This presentation introduces Active Tigger, an open-source research tool designed to accelerate collaborative text annotation in the social sciences.

The increasing use of text-as-data in social science research has created a pressing need for efficient annotation tools. While small datasets can be manually annotated, the exponential growth in available textual data (e.g., from newspapers and social media) demands solutions that enable collaborative annotation and automation. Moreover, the emergence of generative AI and large language models (LLMs) has highlighted the importance of robust corpus annotation practices, particularly for evaluating prompt-engineered outputs from LLM-as-a-service platforms like OpenAI or Hugging Face.

To address these challenges, we created an annotation platform, Active Tigger. A first version was developed in 2022 using R and RShiny (J. Boelaert, GitLab Repository). This tool embeds several annotation heuristics, including active learning—iteratively predicting and selecting annotations to maximize training quality—to help researchers build training datasets in order to fine-tuning encoder models. The tool quickly became integral to the research team's activities and beyond, which incited us to develop of a second, more robust version.

The current iteration of Active Tigger, built with a Python-based API and a React frontend, introduces enhanced flexibility and scalability. It supports collaborative workflows, accommodates a broader range of use cases, and is now in beta testing, with early adopters exploring its potential.

This presentation will cover three key aspects:

The journey of Active Tigger: From addressing specific social science needs to adapting to the evolving landscape of LLMs. Showcase: Demonstrating the annotation workflow using active learning and BERT fine-tuning. Future directions: Exploring the tool's evolution in the context of widespread LLM availability, discussing the trade-offs between focusing on specialized tasks and enabling broader applications.

Github repository of Active Tigger : https://github.com/emilienschultz/activetigger

GCC is the lifeblood which powers continued development for many legacy and niche processors, such as the Hitachi SH4, found in the Sega Dreamcast. See how far a group of retro game developers, reverse engineers, and language enthusiasts are able to push the console, armed with the latest version of the GNU Toolchain, taking a deep-dive through community-driven ports to the platform, such as Super Mario 64, Sonic Mania, Doom 64, and Grand Theft Auto 3.

Cloud Native databases architecture has evolved to leverage the elasticity, reliability and scalability available in the cloud. There is a growing trend to leverage object storage systems such as AWS S3 for architecting cost-effective, performant and scalable systems. S3 is a large-scale, high throughput key-value storage system, which it trades for a slightly higher latency. In this session we will present techniques used to leverage S3 for a low latency scalable distributed SQL database, in particular how to get around S3’s high latency by leveraging a novel new LSM Cloud Storage Engine that uses EBS as a cache to lower latency.

The basic foundations of the HelenOS project as we know it today have been laid in late 2004 and early 2005. This 20th anniversary is an opportunity not only for the usual status update talk about the recent developments and near future plans, but also a great opportunity to look at the bigger picture.

While the first 5 years of HelenOS were exploratory and the next 10 years were defined by dynamic expansion on all fronts by more than 80 individual contributors, the last 5 years could be fairly described as maintenance with much less activity.

HelenOS is alive and well, but there are no longer any low-hanging fruits in terms of major subsystems or frameworks missing. There is obviously still a sheer amount of individual hardware devices, file systems, standard APIs and polished features that could be supported or implemented, but that is clearly a less rewarding endeavor for potential contributors than working on the major building blocks like before.

Are there generic lessons to be learned from the story of HelenOS? Is every community-driven non-mainstream OS destined to end up in this "serene valley"? How do we plan to get out of it? The goal of this talk is to discuss these questions.

Ever wondered what it's like to maintain open source projects full-time?

In this talk, I'll share my journey from hobbyist to full-time open source maintainer, offering insight into the challenges and rewards of turning passion projects into a career.

Join me as I walk you through my journey, motivation, challenges, and tips for:

• Building a community around your open source project
• Increasing visibility and attracting contributors
• Navigating social media and livestreaming to grow your audience

And more! Along the way, I'll share insights from other maintainers, highlighting what works and what doesn't.

Blood, sweat, and code — it's all here, for the love of open source!

You can run anything on open source software, even a big conference. But have you ever tried running a theatre show with free and open software? Turns out you can. For the last five years, I have been running the technical side of a local theatre company with only free and open source software. Come to my talk to hear how we did it, what software we use(d) (and why), and what kind of bumps we hit.

We use open source software for the entire process, from preparation (writing the script, holding meetings), to ticket sales, our website, seat planning, audio mixing and broadcasting, video broadcasting and programming the lights. No closed source software is used in the process. An added challenge is that neither the theatre group, nor the public, are a technical audience or are aware what open source software is.

If you ever want to assist your local theatre group (do, they really can use technical people who don’t want to be on stage), come and listen!

Internet of Things (IoT) connects everyday devices, from sensors to smart home gadgets, with apps that control and monitor them. Building these systems requires programming languages that can work seamlessly across both embedded devices and applications. Swift has been great with C and C++ interoperability, but the introduction of Embedded Swift has brought this to a new level.

With Swift, we can now program embedded systems with low-power sensors and small memory footprints, while also taking advantage of Swift’s simplicity and safety to create interfaces that integrate seamlessly with high-level UI code.

This talk explores why Swift is the next big thing for IoT, demonstrating how it bridges the gap between embedded systems and user-interfacing Swift apps. You’ll learn why Swift’s expressive syntax, interoperability, and cross-platform capabilities simplify development for IoT.

When browsers load a Web page and its subresources, A LOT happens under the hood. They need to take into account render/parsing blocking resources, use a preload scanner, listen to resource hints (like preload/preconnect), loading modifiers (async/defer/module), fetchpriority, responsive images, and much more. Based on all those signals, they then need to somehow decide when to load which resources, to make optimal use of the modern HTTP/2 and HTTP/3 connections. And, as you might have guessed, none of the browsers do this in quite the same way (understatement alert!). Several even intentionally delay requesting some resources until others have been downloaded (shocked face emoji here).

This talk is a deep dive into how browsers decide when to load a specific resource, and some ways in which you can influence them to modify their behaviour (so you can make sure that important LCP image is definitely one of the first things to come in!). We will look at A LOT of different waterfalls and discuss why each looks the way it does, why browsers often make different decisions, and how to solve common problems (no, don’t just preload everything with fetchpriority=high, you monster!).

You will walk away with a deeper understanding of what happens under the hood, which will allow you to better deal with the various gotchas and quirks present in today’s browsers and resource loading features.

User authentication in real-time communication systems using SIP (Session Initiation Protocol) is evolving with the adoption of OAuth 2.0, as outlined in RFC 8898, published by the IETF in 2020. This protocol secures user access through authentication tokens (instead of traditional methods like Digest). This "Single Sign-On" approach allows for the use of a unified identity verification source across the entire information system, and is now being extended to VoIP. In this conference, we will explore how OAuth 2.0 and OpenID Connect are integrated into a modern SIP environment, with a focus on managing and validating access tokens. To illustrate this, we will use our Flexisip server solution.

Key Topics: - OAuth 2.0 and OpenID Connect: Introduction and benefits for authentication in modern SIP systems. - JWT for Authentication: Token signature validation and extracting user identity. - Integration in Flexisip: Demonstration of OAuth-based authentication with Flexisip, and token validation in a SIP environment. - Authorization Management: Controlling requests based on identity information extracted from access tokens.

This conference will provide an overview of how to implement and secure user authentication with OAuth 2.0 and JWT in a SIP server, using Flexisip as a concrete example.

Systematic literature reviews are essential for evidence-based research, but they are often slow and require a lot of effort. Motivated by the potential of Retrieval-Augmented Generation (RAG) technology, our team from Georgia Tech's Master in Computer Science program, with early guidance from researchers at Robert Gordon University, created PICO Scholar. This AI-powered platform helps researchers by turning their queries into embeddings, matching them with a semantic vector database, and pulling out important research details—Population, Intervention, Comparison, Outcome (PICO). It ranks relevant studies and offers a chatbot powered by RAG for exploring documents more deeply. Future updates aim to add features for real-time collaboration, making it easier for teams to work together on reviewing literature.

PICO Scholar uses a solid microservices setup with Red Hat OpenShift AI, boosted by Intel’s OpenVINO toolkit. It runs models like SciBERT for embeddings and TinyLlama for generating text, managed by ModelMesh. LlamaIndex organizes embeddings into a TiDB VectorStore for smarter searches, and fine-tuned adapters improve accuracy for specific fields. MinIO S3 supports smooth model storage, and the platform’s microservice design makes it scalable and resource-efficient.

What makes PICO Scholar stand out is not just its technology but its focus on community and collaboration. Built during two hackathons - including a 2nd place win at the Red Hat & Intel AI Hackathon - with changing team members and diverse skills, the project follows open-source principles, encouraging contributions from all backgrounds. Our goal is to make powerful research tools accessible to everyone, helping researchers worldwide speed up discoveries. By continuing to improve PICO Scholar, we hope to support the scientific community and build a platform that grows and evolves to meet its needs.

PICO Scholar GitHub repository

Our efforts to develop a complete Rust-based software stack for secure, cloud-native applications on the emerging RISC-V architecture. Despite the unavailability of current-generation hardware with H Extensions, Advanced Interrupt Architecture (AIA), and IOMMU support, we are proactively building and testing our stack in preparation for future hardware releases. Centered around the rust-vmm framework, we enable lightweight hypervisors like Dragonball, StratoVirt, Cloud-Hypervisor, and Firecracker—all designed to provide high performance, strong isolation, and virtualization-based security. Integrating these hypervisors with Kata Containers, we explore virtualization-based isolation of containerized workloads on RISC-V. By simulating hardware environments and leveraging forward-compatible software designs, we aim to be fully prepared for the introduction of real RISC-V hardware that meets RVA23 standard and RISC-V Server Platform specification, ensuring a seamless deployment path for confidential computing and secure cloud-native platforms.

Supporting modern smartphones on mainline Linux is getting easier by the year; it's now possible to get a lot of hardware working with fairly minimal effort or issues.

But what do we do for the parts which are not easy, the bits where you as a developer get stuck? Users of mobile phones expect everything to work, but the closer we get to that the more issues become apparent which are not just missing feature bringup.

We've managed to get 80% of the way, so let's talk about what's missing to get the remaining 20% to work and actually make phones mostly feature complete from a kernel perspective.

CERN (European Organization for Nuclear Research) is one of the world's largest and most respected centres for scientific research. It is home to the world's largest particle accelerator (Large Hadron Collider, LHC) and is the birthplace of the Web.

CERN's Storage and Data Management Group is responsible for enabling data storage and access for the CERN laboratory, in particular the long-term archival, preservation and distribution of LHC data to a worldwide scientific community (WLCG).

The CERN Tape Archive (CTA) Service manages more than 900 PBs of data distributes over about 50,000 high-capacity tapes in 6 tape libraries. The service ingests this exponentially growing amount of data at LHC data acquisition rates though its EOS based flash buffer and feeds up to 180 tape drives that write date on mounted tapes at over 90% write efficiency.

This high efficiency archival service runs on open-source software and is deployed on-premise on commodity hardware.

In this talk I would like to give you a high level view of the global CERN tape service performances and dive in the details of its real life deployment: from the flash buffer design principles to the tape servers connected to multiple tape drives via a dedicated network topology.

All of the presented software are open source and available for use and are deployed in other laboratories around the world.

We present bpftrace [1], a tracing tool for Linux based on eBPF which comes with a simple domain-specific language, "bpfscript". The language offers a convenient way to write eBPF tracing programs, without the need to dive deep into the complexities of eBPF. This makes bpftrace suitable as the entry point into the eBPF world. In addition, the terse nature of the language facilitates on-the-fly writing of very powerful short programs (so-called "one-liners") specifically tailored at the user's immediate tracing purposes.

Where bpftrace has struggled in the past, is writing complex tools which are intended to run and be maintained for a prolonged period of time. This has recently started to change with the introduction of many new bpfscript features such as variable and type declarations, user-defined functions, and more.

Ultimately, our goal is to make bpftrace the number one choice for most tracing tasks on Linux. In this talk, I will guide you through our way to achieve that - the current state of the project, the latest significant additions, and the planned future work.

No prior knowledge of eBPF or bpftrace is required for this talk. A basic understanding or a prior experience with Linux tracing is helpful.

[1] https://github.com/bpftrace/bpftrace/

I’ll show you exactly how I’ve secured my home network to protect my kids from inappropriate content using open-source tools: OPNsense and Pi-hole. By combining OPNsense's firewall features with Pi-hole’s DNS filtering, I’ve built a family-friendly setup that blocks explicit content at the network level. I’ll guide you through my configuration process, including the blocklists, DNS settings, and monitoring tools I use to keep an eye on network activity and ensure everything stays secure. You’ll get practical tips for creating a kid-safe environment without sacrificing privacy. If you want a DIY solution for content filtering and monitoring, this talk is for you.

Discover how the Rust programming language and the ROS 2 framework are transforming robotics development in this talk. Participants will dive into the fundamentals of the ROS2 Rust package https://github.com/ros2-rust/ros2_rust. The session will highlight Rust's performance and safety benefits, its integration with ROS 2 for robotic systems, and practical implementation techniques. Through guided exercises, attendees will learn how to program and control a quadruped robot using Rust within the ROS 2 framework, gaining insights into the challenges of robotic systems and how this powerful combination addresses them effectively. This talk is ideal for developers looking to enhance their robotics expertise using a modern programming language and a robust middleware. Whether you're new to Rust, ROS 2, or seeking to deepen your robotics knowledge, this session offers a unique opportunity to build robust and efficient systems for the robots of tomorrow.

Sampling from multidimensional distributions is a fundamental operation that plays a crucial role across sciences including modern machine learning and data science. An impressive number of important problems such as optimization and integration can be efficiently solved via sampling.

This talk is an introductory tutorial on open-source software volesti, a C++ package with R and Python interfaces. volesti offers efficient implementations of state-of-the-art algorithms for sampling as well as volume computation of convex sets in high dimensions. volesti provides the most efficient implementations for sampling and volume to date allowing users to solve problems that cannot be solved with alternative software packages.

The structure of the talk has two parts: first an introduction to volesti library and relevant background and second a tutorial that shows how volesti can be used with a focus on applications in artificial intelligence, finance and bioinformatics.

The EU Digital Markets Act is a law regulating the economic power of very large technology companies. The law includes several obligations to tackle unfair practices and improve market contestability addressed at companies considered "gatekeepers" of digital markets in the EU.

The DMA creates new opportunities impacting Free Software, like the obligations to allow alternative app stores, the prohibition of non-removable pre-installed software, the enabling of side-loading of software in devices, and interoperability rules regarding software and hardware.

The European Commission is the main authority responsible for implementing and oversight the DMA. The Commission has been investigating companies like Apple, Google and Meta due to their behaviour and practices.

This fireside chat will provide the audience the opportunity to interact with Commission's officers working directly with the DMA. The session will focus on the legal and technical challenges the Commission faces for DMA compliance, in particular: (a) Enabling alternative app stores in iPhones and iPads; (b) Enhancing interoperability in Apple devices; (c) Breaking lock-ins by leveling the playing field for smaller Free Software projects against gatekeeper commercial practices.

The format consists of: (1) a short presentation by the Commission's officers on the importance of DMA for Free Software contributors; (2) A longer Q&A session together with the audience moderated by Dr. Lucas Lasota about the technical and legal aspects of the DMA.

This fireside chat will provide valuable insights for the audience on the work of regulators in Europe, and how they implement key legislation for Free Software.

When tinkering with cars or other vehicles, being confronted with CAN communication or a similar bus is unavoidable. Throughout the past year, Thibault has been using CAN communication to build an Open Vehicle Control System and using it on a real car. In this talk, Thibault will explain how to get started with CAN reverse engineering, how he made different car parts from different brands talk together, and why Elixir and the Erlang Virtual Machine (the BEAM) is a good candidate for them to quickly prototype ECUs with cheap parts.

Cristal is an innovative, modular Wiki User Interface built entirely with TypeScript. It enables navigation and content creation across multiple knowledge sources, including XWiki, local folders, GitHub or NextCloud. Designed with a focus on modularity and extensibility, Cristal offers a modern, polished interface build with VueJS. Its features include offline capabilities, and real-time collaboration.

In this talk, we will showcase the progress made over the past year, including key features and the challenges we faced. We will also discuss how the project has evolved and outline the roadmap for the upcoming year.

An overview of Immich, and how it helps you backup, browse, search and organize your photos and videos with ease.

The Post Office Protocol is quite old and offers only very limited functionality. Every operation supported by POP is also supported by more modern email protocols like IMAP or JMAP. Yet POP3 is still supported by most email providers and email clients. In this talk we explore the questions "Why is that?" and "What can we do about it?"

Friendica has been part of the Fediverse since 2010, building bridges between Laconica and Diaspora*, making it one of the oldest active projects of the Fediverse - yet Friendica has flown under the radar most of the time.

In this talk we will give a short introduction to Friendica, its unique features and how it differs from other systems.

The Friendica project homepage can be found at friendi.ca, the source code for the core is maintained on github and for the addons on git.friendi.ca.

When you install a properly signed software update, maybe the update you got is different from what everyone else get. Maybe the attacker was able to sign a malicious update due to key compromise, or coercion of the legitimate key holder. How would you, or anyone else, notice?

One way to enable detection (but not prevention) of this kind of attack is transparency. When installing updates, verify the signature as usual. In addition, require that the signature is visible in a public append-only transparency log, where entries can be added but never removed.

Sigsum is a minimalistic transparency log that can accept signed checksum submissions for a wide variety of applications and entities that are neither known, nor trusted, by the log operator. The log itself does not become a trusted third party for applications, instead, applications depend on m-of-n trusted witnesses attesting that the log behaves correctly. One of the many use-cases of Sigsum logging is transparency for signed software packages and updates.

This talk explains the "detection, not prevention" benefits one can get from Sigsum, and describes the different roles that make up the Sigsum system.

The Genode OS framework is an open-source tool kit for building component-based operating systems. It scales from rather static embedded appliances to highly dynamic general-purpose computing as showcased by Sculpt OS. Nowadays Sculpt OS is mature, in daily use, and supports PCs, ARM notebooks and the PinePhone.

Since its inception, the Genode framework supports various microkernels and Linux at the lowest layer. Even so Genode leveraged the characteristic features of the underlying kernels, each kernel called for different trade-offs. All the requirements and expectations by the Genode framework towards the kernel are institutional knowledge of Genode's core developers and implicitly documented in Genode's foundation book.

As I'm currently in the process to enable another kernel, let's take a look back, review our experiences, re-iterate challenges we had to surmount, and draw the connection to the ongoing endeavor of broadening Genode's kernel landscape even more.

It goes without saying that no Genode talk is without a demo!

https://www.genode.org https://www.genodians.org https://genode.discourse.group https://github.com/genodelabs

eBPF is revolutionizing how we secure, observe, and scale Kubernetes networking, but its complexity can be daunting. This session demystifies eBPF by exploring how Go makes it accessible, focusing on its integration with Kubernetes through the open-source project Cilium. Attendees will learn the basics of eBPF, how Go simplifies working with it, and practical use cases that demonstrate Cilium’s ability to enforce secure, scalable network policies. This talk is perfect for Kubernetes practitioners curious about eBPF and Go but unsure where to begin.

The Foreign Function & Memory API (JEP 454) introduced a new way of interacting with libraries written in other languages. It can be used as replacement for JNI. This talk examines the inner workings of the Foreign Function Interface (FFI) API. After having it implemented for PowerPC, I'd like to discuss how the JVM handles native function calls and Java callbacks, focusing on key concepts like stack layouts, calling conventions, and cross-platform challenges. The session is intended for developers curious about the technical foundations of free and open Java technologies and how JVM enhancements like the FFI API are realized. It will shed light on the low-level mechanisms that enable seamless integration of Java with native code while maintaining the performance and safety Java developers expect.

Containers are typically deployed in Kubernetes clusters. But at a smaller scale, on a single-node server, or for development purposes, Kubernetes will be overkill. What’s the recommended way to run a fully autonomous application with several interacting containers in these cases?

The answer is systemd. It can orchestrate containers as is an already running process manager, and containers are just child processes. It’s a perfect fit for running containerized workloads without human intervention.

The concept of Quadlet has been introduced in Podman v4.4.0. It’s a systemd-generator that writes and maintains systemd services using Podman. It can manage containers lifecycle (start, stop, restart), volumes, pods, deployments etc. via systemd. The name comes from the following: “What do you get if you squash a Kubernetes kubelet? A quadlet”. Both system and user systemd units are supported to deploy applications without root privileges.

In this presentation, we will discuss what are Podman Quadlets and demonstrate how Podman Kubernetes features can be associated with it to deploy a fully autonomous application.

In this talk, I’ll share how combinatorial testing and behavioral modeling helped uncover tricky edge cases while testing ClickHouse’s (open-source column-oriented DBMS) multiple authentication methods feature. I’ll demonstrate how these methodologies can systematically identify gaps in testing, validate complex features, and improve software quality. Attendees will learn practical steps for applying combinatorial testing to define comprehensive test scenarios, as well as how behavioral modeling can simplify result validation and solve the test oracle problem. This session is for QA engineers, testers, and developers looking to adopt smarter, more effective testing strategies.

Modern laptops, such as the AMD Framework and newer Intel models, no longer support the traditional ACPI S3 sleep state. Instead, they rely on S0ix, a modern standby mechanism that enables low-power idle states. This is one of the only big features still missing for FreeBSD to be a first-class citizen on contemporary laptops, and this talk will explore the journey and current progress of supporting it. Attendees will learn about the nitty-gritty of the implementation including the relevant ACPI objects, tables, and DSMs, CPU and device power states, and future plans for device idleness determination to automatically put them to sleep.

Blog post tracking progress: https://obiw.ac/s0ix FreeBSD Project website: https://www.freebsd.org/ Working GitHub repo: https://github.com/obiwac/freebsd-s0ix

Human-Computer Counter-Choreographies is an artistic research project that combines critical design, choreography and embodied sense-making with data tracking. The project has evolved into various formats such as workshops, a live-coding performance piece, web-based tools and artworks. In this talk, Joana Chicau will introduce the motivations behind the project and how it has impacted audiences by raising awareness of data tracking. She will also demo a custom version of the open-source DuckDuckGo privacy extension which unveils online tracking algorithms through audio and visual feedback.

In a call center environment, this talk will explore how to leverage the power of Kamailio, FreeSwitch, and RTPEngine to enable AI-driven real-time conversations at scale.

We will dive deep into how to integrate AI copilots, providing real-time call transcriptions and conversational context, as well as AI autopilots, enabling call conversations with specialized bots.

By taking advantage of well-defined standards like SIPREC, and leveraging the capabilities of Kamailio, FreeSwitch, and RTPEngine, along with some additional custom code, we will demonstrate ingenious ways to enable these AI-powered capabilities for any VoIP environment, even legacy proprietary systems.

Attendees will learn practical techniques and best practices for building scalable, AI-enhanced call center solutions that can improve customer experience, increase agent productivity, and drive business outcomes.

YugabyteDB distinguishes itself among distributed SQL databases by utilizing PostgreSQL's C code rather than building a compatibility layer from the ground up. This session will explore both the advantages and challenges of this architecture. We will drill down from PostgreSQL's familiar query layer to the distributed storage system, which stores PostgreSQL tuples and lock intents within RocksDB's LSM trees using Raft replication.

We will be guided by analyzing execution plans that closely resemble those of PostgreSQL and adding further metrics that shed light on the underlying storage operations. We may also evaluate stack traces to identify the PostgreSQL and RocksDB functions involved in query execution. Finally, the session will discuss the rationale behind forking PostgreSQL, focusing on its benefits and trade-offs.

Since 2022, the Open Culture Foundation (OCF) has been collaborating with Taiwan’s Ministry of Digital Affairs (MoDA) and STEPS (a local tech company) on government-funded localization projects. These initiatives aim to make civic tech and open-source tools more accessible in Taiwan while enabling international projects to take root and thrive locally.

As a coordinator, OCF has completely localized projects such as GOV.UK Notify, GOV.UK Forms, Matrix Client (Element Series), IRMA, Yivi, Standard for Public Code, Bitwarden, Nextcloud, FreeOTP, GIMP, and Mattermost. Some of these projects have been contributed back to their upstream repositories, while others have evolved into localized solutions tailored to Taiwan's needs. OCF’s efforts focus on three key areas to ensure government funding provides not only financial support but also a foundation for sustainable development.

This talk will explore these three main focus areas:

• Optimizing the Government Perspective on Open Source Educating government officials about the nature of open-source communities, their collaboration models, and the unique attributes of various international open-source projects. OCF also developed a collaborative glossary process to bridge communication gaps among stakeholders and ensure consistent terminology usage.

• Collaboration Among Taiwan’s Communities Partnering with Taiwan’s L10N community, OCF established structured review processes to meet the government’s high standards for quality and timeliness. Over three years, OCF conducted two major surveys during COSCUP. One survey identified critical open-source projects needed in Taiwan, while the other focused on addressing challenges that hinder contributions, aiming to encourage broader participation.

• Engagement with Local Industry and International Communities Although Taiwanese tech teams are highly skilled, many are unfamiliar with the culture of open-source contributions. OCF facilitated understanding of licensing, contribution practices, and engagement with upstream communities. For example, OCF helped Mattermost report and resolve a date display bug in Chinese (CJK) scripts and worked with upstream communities to address significant differences between Simplified and Traditional Chinese, including grammar and linguistic nuances.

Localization is not merely about technical translation; it is a strategic approach to connecting governments, communities, and international open-source projects. This talk will share OCF’s experiences in bridging these gaps and invite Community DevRoom participants to exchange ideas on how to effectively integrate open-source projects into their respective countries.

C++ has many features but sometimes we want more. We will briefly tell the story of why and how we wrote a GCC plugin, used it in production, and later contributed the feature in-tree - now part of GCC 14. The goal of the talk is to motivate users to try GCC development, highlighting that there can be a smooth transition from plugins to in-tree patches.

There will be a written tutorial to go with the talk available to anyone to follow in their own time. The tutorial goes over writing your first custom attribute, static analysis, and instrumentation passes. All packed in the exercise of writing a toy Aspect Oriented C++ via plugins.

Scuba, a real-time data ingestion system similar to Elasticsearch, is often experiencing memory pressure as part of normal operations. The pressure is sometimes overwhelming, leading to OOM (out-of-memory) issues. These are difficult to track in user space as the symptoms of such issues are only visible in kernel space (SIGKILL, kernel oom killer). This talk will highlight how we leveraged bpftrace to monitor our service and help bridge our observability gap.

Being able to receive weather and public emergency warnings can save lives, and we don't want people using FOSS to be at a disadvantage compared to proprietary platforms when it comes to that.

Cell broadcast covers some of this, but it's only part of the puzzle. It's typically only used for the most severe and urgent cases, is limited in the amount of data it can transmit, and doesn't allow monitoring of other areas. Public alerting is, therefore, often augmented by additional channels, including mobile apps. Despite being funded by public money, those are usually limited to proprietary platforms. So, as usual, we have to build this ourselves.

The foundation for this is OASIS' Common Alerting Protocol (CAP), which has been in widespread use for many years all over the world, and UnifiedPush as a free alternative for proprietary push notifications. On top of that, we currently have an aggregation server for alerts from about 100 countries, which notifies clients about incidents in their respective areas of interest.

In this talk, we'll show how this works and how alerts can be integrated into applications.

age-plugin-se allows you to protect arbitrary files with your Apple Secure Enclave. This plugin for age (a simple, modern and secure file encryption tool) is written entirely in Swift, and works on macOS, Linux, and Windows.

In this talk, I will show age-plugin-se in action, and touch on the steps taken to make it robust, simple, and distributable on multiple platforms (including Alpine Linux), all while keeping the dependencies (including tools) to a minimum.

Two years ago at FOSDEM, I gave a talk titled “How Podcasting 2.0 Will Save the Open Internet”. I’ll be honest—it was partly a bluff. But it turns out I was right. Today, we are here to celebrate the victory of open standards in podcasting.

Podcasting 2.0, launched in 2020 to revitalize a stagnant ecosystem, introduced innovations like transcripts, funding tags, and social interaction features. These weren’t just tools; they empowered creators, listeners, and developers while keeping podcasting open and decentralized.

In a surprising turn, even Apple—long resistant to adopting anything "not invented here"—embraced the Podcasting 2.0 DTD specification in April 2024, bringing transcription features to its platform.

This was a milestone for open standards and open source. Transcriptions improve accessibility for millions, while also boosting SEO, content discoverability, and personalized recommendations. Through Castopod—one of the first platforms to implement Podcasting 2.0 features.

A grassroots, open-source movement is reshaping an entire industry.

But this victory is just the beginning. Together, let us explore how the lessons of Podcasting 2.0 can be applied to other areas, ensuring that technology remains open, accessible, and collaborative.

Sources: - Castopod source code - Podcasting 2.0 Namespace - How Podcasting 2.0 will save the Open Internet (FOSDEM 2023)