FreeBSD is one of the most popular platforms to run syslog-ng. Recently, I was approached if we could add a FreeBSD audit source driver to syslog-ng. While developing a new C-based driver is not something we could do in the short term, thankfully, using the program() source of syslog-ng still allowed us to create a new source in just a few hours, including its documentation. From this talk, you can learn how the freebsd-audit() source was created and how you can also easily develop similar sources yourself. A few more FreeBSD specific developments will also be mentioned.

The "Do No Harm" principle, well-established in fields like medical research, healthcare, and humanitarian aid, has significant potential to improve the quality and reduce the negative effects of open research practices and technology.

As open research/science practices become a norm across different disciplines, it is important to identify, improve awareness of, and reduce its known or unintended negative impacts on people and their communities. While efforts like ethical source licenses (like the Do No Harm and Hippocratic License) are yet to become an acceptable legal pathway to enforcing responsible practices in open source, more general adoption and use of the "Do No Harm" will help account for societal and environmental implications of research and technology.

In this talk, I will introduce a “do no harm” framework to identify risks and develop actionable plans to mitigate the negative impacts of open research practices and technology. This framework examines the development and deployment of technology across four critical areas: the actors involved or affected, the dynamics and relationships within impacted communities, the economic realities faced by researchers, and environmental impact. Additionally, I will highlight practical methods for addressing the potential negative consequences of our work.

This session is designed for anyone involved in open source/science, including researchers, designers, contributors, developers, maintainers, and community members who seek to better understand and navigate the ethical challenges of open research and technology. Attendees will gain insights into global disparities in technology and explore how they can share responsibility to ensure their work promotes more equitable benefits by combining open practices with the do-no-harm principle.

A quick introduction to postmarketOS (Linux Mobile distro based on Alpine that has been ported to lots of devices by now!), as well as an overview of cool things we did throughout the last year or so. Also what we are up to :>

Source code: https://postmarketos.org/source-code/

Introduced in kernel v6.7, the Netkit device is an eBPF-programmable network device designed with containers in mind. In this talk, I will go over the the basics of the Netkit device, and discuss the performance gains we have realized and challenges we faced when rolling out Netkit across millions of containers at Meta.

Open-source projects used in this talk: Linux Kernel. View the netkit driver source code here.

A short story about why & how Omniconvert migrated from MongoDB to TiDB, with no downtime, for an application serving 15-20k requests per minute. We will discuss the challenges that prompted the migration, why we chose TiDB, overview stress testing & performance evaluation of the application running on TiDB, as well as walk through the steps of the migration. And of course, highlight some lessons learned and the end-user perceived improvements.

Alice will present Gapfruit's design of trusted boot in combination with a microkernel operating system built with the Genode OS framework on an i.MX8MP SoC. This presentation will cover the various building blocks involved, including TPM, u-boot, libraries, and supporting tools. It will also explore how these components integrate within a microkernel environment and the trade-offs we have faced.

The object-capability security paradigm (ocaps) is a conceptually simple, efficient model for collaboration in mutually-suspicious contexts. Spritely is exploring concepts and building solutions in this space to solve real-world problems while encouraging the wider adoption of ocaps, including by working alongside other ocaps organizations and projects to define a standard protocol for intercommunication between ocaps systems. This talk will explain what ocaps is and why you should use it.

Our current model of collaboration is broken. Rather than basing our systems on granting consent, we base them on revoking authority. Ocaps inverts this model with its "if you don't have it, you can't use it" approach, facilitated by restricted means of exchanging authority. Meanwhile, the Object Capability Network protocol (OCapN) abstracts away transport mechanisms between objects while creating a security barrier with minimal overhead. Altogether, this ocaps ecosystem enables secure collaboration in mutually-suspicious contexts by emphasizing and enforcing a consent-based approach to information and authority exchange. Spritely is pioneering new tooling for ocaps with its Goblins library, which also serves as a model for other implementations; and has plans for solutions to problems like distributed storage, identity management, and even social networking.

Writing a Just-In-Time (JIT) compiler is a complex task. For that reason, libraries like libgccjit were developed to ease the process; but most often than not, JIT compilers are written from scratch, and only target one or two architectures.

In this talk I am going to present GNU Lightning, a cross-platform library that can be used to generate machine code at run-time. I will present its strengths and weaknesses, how to use it, and why I decided to use it in my JIT compiler project.

Until a few months ago, the only working approach for connecting realtime AI agents to WebRTC streams and phone calls was to use lengthy pipelines of speech to text, agent orchestration, and text to speech, often using multiple machine learning models from commercial vendors. That has changed with new realtime speech to speech models, most famously the (closed) OpenAI advanced voice, but what are the open source ways to build these kind of systems? This talk walks through my experience with using 4 different projects to build functional systems which can use open source (open weights) models at their core. We will talk about how we have integrated Jambonz, Livekit, and Ultravox (Fixie.AI) within our Aplisay framework and what this allows us to do.

Social and Solidarity Economy (SSE) refers to a wide range of economic activities that aim to prioritize social profitability instead of purely financial profits. SSE organizations act guided by values ​​such as equity, solidarity, sustainability, participation, inclusion and commitment to the community, and are also promoters of social change.

There is a great diversity of entities in the Social and Solidarity Economy. Different types of activity, different sizes of the entity, different maturity of the IT teams, different quantity and quality of data, medium budgets, low budgets, etc. The SSE, like the rest of the companies, must also make decisions based on data.

Normally the budget of the entities of the SSE is reduced, for this reason, we must facilitate intercooperation to minimize costs without reducing functionalities. The architecture must also be adaptable to future changes within the same entity, without having to make major migrations or lose the work already done. And, of course, Social and Solidarity Economy 💓 Feee Software

We will set up a Business Intelligence architecture by exploring free software tools such as PostgresSQL, DBT, Airflow, Zulip, Superset, etc. to adapt to the needs of the SSE, and Ansible to facilitate replicability and inter-cooperation.

Replication is a cornerstone of modern database systems, enabling high availability, scalability, and seamless data transfer across environments.

In this talk, we’ll delve into the replication capabilities of TiDB and explore how they address real-world database challenges at Bolt, the fast-growing Estonian-based mobility company.

We’ll begin with an introduction to TiDB Data Migration (DM), which facilitates MySQL-to-TiDB replication. Through practical examples, we’ll demonstrate its role in migrating MySQL workloads to TiDB, including shard consolidation.

Next, we’ll highlight TiCDC (TiDB Change Data Capture), a powerful tool for real-time data streaming. We’ll explain how TiCDC captures changes in TiDB and replicates them to downstream systems such as TiDB, MySQL, Apache Kafka, and other services. Use cases include easily reversible TiDB version upgrades, cross-region high availability with standby TiDB clusters, and real-time Change Data Capture into Kafka.

Throughout the talk, we’ll share practical tips and scenarios, including simplifying database migrations, minimiing downtime during upgrades, and ensuring data integrity in complex workflows.

Whether you’re migrating from MySQL to TiDB, upgrading TiDB clusters, or building cross-region high availability environments, this talk will equip you with the knowledge and strategies to leverage replication as a powerful tool in your database operations.