Those interested by the previous part of the story can read the previous article on LCA14.
This time, even if still tired by night work, I had to be on time in order to attend the keynote.
Matthew Garrett was talking about Security in general Secure Boot in particular (a subject he has been covering for a long time now). This was complementary to the Keynote given on Day 1. Matthew insisted on the need, in a post Snowden area, for technologies such as Secure Boot to improve Security which are more and more turned on by default. Having a trusted and verified boot chain is a critical aspect of system security, which Secure Boot provides. And this letting users replacing their keys, so leaving freedom to them (on x86). And today Linux distributions are indeed supporting pretty well Secure Boot on UEFI, as I was able to test myelf during the UEFI Plugfest we had last year. Matthew posed more questions in fact than he gave answers around security: What level of trust to have for hosters, Software or HyperVisors or or Firmware or Hardware manufacturers. Of course as he said rigtly “Imperfect security is better than no security” and he mentionned that most of the attacks are model specific, so we may still have a certain level of trust in our platforms. He also reminded that Security agencies may not be the biggest concern with regards to security.
And BTW as Matthew said “if we don’t trust our Hardware, then why are we running a computer”.
I found that keynote very relevant, and making you think once more to how you treat security and how you can do that better to protect your contents.
After the traditional morning coffee, during which people exchange on various topics of their choices such as shoes, it was time to attend the 2 sessions of the morning.
The first was on Python Packaging 2.0 by Nick Coghlan which I was curious to see in order to measure the impact on project-builder.org. Unfortunately, it went rapidly into a lot of concepts intimately linked to python, which I’m not savy enough in to follow closely and PEP proposals of evolutions I’d need to read before being able to understand stuff better. So with a doubt a good presentation, but I wasn’t the right audience 😉
And that was the same with the next one. Very good presentation from Katie Miller on functional languages (and in particular Elixir), but that’ very far from what I do and know. I hadn’t a better choice for that time slot, so at least enjoyed the pictures she used.
That was much better after lunch for me. The first session was full, and after having seen it I undertsood why !
mosh belongs to this category of small software that rapidly becomes mandatory in your environment. If you use ssh, and screen to manage disconnecitons, then mosh is for you. What does it do for you: well it uses ssh to login to your remote system and after that it does communicate with it using UDP on another port, and keeps the connection available and ready to use, even if you disconnect, and reconnect from another IP e.g. Typical usage when you hibernate to go back home. It also echo locally characters, and underline them when they are also received on the other side. The demo was pretty impressive from that perspective. I alwyas found scren annoying as unable to keep my keyboard shortcuts and here, mosh does the job for you. The only point is that you need an open port on your firewall to go through with the UDP dialog, but that’ a light drawback I’m ready to accept to benefit from the services it provides. Ah; and ^C is just immediate ! That was really a useful and great presentation. Thanks Jim Cheetham to make it obvious it was the tool I needed !
The next session I chose on Petitboot, was also a good one. Again the principle is easy to understand: what if you were using Linux (the kernel) as your boot loader ? Instead of redeveloping each time driver support for each boot loader, and dealing with bugs already solved in the Linux kernel. Thats’ the simple yet powerful idea behind Petitboot. Jeremy explained clearly the advantages of his approach such as native support of a network stack and easy addition of client protocol for http, ftp, nfs… From that initial kernel acting as boot loader, the launch of the “real” kernel is done with kexec. Definitely worth exploring. So again added to my TODO list which never gets empty !
After the afternoon pause, it was time to go to Bdale’s session. I arrived early in the room, and that was a good choice as 5 minutes before the start the room was completely full, and they prevented more people to enter.
He explained that when the LCA organizer contacted him for a talk in 2013, he was still sorting issues folliwng the fire disaster which occured to his house and wasn’t really thinking to a talk for LCA. But they convinced him to just talk about that, as they really wanted to have him onboard. So that was indeed not a technical talk on IT, rather a technical talk on life during and after such as disaster. That was a shoking story of course, and Bdale, despite the humour he always keep in his talks, was touched even months after the event when he told us the story. He also gave some hints in order to keep important papers outside of the house, or scanning them to keep them on a mobile computer you can get with you. Surprisingly (for me) he insisted on insurance contracts and the good choice he made without really realizing it when he was younger. Maybe insurance company explain more to us in Europe consequences of such choices when we do it. As I’m a bit paranoid on valuable data, I already have scanned docs of the most important ones, and the backup copies I do regularly on a laptop nd on a server to always have many versions of the file for both backup and disaster recovery purposes. Maybe my work oN MondoRescue made me that way 🙂 Bdale received a lot of help from the community during this period and he concluded by saying that people were awesome and he was really meaning at the tone of his voice. Pretty moving presentation I must confess.
I didn’t attend the last session of the day due to a call with my daughter and later I attended the Dinner for Professionals, where I passed most of the time discussing with Thomas Petazzoni again. Robert Collins was HP’s representative to introduce the session and he did it that shortly and with lots of energy !
Waiting now for the last day !