Day changed to 01 Jun 2014 Day changed to 02 Jun 2014 Day changed to 03 Jun 2014 Day changed to 04 Jun 2014 Day changed to 05 Jun 2014 Day changed to 06 Jun 2014 Day changed to 07 Jun 2014 Day changed to 08 Jun 2014 Day changed to 09 Jun 2014 11:44 < colonelqubit> Hi -- LibreOffice is looking to hold a hackfest in the Boston area during the last weekend of July, and I'm currently looking for a venue -- perhaps a couple of classrooms at a university? Any suggestions? 15:36 < tmetro> MIT. That's where BLU and many other technical user groups meet. They likely can accommodate a few classrooms on an evening or weekend. 15:38 < tmetro> They'll probably require that you find a faculty member willing to "sponsor" your request. So you might need to do some networking to get someone to back you. We have contact with a few faculty members. 15:38 < tmetro> Posting to BLU's discuss mailing list might turn up something as well. 16:02 < colonelqubit> tmetro: thanks -- yeah, I pinged the SIPB and a couple of other groups, but was having some trouble finding someone to sponsor us 16:03 < colonelqubit> I think I have a couple of leads now 16:05 < colonelqubit> Someone suggested that I ask about the NERD. I was almost tempted to do so, just to see what kind of response they'd give to us :P 16:07 < colonelqubit> (I mean MS does have people on the ODF TC...) 16:13 < tmetro> Yeah, not out of the real of possibility that they'd permit it. I think I've occasially seen competing technologies presented there. Day changed to 10 Jun 2014 Day changed to 11 Jun 2014 Day changed to 12 Jun 2014 Day changed to 13 Jun 2014 Day changed to 14 Jun 2014 Day changed to 15 Jun 2014 Day changed to 16 Jun 2014 Day changed to 17 Jun 2014 Day changed to 18 Jun 2014 19:20 < tmetro-> Federico's talk begins. 19:21 < tmetro-> starting with a demo of Canonical's "orange box." Their "cloud in a box" training hardware. 19:23 < tmetro-> walls of the box are heat sinks 19:24 < tmetro-> 5 nodes per side 19:24 < tmetro-> mostly possibly cooled 19:24 < tmetro-> custom PS 19:25 < tmetro-> stack of drives 19:25 < tmetro-> nodes are Intel NUCs w/AMT 19:26 < tmetro-> D-Link 1 GB/s switch w/VLAN capability 19:26 < tmetro-> Haswell i5 CPU, 4 cores 19:27 < tmetro-> 16 GB RAM 19:28 < tmetro-> first node has WiFi and HDMI connectors brought to the back of the case 19:39 < tmetro-> Hardware show-and-tell complete. 19:40 < tmetro-> (Federico will bring one back and power it up for a future OpenStack talk.) 19:46 < tmetro-> Now talking about Ubuntu release life cycle. 19:48 < tmetro-> regular releases every 6 months, supported for 9 months 19:49 < tmetro-> LTS releases every 2 years, supported for 5 years. 19:55 < tmetro-> Canonical has "hardware enablement" kernels, which let you upgrade to a newer kernel to support new hardware without upgrading the OS version. 19:59 < tmetro-> now talking about security features in Ubuntu, and how they've changed across versions. 20:02 < tmetro-> one new feature is a mechanism to fetch a random seed from the network, to compensate for the lack of entropy in newly spun up VMs. 20:09 < tmetro-> Glibc uses stack "canaries" to detect overflows, and heap pointer obfuscation to make writing exploits harder 20:18 < tmetro-> Canonical has done a lot of work on containers (LXC) and now supports Docker. 20:19 < tmetro-> Canonical is making Docker versions of its standard VM images available that closely match the VM version. 20:39 < tmetro-> Talk over. Day changed to 19 Jun 2014 Day changed to 20 Jun 2014 10:31 [Users #blu] 10:31 [+rajiv] [ blu_jabr] [ notori0us] [ tmetro] Day changed to 21 Jun 2014 Day changed to 22 Jun 2014 Day changed to 23 Jun 2014 Day changed to 24 Jun 2014 Day changed to 25 Jun 2014 Day changed to 26 Jun 2014 19:25 < tmetro-> Jim Gettys talk (IEEE, not BLU) on security of Internet connected devices, specifically home routers. 19:27 < tmetro-> he analyzed the software packages on his new home router and found many were 4 years old. 19:28 < tmetro-> the telnet daemon hadn't been maintained in 10 years. 19:28 < tmetro-> routers, thermostats, tvs, and other connected devices have long lifespans. 19:29 < tmetro-> they outlive the willingness of their vendors to maintain them. 19:31 < tmetro-> Familiarity breeds contempt: the honeymoon effect and the role of legacy code on zero-day defects 19:31 < tmetro-> continuous updates is essential for the life of the device. 19:36 < tmetro-> firmware is usually not updated after about 1 year 19:43 < tmetro-> Older embedded Linux devices use a more primitive Flash file system that didn't support uid/gid, so everything runs as root. 19:45 < tmetro-> vendors that make the chips are disconnected from the end users. 19:45 < tmetro-> software is an expense and an after-thought. 19:46 < tmetro-> if it doesn't crash or doesn't get bad reviews, then they're happy. 19:47 < tmetro-> code is so old that changes can't be pushed upstream. 19:47 < tmetro-> each odm works on its own, re-fixing the same problems. 19:50 < tmetro-> binary blob disaster: can't move to newer code because it is incompatible with the binary drivers supplied by the silicon vendors. 19:52 < tmetro-> devices need a secure boot loader. 19:53 < tmetro-> if your boot loader isn't secure, then your updates aren't secure. 19:54 < tmetro-> openfirmware is an example of it done right. 19:56 < tmetro-> Anything used in sufficient volume becomes critical infrastructure. 19:57 < tmetro-> you don't know in advanced which projects or devices will end up being widely deployed. 19:59 < tmetro-> "Rms was right about Tivoization!" 20:02 < tmetro-> 3rd party open source firmware communities are fractured, due to the binary blob problems. 20:04 < tmetro-> comcast paid dnsmasq developer to add dnssec support. 20:06 < tmetro-> there can be hidden monocultures where a single chip and binary blob is used in a wide array of devices. 20:08 < tmetro-> code without a support community is worthless. 20:08 < tmetro-> must code be born open? 20:09 < tmetro-> linux itself is a monoculture. Need more bsd. (Binary blobs hold them back.) 20:10 < tmetro-> should after market upgrades be possible? 20:10 < tmetro-> who pays for development and support in open source? 20:11 < tmetro-> "Friends don't let friends run factory firmware." 20:18 < tmetro-> Many routers run 6 year old versions of samba, because that is when it switched to gpl v3. 20:18 < tmetro-> unplug anything that is not being updated. 20:19 < tmetro-> Buy devices that have updates available, preferably automatic. 20:19 < tmetro-> prefer fully open devices. 20:20 < tmetro-> Install openWrt or CeroWrt today. 20:23 < tmetro-> Has enough flash, and minimum binary blobs: wndr-3800 20:33 < tmetro-> http://wiki.openwrt.org/toh/netgear/wndr3800 20:35 < tmetro-> Even in current openWrt many things still run as root that shouldn't due to the changes made years ago for the rudimentary flash file systems. 20:46 < tmetro-> None of the manufacturers that use openWrt on their devices have financially supported the project. 20:47 < tmetro-> the first support arrived only recently when Jim convinced Google to provide development servers. 20:48 < tmetro-> talk over. Day changed to 27 Jun 2014 Day changed to 28 Jun 2014 Day changed to 29 Jun 2014 Day changed to 30 Jun 2014