325 lines
20 KiB
Plaintext
325 lines
20 KiB
Plaintext
|
Episode: 1526
|
||
|
|
Title: HPR1526: Penguicon 2014
|
||
|
|
Source: https://hub.hackerpublicradio.org/ccdn.php?filename=/eps/hpr1526/hpr1526.mp3
|
||
|
|
Transcribed: 2025-10-18 04:40:06
|
||
|
|
|
||
|
|
---
|
||
|
|
|
||
|
|
music
|
||
|
|
music
|
||
|
|
music
|
||
|
|
music
|
||
|
|
Hello, this is Ahuka, welcoming you to Hacker Public Radio and another exciting episode
|
||
|
|
of HPR.
|
||
|
|
And today what I want to do is talk about an event that I was involved in that happened
|
||
|
|
just a couple of weeks ago as I record this and that is something called Pengwicon.
|
||
|
|
Now I've been going to Pengwicon for a number of years, I've presented talks at Pengwicon
|
||
|
|
for a number of years, but this year was a little bit different and that's because I was
|
||
|
|
actually involved with helping to put on Pengwicon.
|
||
|
|
Now there's a little bit of backstory to this.
|
||
|
|
Some years back I was at Pengwicon and there was a talk being given by George Castro who
|
||
|
|
works for canonical and is a friend of mine.
|
||
|
|
He actually lives in the area, so I do get to see George fairly often.
|
||
|
|
And in this particular one, he was talking about how you can get help if you're using
|
||
|
|
Linux and I was in the room and I said, hey, you know, George, you're not mentioning
|
||
|
|
Linux users groups and I was president of a Linux users group at the time.
|
||
|
|
So I said, I think, you know, you ought to be mentioning these Linux users groups more
|
||
|
|
because that's a really good place for people to go and get some work done.
|
||
|
|
Now as it happens, there was a lady named Beth Lynn Eiker who was also there and when
|
||
|
|
I left the room, she kind of hit me up a little bit and said, hey, we could really use
|
||
|
|
someone working with Ohio Linux Fest and initially what she was talking about was being
|
||
|
|
the liaison with the Linux users groups and because I had spoken up about that in this
|
||
|
|
talk, she thought I'd be a good person for it.
|
||
|
|
So I said, fine, I would do that.
|
||
|
|
And then what happened is about a year later, I ended up taking over all of the publicity
|
||
|
|
for Ohio Linux Fest and did that for a few years and I had a great time doing it, learned
|
||
|
|
an awful lot.
|
||
|
|
But there was a point where I thought, okay, I've done this, it's time to move on and for
|
||
|
|
me that happened last fall.
|
||
|
|
We had the Ohio Linux Fest was in September and shortly after that, I informed them that
|
||
|
|
I would not be coming back.
|
||
|
|
I've got a lot of friends there, I wish them well.
|
||
|
|
I am very much looking forward to going back to Ohio Linux Fest again this coming fall
|
||
|
|
for the 2014 event.
|
||
|
|
And in fact, maybe looking forward to a little bit more because since I'm not working,
|
||
|
|
I might actually have time to enjoy the event and participate in a few more, listen to
|
||
|
|
a few more of the talks and things like that.
|
||
|
|
As well as, of course, the ever popular hallway track.
|
||
|
|
But anyway, that's coming up.
|
||
|
|
So with Pengwikon, because I had, it's something I'd been associated with for a long time, I
|
||
|
|
called a friend of mine named James Heiss and said, I'd like to help with the tech track.
|
||
|
|
Now, Pengwikon is a very interesting event because it combines technology, you know, the
|
||
|
|
part of the name comes from Penguin, which is, of course, the mascot of Linux.
|
||
|
|
So it combines a focus on Linux and, you know, computer and open source technology along
|
||
|
|
with what is a science fiction convention, with all of the things that science fiction
|
||
|
|
conventions do.
|
||
|
|
So you have literature and movies and music and costumes and all of that.
|
||
|
|
So the thing that's interesting is to me, I think, is that I don't know about anyone
|
||
|
|
else, but when we talk about a pure technology event, my wife is usually not interested.
|
||
|
|
But, you know, for the science fiction, she might be.
|
||
|
|
So there's a lot there for a wide variety of people, not being the sort of person I am.
|
||
|
|
Many times I've gone there and never got past anything but the tech track.
|
||
|
|
And it's just because I'd look at the schedule, you know, what am I most interested in right
|
||
|
|
now?
|
||
|
|
And it was usually going to be something having to do with computer technology because
|
||
|
|
that just is my interest.
|
||
|
|
So I was offering to help with that and went through a couple of meetings.
|
||
|
|
And then I'd say by February of this year, it was pretty clear to me that I was the guy.
|
||
|
|
I'm sure none of you have ever had that experience, but it was sort of like, you know, the call
|
||
|
|
for volunteers and everyone else steps backward.
|
||
|
|
So actually, I didn't mind that.
|
||
|
|
There were some things that I thought would be worth doing.
|
||
|
|
And in fact, I enjoyed it enough that I've already told them I'm going to stick around
|
||
|
|
for another year.
|
||
|
|
And I'm pretty excited about that because it looks like pretty much the whole team that
|
||
|
|
we had this year is continuing.
|
||
|
|
And I think we had a very successful event this year.
|
||
|
|
So I will no doubt have more to say on upcoming events.
|
||
|
|
And I'll be recording things for Hacker Public Radio about it.
|
||
|
|
But this is about reviewing 2014.
|
||
|
|
So my focus is on the tech track because that's what I was responsible for.
|
||
|
|
I attended as many of the talks as I could.
|
||
|
|
In fact, I only attended one talk that was outside of the tech track.
|
||
|
|
And it was one on the future of health care, which is also an interest for me.
|
||
|
|
So a lot of this is going to be recapping some of these tracks and just to give you a little
|
||
|
|
bit of a flavor of what goes on.
|
||
|
|
Now my recollection obviously does not cover everything that went on over the weekend,
|
||
|
|
therefore, and there were costume competitions and food events and music and one room where
|
||
|
|
I think they were running the Rocky Horror Picture Show on a continuous roll and everything
|
||
|
|
else.
|
||
|
|
So it was plenty to do.
|
||
|
|
And even with the tech track, we had about 70 hours worth of programming and there was
|
||
|
|
just no way I could attend every single talk as I did as many as I could.
|
||
|
|
And so I got complaints occasionally from people that they wanted to attend two talks that
|
||
|
|
were scheduled opposite each other and I could sympathize because it was very often what
|
||
|
|
I felt looking at the schedule was I can't be in two places at once.
|
||
|
|
Which one do I go to?
|
||
|
|
But I'll tell you, as the person who was mostly responsible for the programming, I'll take
|
||
|
|
that kind of problem any day of the week.
|
||
|
|
You know, I love hearing that because what that means is I'm putting on a lot of talks
|
||
|
|
that people want to go to.
|
||
|
|
You know, what you don't want to hear is, you know, I look at the schedule, it all sucked.
|
||
|
|
I didn't want to go to any of them.
|
||
|
|
Then you know, if you hear that from too many people that you've got a problem, one or
|
||
|
|
two people, you know, I got one friend who frankly, I just, I told him I'm going to apply
|
||
|
|
a correction factor to everything he says.
|
||
|
|
The other good problem that I had this weekend was that in many cases the rooms were packed.
|
||
|
|
Penguin Con in general had record attendance, which means we have to figure out how to
|
||
|
|
do better next year.
|
||
|
|
Host facility was excellent.
|
||
|
|
We were at the Weston Hotel in Southfield, Michigan.
|
||
|
|
When I talked to you had good things to say about them, I hope we can go back next year.
|
||
|
|
So this is located in Southfield as a suburb of Detroit in South Eastern Michigan in
|
||
|
|
the United States.
|
||
|
|
So if you happen to be within convenient travel distance, you know, you might want to
|
||
|
|
put it on the schedule to take a look at this and consider coming next year.
|
||
|
|
And I think this year was the best tech track in my memory at least.
|
||
|
|
And I'm going to give the credit to that to our con chair, who was Nuri Jose, because
|
||
|
|
he was really pushing, he was pushing that before I became involved.
|
||
|
|
He was saying we got to do more, we got to get more.
|
||
|
|
And every time I asked him how many talks he wanted, he kept saying you can't have too many.
|
||
|
|
So we had two days worth, if you add it up.
|
||
|
|
It started Friday afternoon and ran to Sunday afternoon.
|
||
|
|
And by the end, it was tricky just finding the rooms and equipment to make it happen.
|
||
|
|
But we mostly managed to do it.
|
||
|
|
And as I said, the result was about 70 hours of pretty good tech programming.
|
||
|
|
Now we had a focus.
|
||
|
|
This was, this past year was the year of Edward Snowden.
|
||
|
|
And I doubt that I'm the only tech programmer in the world that had this idea.
|
||
|
|
But I thought, you know, let's make a focus around that.
|
||
|
|
So we tried to program stuff on various aspects of security and privacy.
|
||
|
|
And I think did a pretty darn good job.
|
||
|
|
Now one of the first people I want to talk about is a fellow named Michael Lucas.
|
||
|
|
Now he is not only a security expert, but an author.
|
||
|
|
And he has written a number of books on these topics.
|
||
|
|
So he did several talks.
|
||
|
|
One was on the proper way to set up sudo with the subtitle you're doing it wrong.
|
||
|
|
And if you sat in on his talk, you would agree.
|
||
|
|
You probably are doing it wrong because he really dug into how that is supposed to work
|
||
|
|
and how you should set it up in order to have a secure server.
|
||
|
|
What you do on your own system is of course your own business.
|
||
|
|
Then he did one on DNS sec.
|
||
|
|
And that was very interesting as well, a different aspect of security.
|
||
|
|
And you know, it ties in with things like Heartbleed and SSL certs and all of that.
|
||
|
|
And DNS sec ends up being a part of that story as well.
|
||
|
|
And the fascinating talk on that.
|
||
|
|
And then he did one on SSH key authentication.
|
||
|
|
Now as I said, he is an author.
|
||
|
|
He's written books on all of these, which he sells from his site, which is the tilted
|
||
|
|
windmill press.
|
||
|
|
And I'll have a link in the show notes for this stuff.
|
||
|
|
And he offered a special deal to our attendees to buy a bundle of all three as ebooks for
|
||
|
|
$20 and I was more than happy to take advantage of that.
|
||
|
|
So I purchased all three of those books and I'm really hoping to have Michael back again
|
||
|
|
next year because he not only knows this stuff, but he gives a really good presentation.
|
||
|
|
Then friend of mine, Mark Stanislav, who works for a company called Duo Security, gave
|
||
|
|
us a talk on two factor authentication.
|
||
|
|
Mark is a great speaker.
|
||
|
|
I always learn something from his talks.
|
||
|
|
One of the things I appreciate about the talk that he gave, he works for a company that
|
||
|
|
provides a two factor authentication product, but it was not a sales pitch or a commercial
|
||
|
|
for his company.
|
||
|
|
It really was just to talk about essentially what is two factor authentication and what
|
||
|
|
does that mean.
|
||
|
|
And you know, Mark is, he was very careful to talk about things like if you have a
|
||
|
|
password and a pin, that is not two factor.
|
||
|
|
It's better than nothing, but it's not two factor authentication, you know, it's something
|
||
|
|
you know, something you have and at some point maybe something you are, you know.
|
||
|
|
So biometrics would be something you are, something you have could be a phone or some other
|
||
|
|
device, you know, a portable RSA key or what have you and then something you know, which
|
||
|
|
would be like a password or a pin.
|
||
|
|
So two factor is means that you've got to have at least one from each category.
|
||
|
|
Then we had a crypto party, Susan Sons, who works in a university in the security department
|
||
|
|
came and did the crypto party penguin con edition with help from Eric Raymond.
|
||
|
|
And I'm sure many people have heard of Eric Raymond from these most famous for writing
|
||
|
|
the cathedral in the bazaar, but what you may not know is that he's one of the people
|
||
|
|
who helped get penguin con going and has been involved right from the beginning.
|
||
|
|
So you can usually count on seeing him at penguin con every year.
|
||
|
|
Interesting fellow and one of those people I don't often agree with, but he always challenges
|
||
|
|
me and that's a good thing.
|
||
|
|
And then along with that Chris Naren and John Bell participated in that now.
|
||
|
|
John did a few other things.
|
||
|
|
He did some command line stuff for us and also geeks with guns.
|
||
|
|
So there were quite a few things going on.
|
||
|
|
So with the crypto party was basically a beginner's guide to using encryption and Susan was
|
||
|
|
a very methodical and patient in going through this.
|
||
|
|
There were some people in the room that were slow to catch on, let me say.
|
||
|
|
And she was very nice in handling that.
|
||
|
|
And in fact, as you might expect, I was also involved in a presentation.
|
||
|
|
I got together with my friend Tony Beamus from the Sunday morning Linux review.
|
||
|
|
And we did a talk on encryption, which was pretty well received and very similar to stuff
|
||
|
|
I've done for hacker public radio.
|
||
|
|
And you may think we not too long ago ran an interview that Tony and I, we got together
|
||
|
|
on the mumble server one day and just talked about the web of trust and key signing.
|
||
|
|
And if you're not following, subscribing, whatever to Sunday morning, Linux review, check
|
||
|
|
it out.
|
||
|
|
It's a really good podcast.
|
||
|
|
And in fact, I suspect next year I'm going to have all of the hosts of that because Matt
|
||
|
|
Enders and Mary Thomas have also told me that they want to do talks at PenguinCon next
|
||
|
|
year and they've got some ideas.
|
||
|
|
So another security thing, Chris Krieger, who is an old friend of mine, in fact, I met
|
||
|
|
Chris because we were singing together in a madrigal group and that's how I first met him.
|
||
|
|
But he is a security professional and works now for an international bank and is other
|
||
|
|
than that is fairly vague.
|
||
|
|
So I don't think he wants to get into the details of his job and I understand that.
|
||
|
|
My wife had an uncle who was very much that way and did I think communication security
|
||
|
|
for the federal government.
|
||
|
|
So Chris did one securing your home network with a hardware firewall and he focused on using
|
||
|
|
PF sense.
|
||
|
|
I was very interested and took some notes and don't be surprised if I end up doing something
|
||
|
|
for hacker public radio as part of my security and privacy series because I think it looked
|
||
|
|
like a really good thing to bring into this.
|
||
|
|
Next year we talked about maybe getting a presentation on snort, which is one of the things
|
||
|
|
you might use in conjunction with a hardware firewall.
|
||
|
|
Then there was a fellow named Mark Kickda and his presentation was Linux dorking, exploring
|
||
|
|
the basics of Linux from the eyes of an attacker and that was really good.
|
||
|
|
Again, we've got a professional and security industry and all of these people, Chris Krieger,
|
||
|
|
Mark Kickda, Mark Stanislaw, Michael Lucas, Susan Sons, you know, there were all professionals
|
||
|
|
and I think that's one of the reasons that makes the presentation.
|
||
|
|
So good, you know you're getting the information from the people who live this every day and
|
||
|
|
they know what they're talking about.
|
||
|
|
Now aside from the purely technical aspects, there were some policy questions.
|
||
|
|
One of our guests of honor this year was a lady named Eva Galperon from the Electronic
|
||
|
|
Frontier Foundation.
|
||
|
|
And then we were able, kind of at the last minute, it just happened to work out that we
|
||
|
|
could get Corey Doctoro, who came in as a featured guest and, you know, they did a number
|
||
|
|
of things but one of them was a panel that they did together called the NSA is watching
|
||
|
|
you.
|
||
|
|
The government, surveillance and you.
|
||
|
|
Now, of course, Corey is kind of a double hitter for something like Penguin Con.
|
||
|
|
He not only is very prominent in the security and technology area but he is a science fiction
|
||
|
|
author and I've talked about Corey before so we're just delighted to have him.
|
||
|
|
Then another guest of honor who covered multiple areas was a fellow named YT Cracker.
|
||
|
|
Now he was there primarily as a musical guest but he has a background in hacking so he
|
||
|
|
was able to join a few of panels that dealt with that.
|
||
|
|
And while I'm on guests of honor, I'll mention Ernie Klein who is the author of Ready Player
|
||
|
|
One, a book that I suspect quite a few people listening to hacker public radio have read
|
||
|
|
or at least have heard of and we had a fellow Ed Mason from Game Face Labs who showed off
|
||
|
|
a virtual reality headset throughout the weekend in addition to joining various panels.
|
||
|
|
And finally, last of our guests of honor was Erica Carlson who is a software developer
|
||
|
|
who created an organization called Girl Develop It, developed it, a Detroit area group that
|
||
|
|
focuses on helping girls to become coders.
|
||
|
|
So all in all, I thought we had an excellent group of guests of honor.
|
||
|
|
Now, the tech track wasn't all about that, in fact probably a little less than 50% of
|
||
|
|
the total went into the security and privacy.
|
||
|
|
So we had lots of other things.
|
||
|
|
George Castro from Canonical, I've mentioned, is usually there, in fact if you go back
|
||
|
|
far enough in Penguin Con history, I think he was saying that he once ran the tech track
|
||
|
|
back in the day.
|
||
|
|
So he's from this area and now works for Canonical.
|
||
|
|
He gave a presentation on Ubuntu, not surprisingly.
|
||
|
|
Now George is very involved with the cloud and server stuff and I've seen them do presentations
|
||
|
|
on Juju and so he used some of that and all of the initiatives that Canonical is making
|
||
|
|
to get Ubuntu into the cloud and they've been very successful there and they're really
|
||
|
|
a major player in that space.
|
||
|
|
But then for fun, George also did one on building a steam box and as you may know, the steam
|
||
|
|
game system has been ported to Linux and runs on Ubuntu and in fact we had a release
|
||
|
|
party on Saturday night put on by the Ubuntu Michigan logo and Craig Maloney, who's a friend
|
||
|
|
of mine, was is the head of that particular group and he also did one on getting things
|
||
|
|
done with Linux if you've heard of the infamous getting things done.
|
||
|
|
Then Sunday morning Linux review, you know, these are local people.
|
||
|
|
So you know, we love having them involved and they've done this for a few years now.
|
||
|
|
They did a live recording of their podcast.
|
||
|
|
And you know, we want that to be an annual event really.
|
||
|
|
So Tony and Mary and Matt recorded their show at Penguin Con.
|
||
|
|
Then it was open to anyone at the convention to drop by and be a part of the recording.
|
||
|
|
Then we had a couple of folks from Red Hat, Ruth Soule and Tom Calloway and they did a
|
||
|
|
couple of presentations.
|
||
|
|
Now one was on Raspberry Pi Hacks, which is the title of a book that they recently published
|
||
|
|
and O'Reilly is the publisher and O'Reilly is a really good publisher too.
|
||
|
|
So if you're interested in that sort of thing, check it out.
|
||
|
|
They gave a great presentation.
|
||
|
|
Then they did another one on 3D printing using Linux.
|
||
|
|
Now, there were more.
|
||
|
|
I was not at every single one of these.
|
||
|
|
As I said, I wish I could have, but there was just no way for me to get to all of them.
|
||
|
|
So we had several talks, you know, beginning and intermediate on HTML5.
|
||
|
|
We had a talk on Python, one on Pascal.
|
||
|
|
There was someone doing a presentation on the Watson computer from IBM.
|
||
|
|
Programming for total noobs was one of the ones.
|
||
|
|
There was one on, I guess what you call maybe open source firearms.
|
||
|
|
I'm not sure if that's exactly the right term, using 3D printers.
|
||
|
|
So lots of stuff going on.
|
||
|
|
So, you know, just reporting everything that went on would make this much longer than
|
||
|
|
it already is.
|
||
|
|
And I've focused on the stuff I attended because then I can really speak to what went on.
|
||
|
|
But again, as I say, it's a science fiction convention as well.
|
||
|
|
So you're going to have all of the stuff.
|
||
|
|
In fact, there was a contest for Best Costum and it was won by Ruth Soule from Red Hat.
|
||
|
|
So you know, just because you're a hardcore geek doesn't mean you can't let your hair
|
||
|
|
down and have a little bit of fun.
|
||
|
|
As I said, I did get out to the future of healthcare panel.
|
||
|
|
Now for me, that's a personal interest because I've worked for several hospitals in my career
|
||
|
|
on the technology side, but it gave me an interest in that.
|
||
|
|
So I'd encourage everyone to plan on attending Penguin Con in 2015.
|
||
|
|
As soon as the date is confirmed, I will certainly be posting about it.
|
||
|
|
And when we start the call for talks, I'm probably going to record something for Hacker
|
||
|
|
Public Radio.
|
||
|
|
And, you know, I think that with the team we have, it's going to be even bigger and better
|
||
|
|
than 2014 and it'll be plenty for everyone.
|
||
|
|
If you want to get an idea of for planning before we get a definite date, it will almost
|
||
|
|
certainly be the last weekend in April or the first weekend in May.
|
||
|
|
And that's really when they always do it.
|
||
|
|
It's always around that time of the year.
|
||
|
|
And if you know anything about programming, you know, part of it is what is available
|
||
|
|
with the facility and the other is what else is going on at the same time.
|
||
|
|
So you try and take those into account.
|
||
|
|
But that's what I, it's always been a spring event and I'm sure it will be again next
|
||
|
|
year.
|
||
|
|
So this is Ahuka signing off for Hacker Public Radio and reminding you as I always do to
|
||
|
|
support FreeSoftware.
|
||
|
|
Goodbye.
|
||
|
|
You have been listening to Hacker Public Radio at Hacker Public Radio.
|
||
|
|
We are a community podcast network that releases shows every weekday Monday through Friday.
|
||
|
|
Today's show, like all our shows, was contributed by a HBR listener like yourself.
|
||
|
|
If you ever consider recording a podcast, then visit our website to find out how easy
|
||
|
|
it really is.
|
||
|
|
Hacker Public Radio was founded by the Digital Dark Pound and the Infonomicom Computer
|
||
|
|
Club.
|
||
|
|
HBR is funded by the Binary Revolution at binref.com.
|
||
|
|
All binref projects are proudly sponsored by Liner Pages.
|
||
|
|
From shared hosting to custom private clouds, go to Liner Pages.com for all your hosting
|
||
|
|
needs.
|
||
|
|
On list, otherwise stasis, today's show is released under a creative comments, attribution,
|
||
|
|
share a like, free dose of license.
|