous tribes. It is glorious please use it. I have photos and family stuff from like

49:49.080 --> 49:56.280
literally 15, 20 years or not quite 20 and it just keeps working and I know for effect I will never

49:56.280 --> 50:01.960
lose this data. It is absolutely genius highly encourage everyone in this room to use it. So yeah

50:01.960 --> 50:08.040
that one held a pretty well that is one of the best things ever. That's the data you can download

50:08.040 --> 50:12.440
this on the website when you go to the talk information but also you've probably read this by now.

50:13.160 --> 50:20.920
Metamonger, I use this to store XF data and basically pull it into file system information

50:20.920 --> 50:26.200
and then store this in get. These days honestly you don't really need it anymore because the

50:26.200 --> 50:32.600
tooling around all of those problem spaces have improved massively. If you still rely on on

50:33.160 --> 50:40.040
date time of your files on the file system to be correct this allows you to store this information

50:40.120 --> 50:46.440
into get and to restart in other get repositories which for some use cases can be insanely useful

50:46.440 --> 50:52.120
anyone who doesn't know what I just said ignored you don't need it. This is another one which I

50:52.120 --> 50:56.520
would highly encourage you and yes some bias cuts is mine but I would highly encourage you to use.

50:56.520 --> 51:03.720
So who here is using get? That's not everyone so that's a reason why I'm asking but it's like

51:03.720 --> 51:12.040
for the recording is 95%. Who here uses more than one get repository in the same directory?

51:14.120 --> 51:19.880
Yeah exactly that's maybe 5%. You can actually do this get supports this through the magic

51:19.880 --> 51:24.040
called get work tree and it is completely arcade and really hard to use but this is a good

51:24.040 --> 51:32.520
wrapper and just enables you to put more than one get repository into one directory. Why would you do this?

51:32.520 --> 51:36.520
Your home directory and you can actually start saving your stuff. I have 20 seconds left so

51:36.520 --> 51:41.880
I'm speaking up even more. MR is now called my repos it allows you to take an arbitrary amount

51:41.880 --> 51:46.680
of repositories and just update stuff so you have internet for a few minutes at the airport or whatever

51:46.680 --> 51:50.920
you hit the button and all the repositories are updated it is also very useful.

51:52.360 --> 51:59.720
Such a is really good so one second left the point is get is incredibly stable and I'm surprised

51:59.800 --> 52:06.200
by how much it held up here is your microphone. The time is up. I have a thank you for all of the

52:06.200 --> 52:14.920
lovely speakers thank you for joining us at lightning light and talk that's all.