Simon Lyall's Blog

Open Source Won, but Software Freedom Hasn’t Yet: A Guide & Commiseration Session for FOSS activists by Bradley M. Kuhn, Karen Sandler

Larger Events elsewhere tend to be corperate sponsored so probably wouldn’t accept a talk like this

Free Software Purists

• About 2/3s of audenience spent some time going out of their way using free software
• A few years ago you could only use free software
• To watch TV. I can use DRM or I can pirate. Both are problems.
• The web is a very effecient way to install proprietary software (javascript) on your browser
• Most people don’t even see that or think about it

Laptops

• 2010-era Laptops are some of the last that are fully free-software
• Later have firmware and other stuff that is all closed.
• HTC Dream – some firmware on phone bit but rest was free software

Electronic Coupons

• Coupons are all Digital. You need to run an app that tracks all you processors
• “As a Karen I sometimes ask the store to just ket me have the coupon, even though it is expired”
• Couldn’t install Disneyland App on older phones. So unable to bypass lines etc.

Proprietary dumping ground

• Bradly had a device. Installed all the proprietary apps on it rather than his main phone
• But it’s a bad idea since all the tracking stuff can talk to each other.

Hypocrisy of tradition free software advocacy

• Do not criticise people for use Proprietary software
• It is it is almost impossible to live your life without use it
• It should be an aspirational goal
• Person should not be seen as a failure if they use it
• Asking others to use it instead is worse than using it yourself
• Karen’s Laptop: It runs Debian but it is only “98% free”

Paradox: There more FOSS there is, the less software freedom we actually have in our technology

• But there is less software freedom than there is in 2006
• Because everything is computerized, a lot more than 15 years ago.
• More things in Linux that Big companies want in datacentres rather than tinkerers in their homes want.

What are the right choices?

• Be mindful
• Try when you can to use free software. Make small choices that support software freedom
• Shine a light on the problem
• Don’t let the shame you feel about using proprietary software paralyze you
• and don’t let the problems we face overwhelm you into inaction
• Re-prioritize your FOSS development time.
  • Is it going to give more people freedom in the world?
  • Maybe try to do a bit in your free time.
• Support each other
• FAIF.us podcast

Advanced Stream Processing on the Edge by Eduardo Silva

Data is everywhere. We need to be able to extract value from it

• Put it all in a database to extract value
• Challenge: Data comes from all sorts of places
  • More data -> more bandwidth -> more resource required
  • Delays as more data ingested
• Challenge: lots of different formats

Ideal Tool

• Collect from different sources
• convert unstructured to structured
• enrichment and filtering
• multiple destinations like database or cloud services

Fluentbit

• Started in 2015
• Origins lightweight log processor for embedded space
• Ended up being used in cloud space
• Written in C
• Low mem and CPU
• Plugable arch
• input -> parser -> filter -> buffer -> routing -> output

Structure Messages

• Unstructured to structured
• Metadata
• Can add tags to date on input, use it later for routing

Stream processing

• Perform processing while the data is still in motion
• Faster data processing
• in Memory
• No tables
• No indexing
• Receive structured data, expose a query language
• Nomally done centrally

Doing this on the edge

• Offload computation from servers to data collectors
• Only sends required data to the cloud
• Use a SQL-like language to write the queries
• Integrated with fluent core

Functions

• Aggregation functions
• Time funtiocs
• Timeseries functions
• You can also write functions in Lua

Also exposed prometheus-type metrics

The History of X: Lessons for Software Freedom – Keith Packard

1984 – The Origins of X

• Everything proprietary
• Brian Reid and Paul Asente: V Kernel -> VGTS -> W window system
  • Ported to VAXstation 100 at Stanford
  • 68k processor, 128k of VRAM
  • B&W
• Bob Scheifler started hacking W -> X
• Ported to Unix , made more Unix Friendly (async) renamed X

Unix Workstation Market

• Unix was closed source
• Vendor Unix based on BSD 4.x
• Sun, HP, Digital, Apollo, Tektronix, IBM
• this was when the configure program happened
• VAXstation II
  • Color graphics 8bit accelerated
• Sun 3/60
  • CPU drew everything on the screen

Early Unix Window System – 85-86

• SunView dominates (actual commerical apps, Ddesktop widgets)
• Digital VMS/US
• Apollo had Domain
• Tektronix demonstrated SmallTalk
• all only ran on their own hardware

X1 – X6

• non-free software
• Used Internally at MIT
• Shared with friends informally

X10 – approx 1986

• Almost usable
• Ported to various workstations
• Distribution was not all free software (had bin blobs)
  • Sun port relied on SunView kernel API
  • Digital provided binary rendering code
  • IBM PC/RT Support completed in source form

Why X11 ?

• X10 had warts
• rendering model was pretty terrible
• External Windows manager without borders
• Other vendors wanted to get involved
  • Jim Gettys and Smokey Wallace
  • Write X11, release under liberal terms
  • Working against Sun
  • Displace Sunview
  • “Reset the market”
  • Digital management agreed

X11 Development 1986-87

• Protocol designed as croos-org team
• Sample implementation done mostly at DEC WRL, collaboration with people at MIT
• Internet not functional enough to property collaborate, done via mail
  • Thus most of it happened at MIT

MIT X Consortium

• Hired dev team at MIT
• Funded by consortium
• Members also voted on standards
  • Members stopped their on develoment
  • Stopped collaboration with non-members
• We knew Richard too well – The GPL’s worst sponsor
• Corp sponsors dedicated to non-free software

X Consortium Standards

• XIE – X Imaging Extensions
• PIX – Phigs Extension for X
• LBX – Low Bandwidth X
• Xinput (version 1)

The workstation vendors were trying to differentiate. They wanted a minimal base to built their stuff on. Standard was frozen for around 15 years. That is why X fell behind other envs as hardware changed.

X11 , NeWs and Postscript

• NeWS – Very slow but cool
• Adobe adapted PostScript interpreter for windows systems – Closed Source
• Merged X11/NeWS server – Closed Source

The Free Unix Desktop

• All the toolkits were closed source
• Sunview -> XView
• OpenView – Xt based toolkit

X Stagnates – ~1992

• Core protocol not allowed to change
• non-members pushed out
• market fragments

Collapse of Unix

• The Decade of Windows

Opening a treasure trove: The Historical Aerial Photography project by Paul Haesler

• Geoscience Australia has inherated an extensive archive of hisorical photography
• 1.2 million images from 1920 – 1990s
• Full coverage of Aus and more (some places more than others)

Historical Archive Projects

• Canonical source of truth is pieces of paper
• Multiple attempts at scanning/transscription. Duplication and compounding of errors
• Some errors in original data
• “Historian” role to sift through and collate into a machine-readable form – usually spreadsheets
• Data Model typically evolves over time – implementation must be flexible and open-minded

What we get

• Flight Line Diagrams (metadata)
• Imagery (data)
• Lots scanned in early 1990s, but low resolution and missing data, some missed

Digitization Pipeline

• Flight line diagram pipeline
  • High resolution scans
  • Georeferences
• Film pipeline
  • Filmstock
  • High Resolution scans
  • Georeference images
  • Georectified images
  • Stitched mosaics + Elevation models

Only about 20% of film scanned. Lacking funding and film deteriorating

Other states have similar smaller archives (and other countries)

• Many significantly more mature but may be locked in propitiatory platforms

Stack

• Open Data ( Cc by 4.0)
• Open Standards (TESTful, GeoJSON, STAC)
• Open Source
• PostGreSQL/PostGIS
• Python3: Django REST Framework
• Current Status: API Only. Alpha/proof-of-concept

API

• Search for Flight runs
• Output is GeoJSON

Coming Next

• Scanning and georeferencing (need $$$)
• Data entry/management tools – no spreadsheets
• Refs to other archives, federated search
• Integration with TerriaJS/National Map
• Full STAC once standardized

Engineer tested, manager approved: Migrating Windows/.NET services to Linux – Katie Bell

Works at Campaign Monitor

• sends email spam
• Company around since 2004

Software product generations

• Originally a monolith
• Windows, C# .net framework, IIS, Monolithic SQLServer
• Went to microservices (called Reckless Microservices)
• Windows, C# .net , OWIN Hosting / Nancy , Modular databases

Gen 2 – “Reckless” Microservice

• Easy to create a new microservices
• and deploy etc
• Runs in ec2

Wanted to go to a tools like dockers, kubernetes that were not well supported by microsoft tools

Gen 3 – Docker Services

• Linux
• Java / Go

Lots of ways to do stuff

• 3 different ways of doing everything
• Confusing and big tax on developers
• Losing knowledge about how the older Reckless stuff worked

A Crazy Idea

• Run all the Reckless services in docker
• Get rid of one whole generation

What does it take?

• Move from .NET Framework to .NET Core
• Framework very Windows specific – runtime installed at OS level
• Core more open and cross-platform – self contained executable apps
• But what about Mono? (Open Source .NET Framework) .
  • Probably not worth the effort since Framework is the way forward
• But a lot of .NET Framework APIs not ported over to .NET Core. Some replaced by new APIs
• .Net Standard libraries support on both though, which is lots of them

What Doesn’t port to Core?

• Libraries moved/renamed
• Some libs dropped
• IIS, ASP.NET replaced with ASP.NET Core + MVC
• WCF Server communication
• Old unmaintained libraries

Luckily Reckless not using ASP.NET so shouldn’t to too hard to do. Maybe not sure a crazy idea.

But most companies don’t let people spend lots of time on Tech Debt.

Asked for something small – 2 weeks of 3 people.

• 1 week: Hacky proof of concept (getting 1 service to run in .NET Core)
• 2nd week: Document and investigate what full project would require and have to do
• Last Day: Time estimates
• Found that Windows ec2 instance were 45%
• Cost saving alone of moving from Windows to Linux justied the project
• Pitching:
  • Demo
  • Detailed time estimates
  • Proposal with multiple options
  • Concrete benifits, cost savings, problems with rusty old infra

• Microsoft Portability Analyzer
  • Just run across app and gives very detailed output
• icanhasdot.net
  • Good for external dependencies

Web Hosting differences

• OWIN Hosting vs Kestrel
• ASP.NET Core DI

Libraries that Do support .NET Standard

• Had to upgrade all our code to support the new versions
• Major changes in places

OS Differences

• case-sensitive filenames
• Windows services, event logging

Libararies that did not support .net Standard

• Magnum – unmaintained
• Topshelf

.NET Framework Libraries can be run under .NET Core using compatibility shim. Sometimes works but not really a good idea. Use with extreme caution

Overall Result

• Took 6-8 months of 2-3 people
• Everything migrated over.
• Around 100 services
• 78 actually running
• 43 really needed to be migrated
• 31 actually needed in the end
• Estimated old hosting cost $145k/year
• Estimated new hosting costing $70k/year
• Actual hosting cost $15k/year
• Got rid of almost all the extra infrastructure that was used to support reckless. another $25k/year saved

Advice for cleanup projects

• Ask for something small
• Test the idea
• Demonstrate the business case
• Build detailed time estimates

Collecting information with care by Opel Symes

The Problem

• People build systems for people without checking our assumptions about people are valid
• Be aware of my assumptions, this doesn’t cover all areas

Names

• Form “First Name” and “Last Name” -> “Dear John Smith”
• Fields Required – should be optional
• Should not do character checks ( blocking accents etc )
• Check production support emoji.. everywhere
• MySQL Character Encodings. Only since 5.5 , default in MySQL 8
• Every Database, table and text cloumn and defaults need to be changed to the new character set. Set connection options so things don’t get lost in transfer.
• Personal Names around the world
• Chinese names
• Names can be long
• Recommendation
  • Ask for “Full name” (where a legal name is required) and “Greeting”
  • Unicode all the way down – test with emoji
  • No Length limits

Email

• Email addresses are quite complex
• Does it have an “@”
• Checked it is not a simple typo of a well-known email down
• Will it be accepted by the email sender?
• Look for an MX record
• Ask the SMTP server if this username is valid
• Simple checks for common errors
• Don’t roll your own checking, use you own mail server or the mail library that you will using to send.

Gender

• Transgender vs Cisgender
• Non-binary – Gender that isn’t male or female
• Don’t just give the two options
• A 3rd “other” option isn’t ideal
• A freeform field is good.
• Gender Alternative from Nikki Stevens
• Instead ask if people make up an “under representated community”

Pronouns

• What pronounces should we use to refer to you? ( he , she, they )
• Works okay in English but may not in other languages
• Some lanugages lack gender-nutral pronoun
• Some languages lack gender pronouns
• pronoun.is

Titles

• Ask for “None” but don’t actually print it “Dear None Smith”
• Ask for Mx
• Have a freeform field ( Dr, Count )
• Maybe avoid titles if possible
• Don’t show people according to gender, ask specifically.

Gender – WGEA

• The Act defines gender as male or female.
• Others are not reported.
• Have an explanation for people who don’t fit in the above

Data Retention

• Make it simple to change
• Give users options if it isn’t (eg show preferred name)

Changing Username

• Usernames are often options
• Changing them comes with some caveats
• Using UUIDS to links to users rather than usernames

Changing Emails

• There are security implications

Deleting Data

• Make it possible and no to hard

Keynote: Who cares about Democracy? by Vanessa Teague

The techniques for varifying electronic elections are probably to difficult for real voters to use.

The ones that have been deployed have lots of problems

Complex maths for end-to-end varifiable elections
– people can query their votes to varify it was recorded
– votes are safely mixed so others can’t check.

Swisspost/Scytl System
– 2 bugs. One in the shuffling, one in decryption proof

End-to-end verifiable elections: limitations and criticism

• Users need to do a lot of careful work to verify
• If you don’t do it properly you can be tricked
• You can ( usually ) prove how you voted
  • Though not always, and usually not in a polling-place system
• Verification requires expertise
• Subtle bugs can undermine security properties

What does all this have to do with NSW iVote?

• Used Closed source software
• Some software available under NDA afterwards
• Admitted it was affected by the first Swiss bug. This was when early voting was occuring
• Also so said 2nd Swiss bug wasn’t relevant.
• After code was available they found it was relevant, a patch had been applied but it didn’t fix the problem
• NSW law for election software is all about penalties for releasing information on problems.

Victoria has passed a bill that allows elections to be conducted via any method which is aimed at introducing electronic voting in future elections

Electronic Counting of Paper Records

• Keynote: Who cares about Democracy? by Vanessa TeagueVarious areas have auditing software that runs against votes
• This only works on FPTP elections, not Instant-runoff elelctions
• Created some auditing software what should work, this was testing using some votes in San Francisco elections
• A sample of ballots is taken and the physical ballot should match what the electronic one said it is.

Australian Senate vote

• Auditing not done, since not mandated in law

What can we do

• Swiss has laws around transparency, privacy and varivication
• NSW Internet voting laws is orientated around protecting the vendors by keeping the code secret
• California has laws about Auditing
• Australian Senate scrutineering rules say nothing about computerised scanning and auting
• Aus Should
  • Must be a meaningful statistical audit of the paper ballots
  • with meaningful observation by scrutineers

In Summary

• Varifiable e-voting at polling place is feasible
• over the Internet is an unsolved problem
• The Senate count at present provides no evidence of accuracy
• but would if a rigorous statistical audit is mandated

How else to use verifiable voting technology?

• Crowsourcing amendments to legislation with a chance to vote up or down
• Open input into parliamentary quesions
• A version for teenagers to practice debating what they choose

Open collaborations: leadership succession and leadership success – Anne Smith & Myk Dowling

• Started playing Kerbal Space Program and using lots of mods to it.

KSP-CKAN

• Comprehensive Kerbal Archive Network
• 150k downloads of a previous release, 72k of last release
• 1035 starts on github
• 124 releases from 16 developers
• Written in C-sharp

Why was the project a success out of around 1.4 million projects?

Conway’s Law

• FOSS projects are generally modular
  • C and C-derived languages are predictive of success
  • Portability predictor of success
• Layered Development

83% of FOSS Projects fail. 46% before and 37% after a stable release

How do projects organise?

• First the founder 1-2
• Then a belt of users emerages
• Then a periphery – active users
• A core of developer emerges
• Some formality emerges

Onboarding People

• Relying on self-motivated people limits the number of people who will join your team
• If you lose people by brushing them off you reduce your team diversity, team diversity gives increased likelihood of success
• From the core to the periphery. Order of magnitude decrease in activeity but order of magnitude increase in size.
• Therefore is 1:1 level or work. Which is about the same level of code:support work that is needed.
• Flat structures are not stable; FOSS teams self-organise into a complex of a dual-layer structure
• Leaders should prioritise the people on the periphery. Many join for a short term need, the leader has to give them other reasons to stick around.

Links to other Projects

• Friction with Mod authors. Mods who though CKAN installed things the wrong way and caused problems got annoyed.
• Some authors of modules that were under FOSS asked for it to be removed, which CKAN resisted doing.
• CKAN was mostly orientated towards users and not so much towards the authors
• Significant group of mod authors considered opting out of CKAM
• Speaker proposed a policy that allowed mod authors to delete mod

Leadership

• Strong technical contributions
• Participatory behavior
• Organisation building behaviors

Leadership origin and style

• Typically the initial leader/s are the founder/s
• Often shared
• Leaders may move from core to periphery without losing the position
• Organisation focus vs Product (technical) focus
• People with both skills are the ones selected for leadership

CKAN in Transition

• Removed mods as requested
• Which broke things for some time
• Leadership got transfered over
• Original technical-orientated leader stepped back
• A more Organizational-orientated leader took over
• A clear and public succession is much better. Although some people still dropped out.
• But better and an acrimonious fork

Leadership Transitions

• Make speed and smooth
• Happen at the speed of military coups
• Limited participation from a predecessor assits in a smooth change
• Establishing succession rules helps

Review the state of your projects public-facing website from the POV of the peripheral people you want to attract.

Open Source Citizenship by Josh Simmons

Healthy Projects are vital which is why many companies are investing in projects

• They don’t just need money

What are companies doing now?

• Upsteaming contributions
• Contributing to the ecosystem
• Paid contributors on staff (full or part time)
  • Hire out of the Project contributors
• Supporting with money, infrastructure etc. Both projects directly and other things
• Programs to help contributors get started.
• Sharing their experience

What companies provide is not always what communities want

What are Communities asking for?

• Volunteer design,
• UX/UI
• Project management
• technical writing
• data science
• marketing/PR

and yet, code still dominates. These skills need onramps to contribute to your projects.

• Contribute beyond what the company needs
• Projects want testing and QA resources
• Fund conference travel for contributors
• Event Space
• Open Source friendly contracts for employees who contribute to Open Source – See the “Contract Patch Program”
• Jobs the maintainers and contributors when heavily relying on their work
  • If the maintainers are not getting paid that is a risk for the business
• Encourage Universities to give students credit for contributing to FLOSS
• Abide by community norms

Building a Culture of Open Source Citizenship

• Enumerate and value your dependencies
• Raise internal aweness
• Incentivise your people to contribute to open source
• train, train and train
• Be Patient

For FLOSS Projects

• Make it easy to learn about you project
• Have clear project government and licensing
  • Say what you are looking for
  • We want to know the invest we make in you is going to be used well and in a trasparant way
  • Have a way to receive Money
  • Look at being a member of a larger organisation like Software Conservatory
  • See also open collective if you are just starting out
• Have a plan for how you are going to use the money
• Be prepared to work with corporate timelines
• Be prepared to onboard new contributors
  • Contributor documentation

What UNIX Cost Us by Benno Rice

Not everything is a file

Connecting to a USB device:

• Windows – not too bad
• Mac – a little weird
• Linux – Lots of weird file operations. ioctl to pass data back and forth

Even worse API for creating usb_fs device. Lots of writing random data to random files.

But this is all behind a nice library?

• Yeah but it is still a mess under the hood

Got a Byte? – Unix IO model

• Works okay on small slow machines with simple slow interfaces
• Doesn’t work so well with Internet, blocking
• poll still has performance limitations
• kevent api looked nice but Linux got epoll instead (but focuses around file descriptors)
• But they are all still synchronous
• Windows has Async calls

Unix is Tied to it’s history

• Windows is newer so could learn from what came before and targetted newer hardware

C is for Colonialism

• Farming in Europe
  • Moved to Australia, everything they new about farming doesn’t work any more.
• PDP 11 was what Unix originally was one, simple process model.
• Modern CPUs are not very simple
• New CPUs lie to the OS about what the state of the machine really is (see Spectre).
• C is not built to handle this.
• C doesn’t handle
  • Vectorisation
  • Structure layout and padding
  • Arrays, pointers etc
• We are not on a PDP-11 anymore
• We have failed to evolve out CPUs and C because they are locked to each other
• “C is not a Low Level Language” – Article

The UNIX Philosophy Problem

• Lots of different definitions
• Pipes seem important
• Everything I like about using computers these days tends to be big integrated desktop tools.

Unix Suited it’s time

• By accident it became the thing we all use
• That time was a long time ago

How we run the community has also evolved.

Privacy is not Binary: A discussion of data systems, ethics, and human rights by Elizabeth Alpert and Amelia Radke

I was a little late to this talk so missed out the first 10-15 minutes

Social Media data reuse

• Used by the providers
• Governments
• Other users
• Malicious Users

Chucking lots of data into an “AI” is seen as yelding interesting and cool data.

Within Academia

• Risk management. Aware of harms, mitigated, risk/reward

Is Social Media data public or private?

• It was shared with the expectation of a certain context
• Had to write things your friends but keep random 3rd parities in mind
• Inferring personal information -> Dangerous
  • Especially when you are trying to infer “protected” characteristics like sexuality or religion
• Consent? – Tricky
• Anonymizable? – Doesn’t work

Perceptions of Risks

• At risk groups usually given higher protection
• Privacy is cultural concept
• Cultural Maps

How do we do things better

• Ethics can’t be just one person’s responsibility, it has to be in all decisions
• Who does this belong to?
• How do they want it to be shared?

Building a zero downtime Kubernetes cluster by Feilong Wang

Working for Catalyst Cloud. Catalyst Cloud especially appealing to NZ customers who don’t want latency of going to Australia

Zero Downtime in K8s Context
– Downtime of the User applications
– Downtime of the k8s cluster

The ultimate goal is zero downtime for the customer applications.

User Applications

• Replicas >2 (ideally >3)
• podDisruptionbudget with minAvailbale
• Correct RollingUpdate strategy
• Connection Draining (using readynessProbe, handle SIGTERM)
  • use prestop for apps that don’t handle sigterm
• HTTP Keep-Alive

Zero Downtime for the K8s Cluster

• Planned maintenance (eg an upgrade)
• Unexpected node broken

Planned

• Cordon and drain nodes, upgrade, uncordon

Unplanned Node Broken

• Failure detection
• Repair/Healing
• Manual or Automatic?

Detect Failure

• Detect failures from outside or inside the cluster

Draino + Cluster Autoscaler

• Detect node status/condition by draino
• Draino the node
• Autoscaler will remove the empty node since it’s workload is under 50%
• See also Node Problem Detector

Magnum AutoHealer

• Support master node and etcd repairing
• Autoscaler is responsible for repairing
• The node count is predictable after repairing
• Currently only supports openstack but could be extended

Like, Share and Subscribe: Effective Communication of Security Advice by Serena Chen

Tools and ideas to help you communicate security advice to friends and family who are not in tech.

Security Professionals are a bubble within the Tech Bubble.

Tell the people who are doing the wrong practises (like using Windows XP) that “we can’t help you”.

Nobody chooses to do the wrong thing and be insecure, they are trying to do the best for themselves.

What if people are not bad at security “because it is hard” but because they are not getting the right messages.

Personas

• Group 1
  • Don’t know what good practice looks like
  • Confused what to do
• Group 2
  • Knows some good practises
  • But doesn’t do any of them (eg knows about password managers but doesn’t use them)
  • Not sure how to impliment

Security is lot exercise

• Ongoing
• More is better
• Room for improvement
  • Little steps, not big steps
  • Do one update not a huge change
  • The Perfect is the enemy of the good
  • Personalised for each person

How to Personalise for each person

Consider where on the following spectrums they fall

• Technological Capability
• Privacy needs
  • Don’t forget those who need to be visable
• Likely Adversaries

The Open Internet tools Project have a big sample of personas

Lay a Path for Progression

• Couch to 5k for Security
• Week 1 – Add a password on your phone
• Week 2 – Change you email password

How do we communicate

• Tell, sell and shame doesnt work
• Lead by example (with is what I do, you could too)
• Sell doesn’t work
  • Give people successful examples to emulate
  • Give peopel scripts to help them navigate
• Shame also doesn’t work
  • Shame Culture means that people don’t ask for advice
  • Try asking “Hey, can I show you a better way to do this? “

“Influencers”

• Show don’t tell
• Show their mistakes
• Let you opt in and not out
• Give you a range of people to follow
• I made a youtube channel!
  • Immediately fell back into the habit of Tell, Sell and Shame
  • To reach people requires a degree of vulnerbility
  • Experts are the ones who don’t want to reveal their personal security setup
• What else happened
  • Friends asked me about my security
  • Showed people in IRL my personal setup and how I got there
    • Honest about how hard it was
    • A lot of them were already clued up, seeing somebody they know actually doing it encouraged them to take the step and do it

Be Vulnerable

• Tell them how you screwed up
• People want to hear how they are not stupid for finding it hard
• Be nice to people

Keynote: From 2020 to 2121: How will we get there?

Who is watching and why are they watching,? Why does it matter?

People install siri and other personal assistants. Cameras are everywhere.

We are making it too easy for the bad guys.

But makers of free and open source software and also helping the persuasion industry. Are we responsible for that?

The Why matters. Is the tech deterring crime, helping rescue people or used for repressing people.

Observation + Suspicious = Surveillance

From here to 2021

How to make the future happen. Act now to create what you’ll need when you get there. Pack like a Hiking trip

The Four Powers – Information, Relationships, Resources and Decision Making

What is something small can you do now to make the future better? Donna is going to take steps to improve our herd immunity to mass surveillance

https://etherpad.wikimedia.org/p/LCA2121

Step to take to more evenly distribute power now and more evenly distribute the future in 2021

Open Australia – Run various websites
– Putting Hansard online in machine readable format
– More easily submit freedom of information request

Appreciative Inquiry

Unsafe Defaults: Deploying Kubernetes Safer(ish) – James

Overview of Kubernetes

• A compromised container is very close to being a compromised host
• While you shouldn’t curl|bash the attacker can do it to get the latest exploits.

Three Quick things for some easy wins

• The Kubernetes API is completely open from localhost. This is no longer required but old clusters and some upgraded clusters may still have it.
• Put a Valid certificate on the cluster or at least one you can keep track of.
• Get rid of unauthenticated user roles as much as possible.
• Check you don’t still have “forever tokens”
• A Good idea not to give service tokens to most pods.
  automountServiceAccountToken: false

PodsecurityPolicy

• Keep an eye on
• New
• You need good RBAC
• Have a look at k-rail

etcd

• Can turn on authentication
• Can turn on TLS between peers and clients
• Can encrypt on disk
• Can restrict it with a firewall

Every Image Has A Purpose by Allen Shone

Docker Images

• What are they anyway
• A base definition to prepare a filesystem for execution as a container
• Caching mechanism
• Reproduceable
• Great way to share runtime circumstances
• A comprehensive environment structure

Layers

• image is a series of layers
• Minimizing layers makes things better
• Structure the image build process to get the best set of images

Basic Uses

• Use the most appropriate image
• A small fix can add up

Images in Production / Customers facing envs

• When deploying containers, be precise as possible.
• The image should be ready to go without further work
• Keep image and small and simple as possible
• “FROM: golang:alpine” in testing
• “FROM: scratch” in production
• Two images but they serve different purposes

Development

• Possible to use the same image as previously
• Bring in some extra debug tools etc, mocks for other services

Trimming the final image to be very specific

• Start with the production image and add extra layers of stuff

Deployed Considerations

• Some things only come into consideration once they are deployed
• Instead of creating a big general container, create two containers in a pod that share a file system
• Configuration should be injeted, as an env-specific setup
• Images should be agnostic

Extras

• Look at using the .dockerignore file
• Use image scannign tools ( Diive and Clair)
• A little preparation up front can prevent a lot of headache later

Privacy and Transparency in the VPN industry by Ruben Rubio Rey

We are at an “Oh Noe!” Moment in the VPN Industry

VPN Advantages

• Protect your privacy
• Bypass Geo-Restrictions
• Beat Censorship
• Save money on Hotels and Flights
• Download torrents anonymously
• Bypass ISP speed regulations
• Secures Public WIFI

What Can be intercepted?
– Without Encryption: Any Data
– With Encryption: IP and Port

But HTTPS only works of client and server configured correctly
Client: Rough root certificate
Servers: CORS, insecure SSL version

Protect Your Privacy

• Many Countries Systematicly collecting data about citizens
• ISP collect data, must keep for two years and accessabil to agencies
• USA ISP’s can sell information
• Others Countries tried to put in MITM Certs

So Private companies have incentives to protect my data?

The Reality of Private VPN providers

• Several examples of collecting Data
• Several examples of them releasing data to agencies
• Random security and implementation problems
• Exaggerations in sales pitches
• Installs Rouge Roots Cert on user machine

Conflict of Interest, what is a business model of the providers?

Stats

• 59% of Free VPNs in play store had hidden Chinese ownership
• 86% had privacy policy flaw
• 85% asked for excessive permissions

Are VPN Companies Needed?

People with non-technical skills need an option

How to Improve the VPN Market?

• Privacy and Transparency go hand and hand
• Open Source Provides Transparency
• End to End open source VPN Company
• theVPNcompany.com.au

Install you own VPN

Algo and Streisand

Create your own VPN Company using the base for “The VPN Company”

https://thevpncompany.com.au/

Authentication Afterlife: the dark side of making lost password recovery harder by Ewen McNeill

Twitter Account “badthingsdaily” . Fictional Scenarios that might happen to security people. Inspired this talk.

Scenario 1

• A Big fire took out your main computer
• You done have the computer and you don’t know all your passwords

Recovery Traditional

• You get email somewhere else. On your phone
• Click on Forgot my password
• Repeat until all accoutns recoveryed

Scenario 2

• You need to login to your account on a new device
• All account secured with 2FA
• Your 2FA isn’t working

Recovery

• Recovery Tokens
• Alternative 2FA Solution

Scenario 3

• Your bad was stolen
• It had computer, phone and 2FA
• Can bad guy impersonate you?
• Can you recovery faster than the other guy (or at all?)

Recovery

• Does you 2FA pop up on your lock screen?
• So anybody with your computer is able to get this?
• Race to reset passwords and invalidate your login tokens
• Maybe you remember your passwords but not you 2FA
• Recovery questions “Mother’s maiden name”
• Can be easy to discover, but if it is something random then you have to be able to find it (ie on the password store you just lost)

Multiple alternate authentication methods

• Primary you use every day
• One or more backups

If resetting your password every time is easier than remembering your password people will do that.

Attackers will use the easiest authentication method. Eg Contacting the Helpdesk or going into a bank branch office.

But if recovery is too hard you can end up losing access to your account permanently

Recommend: GitHub’s 2FA recovery guide

Scenario 4

You startups founder has left. He has wipped out all his computer. Now your Cloudprovider is threatening to lock you out unless you authenticate using 2FA

• Hopefully in the password store
• Or perhaps they no longer work
• Contact Helpdesk, Account Manager, Lawyer, Social Media (usually the bigger you are and the more you pay the better you chance)
• Sore everything centrally. How do you audit that? , regularly?

Scenario 5

A relative dies. You first step is to login to all their accounts work out what should be kept.

This will take months not years. Sometimes you will only find out the account exists when they email you that your account is about to expire.

Personal Observations

• You will not have access to their cellphone
• or probably not past the lock screen
• Anything they told you that was obvious you will forget
• You will not have access to the password store
• You may have access to saved passwords in browser
• Maybe you need to optimise for family can access stuff not complete lockdown.
• Physical notebook with passwords
• Consider in advance how you will recover if your 2FA device breaks
• How will you convince a helpdesk person that you are you?

Personal Mitigations

• Kawaiicon 2019 ” How can I help you” Talk by Laura Bell

You Shall Not Pass by Peter Burnett

Moodle is an open souce Learning Management System.

• Legacy System
• First developed in 1997
• Open Sourced in 2001
• New Code is good quality, older stuff not as much

Efforts to improve password policy

• Password policy was a bit antiquated
• Best policies come from NIST, 2018 version is good.
• Don’t force a pattern, Check for compromised passwords, Check for dictionary based and identifying passwords
• Look at the “Have I been Pwned” API – takes first 5 characters of the sha of the password.
• Dictionary checks – Top 10,000 English words might be enough
• Indentifying information – Birthdays, names, cities are things to watch for. Name of the company.

Released as an open source plugin for Moodle

A look at the Authentication Flow

• Natively supported LDAP etc.
• Lots of extra plugins impliment other methods
• Had to put MFA in when people using plugins. Difficult to mix
• Added extra hook on “account related” actions, they would check for MFA etc.
• Required a bit of work to get merged in.

Implementing MFA

• MFA is a superset of 2FA implimentations
• Had to do extensible platform
• Traditional: TOTP, Email
• Non-Traditional: IP verification, Authentication type (might already have MFA)
• Design considerations – Keep secure but impact people as little as possible.
• Different users: Not required, Optional, Forced Upon . So built in the ability for a range of use across platform.
• Learnings
  • Anything can be used as a factor
  • delicate balance between secure and usable
  • When designing, paranoid is the right mindset
  • Give the least information possible to allow a legit user to authenticate
  • What can the attacker do if this factor is compromised?

Final Thoughts

• Long way to go
• Security is a shifting goalpost
• Keep on top of new developments