107 seagl2019 2019-11-15 2019-11-16 2 00:05 2019-11-15T01:30:00-08:00 09:30 00:25 Theater Keynote 714-keynote-lisha-sterling The Cost Of Freedom Google knows where you were last night. Amazon knows what you got for your birthday. Facebook can spill all the details of your life in a security breach or with a police warrant. They all farm you for your sweet, sweet data. No one bothers to sell you software any more. If you aren't the product they sell, then they just sell you a subscription to use their tools for a month or a year. The phone in your pocket? You don't actually own that, either. Even if you bought it outright, the End User License Agreement doesn't let you do anything too interesting with the hardware. (And breaking that EULA can lead to jail time if you become interesting to the wrong people.) But what if you choose to use only Free (aka Libre) software and hardware? What then? You may retain control over your data, the ability to see what's actually happening under the hood of your favorite technology, but life gets a lot harder. Your friends want to organize events on Facebook, but you aren't there. You want to watch a DVD, but you have to break US Federal law to install deCSS. You can't just buy a phone from the store. Hundreds of little interactions that other people take for granted become obstacles to overcome. It may lead you to question whether Freedom is really worth it. Why is it so hard? The single answer is: Power. Those who have consolidated power through the use of technology do not want to share that power because it's making them a lot of money. This isn't so different from the situation of Labor Rights or the work of Environmental activists who fight corporate polluters. Owners want to keep their own costs low and profits high, and they don't care who or what they exploit to get their profits -- unless organized people make them. What lessons can we take f Unions and grassroots organizing to improve our ability to live FREELY with the technology we need to exist in the modern era. The Cost Of Freedom Google knows where you were last night. Amazon knows what you got for your birthday. Facebook can spill all the details of your life in a security breach or with a police warrant. They all farm you for your sweet, sweet data. No one bothers to sell you software any more. If you aren't the product they sell, then they just sell you a subscription to use their tools for a month or a year. The phone in your pocket? You don't actually own that, either. Even if you bought it outright, the End User License Agreement doesn't let you do anything too interesting with the hardware. (And breaking that EULA can lead to jail time if you become interesting to the wrong people.) But what if you choose to use only Free (aka Libre) software and hardware? What then? You may retain control over your data, the ability to see what's actually happening under the hood of your favorite technology, but life gets a lot harder. Your friends want to organize events on Facebook, but you aren't there. You want to watch a DVD, but you have to break US Federal law to install deCSS. You can't just buy a phone from the store. Hundreds of little interactions that other people take for granted become obstacles to overcome. It may lead you to question whether Freedom is really worth it. Why is it so hard? The single answer is: Power. Those who have consolidated power through the use of technology do not want to share that power because it's making them a lot of money. This isn't so different from the situation of Labor Rights or the work of Environmental activists who fight corporate polluters. Owners want to keep their own costs low and profits high, and they don't care who or what they exploit to get their profits -- unless organized people make them. What lessons can we take f Unions and grassroots organizing to improve our ability to live FREELY with the technology we need to exist in the modern era. false Elior Sterling 2019-11-15T02:00:00-08:00 10:00 00:25 Theater Keynote 715-keynote-abigail-cabunoc-mayes Open by Design: Learning to Lead Openly Free/libre and open source software has unlocked countless digital innovations. At the same time, we’ve seen these projects struggle to be sustainable, secure and inclusive. In her talk, Abby will explore how the principles of open leadership —understandable, extensible, participatory— provide a necessary base to solve the toughest problems we face today. We’ll apply lessons from mentoring over 500 open projects to how we can intentionally design our projects to be open. Open by Design: Learning to Lead Openly Free/libre and open source software has unlocked countless digital innovations. At the same time, we’ve seen these projects struggle to be sustainable, secure and inclusive. In her talk, Abby will explore how the principles of open leadership —understandable, extensible, participatory— provide a necessary base to solve the toughest problems we face today. We’ll apply lessons from mentoring over 500 open projects to how we can intentionally design our projects to be open. false Abigail Cabunoc Mayes 2019-11-15T02:45:00-08:00 10:45 00:50 TALKS 3178 Longer Talk 600-how-to-use-linux-tools-to-troubleshoot-small-networks Systems/Ops It's fairly common knowledge about the tools available to troubleshoot a network, but it is not so common as to know which tool to use, or how to use the tools together in order to figure out the problem and how to fix it. In this workshop, I am going to discuss the OSI model (and how it sort of kind of fits the TCP/IP model) and then go up the stack to show what can go wrong at each level, how to diagnose it, and how to fix it. I gave a similar presentation at LinuxFest in April 2017. It was well-received, however, there are some things I have learned since then that will make the presentation more relevant to home networks. See [the slides from the presentation](https://docs.google.com/presentation/d/e/2PACX-1vRcSREMJnCt5tgcPVzrzvxWDGq4aBnAz5zF2JFNa70fvIk_-GrvP-70GXqx8ILQ-4BFafgmoH_NS3JQ/pub?start=false&loop=false&delayms=3000). It's fairly common knowledge about the tools available to troubleshoot a network, but it is not so common as to know which tool to use, or how to use the tools together in order to figure out the problem and how to fix it. In this workshop, I am going to discuss the OSI model (and how it sort of kind of fits the TCP/IP model) and then go up the stack to show what can go wrong at each level, how to diagnose it, and how to fix it. I gave a similar presentation at LinuxFest in April 2017. It was well-received, however, there are some things I have learned since then that will make the presentation more relevant to home networks. See [the slides from the presentation](https://docs.google.com/presentation/d/e/2PACX-1vRcSREMJnCt5tgcPVzrzvxWDGq4aBnAz5zF2JFNa70fvIk_-GrvP-70GXqx8ILQ-4BFafgmoH_NS3JQ/pub?start=false&loop=false&delayms=3000). false Jeff Silverman 2019-11-15T05:00:00-08:00 13:00 00:20 TALKS 3178 Talk 645-containerized-sourcery-with-docker-and-snap Programming What if `sudo apt install imagemagick` or `sudo dnf install imagemagick` gets an old version or one missing the features you need? You need to find a 3rd party build or manually compile and install from source. I'll show you how Docker and Snap can be used to create packages with the features you need that can be used without cluttering up your system with a manual install. What if `sudo apt install imagemagick` or `sudo dnf install imagemagick` gets an old version or one missing the features you need? You need to find a 3rd party build or manually compile and install from source. I'll show you how Docker and Snap can be used to create packages with the features you need that can be used without cluttering up your system with a manual install. false Adam Monsen 2019-11-15T06:45:00-08:00 14:45 00:20 TALKS 3178 Talk 710-glass-beatstation-an-open-source-mobile-and-modular-musical-interface-for-linux-machines-and-musicians-that-don-t-know-how-to-use-linux Something Different! As a self-taught/amateur programmer, I was able to use open source programs to start building the versatile and accessible music workstation I’ve long dreamed of called the [Glass Beatstation](https://gitlab.com/alignwaivers/glass_beatstation). The fact that I have been able to get this project functional to any degree is a great credit to the FLO (Free/Libre/Open Source) community. In the process I’ve learned about many of the benefits and learning curves of FLO hardware and software. I primarily use Python, Open-Stage-Control, Sooperlooper, Ardour, Puredata and the Kxstudio repositories, and have iterated an extra portable version of the project on raspberry pi. I will share the some of the lessons I have gained in the process: such as how I was able to receive AND share knowledge with Linux users both new and experienced alike in my relatively short lifetime as a programmer. Based on my own experiences, I’ve learned much about bridging the gap between those people already familiar with Linux/FLO technology, and those who aren’t familiar... yet - and I would encourage others to do the same! @alignwaivers alignwaivers@gmail.com wwww.athan.spathas.com As a self-taught/amateur programmer, I was able to use open source programs to start building the versatile and accessible music workstation I’ve long dreamed of called the [Glass Beatstation](https://gitlab.com/alignwaivers/glass_beatstation). The fact that I have been able to get this project functional to any degree is a great credit to the FLO (Free/Libre/Open Source) community. In the process I’ve learned about many of the benefits and learning curves of FLO hardware and software. I primarily use Python, Open-Stage-Control, Sooperlooper, Ardour, Puredata and the Kxstudio repositories, and have iterated an extra portable version of the project on raspberry pi. I will share the some of the lessons I have gained in the process: such as how I was able to receive AND share knowledge with Linux users both new and experienced alike in my relatively short lifetime as a programmer. Based on my own experiences, I’ve learned much about bridging the gap between those people already familiar with Linux/FLO technology, and those who aren’t familiar... yet - and I would encourage others to do the same! @alignwaivers alignwaivers@gmail.com wwww.athan.spathas.com false Athan Spathas 2019-11-15T07:15:00-08:00 15:15 00:50 TALKS 3178 Longer Talk 661-my-own-private-binary Writing a Linux Kernel Module Programming Come and dip your toes into the world of writing Linux kernel modules. At this talk, we will define our very own executable file format, teach the Linux kernel how to run it, and see how we can use it. Come and dip your toes into the world of writing Linux kernel modules. At this talk, we will define our very own executable file format, teach the Linux kernel how to run it, and see how we can use it. false Brian Raiter 2019-11-15T08:15:00-08:00 16:15 00:20 TALKS 3178 Talk 637-security-compliance-testing-with-inspec Security/Infosec This talk explains the need for functional testing for security compliance and shows how to implement that using Chef's InSpec software. It assumes no previous knowledge of functional testing or security compliance. Attendees will leave understanding * why this type of testing is important * where to start * how the tool works * resources for learning more This talk would fit in both DevOps and Security tracks. This talk explains the need for functional testing for security compliance and shows how to implement that using Chef's InSpec software. It assumes no previous knowledge of functional testing or security compliance. Attendees will leave understanding * why this type of testing is important * where to start * how the tool works * resources for learning more This talk would fit in both DevOps and Security tracks. false garrett honeycutt 2019-11-15T08:45:00-08:00 16:45 00:20 TALKS 3178 Talk 678-personal-osint Security/Infosec ### How to safeguard your public data #### Topic: Security/InfoSec #### Audience: Beginner to Intermediate DOES THE FOLLOWING SOUND LIKE YOU OR SOMEONE YOU KNOW? So, I have a profile online in { FACEBOOK, LINKEDIN, INSTAGRAM }. This data is already public. I also know that there have been past issues with data, but I've configured my accounts to only target the people I really want to see my stuff. In any case, I'm already out there, have accepted the risk and have nothing to hide. There are plenty of reasons you should care, and let me give you a hint -- it's not about what you actually post on these sites. It is much worse. It's about your email address. This short talk will use open source tools to show how an investigator OR bad actor could use an email address to probe a target's public information and use it for nefarious purposes. From there, we will elaborate on ways said email address can be leveraged into higher levels of creepiness or invasion of privacy. Attendees will come away with: * Awareness of how contact info should be guarded * Clues of how to fix past damage * Concrete guidance about how to act moving forward ### How to safeguard your public data #### Topic: Security/InfoSec #### Audience: Beginner to Intermediate DOES THE FOLLOWING SOUND LIKE YOU OR SOMEONE YOU KNOW? So, I have a profile online in { FACEBOOK, LINKEDIN, INSTAGRAM }. This data is already public. I also know that there have been past issues with data, but I've configured my accounts to only target the people I really want to see my stuff. In any case, I'm already out there, have accepted the risk and have nothing to hide. There are plenty of reasons you should care, and let me give you a hint -- it's not about what you actually post on these sites. It is much worse. It's about your email address. This short talk will use open source tools to show how an investigator OR bad actor could use an email address to probe a target's public information and use it for nefarious purposes. From there, we will elaborate on ways said email address can be leveraged into higher levels of creepiness or invasion of privacy. Attendees will come away with: * Awareness of how contact info should be guarded * Clues of how to fix past damage * Concrete guidance about how to act moving forward false Nadine Whitfield 2019-11-15T02:45:00-08:00 10:45 00:50 TALKS 3179 Longer Talk 665-diy-decentralization a response to growing online censorship of marginalized communities on major platforms Security/Infosec During the last two years, in response to new laws like FOSTA and under pressure from politicians, our major digital communication platforms (Facebook, Google, Tumblr, etc) have deployed machine-learning-based content moderation at a "move fast and break things" pace. This has resulted in the removal of content from marginalized communities, and the prioritization of the viewpoints of certain groups over others. While claiming to be neutral, the bias expressed by these actions has made many online communities no longer feel safe; some have been forced off the platforms entirely, even though they were not breaking any laws. Underneath each of these tech giants, a bevy of open source tools power the social web. These tools are not as hard to operate as you might think! Come learn how to put the power back into the hands of local communities. You, too, can run your own private infrastructure for email, chat, calendar, file sharing, and social media. Join a growing movement to re-de-centralize the Internet! I will demo installation on a cloudy virtual machine; if you want to follow along, it's also possible to install locally on either x86 or ARM chipsets (eg, old laptop, intel NUC, or even a raspi). During the last two years, in response to new laws like FOSTA and under pressure from politicians, our major digital communication platforms (Facebook, Google, Tumblr, etc) have deployed machine-learning-based content moderation at a "move fast and break things" pace. This has resulted in the removal of content from marginalized communities, and the prioritization of the viewpoints of certain groups over others. While claiming to be neutral, the bias expressed by these actions has made many online communities no longer feel safe; some have been forced off the platforms entirely, even though they were not breaking any laws. Underneath each of these tech giants, a bevy of open source tools power the social web. These tools are not as hard to operate as you might think! Come learn how to put the power back into the hands of local communities. You, too, can run your own private infrastructure for email, chat, calendar, file sharing, and social media. Join a growing movement to re-de-centralize the Internet! I will demo installation on a cloudy virtual machine; if you want to follow along, it's also possible to install locally on either x86 or ARM chipsets (eg, old laptop, intel NUC, or even a raspi). false Aeva Black 2019-11-15T05:00:00-08:00 13:00 00:20 TALKS 3179 Talk 680-organizing-your-way-to-a-long-and-healthy-career People What does it take to have a 10- or 20-year career in tech — or even longer? We could talk about the hard work and technical skills, mentoring and collaboration, and privilege that can be involved. There’s one big way we can increase the odds for all of us though, and that’s to organize. From #talkpay to unionization, you’ll learn about the skills and tactics that will give us the opportunity to continue our tech work in the healthiest way over time. What does it take to have a 10- or 20-year career in tech — or even longer? We could talk about the hard work and technical skills, mentoring and collaboration, and privilege that can be involved. There’s one big way we can increase the odds for all of us though, and that’s to organize. From #talkpay to unionization, you’ll learn about the skills and tactics that will give us the opportunity to continue our tech work in the healthiest way over time. false Audrey Eschright 2019-11-15T05:30:00-08:00 13:30 00:50 TALKS 3179 Longer Talk 652-releasing-open-source-code-in-a-large-enterprise A Unique Model for Open Source Monetization Legal/Licensing Releasing Open Source Code in a Large Enterprise and a Unique Model for Open Source Monetization I will speak about releasing a major open source project within a Fortune 100 company. I will detail the intense process navigated within Disney to release our project under an open source license in 2016. Such as: - Executive sponsorship from multiple divisions - Legal approval - - License selection - - Parks legal - - WDI (Imagineering) legal - - Corporate legal - Intellectual Property considerations - - Copyright holder - - Corporate patent - - Parks patent - Engineering approval - - Vulnerability and general security scan - - Dependency check - - OWASP analysis - - Codebase purge of proprietary code and information - Evaluation of value to open source community - Branding - - Naming rules and name change proposal - - Trademark approval - Enterprise use approval review - Ownership proposal and review - Creation of a Foundation I will also detail the model by which we independently funded the project outside of Disney’s, security education of our community, what we learned, how we’ve recently returned to open source with another major release, and our unique monetization strategy moving forward. —- I am an experienced speaker and have presented at SEAGL before. I am open to either a long or short talk. Releasing Open Source Code in a Large Enterprise and a Unique Model for Open Source Monetization I will speak about releasing a major open source project within a Fortune 100 company. I will detail the intense process navigated within Disney to release our project under an open source license in 2016. Such as: - Executive sponsorship from multiple divisions - Legal approval - - License selection - - Parks legal - - WDI (Imagineering) legal - - Corporate legal - Intellectual Property considerations - - Copyright holder - - Corporate patent - - Parks patent - Engineering approval - - Vulnerability and general security scan - - Dependency check - - OWASP analysis - - Codebase purge of proprietary code and information - Evaluation of value to open source community - Branding - - Naming rules and name change proposal - - Trademark approval - Enterprise use approval review - Ownership proposal and review - Creation of a Foundation I will also detail the model by which we independently funded the project outside of Disney’s, security education of our community, what we learned, how we’ve recently returned to open source with another major release, and our unique monetization strategy moving forward. —- I am an experienced speaker and have presented at SEAGL before. I am open to either a long or short talk. false Joe Roets 2019-11-15T06:45:00-08:00 14:45 00:20 TALKS 3179 Talk 614-make-it-official-in-praise-of-official-programs-for-diversity-inclusion People Diversity and inclusion programs with metrics, funding and official support from the top perform better, last longer and are more impactful. Well-articulated goals help projects tout successes, which in turn inspires more participation -- so let's make it official! Once the hard work of choosing strategies to increase diversity and improve inclusion is done, set aside some budget. It's not fair or sustainable to ask employees to do diversity work "on the side." New hiring protocols, outreach programs and promotion systems take time and training to implement if they're going to succeed. Dedicating resources to inclusion programs creates an environment where it is ok for employees to be transparent about the time and effort they're spending, which is crucial for collecting honest metrics. Making diversity part of your company or project's success story, demonstrates sincerity and commitment that will help you attract more people that share those goals and will gladly work to achieve them. Diversity and inclusion programs with metrics, funding and official support from the top perform better, last longer and are more impactful. Well-articulated goals help projects tout successes, which in turn inspires more participation -- so let's make it official! Once the hard work of choosing strategies to increase diversity and improve inclusion is done, set aside some budget. It's not fair or sustainable to ask employees to do diversity work "on the side." New hiring protocols, outreach programs and promotion systems take time and training to implement if they're going to succeed. Dedicating resources to inclusion programs creates an environment where it is ok for employees to be transparent about the time and effort they're spending, which is crucial for collecting honest metrics. Making diversity part of your company or project's success story, demonstrates sincerity and commitment that will help you attract more people that share those goals and will gladly work to achieve them. false Deb Nicholson 2019-11-15T07:15:00-08:00 15:15 00:20 TALKS 3179 Talk 681-more-than-dabbling-in-a-security-engineer-career Security/Infosec Becoming as Security Engineer: This presentation only hints at recommendations and is not prescriptive for entering the security field. It willingly suggests that other parts of life keep happening. Other smoke and mirrors are revealed in this talk but... quality time advocating high priority fixes, plowing bug bounty programs, presenting security topics for Toastmasters, searching job sites, informational interviews, meet-ups, and obtaining a CISSP certificate all helped for a timely career change for the speaker. Becoming as Security Engineer: This presentation only hints at recommendations and is not prescriptive for entering the security field. It willingly suggests that other parts of life keep happening. Other smoke and mirrors are revealed in this talk but... quality time advocating high priority fixes, plowing bug bounty programs, presenting security topics for Toastmasters, searching job sites, informational interviews, meet-ups, and obtaining a CISSP certificate all helped for a timely career change for the speaker. false Dwayne Thomas 2019-11-15T08:15:00-08:00 16:15 00:20 TALKS 3179 Talk 666-the-tor-project-the-state-of-the-onion Security/Infosec Tor is open source software, a community, a network and a non-profit organization that moves its development forward. We advocate for infrastructure that allow people to communicate and use the Internet anonymously. In this talk I’m going give a short view of which features and bugs we are working on in the next year. Tor is open source software, a community, a network and a non-profit organization that moves its development forward. We advocate for infrastructure that allow people to communicate and use the Internet anonymously. In this talk I’m going give a short view of which features and bugs we are working on in the next year. false Gaba 2019-11-15T08:45:00-08:00 16:45 00:20 TALKS 3179 Talk 611-25-years-of-freebsd-and-why-you-should-get-involved Education Did you know that FreeBSD is one of the oldest (1993), largest, and most successful open source projects in the world?FreeBSD is a free Unix-like operating system descended from Research Unix via the Berkeley Software Distribution (BSD), also known as “Berkeley Unix.” It’s known for its reliability, stability, and advanced networking and performance. I'm going to share FreeBSD's long history, descending from the original UNIX in 1969 to where FreeBSD is at now. Once you understand the history of FreeBSD, you'll learn why more individuals and companies are using FreeBSD and why you should consider using and contributing to FreeBSD too! Did you know that FreeBSD is one of the oldest (1993), largest, and most successful open source projects in the world?FreeBSD is a free Unix-like operating system descended from Research Unix via the Berkeley Software Distribution (BSD), also known as “Berkeley Unix.” It’s known for its reliability, stability, and advanced networking and performance. I'm going to share FreeBSD's long history, descending from the original UNIX in 1969 to where FreeBSD is at now. Once you understand the history of FreeBSD, you'll learn why more individuals and companies are using FreeBSD and why you should consider using and contributing to FreeBSD too! false Deb Goodkin 2019-11-15T02:45:00-08:00 10:45 00:50 TALKS 3183 Longer Talk 655-introduction-to-test-kitchen-and-inspec Security/Infosec Whether you’re using [Chef](https://www.chef.io/), [Puppet](https://puppet.com/) or [Ansible](https://www.ansible.com/), you’re going to need a set of tools which help enable you to develop and test your infrastructure. One set of tools that we use at the OSU Open Source Lab is [test-kitchen](https://kitchen.ci/) coupled with [InSpec](https://www.inspec.io/). Test-kitchen provides a test harness to execute infrastructure code on one or more platforms in isolation. InSpec provides a way to ensure your infrastructure code passes tests and compliance in a way separate from your configuration management. Together, this provides a very powerful platform for developing infrastructure code and testing it as well. This session will introduce attendees to both test-kitchen and InSpec, explain the various drivers and provisioners you can use, and also provide some real-world examples of how to use it with Chef, Puppet and Ansible. Whether you’re using [Chef](https://www.chef.io/), [Puppet](https://puppet.com/) or [Ansible](https://www.ansible.com/), you’re going to need a set of tools which help enable you to develop and test your infrastructure. One set of tools that we use at the OSU Open Source Lab is [test-kitchen](https://kitchen.ci/) coupled with [InSpec](https://www.inspec.io/). Test-kitchen provides a test harness to execute infrastructure code on one or more platforms in isolation. InSpec provides a way to ensure your infrastructure code passes tests and compliance in a way separate from your configuration management. Together, this provides a very powerful platform for developing infrastructure code and testing it as well. This session will introduce attendees to both test-kitchen and InSpec, explain the various drivers and provisioners you can use, and also provide some real-world examples of how to use it with Chef, Puppet and Ansible. false Lance Albertson 2019-11-15T05:00:00-08:00 13:00 00:20 TALKS 3183 Talk 672-adventures-in-de-googling AI/ML/Data Privacy Data management and control has never been more critical. Fortunately, there's never been more information on taking control over your own Stuff than today. I'd like to take an audience through the process of leaving just one of these vectors of data control, Google. That's right, replacing Gmail, Google Drive, Google Maps, and Google Calendar. Some tools are open, some are not. I will be both honest and enthusiastic about the challenges and the fabulous gains in proceeding down this path. This will be a 20m talk. - Why I decided to try to greatly reduce the amount of Google in my life. - Step 1: Email & Calendar - Step 2: Maps - Step 3: Drive (files, photos, presentations) Data management and control has never been more critical. Fortunately, there's never been more information on taking control over your own Stuff than today. I'd like to take an audience through the process of leaving just one of these vectors of data control, Google. That's right, replacing Gmail, Google Drive, Google Maps, and Google Calendar. Some tools are open, some are not. I will be both honest and enthusiastic about the challenges and the fabulous gains in proceeding down this path. This will be a 20m talk. - Why I decided to try to greatly reduce the amount of Google in my life. - Step 1: Email & Calendar - Step 2: Maps - Step 3: Drive (files, photos, presentations) false Rachel Kelly 2019-11-15T05:30:00-08:00 13:30 00:50 TALKS 3183 Longer Talk 667-empowering-new-programmers-through-introductory-arduino-workshops Education Do you remember the first time you fell in love with programming? The joy that you felt the first time you wrote some code and saw your very first “Hello World”? For some of us it was a BASIC program, for others it was a GeoCities page. Those experiences inspire us to want to learn more and explore the limits of technology. This is the kind of experience that I try to cultivate when organizing introductory programming workshops. Many beginners find learning programming intimidating and it’s our role as teachers to show them that they’re capable and help create an experience that lets them fall in love with programming. In this talk I'll discuss some key lessons I've learned through my own experiences organizing introductory programming workshops, and give some tips on how to organize your own. I'll also discuss two introductory workshops I've organized, including a particularly successful introductory Arduino workshop* that I gave to a group that had no prior programming experience. This workshop was relatively low effort but had a big impact on those that attended. It’s my hope that everyone can walk away from this talk with the tools and inspiration they need to put on a similar workshop in their own community. _*This particular workshop involved teaching a group of women how to use Arduino to interface with small programmable vibrators. Because of this I will definitely be mentioning the vibrators in my talk, but the talk won’t include any NSFW imagery or language._ Do you remember the first time you fell in love with programming? The joy that you felt the first time you wrote some code and saw your very first “Hello World”? For some of us it was a BASIC program, for others it was a GeoCities page. Those experiences inspire us to want to learn more and explore the limits of technology. This is the kind of experience that I try to cultivate when organizing introductory programming workshops. Many beginners find learning programming intimidating and it’s our role as teachers to show them that they’re capable and help create an experience that lets them fall in love with programming. In this talk I'll discuss some key lessons I've learned through my own experiences organizing introductory programming workshops, and give some tips on how to organize your own. I'll also discuss two introductory workshops I've organized, including a particularly successful introductory Arduino workshop* that I gave to a group that had no prior programming experience. This workshop was relatively low effort but had a big impact on those that attended. It’s my hope that everyone can walk away from this talk with the tools and inspiration they need to put on a similar workshop in their own community. _*This particular workshop involved teaching a group of women how to use Arduino to interface with small programmable vibrators. Because of this I will definitely be mentioning the vibrators in my talk, but the talk won’t include any NSFW imagery or language._ false Hailee Kenney 2019-11-15T06:45:00-08:00 14:45 00:20 TALKS 3183 Talk 594-digital-art-characters-step-by-step-with-krita Design/UI/UX/Accessibility A ten-year-old teaches the basic steps of a steampunk-themed RPG character in a free/libre/open-source digital art program called Krita. A ten-year-old teaches the basic steps of a steampunk-themed RPG character in a free/libre/open-source digital art program called Krita. false Alice Monsen 2019-11-15T07:15:00-08:00 15:15 00:50 TALKS 3183 Longer Talk 632-building-custom-linux-systems-with-yocto Hardware/IOT Have the need to build a custom Linux system for your next project? Are off-the-shelf distros too bloated or not giving the control you want? The Yocto Project provides a set of tools that make it easy to develop a custom Linux distribution tailored to your specific needs. Whether you're building an embedded IoT device, a high performance appliance, or even Docker containers, you can use Yocto to develop, cross-compile, and audit every aspect of your custom Linux system. This talk introduces Yocto and demonstrates common use cases and customization, including simple builds, adding and removing packages, customizing packages, building for multiple hardware platforms, and changing core functionality such as switching between SysVinit and systemd. We will also discuss methods of auditing the build output to help ensure the only the expected changes are present when updating a build. Have the need to build a custom Linux system for your next project? Are off-the-shelf distros too bloated or not giving the control you want? The Yocto Project provides a set of tools that make it easy to develop a custom Linux distribution tailored to your specific needs. Whether you're building an embedded IoT device, a high performance appliance, or even Docker containers, you can use Yocto to develop, cross-compile, and audit every aspect of your custom Linux system. This talk introduces Yocto and demonstrates common use cases and customization, including simple builds, adding and removing packages, customizing packages, building for multiple hardware platforms, and changing core functionality such as switching between SysVinit and systemd. We will also discuss methods of auditing the build output to help ensure the only the expected changes are present when updating a build. false Robert Joslyn 2019-11-15T08:15:00-08:00 16:15 00:20 TALKS 3183 Talk 679-this-is-fine-the-meme Fire Ecology, and Lessons in Learning Languages, Frameworks, and Tools Quickly Programming Over the last year and a half, I've been attempting to complete my career change from a park ranger to a developer. In that year and a half, I have learned Ruby, Ruby on Rails, Javascript, and React.js at a coding bootcamp, Swift and XCode an internship, and SQL, ASP.NET, and Typescript during another internship. I've also been introduced to C#, C++, Java, and Python. And even though each time I started a new language felt like my life was going up in flames, over time I started to see the similarities of the languages and found it easier to read programs written in different languages. However, I also started to notice how not having a "specialty" language made me feel like I would never get a job as a developer. It was really important to me during this time to realize that being a jack of all trades, but feeling like a master of none doesn't make a person a failure. It makes that person a master of being flexible and getting up to speed quickly. Here are some tips on keeping your sanity if asked to forget everything you've learned about a language, framework, or tool, and start a new one, and keep moving forward. **What the audience will learn:** - What I did to get up to speed on new languages, frameworks, and/or tools, including finding and using tutorials, joining communities, and asking colleagues questions. - How I used grounding, affirmations, and reaching out to friends and networks to get through tough times of change. Over the last year and a half, I've been attempting to complete my career change from a park ranger to a developer. In that year and a half, I have learned Ruby, Ruby on Rails, Javascript, and React.js at a coding bootcamp, Swift and XCode an internship, and SQL, ASP.NET, and Typescript during another internship. I've also been introduced to C#, C++, Java, and Python. And even though each time I started a new language felt like my life was going up in flames, over time I started to see the similarities of the languages and found it easier to read programs written in different languages. However, I also started to notice how not having a "specialty" language made me feel like I would never get a job as a developer. It was really important to me during this time to realize that being a jack of all trades, but feeling like a master of none doesn't make a person a failure. It makes that person a master of being flexible and getting up to speed quickly. Here are some tips on keeping your sanity if asked to forget everything you've learned about a language, framework, or tool, and start a new one, and keep moving forward. **What the audience will learn:** - What I did to get up to speed on new languages, frameworks, and/or tools, including finding and using tutorials, joining communities, and asking colleagues questions. - How I used grounding, affirmations, and reaching out to friends and networks to get through tough times of change. false Kate Pond 2019-11-15T08:45:00-08:00 16:45 00:20 TALKS 3183 Talk 674-technical-ly-incorrect Every Job Is Technical; Use Something Else People In the IT Professional Industry, 'technical' is a word that is often used as a shibboleth, a password of sorts to separate people into in-groups and out-groups based on theoretical divisions that are often poorly defined, poorly understood, and frequently are simply used to discriminate against anyone who isn't the stereotypical "white dude coder". To assume any non-developer role is "non-technical" is to fundamentally misunderstand how the modern job landscape is in fact highly skilled and highly technical, often in ways that are orthagonal to traditional software development. With some examples of some highly technical jobs that aren't developmental in nature, there exists the opportunity to leverage DevOps principles outside of the silos of development and operations, and expand the reach of integrated delivery to all professional roles within an organization, including everyone from the front desk person to the facilities manager to the account management and sales teams. The modern professional workforce is entirely technical in nature. To believe otherwise is to limit agility, velocity, and deliverability across the board. In the IT Professional Industry, 'technical' is a word that is often used as a shibboleth, a password of sorts to separate people into in-groups and out-groups based on theoretical divisions that are often poorly defined, poorly understood, and frequently are simply used to discriminate against anyone who isn't the stereotypical "white dude coder". To assume any non-developer role is "non-technical" is to fundamentally misunderstand how the modern job landscape is in fact highly skilled and highly technical, often in ways that are orthagonal to traditional software development. With some examples of some highly technical jobs that aren't developmental in nature, there exists the opportunity to leverage DevOps principles outside of the silos of development and operations, and expand the reach of integrated delivery to all professional roles within an organization, including everyone from the front desk person to the facilities manager to the account management and sales teams. The modern professional workforce is entirely technical in nature. To believe otherwise is to limit agility, velocity, and deliverability across the board. false Jerome Comeau 2019-11-15T02:45:00-08:00 10:45 00:50 TALKS 3180 Longer Talk 654-privacy-decentralisation-and-scaling-with-ipv6-multicast Decentralize the Internet With This One Weird Trick Something Different! Written in 2001, RFC 3170 states: *"IP Multicast will play a prominent role on the Internet in the coming years. It is a requirement, not an option, if the Internet is going to scale. Multicast allows application developers to add more functionality without significantly impacting the network."* Nearly two decades later, multicast is still largely ignored and misunderstood. There are many common misconceptions about multicast, including that it is only useful for streaming video and audio. It does so much more than that. This talk explains why multicast is the missing piece in the decentralisation puzzle, how multicast can help the Internet continue to scale, better protect our privacy, solve IoT problems and make polar bears happier at the same time. At a time when even the web is moving to UDP with HTTP/3 and WebRTC, it is time we took a serious look at what we're missing by not using multicast at the network layer to underpin our Internet protocols. We'll discuss how you can start using multicast in your project today, and how multicast design and thinking differs from unicast. We'll cover some of the different types of IP multicast, the basics of multicast routing and how to build in TCP-like reliability. Written in 2001, RFC 3170 states: *"IP Multicast will play a prominent role on the Internet in the coming years. It is a requirement, not an option, if the Internet is going to scale. Multicast allows application developers to add more functionality without significantly impacting the network."* Nearly two decades later, multicast is still largely ignored and misunderstood. There are many common misconceptions about multicast, including that it is only useful for streaming video and audio. It does so much more than that. This talk explains why multicast is the missing piece in the decentralisation puzzle, how multicast can help the Internet continue to scale, better protect our privacy, solve IoT problems and make polar bears happier at the same time. At a time when even the web is moving to UDP with HTTP/3 and WebRTC, it is time we took a serious look at what we're missing by not using multicast at the network layer to underpin our Internet protocols. We'll discuss how you can start using multicast in your project today, and how multicast design and thinking differs from unicast. We'll cover some of the different types of IP multicast, the basics of multicast routing and how to build in TCP-like reliability. false Brett Sheffield 2019-11-15T05:00:00-08:00 13:00 00:20 TALKS 3180 Talk 603-devops-a-history Something Different! In the midst of buzzwords like "devops", "containers", "continuous delivery", "IAAS", and even "cloud" it can be easy to forget the problems these concept were created to solve. It is impossible to fully understand DevOps as it is now without understanding where it came from. This talk will take you through a journey of each stage of the DevOps movement - from the very beginning to the most bleeding edge tools and concepts of today. At each stage I will thoroughly cover the "how" and "why" - including personal testimonials from those involved - Devops evolved the way it did. Go beyond the buzzwords and gain a new understanding of the how and why of Devops. You will walk away with a new understanding of why we used to do things - what problems we were trying to solve, what brought DevOps to where it is now, and it's potential for the future. In the midst of buzzwords like "devops", "containers", "continuous delivery", "IAAS", and even "cloud" it can be easy to forget the problems these concept were created to solve. It is impossible to fully understand DevOps as it is now without understanding where it came from. This talk will take you through a journey of each stage of the DevOps movement - from the very beginning to the most bleeding edge tools and concepts of today. At each stage I will thoroughly cover the "how" and "why" - including personal testimonials from those involved - Devops evolved the way it did. Go beyond the buzzwords and gain a new understanding of the how and why of Devops. You will walk away with a new understanding of why we used to do things - what problems we were trying to solve, what brought DevOps to where it is now, and it's potential for the future. false Nell Shamrell 2019-11-15T05:30:00-08:00 13:30 00:50 TALKS 3180 Longer Talk 664-consistent-technical-documents-using-emacs-and-org-mode Applying Literate Programming to Technical Writing Documentation When writing about programming or other technical subjects, you're often weaving blocks of source code, program output, and raw data in with your prose. These supplementary materials are usually copied and pasted into your document from other sources, which can be difficult and tedious to keep up-to-date as things change. Inconsistencies and errors can easily creep in when you "hard-code" dynamic information like program output into your writing. Wouldn't it be great if the tool you used for writing knew how to run code in a variety of programming languages, collect and format output, and let you refer symbolically to all this dynamically generated content in your prose? In this talk I'll demonstrate how to use GNU Emacs' _Org mode_ to create professional looking technical documents that do just that. We'll explore the features of Babel, Org mode's literate programming add-on, that makes it convenient to edit, evaluate, and manage embedded code, output, and data all from inside GNU Emacs. When writing about programming or other technical subjects, you're often weaving blocks of source code, program output, and raw data in with your prose. These supplementary materials are usually copied and pasted into your document from other sources, which can be difficult and tedious to keep up-to-date as things change. Inconsistencies and errors can easily creep in when you "hard-code" dynamic information like program output into your writing. Wouldn't it be great if the tool you used for writing knew how to run code in a variety of programming languages, collect and format output, and let you refer symbolically to all this dynamically generated content in your prose? In this talk I'll demonstrate how to use GNU Emacs' _Org mode_ to create professional looking technical documents that do just that. We'll explore the features of Babel, Org mode's literate programming add-on, that makes it convenient to edit, evaluate, and manage embedded code, output, and data all from inside GNU Emacs. false Mike Hamrick 2019-11-15T06:45:00-08:00 14:45 00:20 TALKS 3180 Talk 668-old-dogs-new-tricks What's New with Perl5 This Century Programming The Perl programming language has a somewhat checkered reputation. People enjoy ranting about the supposed "read-only" nature of the language, and war stories of having to maintain horrible legacy Perl codebases are a popular feature of after-hours gatherings at programming conferences around the world. But, as Bjarne Stroustrup notes, "There are only two kinds of languages: the ones people complain about and the ones nobody uses" -- and Perl also enjoys a reputation as a language that gets pulled out when you need just a bit more "oomph" on the command line than you can muster up with bash, sed, awk, and friends. The thing that most people don't realize is that the Perl5 community, after a brief period of reduced activity in the early 2000s, has regained velocity and organization, and has produced new stable language releases (with new features!) for the last 9 years (and counting). During that period of time, the community consensus around issues such as installation management, deployment, and other best practices has undergone significant evolution. New libraries and frameworks have been introduced and have replaced older standards that you may be familiar with. (CGI.pm? No more!) As people from the Perl community have gained experience with newer languages and frameworks, they've brought new ideas from those systems back into the Perl fold, either adding them to the core language or to libraries available on the CPAN. The result combines all the stability from Perl's overarching commitment to backwards compatibility with support for the newest protocols and programming paradigms. This talk will summarize significant new features that have been added to the core language, discuss tooling options for managing Perl installations, explain the community consensus on best practices around deployments and which competing libraries to use for particular purposes, and generally get you up to speed on how the Perl5 community thinks about development in Perl in 2019. If you learned Perl back in the 5.6 days, you'll find out about all the new things you can start using that will make your Perl code even better. If you never learned Perl -- and especially if you think Perl is horrible -- you might just find out that it's not quite as bad as you've heard. You may even find a new feature or two that you'll want to steal and re-implement in your favorite programming language. The Perl programming language has a somewhat checkered reputation. People enjoy ranting about the supposed "read-only" nature of the language, and war stories of having to maintain horrible legacy Perl codebases are a popular feature of after-hours gatherings at programming conferences around the world. But, as Bjarne Stroustrup notes, "There are only two kinds of languages: the ones people complain about and the ones nobody uses" -- and Perl also enjoys a reputation as a language that gets pulled out when you need just a bit more "oomph" on the command line than you can muster up with bash, sed, awk, and friends. The thing that most people don't realize is that the Perl5 community, after a brief period of reduced activity in the early 2000s, has regained velocity and organization, and has produced new stable language releases (with new features!) for the last 9 years (and counting). During that period of time, the community consensus around issues such as installation management, deployment, and other best practices has undergone significant evolution. New libraries and frameworks have been introduced and have replaced older standards that you may be familiar with. (CGI.pm? No more!) As people from the Perl community have gained experience with newer languages and frameworks, they've brought new ideas from those systems back into the Perl fold, either adding them to the core language or to libraries available on the CPAN. The result combines all the stability from Perl's overarching commitment to backwards compatibility with support for the newest protocols and programming paradigms. This talk will summarize significant new features that have been added to the core language, discuss tooling options for managing Perl installations, explain the community consensus on best practices around deployments and which competing libraries to use for particular purposes, and generally get you up to speed on how the Perl5 community thinks about development in Perl in 2019. If you learned Perl back in the 5.6 days, you'll find out about all the new things you can start using that will make your Perl code even better. If you never learned Perl -- and especially if you think Perl is horrible -- you might just find out that it's not quite as bad as you've heard. You may even find a new feature or two that you'll want to steal and re-implement in your favorite programming language. false John SJ Anderson 2019-11-15T07:15:00-08:00 15:15 00:20 TALKS 3180 Talk 605-classic-tools-for-the-modern-age-introducing-wash-the-cloud-native-shell Systems/Ops Cloud infrastructure - particularly the focus on distributed systems and micro services - has made it more difficult to understand what's happening across multiple systems, how our systems interact, and even what we're running at this particular moment. More distributed systems have sprung up to help you manage that. We have log and metrics aggregators and distributed tracing systems to help you build a picture of what's going on. But sometimes setting up those tools is as complicated as the infrastructure you're running. Or they're not flexible in just the way you want. We still spend our days on the command-line, using a suite of tools that do similar things against similar types of infrastructure. But these tools are often inconsistent or inscrutable. Listing what you have, for example, requires you dig through a CLI tools' documentation and learn how their output is formatted and the terminology they use. What if we more closely followed some of the UNIX philosophy of small programs that do one thing well - in particular re-purposing concepts that already exist - applied to API-centric infrastructure? What underlying abstractions are needed to make them work? This talk reimagines how we build command-line tools for cloud infrastructure to make them more composable and transferable between systems. I will describe how the Wide-Area Shell (Wash) applies these ideas in designing a new shell experience. I will also share examples of how tools built around this idea can be used in novel ways to help understand your cloud infrastructure. Cloud infrastructure - particularly the focus on distributed systems and micro services - has made it more difficult to understand what's happening across multiple systems, how our systems interact, and even what we're running at this particular moment. More distributed systems have sprung up to help you manage that. We have log and metrics aggregators and distributed tracing systems to help you build a picture of what's going on. But sometimes setting up those tools is as complicated as the infrastructure you're running. Or they're not flexible in just the way you want. We still spend our days on the command-line, using a suite of tools that do similar things against similar types of infrastructure. But these tools are often inconsistent or inscrutable. Listing what you have, for example, requires you dig through a CLI tools' documentation and learn how their output is formatted and the terminology they use. What if we more closely followed some of the UNIX philosophy of small programs that do one thing well - in particular re-purposing concepts that already exist - applied to API-centric infrastructure? What underlying abstractions are needed to make them work? This talk reimagines how we build command-line tools for cloud infrastructure to make them more composable and transferable between systems. I will describe how the Wide-Area Shell (Wash) applies these ideas in designing a new shell experience. I will also share examples of how tools built around this idea can be used in novel ways to help understand your cloud infrastructure. false Michael Smith 2019-11-15T07:45:00-08:00 15:45 00:20 TALKS 3180 Talk 604-lesser-known-features-of-gnu-makefile Programming From tab-based indentation to automatic variables, Makefile never fails to surprise us with its exotic syntax. Besides its pitfalls, Makefile is a powerful template system that allows you to generate self-expanding code, thanks to a mechanism called lazy variables, paired with the ability to define multi-line macros. In this talk, we will explore these lesser-known features and see what we can do with them. Some basic knowledge of the Linux command line is assumed. To familiarize ourselves with Makefile, we will first write the build script for a sample C project. Then, we will go over variables, lazy variables and function calls. I will test your understanding with pop quizzes that are just fun multiple choice questions, so that you won't get lost as we move on to advanced concepts. Lastly, I will introduce you to the "LaTeX-like" multi-line macros, a feature that enables us to abstract away low-level details and describe complicated receipts through high-level processes. I will build a Chicken Scheme project using multi-line macros. Some tips and tricks for debugging your macros will also be covered. From tab-based indentation to automatic variables, Makefile never fails to surprise us with its exotic syntax. Besides its pitfalls, Makefile is a powerful template system that allows you to generate self-expanding code, thanks to a mechanism called lazy variables, paired with the ability to define multi-line macros. In this talk, we will explore these lesser-known features and see what we can do with them. Some basic knowledge of the Linux command line is assumed. To familiarize ourselves with Makefile, we will first write the build script for a sample C project. Then, we will go over variables, lazy variables and function calls. I will test your understanding with pop quizzes that are just fun multiple choice questions, so that you won't get lost as we move on to advanced concepts. Lastly, I will introduce you to the "LaTeX-like" multi-line macros, a feature that enables us to abstract away low-level details and describe complicated receipts through high-level processes. I will build a Chicken Scheme project using multi-line macros. Some tips and tricks for debugging your macros will also be covered. false Flynn Liu 2019-11-15T08:15:00-08:00 16:15 00:20 TALKS 3180 Talk 631-microservices-a-cautionary-tale Something Different! Product transformation and diversification in the product suite is the essence of the success of any company in today’s rapidly changing technology world. Most of the architectural patterns prescribe solutions to scale up a single product under critical workloads. Microservices architecture is one such pattern that is highly efficient and applicable to scale up a product. Though this is applicable to some of the products, the reality is much different for many others. In this era of startups trying to make their own place with a variety of products, the speaker talks about what happens when the range of products scale horizontally. She shares her engineering experience with the Microservice architecture and details of the infrastructure level decisions that can influence the maintainability and the scalability of the Microservice architecture in a rapidly changing product environment. She explains the course of product transformation, engineering choices made along the way, and how a well-designed microservices architecture failed to evolve with the product and transformed into a distributed monolith. A product life cycle usually has 4 phases— introduction, growth, maturity, and decline. We are currently in the growth stage. Every product evolves and an organization diversifies at some point or another to adapt to changing customer requirements or to solve another correlated problem. What we failed at was to do the same in engineering. For every new product offering, we introduced a bunch of carefully designed, modular services into the same cluster as needed. Soon, we had an ecosystem of products in the same cluster. We forgot the basic assumption of the microservice architecture— that architecture is designed for a single application but not a suite of applications to fit under one umbrella. Missing this assumption turned out to be the root cause of our problem. It soon turned the bottleneck, with multiple products existing in the same cluster. Any change in any service API contract requires API Gateway restart, which may have a great impact on other co-existing products and hence we needed to have coordinated timed releases. We thus lost the essence of CICD and our productivity has dipped. **Lessons Learnt** - Evolve/change technology in proportion to product growth and/or evolution. - Grow organically. Identify and act during the transition from the introduction phase to the growth phase, to accommodate the product growth. - Revisit the architecture, infrastructure and other choices made in the past, from time to time. Every organization should understand, appreciate and accommodate this re-engineering activity from time to time to ensure the stability and scalability of the systems. Product transformation and diversification in the product suite is the essence of the success of any company in today’s rapidly changing technology world. Most of the architectural patterns prescribe solutions to scale up a single product under critical workloads. Microservices architecture is one such pattern that is highly efficient and applicable to scale up a product. Though this is applicable to some of the products, the reality is much different for many others. In this era of startups trying to make their own place with a variety of products, the speaker talks about what happens when the range of products scale horizontally. She shares her engineering experience with the Microservice architecture and details of the infrastructure level decisions that can influence the maintainability and the scalability of the Microservice architecture in a rapidly changing product environment. She explains the course of product transformation, engineering choices made along the way, and how a well-designed microservices architecture failed to evolve with the product and transformed into a distributed monolith. A product life cycle usually has 4 phases— introduction, growth, maturity, and decline. We are currently in the growth stage. Every product evolves and an organization diversifies at some point or another to adapt to changing customer requirements or to solve another correlated problem. What we failed at was to do the same in engineering. For every new product offering, we introduced a bunch of carefully designed, modular services into the same cluster as needed. Soon, we had an ecosystem of products in the same cluster. We forgot the basic assumption of the microservice architecture— that architecture is designed for a single application but not a suite of applications to fit under one umbrella. Missing this assumption turned out to be the root cause of our problem. It soon turned the bottleneck, with multiple products existing in the same cluster. Any change in any service API contract requires API Gateway restart, which may have a great impact on other co-existing products and hence we needed to have coordinated timed releases. We thus lost the essence of CICD and our productivity has dipped. **Lessons Learnt** - Evolve/change technology in proportion to product growth and/or evolution. - Grow organically. Identify and act during the transition from the introduction phase to the growth phase, to accommodate the product growth. - Revisit the architecture, infrastructure and other choices made in the past, from time to time. Every organization should understand, appreciate and accommodate this re-engineering activity from time to time to ensure the stability and scalability of the systems. false Amulya Bandikatla 2019-11-15T08:45:00-08:00 16:45 00:20 TALKS 3180 Talk 625-controlling-your-model-trains-with-your-computer-and-free-software Hardware/IOT This talk will cover using your computer to control your model trains. It's pretty easy; just need a laptop (or other computing device) with enough resources to run a Java based graphical application, an Arduino Uno, Arduino motor shield, 15vdc power supply, and some time to set it all up. I will cover JMRI for the laptop, and DCC++ on the Arduino. This talk will cover using your computer to control your model trains. It's pretty easy; just need a laptop (or other computing device) with enough resources to run a Java based graphical application, an Arduino Uno, Arduino motor shield, 15vdc power supply, and some time to set it all up. I will cover JMRI for the laptop, and DCC++ on the Arduino. false Mairi Dulaney 2019-11-16T01:30:00-08:00 09:30 00:25 Theater Keynote 713-keynote-benjamin-mako-hill How markets coopted free software’s most powerful weapon App stores and the so-called “sharing economy” are two examples of business models that rely on techniques for the mass aggregation of distributed participation over the Internet and that imply didn’t exist a decade ago. In my talk, I argue that the firms pioneering these new models have learned and adapted processes from commons-based peer production projects like free software, Wikipedia, and CouchSurfing. The result is an important shift: A decade ago, the kind of mass collaboration that made Wikipedia, GNU/Linux, or Couchsurfing possible was the exclusive domain of people producing freely and openly in commons. Not only is this no longer true, new proprietary, firm-controlled, and money-based models are increasingly replacing, displacing, outcompeting, and potentially reducing what’s available in the commons. For example, the number of people joining Couchsurfing to host others seems to have been in decline since Airbnb began its own meteoric growth. In the talk, I talk about how this happened and what I think it means for folks of that are committed to working in commons. I talk a little bit about the free culture and free software should do now that mass collaboration, these communities’ most powerful weapon, is being used against them. How markets coopted free software’s most powerful weapon App stores and the so-called “sharing economy” are two examples of business models that rely on techniques for the mass aggregation of distributed participation over the Internet and that imply didn’t exist a decade ago. In my talk, I argue that the firms pioneering these new models have learned and adapted processes from commons-based peer production projects like free software, Wikipedia, and CouchSurfing. The result is an important shift: A decade ago, the kind of mass collaboration that made Wikipedia, GNU/Linux, or Couchsurfing possible was the exclusive domain of people producing freely and openly in commons. Not only is this no longer true, new proprietary, firm-controlled, and money-based models are increasingly replacing, displacing, outcompeting, and potentially reducing what’s available in the commons. For example, the number of people joining Couchsurfing to host others seems to have been in decline since Airbnb began its own meteoric growth. In the talk, I talk about how this happened and what I think it means for folks of that are committed to working in commons. I talk a little bit about the free culture and free software should do now that mass collaboration, these communities’ most powerful weapon, is being used against them. false Benjamin Mako Hill 2019-11-16T02:00:00-08:00 10:00 00:25 Theater Keynote 716-keynote-sage-sharp Countering Impostor Syndrome Culture Impostor syndrome is the combination of unrelenting standards for yourself, and feeling like you're an intellectual fake. There have been many talks that focus on changing the person who experiences impostor syndrome. But there are few resources for how the free software community can support people who experience impostor syndrome. How do we encourage new free software contributors who are struggling with impostor syndrome? How do we acknowledge the work of community members in a way that doesn't trigger the impostor syndrome feelings of "I'm not good enough"? How can free software communities change the culture that creates and perpetuates impostor syndrome? Countering Impostor Syndrome Culture Impostor syndrome is the combination of unrelenting standards for yourself, and feeling like you're an intellectual fake. There have been many talks that focus on changing the person who experiences impostor syndrome. But there are few resources for how the free software community can support people who experience impostor syndrome. How do we encourage new free software contributors who are struggling with impostor syndrome? How do we acknowledge the work of community members in a way that doesn't trigger the impostor syndrome feelings of "I'm not good enough"? How can free software communities change the culture that creates and perpetuates impostor syndrome? false Sage Sharp 2019-11-16T02:45:00-08:00 10:45 00:50 TALKS 3180 Longer Talk 596-playing-in-the-sandbox Improve Security and Privacy with Userspace Compartmentation Security/Infosec With the high frequency of corporate data breaches and the increased use of invasive tracking software used by modern websites, it is more important than ever to protect your data from unauthorized access. Rigorous coding practices might help developers avoid security bugs, but what can regular users do to keep their data safe when they don't control the code? In this talk we'll explore the basics behind using a "sandbox" to create security barriers when using the Internet as well as review practical concepts, procedures, and software that can reduce your risk of exposure online. With the high frequency of corporate data breaches and the increased use of invasive tracking software used by modern websites, it is more important than ever to protect your data from unauthorized access. Rigorous coding practices might help developers avoid security bugs, but what can regular users do to keep their data safe when they don't control the code? In this talk we'll explore the basics behind using a "sandbox" to create security barriers when using the Internet as well as review practical concepts, procedures, and software that can reduce your risk of exposure online. false Toby Betts 2019-11-16T05:00:00-08:00 13:00 00:50 TALKS 3180 Longer Talk 695-bash-101-platforms-user-space-and-built-ins Education As developers, operations engineers, system administrators, or hackers, the shell is often one of the first "power tools" we learn and `bash` is often the first shell we learned. I'll take a short walk through the history of the shell as an interface, how user innovations at University of California, Berkley and Massachusetts Institute of Technology led to the rich ecosystem of user-space tools we work with every day, and how `bash` helps spackle over some of the differences in platforms with a rich library of built-in functionality. This will be a low-to-mid level technical talk with some small demos or examples. It will be appropriate for all skill levels, with a focus on topics that will be most applicable to a beginner-to-intermediate audience interested in expanding their understanding of shell scripting, with a firm emphasis on `bash` and common (but not ubiquitous) third-party utilities available on all major Linux platforms. As developers, operations engineers, system administrators, or hackers, the shell is often one of the first "power tools" we learn and `bash` is often the first shell we learned. I'll take a short walk through the history of the shell as an interface, how user innovations at University of California, Berkley and Massachusetts Institute of Technology led to the rich ecosystem of user-space tools we work with every day, and how `bash` helps spackle over some of the differences in platforms with a rich library of built-in functionality. This will be a low-to-mid level technical talk with some small demos or examples. It will be appropriate for all skill levels, with a focus on topics that will be most applicable to a beginner-to-intermediate audience interested in expanding their understanding of shell scripting, with a firm emphasis on `bash` and common (but not ubiquitous) third-party utilities available on all major Linux platforms. false Ryan McKern 2019-11-16T06:00:00-08:00 14:00 00:20 TALKS 3180 Talk 676-2019-a-lisp-odyssey Programming Yep, that language you forgot about after Comp Sci 101 is still alive and kicking! We'll explore the present and future of this ancient language, with a focus on Common Lisp: * The general state of the Common Lisp language and development tools today, including some of the crazy things you can do with Emacs! * StumpWM and the Next browser, examples of useful Common Lisp applications for the Linux desktop. * Tools like `parenscript` which are putting Lisp on the client-side of the web. By the end of this presentation, you should be inspired to go home, install Emacs, and start `(meta-)*programming`! NOTE: I didn't realize quite how short this presentation had to be, so be ready for some sort of Lisp-related presentation that won't closely follow the bullet points above! Yep, that language you forgot about after Comp Sci 101 is still alive and kicking! We'll explore the present and future of this ancient language, with a focus on Common Lisp: * The general state of the Common Lisp language and development tools today, including some of the crazy things you can do with Emacs! * StumpWM and the Next browser, examples of useful Common Lisp applications for the Linux desktop. * Tools like `parenscript` which are putting Lisp on the client-side of the web. By the end of this presentation, you should be inspired to go home, install Emacs, and start `(meta-)*programming`! NOTE: I didn't realize quite how short this presentation had to be, so be ready for some sort of Lisp-related presentation that won't closely follow the bullet points above! false Mark Polyakov 2019-11-16T06:45:00-08:00 14:45 00:20 TALKS 3180 Talk 690-bicycles-as-a-metaphor-for-floss Something Different! Over the last three years, I have _really_ gotten into bicycling. From a negligible cycling past, I broke the 10,000 mile mark a while ago. Last year, while riding from Seattle to Bellingham, from my biking community to my Linux community, I considered just how Freeing each transition had been. Historically biking has been associated with many things including health, happiness, and feminism. What about Free Software? During the next 20 minutes, we will explore the open engineering, grassroots innovation, hands-on-learning, hidden dangers, bright horizons, and overall rad routes that both free software and bicycles cover mile by mile, together. This ride through history, past, present, and future, will leave both free software and cycling enthusiasts with a deeper understanding of what it is that "sparks joy" within members of each group. Join me in an exploration of excitement, engineering, and Freedom as we take this journey on two-wheeled, self-powered transportation and transformation! Over the last three years, I have _really_ gotten into bicycling. From a negligible cycling past, I broke the 10,000 mile mark a while ago. Last year, while riding from Seattle to Bellingham, from my biking community to my Linux community, I considered just how Freeing each transition had been. Historically biking has been associated with many things including health, happiness, and feminism. What about Free Software? During the next 20 minutes, we will explore the open engineering, grassroots innovation, hands-on-learning, hidden dangers, bright horizons, and overall rad routes that both free software and bicycles cover mile by mile, together. This ride through history, past, present, and future, will leave both free software and cycling enthusiasts with a deeper understanding of what it is that "sparks joy" within members of each group. Join me in an exploration of excitement, engineering, and Freedom as we take this journey on two-wheeled, self-powered transportation and transformation! false Wm Salt Hale 2019-11-16T07:15:00-08:00 15:15 00:20 TALKS 3180 Talk 718-contending-with-our-culture-of-discouragement People The Free Software/Open Source community appears to be at a crossroads. A brave woman declared that "enough is enough" with the disturbing statements of a pivotal figure in the community and it rightfully cost that figure a number of prominent positions. Remarkably, she wasn't the first woman to challenge a foundation leader this year and help usher them to the door. Responses to such confrontations have ranged from outpouring of support to the proposal of morality-enforcing licenses for software, to some amount of backlash. One theme however, is the chilling effect that disturbing, and at times unlawful behavior in the community causes, and the efforts to contend with it. Why participate in communities with *these* issues? This passive discouragement is often combined with direct discouragement and countless forms of divisiveness. Yet we press on, and work to resolve these bugs, one by one. This talk will discuss identifying and contending with discouraging behavior in communities of any size. The Free Software/Open Source community appears to be at a crossroads. A brave woman declared that "enough is enough" with the disturbing statements of a pivotal figure in the community and it rightfully cost that figure a number of prominent positions. Remarkably, she wasn't the first woman to challenge a foundation leader this year and help usher them to the door. Responses to such confrontations have ranged from outpouring of support to the proposal of morality-enforcing licenses for software, to some amount of backlash. One theme however, is the chilling effect that disturbing, and at times unlawful behavior in the community causes, and the efforts to contend with it. Why participate in communities with *these* issues? This passive discouragement is often combined with direct discouragement and countless forms of divisiveness. Yet we press on, and work to resolve these bugs, one by one. This talk will discuss identifying and contending with discouraging behavior in communities of any size. false Michael Dexter 2019-11-16T07:45:00-08:00 15:45 00:20 TALKS 3180 Talk 636-the-fallacy-of-move-fast-and-break-things Something Different! The phrase "move fast, and break things" has been echoing down the halls of tech companies for years. While this may sound like a good way to operate it will be challenging without having processes in place to set teams and individuals up for success. You might be thinking "Ugh process. Processes stifle innovation, slow things down, and introduce unnecessary hurdles to jump through." But in order to move quickly and know what to do when things breaks processes are needed. To successfully move fast and break things processes are needed for: - Releasing a new feature to production. How and when is code deployed? What is the path to production—are features first made available to internal users, then a gradual rollout to all users? - Alerting and notifying the correct individuals that something is broken. What mechanisms are in place to monitor applications and systems? Who is part of the on-call rotation? What is the escalation procedure? - Implementing safety precautions. What precautions can be implemented to safely disable or roll back features when something breaks. Moving fast, breaking things, and taking forever to resolve the problems does not result in happy customers and employees. High performing organizations move quickly and break things, but they also have a relatively low MTTR (mean time to resolve) when things break. The longer it takes to resolve an incident the unhappier people are. Customers are unhappy the site is broken, ops is unhappy that they still don't have a patch, marketing is unhappy that social media is blowing up, and developers are unhappy that they are spending time working on an incident instead of working on new features. This talk will explore what processes can be put in place to reduce MTTR such as: - Scheduling chaos or game days to practice what to do when things go wrong. - Setting up the right monitoring strategy. - Testing in production. You should attempt to move fast, you should attempt to break things- but only when you have the right protections and processes in place. The phrase "move fast, and break things" has been echoing down the halls of tech companies for years. While this may sound like a good way to operate it will be challenging without having processes in place to set teams and individuals up for success. You might be thinking "Ugh process. Processes stifle innovation, slow things down, and introduce unnecessary hurdles to jump through." But in order to move quickly and know what to do when things breaks processes are needed. To successfully move fast and break things processes are needed for: - Releasing a new feature to production. How and when is code deployed? What is the path to production—are features first made available to internal users, then a gradual rollout to all users? - Alerting and notifying the correct individuals that something is broken. What mechanisms are in place to monitor applications and systems? Who is part of the on-call rotation? What is the escalation procedure? - Implementing safety precautions. What precautions can be implemented to safely disable or roll back features when something breaks. Moving fast, breaking things, and taking forever to resolve the problems does not result in happy customers and employees. High performing organizations move quickly and break things, but they also have a relatively low MTTR (mean time to resolve) when things break. The longer it takes to resolve an incident the unhappier people are. Customers are unhappy the site is broken, ops is unhappy that they still don't have a patch, marketing is unhappy that social media is blowing up, and developers are unhappy that they are spending time working on an incident instead of working on new features. This talk will explore what processes can be put in place to reduce MTTR such as: - Scheduling chaos or game days to practice what to do when things go wrong. - Setting up the right monitoring strategy. - Testing in production. You should attempt to move fast, you should attempt to break things- but only when you have the right protections and processes in place. false Dawn Parzych 2019-11-16T08:15:00-08:00 16:15 00:50 TALKS 3180 Longer Talk 646-the-death-star-postmortem What would a postmortem for a hugely complicated project such as the Death Star look like? People Following every release of a complicated project is the inevitable postmortem, an opportunity for everyone to get together to discuss what went wrong and what could have been done better. When I think of complicated fictitious projects none is more complicated than the Death Star from Star Wars. Not only was it a weapon with the capability of destroying an entire planet from quite some distance away but it was also a moon-sized city. One that needed to provide the infrastructure to support the crew that lived and worked on it full time. The ultimate power of the Death Star was only overshadowed by its ultimate failure when it was successfully destroyed by the rebels not once, but twice. Following each of these failures, I like to think that what was left of the Galactic Empire would regroup and hold a postmortem, discussing what they all felt went wrong and what ultimately led each of the Death Stars being destroyed. During this talk, we’ll look at what these fictional postmortems might have looked like. What some of the potential talking points that might have come up, for example perhaps in hindsight it wasn’t a good idea to include an exposed exhaust vent that was easy to hit as a womp rat. And some potential lessons that we can incorporate into our real-life postmortems. Following every release of a complicated project is the inevitable postmortem, an opportunity for everyone to get together to discuss what went wrong and what could have been done better. When I think of complicated fictitious projects none is more complicated than the Death Star from Star Wars. Not only was it a weapon with the capability of destroying an entire planet from quite some distance away but it was also a moon-sized city. One that needed to provide the infrastructure to support the crew that lived and worked on it full time. The ultimate power of the Death Star was only overshadowed by its ultimate failure when it was successfully destroyed by the rebels not once, but twice. Following each of these failures, I like to think that what was left of the Galactic Empire would regroup and hold a postmortem, discussing what they all felt went wrong and what ultimately led each of the Death Stars being destroyed. During this talk, we’ll look at what these fictional postmortems might have looked like. What some of the potential talking points that might have come up, for example perhaps in hindsight it wasn’t a good idea to include an exposed exhaust vent that was easy to hit as a womp rat. And some potential lessons that we can incorporate into our real-life postmortems. false Gareth J. Greenaway 2019-11-16T02:45:00-08:00 10:45 00:50 TALKS 3179 Longer Talk 643-taking-control-of-our-networks-data-privacy Building Network Equipment & Self-Hosting Services with Free Software and Liberated Hardware Hardware/IOT We are losing more and more control of our data every passing day. Data is the new oil and majority of the devices, software and services want to capture as much information about us as possible. The flurry of proprietary smart (spy) devices are taking away our freedom and privacy. An innocent looking Router or a WiFi Access Point could be snooping on us and sending our data to the manufacturer. There are many reported cases of privacy breaches by various IoT and smart devices. We have liberated and taken control of computing devices like Desktop, Workstations, Laptops and Mobile Phones etc, but are we taking enough care of our networking gear? Do we care what kind of Router or Access Point is powering our network and if they're snooping on us? Do we know for sure if the latest smart device in our network is phoning home? How can we get more control on these devices with off-the-shelf hardware and Free Software? This talk tries to demystify the blackboxes being sold as Routers, Firewalls, Access Points,Network Attached Storages, IoT devices, Media Players etc. and de-couple the software from hardware. Further, we try to identify the hardware and software components in order to be able to build the Network Equipment ourselves and self-host services (Instant Messaging, Media Storage / Streaming, Social Networks, Home Automation, Git, NextCloud etc.) within the network which is in our control and empower ourselves to decide what data leaves the network and what doesn't. We also do a live demonstration of a working network set-up thus created with the Hardware and Software identified. We are losing more and more control of our data every passing day. Data is the new oil and majority of the devices, software and services want to capture as much information about us as possible. The flurry of proprietary smart (spy) devices are taking away our freedom and privacy. An innocent looking Router or a WiFi Access Point could be snooping on us and sending our data to the manufacturer. There are many reported cases of privacy breaches by various IoT and smart devices. We have liberated and taken control of computing devices like Desktop, Workstations, Laptops and Mobile Phones etc, but are we taking enough care of our networking gear? Do we care what kind of Router or Access Point is powering our network and if they're snooping on us? Do we know for sure if the latest smart device in our network is phoning home? How can we get more control on these devices with off-the-shelf hardware and Free Software? This talk tries to demystify the blackboxes being sold as Routers, Firewalls, Access Points,Network Attached Storages, IoT devices, Media Players etc. and de-couple the software from hardware. Further, we try to identify the hardware and software components in order to be able to build the Network Equipment ourselves and self-host services (Instant Messaging, Media Storage / Streaming, Social Networks, Home Automation, Git, NextCloud etc.) within the network which is in our control and empower ourselves to decide what data leaves the network and what doesn't. We also do a live demonstration of a working network set-up thus created with the Hardware and Software identified. false Nishant Sharma 2019-11-16T05:00:00-08:00 13:00 00:50 TALKS 3179 Longer Talk 659-open-source-won-but-software-freedom-hasn-t-yet-a-guide-commiseration-session-for-foss-activists People History never unfolds as we would expect. It's surprising and jarring that we've achieved both so much and so little. Every day, there is more Free and Open Source Software (FOSS) in the world than ever in history, but it's also a little bit harder each day to live a life that avoids proprietary software. Today's world of software technology is a ridiculous paradox. Most software that we depend on every day is under someone's else control. Whether it's the cloud service run by a big company, the medical devices that keep us alive, or the Javascript application for everything from our banking to our social media, the code that handles our most sensitive data and life-essential computing tasks is usually proprietary. Even Linux-based devices, which are ubiquitous, rarely comply with the GPL and therefore are more-or-less almost as proprietary as any other device. Linux is everywhere, yet early FOSS adopters have never had less software freedom than we do today. Once upon a time, it was viable for someone living in the industrialized world to function in daily society in pure software freedom. In those days, being a software freedom activist was akin to being a vegan or vegetarian: activists could (relatively conveniently) live a lifestyle that reflected our values and proved our sociopolitical point in mundane, daily terms. Leading by example is not so easy anymore. The strongest supporters of software freedom among us, if they chose to remain living in the industrialized world, make compromises. Our political opponents tell us that our cause is misguided since these compromises "aren't so bad". Meanwhile, our would-be political allies question our commitment to the cause because we carry devices with some proprietary firmwares. Navigating this complex climate may well be the hardest challenge we face. Cooptation is a commonplace for social justice movements, and the cooption process can be ongoing for decades. The software freedom movement is a few years into this cooption: this is precisely why we see major leaders stand up and shout "Open Source is the default; Open Source has won!" while presenting slides from a Macbook. The most difficult days don't lie behind us; they lie ahead. This talk is about surviving the personal struggle of software freedom activism in this current climate. Many of us want a world with only FOSS and no proprietary software, but we won't get there in our lifetimes. How do we live our lives to maximal effect to carry forward the torch of software freedom both in this generation and onto the next? How do we weather the inevitable failures and seemingly insurmountable challenges as we watch what was once FOSS slowly become proprietary again, or see new technologies exist only as proprietary, or, even worse, exist as a warped version of FOSS that "seems open" but fails to give most software freedoms to most users? Let's learn and explore together how to survive as activists now that the going got tough. History never unfolds as we would expect. It's surprising and jarring that we've achieved both so much and so little. Every day, there is more Free and Open Source Software (FOSS) in the world than ever in history, but it's also a little bit harder each day to live a life that avoids proprietary software. Today's world of software technology is a ridiculous paradox. Most software that we depend on every day is under someone's else control. Whether it's the cloud service run by a big company, the medical devices that keep us alive, or the Javascript application for everything from our banking to our social media, the code that handles our most sensitive data and life-essential computing tasks is usually proprietary. Even Linux-based devices, which are ubiquitous, rarely comply with the GPL and therefore are more-or-less almost as proprietary as any other device. Linux is everywhere, yet early FOSS adopters have never had less software freedom than we do today. Once upon a time, it was viable for someone living in the industrialized world to function in daily society in pure software freedom. In those days, being a software freedom activist was akin to being a vegan or vegetarian: activists could (relatively conveniently) live a lifestyle that reflected our values and proved our sociopolitical point in mundane, daily terms. Leading by example is not so easy anymore. The strongest supporters of software freedom among us, if they chose to remain living in the industrialized world, make compromises. Our political opponents tell us that our cause is misguided since these compromises "aren't so bad". Meanwhile, our would-be political allies question our commitment to the cause because we carry devices with some proprietary firmwares. Navigating this complex climate may well be the hardest challenge we face. Cooptation is a commonplace for social justice movements, and the cooption process can be ongoing for decades. The software freedom movement is a few years into this cooption: this is precisely why we see major leaders stand up and shout "Open Source is the default; Open Source has won!" while presenting slides from a Macbook. The most difficult days don't lie behind us; they lie ahead. This talk is about surviving the personal struggle of software freedom activism in this current climate. Many of us want a world with only FOSS and no proprietary software, but we won't get there in our lifetimes. How do we live our lives to maximal effect to carry forward the torch of software freedom both in this generation and onto the next? How do we weather the inevitable failures and seemingly insurmountable challenges as we watch what was once FOSS slowly become proprietary again, or see new technologies exist only as proprietary, or, even worse, exist as a warped version of FOSS that "seems open" but fails to give most software freedoms to most users? Let's learn and explore together how to survive as activists now that the going got tough. false Bradley M. Kuhn Karen M. Sandler 2019-11-16T06:00:00-08:00 14:00 00:20 TALKS 3179 Talk 623-project-springtime-a-diy-backyard-hydroponics-system-developed-open-source-style Hardware/IOT Like many, I've recently become fascinated by hydroponics: growing delicious food without soil, right at home, taking up minimal space. Food miles: zero. Freshness: minutes from harvest to plate. Variety: much better than any grocery store. What's not to like? As a would-be hydroponic food grower, so far, you have two options: either you buy an (expensive) commercial system and remain satisfied with whatever that system lets you grow or do; or you do your own research, build your own and are satisfied with lots of trial and error until your own contraption (maybe) reliably produces the food you want. Can we do better? Introducing [Project Springtime](https://www.project-springtime.org/): let's apply open-source-style development to building and operating a hydroponics system. While our first system is working quite reliably and well, turning it into an open-source project and evolving it with version control and bug tracking is a new experiment, and I'd like to tell you all about it: * We started with a very compact, vertical, backyard, DIY system for the concurrent growing of about 70 plants, mostly copying another system that its creator [documented quite well](https://waterworks-hydro.com/maker-faire-2019.html) on the web. * In several iterations since, we made a number of improvements to mechanical stability, flexibility, avoidance of algae etc. * Since then, we have put the documentation under version control and are publishing it to the web with Hugo and some home-grown code. The docs now contain detailed instructions on how to build the system, how to operate it day to day, troubleshooting and pest control. There are technical drawings for parts, sourcing for the components, 3D-printable parts for further optimization and more. Given this, anybody with moderate handiman skills (like cutting wood or drilling holes) should be able to set up their own for a few hundred dollars in about a weekend, without having to be an expert in hydroponics. While not strictly required, electronics and software are under development, and we'll talk about those, too: if the water stopped circulating, or California turns off the power, plants die. So we need sensors, solar power, a battery and mobile phone alerts. If the nutrient and pH numbers move out of range, plants will stop growing. More sensors and alerts. If it's hot, water may need to be replenished. To address these requirements, we now have sensors, an ESP32 and a Raspberry Pi in the loop. One could even add image processing to automatically identify pests and diseases. The sky's the limit if motivated people collaborate, as Linux shows us. But unlike other open-source projects, with this project, you get not just cool code but delicious veggies! Won't you join us? Like many, I've recently become fascinated by hydroponics: growing delicious food without soil, right at home, taking up minimal space. Food miles: zero. Freshness: minutes from harvest to plate. Variety: much better than any grocery store. What's not to like? As a would-be hydroponic food grower, so far, you have two options: either you buy an (expensive) commercial system and remain satisfied with whatever that system lets you grow or do; or you do your own research, build your own and are satisfied with lots of trial and error until your own contraption (maybe) reliably produces the food you want. Can we do better? Introducing [Project Springtime](https://www.project-springtime.org/): let's apply open-source-style development to building and operating a hydroponics system. While our first system is working quite reliably and well, turning it into an open-source project and evolving it with version control and bug tracking is a new experiment, and I'd like to tell you all about it: * We started with a very compact, vertical, backyard, DIY system for the concurrent growing of about 70 plants, mostly copying another system that its creator [documented quite well](https://waterworks-hydro.com/maker-faire-2019.html) on the web. * In several iterations since, we made a number of improvements to mechanical stability, flexibility, avoidance of algae etc. * Since then, we have put the documentation under version control and are publishing it to the web with Hugo and some home-grown code. The docs now contain detailed instructions on how to build the system, how to operate it day to day, troubleshooting and pest control. There are technical drawings for parts, sourcing for the components, 3D-printable parts for further optimization and more. Given this, anybody with moderate handiman skills (like cutting wood or drilling holes) should be able to set up their own for a few hundred dollars in about a weekend, without having to be an expert in hydroponics. While not strictly required, electronics and software are under development, and we'll talk about those, too: if the water stopped circulating, or California turns off the power, plants die. So we need sensors, solar power, a battery and mobile phone alerts. If the nutrient and pH numbers move out of range, plants will stop growing. More sensors and alerts. If it's hot, water may need to be replenished. To address these requirements, we now have sensors, an ESP32 and a Raspberry Pi in the loop. One could even add image processing to automatically identify pests and diseases. The sky's the limit if motivated people collaborate, as Linux shows us. But unlike other open-source projects, with this project, you get not just cool code but delicious veggies! Won't you join us? false Johannes Ernst 2019-11-16T06:45:00-08:00 14:45 00:50 TALKS 3179 Longer Talk 677-left-shift-security-ls-2-shifting-application-security-left Automated security testing Security/Infosec ###### I will be sharing my learnings about security testing applications sooner and more often. Let's start a movement! #### Topic: Security/InfoSec #### Audience: Beginner to Intermediate CI/CD has greatly reduced the time to market for releasing new software. Security and InfoSec are rapidly gaining importance and complexity, but unfortunately their supporting processes and tools have not benefited as much from automation and modernization as other processes and tools used by development teams. Security testing is challenging or painful for most, so it often gets skipped or deferred until late in the development cycle. Most often, the security tests are executed by a team having a different mindset, bandwidth and cadence from the development team who wants to release the software. These conditions often foment culture clashes, mistrust and dysfunction between different teams. Quality suffers, operations staff is stressed, deadlines missed and the customer does not get a fully tested product. This should not be! Security is everyone's responsibility; not just security or operations. My short talk will focus on a prototype pipeline that demonstrates how to implement automation for basic security tests whenever developers change code. Said pipeline will be built using open source tools, one or more reference applications (SUTs) and be packaged in a way that makes it easy for attendees to replicate the results onsite in their own environments. Attendees will come away with better understanding of - different types of security tests - what should be automated - what should *not* be automated - how security testing fits into the developer work flow as well as larger project Any development team can become collaborators with their company's security and operations teams. This talk explores just one of many ways this could happen. ###### I will be sharing my learnings about security testing applications sooner and more often. Let's start a movement! #### Topic: Security/InfoSec #### Audience: Beginner to Intermediate CI/CD has greatly reduced the time to market for releasing new software. Security and InfoSec are rapidly gaining importance and complexity, but unfortunately their supporting processes and tools have not benefited as much from automation and modernization as other processes and tools used by development teams. Security testing is challenging or painful for most, so it often gets skipped or deferred until late in the development cycle. Most often, the security tests are executed by a team having a different mindset, bandwidth and cadence from the development team who wants to release the software. These conditions often foment culture clashes, mistrust and dysfunction between different teams. Quality suffers, operations staff is stressed, deadlines missed and the customer does not get a fully tested product. This should not be! Security is everyone's responsibility; not just security or operations. My short talk will focus on a prototype pipeline that demonstrates how to implement automation for basic security tests whenever developers change code. Said pipeline will be built using open source tools, one or more reference applications (SUTs) and be packaged in a way that makes it easy for attendees to replicate the results onsite in their own environments. Attendees will come away with better understanding of - different types of security tests - what should be automated - what should *not* be automated - how security testing fits into the developer work flow as well as larger project Any development team can become collaborators with their company's security and operations teams. This talk explores just one of many ways this could happen. false Nadine Whitfield 2019-11-16T07:45:00-08:00 15:45 00:20 TALKS 3179 Talk 615-a-quic-history-of-http Systems/Ops HTTP, first defined in 1991, has undergone radical change since it was created by Tim Berners-Lee in the days of dialup. We'll cover the notable problems and improvements from 0.9 up to the proposed HTTP/3 which sheds TCP entirely and implements a secure and highly performant TLS-over-UDP protocol known as QUIC. No prior knowledge of HTTP or networking is required, but even those comfortable writing web requests at the command line will learn a thing or two. HTTP, first defined in 1991, has undergone radical change since it was created by Tim Berners-Lee in the days of dialup. We'll cover the notable problems and improvements from 0.9 up to the proposed HTTP/3 which sheds TCP entirely and implements a secure and highly performant TLS-over-UDP protocol known as QUIC. No prior knowledge of HTTP or networking is required, but even those comfortable writing web requests at the command line will learn a thing or two. false Bri Hatch 2019-11-16T08:15:00-08:00 16:15 00:50 TALKS 3179 Longer Talk 660-getting-started-with-nextcloud Self-hosted replacement for Dropbox, Google Drive, etc Something Different! In this presentation I plan to introduce Nextcloud and provide examples of how to get started using it. This will include:. * History of Nextcloud * Why should you use Nextcloud instead of Dropbox, OneDrive, etc. * Ways to get a Nextcloud instance * Self-hosted at home * VPS * Service provider * How I use my Nextcloud server * Cal and CardDav * Note taking * File sync * Online office suite * Q&A I am open to this talk being in either a 30 min or 50 min slot. It will scale easily. In this presentation I plan to introduce Nextcloud and provide examples of how to get started using it. This will include:. * History of Nextcloud * Why should you use Nextcloud instead of Dropbox, OneDrive, etc. * Ways to get a Nextcloud instance * Self-hosted at home * VPS * Service provider * How I use my Nextcloud server * Cal and CardDav * Note taking * File sync * Online office suite * Q&A I am open to this talk being in either a 30 min or 50 min slot. It will scale easily. false Charlotte McGraw 2019-11-16T02:45:00-08:00 10:45 00:50 TALKS 3183 Longer Talk 644-learning-natural-language-processing-through-the-regender-project AI/ML/Data Privacy Research has shown that the way we use language influences the way we think. Can we begin to disentangle gender from our identities through language? Inspired by modern speculative fiction writers like Ann Leckie, the Regender Project aims to explore that question by using technology to alter the genders used in English text: changing male characters to female and vice versa, or assigning everyone the same gender pronoun. This talk will cover the beginning efforts to build a dictionary of English gendered words, as well as the technological challenges of swapping pronouns, gendered words and proper names in text, using open source natural language tools, machine learning, and common sense knowledge bases. Research has shown that the way we use language influences the way we think. Can we begin to disentangle gender from our identities through language? Inspired by modern speculative fiction writers like Ann Leckie, the Regender Project aims to explore that question by using technology to alter the genders used in English text: changing male characters to female and vice versa, or assigning everyone the same gender pronoun. This talk will cover the beginning efforts to build a dictionary of English gendered words, as well as the technological challenges of swapping pronouns, gendered words and proper names in text, using open source natural language tools, machine learning, and common sense knowledge bases. false Eva Monsen 2019-11-16T05:00:00-08:00 13:00 00:50 TALKS 3183 Longer Talk 685-building-your-own-keyboard-with-free-software Hardware/IOT Mechanical keyboards are soaring in popularity recently. This talk explains why you might be interested in them as well. The following topics will be covered: - Case/plate/PCB - Switches - Caps - Freedom of hardware - A brief note on soldering - Freedom of software - GPL firmware: QMK - Questions **Case/plate/PCB** Full size, tenkeyless, 75%, 65%, 60%, 40%, split, ortholinear, this talk covers all the different sizes in a hope to show you how your imagination is the limit when it comes to keyboards. I will go into detail about each size and why you might be interested in that size. **Switches** Tactile, linear, clicky. Cherry, Kailh, Gateron. I will cover all the major switch types, and what their pros and cons are. **Caps** Then I will discuss the various keycap profiles in detail with pictures. **Freedom of hardware** This immense freedom of hardware choice lends itself well to folks that are concerned with controlling their tools, as keyboards are one of the primary tools for people who do computer stuff. **A brief note on soldering** I want to dispel myths about soldering and reassure people that even those with zero prior hardware experience (like me!) can successfully build their own keyboard **Freedom of software** Software freedom! Perhaps the most relevant part, I will discuss the high level view of the QMK firmware that powers most custom keyboards. It is a GPL licensed C program that generates incredibly powerful customized firmware. **GPL firmware: QMK** I will go over how to build it yourself both online or on your local machine, and describe some of QMK’s more advanced features that set it apart from proprietary keyboard firmwares. **Questions** I expect that with so much to cover and this being such a hot but mysterious topic, there will be lots of questions, so I want to make sure to leave lots of time for those. Mechanical keyboards are soaring in popularity recently. This talk explains why you might be interested in them as well. The following topics will be covered: - Case/plate/PCB - Switches - Caps - Freedom of hardware - A brief note on soldering - Freedom of software - GPL firmware: QMK - Questions **Case/plate/PCB** Full size, tenkeyless, 75%, 65%, 60%, 40%, split, ortholinear, this talk covers all the different sizes in a hope to show you how your imagination is the limit when it comes to keyboards. I will go into detail about each size and why you might be interested in that size. **Switches** Tactile, linear, clicky. Cherry, Kailh, Gateron. I will cover all the major switch types, and what their pros and cons are. **Caps** Then I will discuss the various keycap profiles in detail with pictures. **Freedom of hardware** This immense freedom of hardware choice lends itself well to folks that are concerned with controlling their tools, as keyboards are one of the primary tools for people who do computer stuff. **A brief note on soldering** I want to dispel myths about soldering and reassure people that even those with zero prior hardware experience (like me!) can successfully build their own keyboard **Freedom of software** Software freedom! Perhaps the most relevant part, I will discuss the high level view of the QMK firmware that powers most custom keyboards. It is a GPL licensed C program that generates incredibly powerful customized firmware. **GPL firmware: QMK** I will go over how to build it yourself both online or on your local machine, and describe some of QMK’s more advanced features that set it apart from proprietary keyboard firmwares. **Questions** I expect that with so much to cover and this being such a hot but mysterious topic, there will be lots of questions, so I want to make sure to leave lots of time for those. false Brian Mock 2019-11-16T06:00:00-08:00 14:00 00:20 TALKS 3183 Talk 670-once-more-with-style Considering whether your project needs a style guide Documentation Would your Open Source software project benefit from a style guide? Would your project at work? It's tempting to reply to these questions with a reflexive "Yes, of course!" — the benefits of having an established coding style for a project, having rules around how things are formatted, what language features are to be used and which are to be avoided, seem obvious. It makes it easier to onboard new contributors, establishes a baseline expectation for drive-by pull requests, and makes the code review process more transparent. But style guides aren't free. Setting one up can involve a significant amount of effort, and, depending on the number of contributors involved in the discussion, can be a significant source of stress and strife. Many projects have been highly successful with nary a hint of any sort of overall style guidance. So what's a maintainer to do? Style guide, or no? Come to this talk to learn more about the tradeoffs between having a style guide and not having a style guide, as well as some tooling options that you may not be aware of that will make it easier to move towards having some style guidelines, without having to invest a bunch of upfront effort into something you may end up hating. Would your Open Source software project benefit from a style guide? Would your project at work? It's tempting to reply to these questions with a reflexive "Yes, of course!" — the benefits of having an established coding style for a project, having rules around how things are formatted, what language features are to be used and which are to be avoided, seem obvious. It makes it easier to onboard new contributors, establishes a baseline expectation for drive-by pull requests, and makes the code review process more transparent. But style guides aren't free. Setting one up can involve a significant amount of effort, and, depending on the number of contributors involved in the discussion, can be a significant source of stress and strife. Many projects have been highly successful with nary a hint of any sort of overall style guidance. So what's a maintainer to do? Style guide, or no? Come to this talk to learn more about the tradeoffs between having a style guide and not having a style guide, as well as some tooling options that you may not be aware of that will make it easier to move towards having some style guidelines, without having to invest a bunch of upfront effort into something you may end up hating. false John SJ Anderson 2019-11-16T06:45:00-08:00 14:45 00:50 TALKS 3183 Longer Talk 682-chaos-in-the-system Why simple solutions don't work when they should Systems/Ops This talk will critically examine the current state of computing through the lens of a highly-portable POSIX shell script I wrote, `filter-other-days`. The problem that `filter-other-days` is solving is seemingly simple: find all log entries on the entire system from the current date. But because of modern systems' complexity as well as applications' tendency to use disparate logging systems, we need to turn to a counter-intuitive solution: filtering out all _other_ dates from the logs, which is what `filter-other-days` does. This seems perverse. I supposedly control most boxes on which I run `filter-other-days`, and yet I don't have _enough_ control over them to solve this problem without the backwards approach `filter-other-days` takes. Using examples from `filter-other-days` we will briefly discuss the broader problem of UNIX portability and how hard it is to make a shell script reliably run everywhere before diving into an even _larger_ problem that `filter-other-days` is emblematic of: our inability to understand and control the complexity of our own computing systems. At the end of the session I will present some ideas for possible ways to start thinking about the portability and complexity problems, and then facilitate an audience discussion around the same. Active participation is highly encouraged. This talk will critically examine the current state of computing through the lens of a highly-portable POSIX shell script I wrote, `filter-other-days`. The problem that `filter-other-days` is solving is seemingly simple: find all log entries on the entire system from the current date. But because of modern systems' complexity as well as applications' tendency to use disparate logging systems, we need to turn to a counter-intuitive solution: filtering out all _other_ dates from the logs, which is what `filter-other-days` does. This seems perverse. I supposedly control most boxes on which I run `filter-other-days`, and yet I don't have _enough_ control over them to solve this problem without the backwards approach `filter-other-days` takes. Using examples from `filter-other-days` we will briefly discuss the broader problem of UNIX portability and how hard it is to make a shell script reliably run everywhere before diving into an even _larger_ problem that `filter-other-days` is emblematic of: our inability to understand and control the complexity of our own computing systems. At the end of the session I will present some ideas for possible ways to start thinking about the portability and complexity problems, and then facilitate an audience discussion around the same. Active participation is highly encouraged. false AJ Jordan 2019-11-16T07:40:00-08:00 15:40 01:30 TALKS 3183 Podcast 711-free-as-in-freedom-live-at-seagl And they're back! Join Karen and Bradley as they record a *live* episode of Free as in Freedom (their podcast about legal, policy, and many other issues in the free and open source software world), for the first time with a live studio audience. The recording will begin with a brief chat about the conference and then move to topic suggestions and questions from you, the audience. Stop by the Conservancy booth during the conference to submit your questions in advance. Bradley and Karen will be ready to talk about copyleft enforcement, diversity intiatives in free software, timely news stories and anything else you think they should discuss. And they're back! Join Karen and Bradley as they record a *live* episode of Free as in Freedom (their podcast about legal, policy, and many other issues in the free and open source software world), for the first time with a live studio audience. The recording will begin with a brief chat about the conference and then move to topic suggestions and questions from you, the audience. Stop by the Conservancy booth during the conference to submit your questions in advance. Bradley and Karen will be ready to talk about copyleft enforcement, diversity intiatives in free software, timely news stories and anything else you think they should discuss. false Karen M. Sandler Bradley M. Kuhn 2019-11-16T02:45:00-08:00 10:45 00:50 TALKS 3178 Longer Talk 706-codes-of-conduct-and-restorative-transformative-justice People Codes of Conduct aim to promote and maintain healthy communication and communities, both online and offline. People debate what to tolerate, what to censor, and how to deal with enforcement. This talk aims to inspire more discussion and consideration for embracing the ideas of Restorative and Transformative Justice. Restorative Justice means that in resolving any conduct violation or interpersonal conflict, we aim to restore all parties to good standing. Transformative Justice means considering contexts such as power differentials and systemic discrimination, aiming for resolutions that bring the most positive personal and systemic changes. These approaches give room for working through the particulars of each case. They provide structure without overly strict top-down rules or principles. In this talk and discussion, we'll explore how we can adapt these ideas to online communities and creative projects. Codes of Conduct aim to promote and maintain healthy communication and communities, both online and offline. People debate what to tolerate, what to censor, and how to deal with enforcement. This talk aims to inspire more discussion and consideration for embracing the ideas of Restorative and Transformative Justice. Restorative Justice means that in resolving any conduct violation or interpersonal conflict, we aim to restore all parties to good standing. Transformative Justice means considering contexts such as power differentials and systemic discrimination, aiming for resolutions that bring the most positive personal and systemic changes. These approaches give room for working through the particulars of each case. They provide structure without overly strict top-down rules or principles. In this talk and discussion, we'll explore how we can adapt these ideas to online communities and creative projects. false Aaron Wolf 2019-11-16T05:00:00-08:00 13:00 00:50 TALKS 3178 Longer Talk 709-digital-painting-in-krita Design/UI/UX/Accessibility Learn how to draw and paint in Krita, the 2D illustration program that puts brushes at the forefront of your workflow. Attendees will learn the principle workflows and conventions behind Krita, such as brushes, colors, and layers. Traditional artistic skills will also be covered, with a focus on how to draw and paint like a professional, and how Krita's interface corresponds to real world art materials. Follow along through a process demo that shows how to take a loose drawing through to a finished colored illustration. Lastly, get answers to your toughest art questions with some Q&A at the end. If you've got a tablet or stylus laptop, bring it along and join in the drawing fun! Learn how to draw and paint in Krita, the 2D illustration program that puts brushes at the forefront of your workflow. Attendees will learn the principle workflows and conventions behind Krita, such as brushes, colors, and layers. Traditional artistic skills will also be covered, with a focus on how to draw and paint like a professional, and how Krita's interface corresponds to real world art materials. Follow along through a process demo that shows how to take a loose drawing through to a finished colored illustration. Lastly, get answers to your toughest art questions with some Q&A at the end. If you've got a tablet or stylus laptop, bring it along and join in the drawing fun! false Oscar Baechler 2019-11-16T06:00:00-08:00 14:00 00:20 TALKS 3178 Talk 671-there-and-back-again-reproducibly Security/Infosec There is an epic journey from reviewed source code to the code you actually run on your computer, and things can go quietly wrong along the way! We can't do absolutely everything ourselves by hand, so we necessarily put trust into something or someone along the way. Will you join us on the journey, brave adventurer? What happens to your code as it passes through dark forests, trecherous mountain passes, or deep forboding caverns? What if something is quietly corrupting an otherwise trustworthy ally? Help showing up, but with it's own motives? Reproducible Builds gives a project confidence that the journey from source code to binary code gets you there and back again. https://reproducible-builds.org There is an epic journey from reviewed source code to the code you actually run on your computer, and things can go quietly wrong along the way! We can't do absolutely everything ourselves by hand, so we necessarily put trust into something or someone along the way. Will you join us on the journey, brave adventurer? What happens to your code as it passes through dark forests, trecherous mountain passes, or deep forboding caverns? What if something is quietly corrupting an otherwise trustworthy ally? Help showing up, but with it's own motives? Reproducible Builds gives a project confidence that the journey from source code to binary code gets you there and back again. https://reproducible-builds.org false Vagrant Cascadian 2019-11-16T06:45:00-08:00 14:45 00:50 TALKS 3178 Longer Talk 648-debian-software-management Systems/Ops Debian-based package management has been rock solid for many years. Still, there are complexities and nuances to explore. This talk will be a tour of distribution provided software management tools and features in Debian and Debian-based distributions such as Ubuntu. Attendees will learn about: * common software management tools * features of debian packages * parts of debian packages * helper tools * configuring and reconfiguring software * prioritizing and pinning software * upgrades * snaps * some differences between Debian and Ubuntu Debian-based package management has been rock solid for many years. Still, there are complexities and nuances to explore. This talk will be a tour of distribution provided software management tools and features in Debian and Debian-based distributions such as Ubuntu. Attendees will learn about: * common software management tools * features of debian packages * parts of debian packages * helper tools * configuring and reconfiguring software * prioritizing and pinning software * upgrades * snaps * some differences between Debian and Ubuntu false der.hans 2019-11-16T07:45:00-08:00 15:45 00:20 TALKS 3178 Talk 700-snek-a-python-inspired-language-for-tiny-embedded-computers Education Tiny embedded computers, like the original Arduino, are great for automating simple tasks. What they are not great at is providing an easy-to-learn environment for new programmers. As a part of a middle school robotics course based on Lego, I've developed a new language, Snek, which runs on these machines. Snek can run in as little as 32kB of ROM and 2kB of RAM. It provides a simpler, safer, easier to explore environment than C++. Snek is a subset of the Python language and comes with a host-based IDE written in Python that runs on Linux, Mac OS X and Windows. This presentation will describe the Snek language along with a few of the interesting implementation details including: * A new parser generator, lola, that generates a parser 1/10 the size of bison * An in-place compacting garbage collector * A fine hack for representing values in 32 bits that includes 32-bit floats * Some challenges with Python syntax and semantics which make it difficult to fit into a small environment. There will also be a demonstration of a few Snek-based Lego robots along with a description of how Snek has been integrated into the classroom environment. Comparisons with other embedded Python implementations will also be provided, including Micro Python, Circuit Python and full Python running on systems like the Raspberry PI. Attendees will learn something about how interpreted Python implementations operate, how Python can be used in embedded systems and what teaching programming to middle school students (10-14 years old) is like. Tiny embedded computers, like the original Arduino, are great for automating simple tasks. What they are not great at is providing an easy-to-learn environment for new programmers. As a part of a middle school robotics course based on Lego, I've developed a new language, Snek, which runs on these machines. Snek can run in as little as 32kB of ROM and 2kB of RAM. It provides a simpler, safer, easier to explore environment than C++. Snek is a subset of the Python language and comes with a host-based IDE written in Python that runs on Linux, Mac OS X and Windows. This presentation will describe the Snek language along with a few of the interesting implementation details including: * A new parser generator, lola, that generates a parser 1/10 the size of bison * An in-place compacting garbage collector * A fine hack for representing values in 32 bits that includes 32-bit floats * Some challenges with Python syntax and semantics which make it difficult to fit into a small environment. There will also be a demonstration of a few Snek-based Lego robots along with a description of how Snek has been integrated into the classroom environment. Comparisons with other embedded Python implementations will also be provided, including Micro Python, Circuit Python and full Python running on systems like the Raspberry PI. Attendees will learn something about how interpreted Python implementations operate, how Python can be used in embedded systems and what teaching programming to middle school students (10-14 years old) is like. false Keith Packard 2019-11-16T08:15:00-08:00 16:15 00:50 TALKS 3178 Longer Talk 673-co-operation-putting-it-in-writing People Just as [copy-left](https://en.wikipedia.org/wiki/Copyleft) uses principles of intellectual property rights to legally protect free and open source software, [co-operatives](https://en.wikipedia.org/wiki/Cooperative) use principles of business ownership to legally protect their collaborative relationships. This talk is an exploration of co-operative organization forms for free and open source projects, projects that may or may not be formal entities. We'll cover a little bit of basic principles, a little bit of example tech co-operatives, and hopefully a good amount of time for questions, news and brainstorms. No technical knowledge is assumed for this talk. It is mostly about self-organizing people, and touches a little on law. Just as [copy-left](https://en.wikipedia.org/wiki/Copyleft) uses principles of intellectual property rights to legally protect free and open source software, [co-operatives](https://en.wikipedia.org/wiki/Cooperative) use principles of business ownership to legally protect their collaborative relationships. This talk is an exploration of co-operative organization forms for free and open source projects, projects that may or may not be formal entities. We'll cover a little bit of basic principles, a little bit of example tech co-operatives, and hopefully a good amount of time for questions, news and brainstorms. No technical knowledge is assumed for this talk. It is mostly about self-organizing people, and touches a little on law. false Delib 2019-11-16T06:15:00-08:00 14:15 00:30 Expo Hall TeaGL 712-teagl TeaGL is the SeaGL tea swap. Bring some tea to share Saturday afternoon in the expo hall. We will have hot water on hand, so everyone can try something new. Black, green, white, herbal, whatever! All teas are welcome at TeaGL. Free As In Tea TeaGL is the SeaGL tea swap. Bring some tea to share Saturday afternoon in the expo hall. We will have hot water on hand, so everyone can try something new. Black, green, white, herbal, whatever! All teas are welcome at TeaGL. Free As In Tea false Rachel Kelly 2019-11-16T09:55:00-08:00 17:55 04:00 Sole Repair Shop - Party Venue - 1001 E Pike St, Seattle WA 98122 Party 717-closing-party Party Party false Rachel Kelly