hpr-knowledge-base/hpr_transcripts/hpr2222.txt

Episode: 2222
Title: HPR2222: FOSDEM 2017 K (level 1, group A)
Source: https://hub.hackerpublicradio.org/ccdn.php?filename=/eps/hpr2222/hpr2222.mp3
Transcribed: 2025-10-18 15:59:26

---

This is HPR episode 2,222 entitled, Boston 2017 K-Level 1, Rupert.
It is posted I can't fall in and in about 90 minutes long and carry the next visit flag.
The summary is, can introduce the projects in Rupert under the K-Building Level 1.
This episode of HPR is brought to you by an honesthost.com.
At 15% discount on all shared hosting with the offer code, HPR15, that's HPR15.
Better web hosting that's honest and fair at an honesthost.com.
Hi everybody, I'm at the KDE booth and I'm talking to Jonathan Revolve.
Good afternoon.
How are you today?
We're doing great today, we've had a lot of business, we've been pretty packed, we've been setting stuff, we've been demonstrating stuff, we've had people first timers, going what's this open source stuff and people going, I want to code and I've got this bug and tell me how to fix it.
So the usual full range of people that you get to post them is great.
Last year we broke the cracking news about KDE Neon and I was so annoyed that most people didn't listen to the interview because for some reason there was a shitstorm after you launched.
Well, I try and stay out of it because one of the ideas with KDE Neon is we can, to coin a phrase, take back control and we're not reliant on some third party to show power software.
So now KDE is building all the KDE software directly within our Neon continuous integration system, directly from Git or from releases depending if you want a stable or developer addition and it's the easiest way to run our software.
So we're no longer dependent on third parties, we can do our own thing and people can get it directly the minute that we release it.
Is it still reliant on KDE underneath or is there a day when we can run whatever underlying OS?
It still, we use the Ubuntu long term supports as a stable base and will upgrade to the next long term support but it doesn't use any other part of the Ubuntu setup.
But obviously we build all our own packages but what we're looking at, one of the things we're demonstrating here is new package formats that are across distro.
So this game that we see here, it looks like just any other application but it's running within a snappy package.
So that's containerized package formats and it's built directly from the same KDE Neon continuous integration stuff so available directly as soon as it's released but it will run on any Linux distro.
And it involves just in strong snappy and then you can snap install and we've got integration with our classmate discover package manager or whatever package manager your distro uses.
And how does that handle all the dependencies or are you deliberately cheating by picking a small library that doesn't need a lot of dependencies?
It includes, you can layer the different containers and so there will be a base system layer and there'll be a KDE layer that includes the Qtom KDE libraries and then there'll be the application layer.
So those parts will be updated as new versions come but it will all be included when you just download it and be transparent to the user and you're just downloading one application and running the application and it will automatically get everything you need with it.
So I can still take applications that are snappy applications around the month for a door for example.
And you can run it on any Linux distro so yes you can run it on Fedora. Now Fedora have a competing format called flatpack so we're also investigating that because we have no preferences ourselves.
We just want to work with whatever the users works best for the users. So we also have people working on KDE integration with flatpack and so you can download KDE libraries and applications with flatpack, whatever works.
And we'll see what wins out in the end.
How did KDE Neon as a project work out? It's been a year down the line. How are things going?
I'm really pleased with how it's been. It seems to have a lot of mind share with what our target audience is which is KDE enthusiasts and people who have heard about this KDE stuff and wanted to try it out.
So if you look on social media channels, it's a real pleasure to run the KDE Neon Twitter account.
Every Monday I wake up, look at the Twitter account and somebody's gone, I just installed KDE Neon. It's great. I can finally get the latest stuff.
So it's really nice to get that kind of feedback of people directly on say Reddit. You can look at the KDE forum and Reddit and typically they show 30 stories and like 10 of those will be about KDE Neon.
So we seem to have a lot of mind share within the KDE crowd which is what we want. But also within the Linux forum on Reddit, for example, there's a lot of KDE Neon coverage on there because we do new features, new addition add-ons every day.
So we're grateful generating news on that and the users seem to love that with giving us their feedback.
So what's the plan for the coming year? What's KDE Neon going to be doing?
We use specifically. Me specifically. I will be fighting for freedom and against tyranny, as always, I will be replacing the installer.
So the installer currently uses the same one as Kubuntu, which I wrote a decade ago and it's not well maintained. We're replacing that with one called Kalamaris, which is a cross-dister installer that works on quite a number of different distributions.
But it misses some features, so I'll be adding in those features. I'll be working out how to replace that.
We'll be working more on the containerized formats, so we'll hopefully be going public with those snappy formats or the flat-pack formats, so those are instantly available.
But most exciting was shipping for the first time. You can buy a KDE slim book, a laptop shipping with KDE software, KDE branded.
You can make sure that it's tested, or software is tested with a hardware, so you know it's all going to work for you.
It comes with KDE Neon, of course, so it'll come with the latest KDE software, and you can buy that now to ship in March.
It's got a nice KDE logo on the back as well. Wow, how much is that?
You can customize it at different options, cheapest one, I think is 7 to 9 euro.
If you add in more faster processor memory, hard disk, it goes up to 1 to 3, 9 euro.
Oh, what sort of hardware is it running? It's called a slim book. It's designed to look quite a lot like a Mac book.
It's very light, it's very sexy looking. It looks very slick, and it's a 13.3-inch screen, and it's pleasantly fast as processor, solid state disks.
So, yeah, I don't use magnetic disks anymore, they're just painful, solid state disks, the way to go, and you can use it back with whatever keyboard you most come through with.
And what motivates you to do that?
Well, that's what I've been trying to do for the last 15 years, right, is make software and get it into the hands of users.
And I made the mistake of being too broad and saying we're going to take over the world, and that didn't happen, but at least we can take over the enthusiast, the geek market,
the people who want to free themselves with windows, who afford of our great community and want to be part of it.
But we've never been able to complete the full circle, so we've always been reliant on some fairly distributions to package our software, and that takes time, and then people to reinstall stuff.
So, with the whole Neon project, we want to be able to get it into the hands of users as fast as we can, and as conveniently as we can, so there's the ultimate convenience.
Where can I buy this?
Where can you buy it? kitty.slimbook.es, the Spanish website, or directly from the kitty website, the news stories will give you the links to it.
And as I say, you can buy now, and it will ship next month, and yeah, they're really slick, I'm really happy with them.
Cool, well done.
Okay, thank you very much for taking the time, and good luck with the rest of the show.
Thank you for interviewing me.
I'm here at the Norm Booth, and I'm talking to you.
Bastion Ylso?
Hi, and what is Norm?
Norm is a desktop environment, a free desktop environment, available for anyone to use.
We are aiming to be an elegant and going for a simple user experience, with focus on designing the next generation of desktops.
And what distribution ship norm as a default desktop environment?
There's a few.
There's, for example, you've been to GNOME.
There's Fedora.
There's...
Oh, let me think.
I don't know.
Yeah, okay.
And what has been happening in the GNOME community in the last year?
Any major releases?
Yes, so within the last year we've had the GNOME free dot 22 release, and the GNOME free dot 20 release.
This year has been filled with things like...
Let me think.
So it would be much easier if I could show you the release videos.
That's the ones that I make, actually, for the GNOME projects.
We have a bigger use system of applications that get updates throughout this year.
I know that Nautilus, for example, the file manager, one of the GNOME's main file manager has gotten.
Search filters.
We have GNOME Builder, which is a fairly new project, an IDE, which attempts to bridge the gap of creating an easy platform for the future GNOME development.
So you can develop on any distribution, the GNOME apps.
What sort of language is GNOME written in?
GNOME is written in...
So GNOME is this kind of embedded thing.
We have a lot of libraries. They're written mostly in C. Then we have the apps.
They're written in more high-level programming languages such as Python, JavaScript, some are written in VALA.
And there's also bindings for C-SHAP.
So lots of different languages there.
And this is possible due to introspection, which makes it possible to use the C libraries that we have in many of the other high-level languages to make it easier for front-end developers to use the news programming languages to write GNOME applications.
There's quite a big community and you have lots of events going on. What new events are coming up this year?
So there's Quatic in the summer.
We have the Quatic conference, which is the annual GNOME conference.
And that one is happening in July.
So we have a GDK hack that's happening in one month.
So that's also going to be really exciting. GDK is moving onwards to GDK4 with GDK3.22 just released last year.
So I bet the GDKF is going to be resolving a lot around what's going to happen next.
The cool new stuff is coming in.
Exactly. So what are you doing here on the booth?
Here in the booth we are selling merchandise.
I brought a lot of GNOME socks.
And we also have GNOME T-shirts with some cool new GNOME motifs.
We have hoodies. We have flyers. Both flyers explaining.
And we are trying to engage with people asking them if they would be interested in getting involved.
But also hearing feedback from all the users.
So many people here at Fosterham.
So what type of people can pass the booths?
People who use GNOME all the time and just want to remember VBIL or just new users?
Yeah, we have a lot of users who are long-time GNOME users or who are using GNOME every day.
And they come in and say, oh, thank you so much for being part of this project.
And some of them are also interested in getting involved.
How can I develop ads in this GNOME ecosystem?
Thank you very much for taking the time.
Hi, I'm at the LibreOffice booth and I'm talking to you.
Italo Vignoli.
Hi, we spoke last year. Can you tell us briefly what LibreOffice is about?
LibreOffice is a free office suite.
It's based on the old open office code.
We worked there in 2010, so seven years ago.
Now we have just released the 5.3.
It's a major release with several new features, interesting ones.
We have introduced a new or we have improved the user interface to a point that is now really different from the past.
And visibly different from the past.
And we have released for the first time the source code of the online office suite.
Yes, we have to be very clear in this point specific.
We are not providing the infrastructure as Google Docs and Microsoft Office 365.
This is not what the document foundation is for.
So we provide the source code. People can integrate LibreOffice online, of course, with a cloud.
And with secure access, SSH or something that provides secure sign-on.
It is full feature. The engine is the same.
So, of course, this is the first. We will see what happens with the developments.
There are already integration. We don't cloud, next cloud, PDO and C file.
And also call up some kind of integration.
Of course, we expect the other project to integrate it.
And for sure, what we think it would be interesting is seeing some internet service provider,
integrating that to provide a real alternative to the Google Docs and Office 365.
And the enterprise is deploying that on the private cloud.
Absolutely. You also work with the open document foundation.
Is there any news in the last year?
I mean, the improvement to open documents are continuous.
We work on a regular basis. We have at least a couple of meetings every year.
But the technical committee meets every week.
So, the process, as it should be for every standard is low, but it is continuous.
Of course, the situation in the marketplace is different because the PDD is not, or the F is not very well.
No worries, we're well used to interruptions here.
It's live, live from the...
The ODF is not as known as other formats.
And although it's a real standard, many people think that the Microsoft Office format,
a standard, which is absolutely not true.
We are seeing some improvement in terms of adoptions.
The UK government has adopted it.
Of course, the process of...
From the load that adopts to the real adoption, the process is low.
There are...
Behind that, there are 20 years of...
It takes time.
...complete ignorance on formats.
But now, Sweden, France, Taiwan and the Netherlands are on the same path.
Although each government is adopting it in a different way, as it normal.
I mean, the law is different.
But we see an uptake in terms of awareness of the importance of standards.
In some... in countries where there is not a law, we see enterprises, we see people learning about the advantages of a standard.
For instance, in Italy, the Ministry of Defense has been ready to liberate office.
At first, they were... they intended to migrate to keep the old formats, so the Microsoft format.
We told them, let's just make a try.
And after six months, they decided to go to the ODF.
And they said, there's no real comparison.
I mean, the consistency of ODF documents is so high,
that no other format gives the same... gives the same.
And basically, you save a large amount of money because of the even cost of interoperability.
So you open the document and the document is there.
The only thing that may happen is that you don't have the font installed.
But if the font is not installed either, you find some... a similar one.
But you don't lose the contents.
So it's... then we... we... we'll have to learn to use standard... or to standardize on fonts a little bit.
But I think that this is a minor issue in terms of... in comparison.
Especially now that there are free and open fonts that are good looking available.
Yeah, absolutely.
It's just a matter of time before they're deployed and on systems.
And now we can rely and have them in our documents.
Yeah.
Fantastic. So what's... is there any new events coming up this year that people can go and attend?
We have... we... we try to be at the... the most important events with... either with a speech or with a booth.
Most open source event, of course.
We will have the... the Libra of his conference is going to be at the end of September in Rome.
Yeah.
And we... we will try to be at conferences in the United States, at Oscon.
We will try to have a booth there.
And at some of the Lino's conference around Europe and in the other... in the other environment is the other countries.
Fantastic. Thank you very much for being here.
Thank you.
And look forward to talking to you later.
Hi, everybody. I'm at the Copano booth. And I'm talking to...
Michael Cromer. And how do I pronounce that project?
Uh, Copano. That's better. That's better.
So what is Copano?
Copano is a... is a full group wear plus plus stack.
What that means is that we... we have the classical group wear pattern, male calendar tasks, notes, everything that you can expect from a traditional group wear provider.
But we do more than that, actually.
We actually... we do have a files integration.
We have a complete web meeting solution, WebRTC based.
We do have a complete active sync implementation called Zepush, which allows you to synchronize all your information to your MOBAs, whether it is iOS, Android, Windows MOBA.
Actually, also you can use active sync implementation for our Microsoft Outlook.
We also provide a so-called Copano Outlook extension, which gives you the ability to...
Yeah, come over the lack of the active sync implementation within Outlook itself, providing extra features and everything.
Yeah, and we are entirely focused on the collaboration space and professional communication space.
What that means is we have one interface. And this one interface is WebApp.
And the same interface you can experience in DeskApp, which is... yeah, desktop client that runs on Windows, Linux, and macOS.
And all the features that I just mentioned are all combined in that interface.
It's easy to use interface. It is well designed.
At least that's what our customers tell us and community users.
We do have quite a large stack, because it is a very complicated space.
Of course, you can also interface as via iMac, but preferably there are other better ways to integrate with it.
And yeah, so communication everywhere and integrating the most modern and most native approach with other solutions, as you can imagine.
And it's 100% open source.
It is 100% open source indeed.
So, is it open core?
No, it is not open core. Copano is...
We do it by subscription-based models. So what we do is we have a very extensive QA.
So, ranging from standard unit tests, you can imagine, down to automation tests, installation tests, compatibility tests.
So, our QA is very strong in that.
And next to that, we provide, like, the supported builds is one thing and support.
So, with the subscription, you get support for your environment.
You don't have to need... you don't have to take support, of course.
But, of course, especially when it comes to communication, people are quite inclined, because when they're down, it's a bad situation for them, and that's what the support is all about.
So, this makes it completely transparent. If somebody's got iPhone, Android app, they can just install interface with this.
The good thing about our implementation is, is we're doing native active sync with Z-Push.
It's the leading active sync implementation in the world, and the good thing about active sync is, is it's natively available in all the major platforms, including even Blackberry 10, for example.
So, you don't require the installation of an app. You just need to set up, basically, like you would set up a Microsoft Exchange server.
So, you set up the server, the username, the password. We even have auto-discovered. So, it's even as enough just to add your, like, email address when auto-discoverer has been set up.
And then you can choose whatever app you want to use with your email. So, there are many email apps that you can buy for money or just free.
Just go to the app store of your native environment and just choose the mail application that you would like to use, because the accessing data is natively stored in the device.
And therefore, you can interact with it, you can share it, you can move it around, you can group by threads, everything that you can do with the app of your choice.
Excellent. And you release it under what license?
It is AGPL3. So, hardcore open source. Hardcore open source? Excellent. And are you finding that you're able to make a business, commercial business out there?
So, we asked Kapano, we're not here since just yesterday. Kapano, as it exists now, exists since the 1st of April last year. But, in fact, we are coming from Sarafa.
So, Sarafa, most people know that Sarafa was an open core company. And as this company had also closed source components, we decided as Kapano, once they're forward, and we used that to re-implement many things.
So, for instance, our old MAPI clients had certain limitations, but they were not inclined by us, they were inclined by Microsoft.
Therefore, now, our complete new approach with a complete redevelopment of many components that we have, like backup, for instance, like the Outlook extension.
These components have been rewritten entirely from scratch, and we decided to go directly 100% open source, as you can imagine.
So, we don't see a necessity nowadays anymore to keep this special parts closed source and the rest open source that just doesn't make any sense for us anymore.
And it's available, Debian Open Suzie, Ubuntu Red Hat.
It is available for Debian Open Suzie, Ubuntu Red Hat, Suzie Linux Enterprise Server, SentOS, I'm missing certainly some.
So, the MAPKET installs away, basically.
MAPKET installs, the MAPKET installs, the MAPKET installs, the MAPKET installs, whatever you like.
Will it run on a Raspberry Pi?
Yes, yes. At the moment, unfortunately, you still have to compile it yourself, but the source is available.
Let's go for it. The only thing which is, so we're in the process of also providing like ARM builds.
We actually do for Open Suzie, by the way, but for Debian, actually not yet.
So, this is an ongoing development. We're doing that together with the community.
Also, one great thing, maybe a side note is that we just recently, like last week, got included in Open Suzie Factory,
which means that we're going upstream or downstream with Open Suzie.
And the same process is ongoing with Debian at the moment.
And I don't know if we're going to make it with Debian 9.
I'm not sure if the status is exactly there, but it's in progress.
So, thanks to the community.
Good. A lot of work going on. So, what's coming up next year?
Quite a lot.
So, since I already mentioned we're a MAPI group where, and we're quite proud of that,
still MAPI has some downsides and some areas.
But as I just mentioned, we do this now for 10 years, so we really know what we're talking about.
And what we're focusing on this year is to make things more performant.
That means that, for instance, we're implementing a so-called token-based authentication.
That will allow the roundtrip times to lower roundtrip times, basically,
that it does not take like a half a second to open up a mail, but instead like a tenth of a second.
And so, we're doing a lot there.
The next thing we're up to is we're starting of the implementation of a rest interface,
where others can interoperate better with us, basically.
Next to that, we're making quite large steps in web app.
So, web app is getting quite some personal organization optimization.
What that means is categories that you can...
I mean, we already have the ability to create our own categories, for instance,
when you want to group your information, but we will make it even easier.
Like, not only just having a mailbox, but having more of a information management
on top of your mailbox, that you only have the high priority issues to you,
that you really get a more focused on what is important to you and what not.
Great stuff. Thank you very much for taking the time and enjoy the rest of the show.
Thank you. You too.
Hi, everybody. I'm at the City CRM booth, and I'm talking to you.
I'm Alan Ben Bassett, and I'm a CVCRM consultant.
And what is CVCRM?
CVCRM is an open source CRM database that allows you to manage your contacts.
And your contacts can be individuals, households, or organizations.
And it has, out of the box, a lot of functionality for especially civic organizations
that are for the non-profit sector, like membership management,
bulk mailings, contributions, you can group your contacts, etc,
according a lot of criteria.
So, CRM is customer relationship management, and CV will be for civic entities.
So, CVCRM is a great name, isn't it?
So, where are you based? Is it an organization? What's the background?
The organization was founded about 12 years ago in the United States,
and it's a non-profit organization that's currently three developers that are funded
to develop CVCRM, but they are supported by a lot of contributors from all over the world.
What's written in, and how does it run? What language is it written in, and what is it?
CVCRM is developed in PHP, and it's based on my SQL database.
I can run Miranda DB, I presume. I can run it on Miranda DB.
Yeah, and the particularity is that it's an extension of your CMS,
and the CMS that are supported are a Drupal, WordPress, or Jumla.
So, it acts as a plug-in for those.
It's actually a plug-in, but it's a full-fledged CRM system.
So, when you click on the CVCRM menu item, you enter the CVCRM world,
where you have all your contact management and reporting functionality.
Fantastic. What sort of licenses have released under?
It's a HPL version tree, so it's fully free to use, to download, to customize.
You can hack the code if you want, create extensions, etc.
Do you have anything planned for the coming year?
The plan is to have more users of CVCRM, because we have now more than 10,000 users,
but it would be great to have much more users from all over the world.
Now, about half of the users are based in the United States,
and the other half in the rest of the world, like UK, Belgium, the Netherlands, New Zealand.
So, would it be, say, I've got my own WordPress blog, and I'm maintaining the HPL list?
Would that be something that I would use for a small use case like that?
A few hundred people?
Yeah, a few hundred people is no problem, then you can use it out of the box functionality.
If you have the need to send them regularly an email, for instance, or do some marketing stuff,
then it's great. If you need some segmentation, if your contacts, you can use it either.
If from time to time you organize an event, it's great to register your participants.
Yeah.
That might be useful for a lot of projects here.
So, thank you very much for taking the time, and enjoy the rest of the show.
Hi, everybody. I'm at the Taylor booth, and I'm talking to.
Christian Grotov, and what is Taylor?
Taylor is a new electronic payment system, which is part of the GNU project,
which allows you to pay anonymously, easily, with full privacy very efficiently.
However, whenever you receive money, the state can see what you're receiving,
how much you're receiving, but not from whom, so the state can never taxes on you,
like income tax or sales tax, and hopefully pay for things like this nice university we have here with that money.
Absolutely. But this is a very, very difficult project issue to solve.
I remember discussing this not two years ago with RMS.
How have you come up with a solution for this?
Well, two years ago we already worked talking with RMS as well about this,
because we had the crypto finally worked out that we wanted.
The crypto is based on, to some extent, on old cryptography from David Chom from the 90s,
using basically blind signatures, allows you to withdraw digital tokens,
that you can then spend without being correlated back to when you was through them.
But we had to solve problems like how to give change, and how to integrate this really nicely
with browsers and the modern web infrastructure and the restrictions that it imposes on you in terms of security.
So it's been two years of engineering by now, and we have a demonstration up.
If you go to demo.tiler.net with any of the modern free browsers,
you should be able to download an extension and try it out yourself,
make yourself a bank account at our fake bank and go spend fake money to buy Richard's articles on our web page.
Tell me, is it this sort of stuff is complex?
And anywhere in the chain that there's a vulnerability in the chain,
my bank account is suddenly empty.
How do I build up trust? How do I know I can trust you?
Well, it's of course free software, so we have an open-centered papers on the protocol.
You can read the documentation, you can read the specification, you can read the code.
Many of you may be able to do this, others may not be able to do this.
We of course had experts review it, including a bunch of cryptography professors,
a bunch of networking professors. I myself have been publishing the area for over 15 years,
so hopefully build up some reputation and some trust for some of you.
You may know I'm also the maintainer of Grunet, and some of the code has been based on stuff
that we've worked in on Grunet for 15 years now.
And of course, ultimately, once we get closer to production,
we'll plan to find investors to pay for external security audits
so that more than just our core team has looked over the code.
I hope the code is extremely clean and well documented,
which still tries to of course improve that.
And in the end, the system does depend on having a banking license
and having a regulator that assures you that your money is safe,
just like your money is safe when you go to your bank these days.
And so most people in the end will probably trust the government to regulate the banks.
And if the government fails on that,
well, we are in trouble in many other fronts, not just this particular payment system.
And you are now, how easy would this be for a bank professional to go?
Okay, I'm going to switch from this thing, or I'm going to implement Taylor.
Are we there yet? We had a point where you can deploy.
What kind of professional?
A financial professional. Somebody who does this for a living.
Say, my local bank or my local cop wants to maintain a payment system.
We talked to some banks, and they outsourced all of their development anyway.
So they won't do this.
And so we had a bank that effectively asked their outsourced software house
to give them a cost as much for how much you would take to build it or integrate it.
That would of course depend on your bank, what kind of infrastructure you have in place.
I can't easily say this, but we have a very simple adapter,
where effectively you have to, as for the exchange provider,
give us the list of incoming wire transfers and the ability to make outgoing wire transfers.
And to add 11 lines of HTML to your customer portal for the withdrawal integration.
Now, sometimes I can be tricky because of special constraints the bank have internally.
But the effort itself is not actually all that big.
It's pretty compatible with existing things.
And what surprised me is that some of the banks of the media said,
yeah, this is totally okay with regulation.
There should not be problems there.
So we've talked to several experts that have all confirmed that we are at least compliant.
So I think it's really just a question of convincing sufficient number of banks to make the investment,
which of course, you know, may be a couple of 10,000 euros to add the protocol
to their existing infrastructure and run the services.
And then hopefully we'll be able to offer it for you to do web payments.
How is the authentication going to be done?
Use the name and password or an external device.
Okay, there are two kinds of authentication.
There's the authentication you do when you withdraw money from your bank account.
There you use what you use today.
You're probably account number, password, SMS to your mobile phone,
whatever your bank do, you do this today to authenticate you when you do online banking.
It's exactly what you will continue to use to tell your bank that you want to withdraw money into your wallet.
And the nice thing is usually these passwords, these authentication tokens are well established
you with your bank.
And it's not like with CD Secure where suddenly it's supposed to on some very different website authenticate yourself.
And it's once when you withdraw money, so pretty much like when you go to an ATM to withdraw cash.
Then when you want to spend money, it's also a two-factor authentication implemented,
which is you have to own your notebook, that's a physical token,
and you have to be able to log into your notebook or your mobile device.
So that's your normal username and password that you use for accessing your computer.
And once you have access to your web browser, that's it.
You don't need any users or passwords anymore.
You pay with one click because you own your computer and thereby you own your cash
just like you own your physical wallet.
Yes, but what if somebody compromises my computer?
If somebody compromises your computer, he can steal the money that's in your wallet.
As in the amount that you choose to withdraw from your bank account to your wallet,
you lost his bound and by that.
Oh, you put it into a wallet.
It's an electronic wallet, yes.
So unlike in Bitcoin, you don't have all of your wealth in your wallet.
You can leave your hundreds of thousands of euros in your bank account and you withdraw 10 euros.
I have that logo.
And then that's the maximum loss you can entertain if your computer is compromised at that time.
The nice thing is you will learn something, namely that you've been compromised.
And usually for most of us, the amount we would withdraw for daily transactions is going to be in a range where we can say
if our computer is compromised and I learn that I've been so badly hacked and my hard drive might be encrypted next,
maybe worth that loss.
Very good.
Excellent, where can I find more information about your project?
You can find more information on taller.net.
That's it.
That's easy as that, yes.
Excellent.
Thank you very much for taking the time for the interview.
You're welcome.
And I'm talking to you.
I am a council member of the PEP Foundation which holds the rights to the core code of PEP that is the engine,
written and C for portability reasons, and lots of adapters for Java, JavaScript, whatever.
What is PEP?
PEP is pretty easy privacy with an emphasis on the E.
So we've write it always in big letters or with equivalent symbols.
And it is about, in the first place now, you make mail encryption really easy for all users.
So you should get a zero-touch experience when you're using PEP software.
That means you just install it.
These are automatically generated.
The public key is sent attachment to the other peers and they can either manually import it or if they have PEP,
it will be import automatically.
And as of then, both can communicate already in a secure way.
That means as secure as OpenPGP is and we believe it is quite secure still.
So when this is done, we have a traffic light semantics.
We show to the user a color.
It's privacy status, we call it.
And if there is no color, it's an unencrypted email or there's some kind of unreliable communication.
Like, I mean, also commercial S-MIME with commercial CAs.
We consider it as not very trustworthy, so we show it gray.
But if you have PGP, it is yellow.
And then you can make one single step which the user has to do.
It is a comparative trustworthy.
What are trustworthy?
Trustwords are the PGP fingerprint or other fingerprints in other encryption standards.
Which are mapped international language words like English, German, French, whatever.
We will also put for the list of course, online.
So everyone, which implements PEP, use the same list.
And then you have words to compare.
That you can do in place if you meet someone or by a site channel like telephone.
And then in your privacy status, when you have done that,
when you have accepted that communication is trustworthy,
the privacy status turns green.
And it also reads, if you are colorblind, you can also read trusted and secure.
Trust it because you verified it and secure because it's still, let's say, open PGP involved.
Okay, we also want to step back.
So we're talking about email earlier.
No, we start with email, but it's just the beginning of the end.
So we start there where we have, in our opinion, the biggest issue.
We have lots of uninterrupted emails going around.
I mean, Hillary Clinton can even create some about it, I think.
After she lost candidacy because of such things, perhaps.
But also for normal users, you have your flight date of being sent around.
You have your bank data, your medical data.
That's really a big problem.
And email, if you like it or not, it's still the biggest identity system we have used for Twitter,
for Facebook, for everything, to recovery passwords and stuff like that.
So we want to protect this channel first.
When we are done with that, that means when we have an iOS app, an Android app,
we have Outlook, when we have app integrating to any email and finally any email
and app into Thunderbird and everything like that.
For every system, what concerns the order we take, the ones with biggest mark,
market chat is by the side of the app.
When we are done with that, we will add 40 passwords,
like Excel.tv, or Ominal, which is quite new.
We can also add signals.
We can even try to interface with official signal systems.
And the user will have a unified inbox in the end,
in its app, showing all the context.
And in the path engine, the core part of the project will always choose the most
close to part for the app, for the surveiller, surveiller, or the most secure for the user.
So it's also called the most close to the user.
From the perspective of the surveiller, surveiller's guys.
Just before we lose everybody.
So from an email point of view, you're still using PTP or GPT.
Yes, we use GuPG for almost all platforms, excluding iOS,
where we have to use NetPGP, that's an implementation of the OpenPGP standard,
done by the NetPST project, which is not actively maintained anymore.
And that's just for licensing reasons.
If you would find an agreement with GuPG, we could probably multi-license the GuPG code
in a way that you cannot ship it inside the iOS app, or together with the iOS app.
And then users can use GuPG with all the advanced features with GuPG has.
Okay, so I already used GPT.
What are the advantages of using NetPST?
The advantage is, I mean, that project is not for power users specifically,
it's for normal people, or I normal people.
Okay, but if you use PTP, you are normal plus kind of.
I don't want to be normal.
The point is I cannot say I want to be normal.
Okay, the story, a bank that is when the Snowton revelations came about,
in Switzerland, we had lots of empires, the CCC, Switzerland, and specifically in Zurich.
How can we protect ourselves from this mess surveillance stuff?
And then we organized lots of perfect parties.
And we learned from this, I mean, what we learned from this trip to parties,
is that people in the end are not really able to use it in daily communications.
So we just said, okay, what are we teaching these people?
We are telling them how they should create a private key.
They should do this and that, and they should look double the key service.
Whatever, and we just said, okay, let's just write this down as a protocol,
and turn it into code.
So people will just have automatic mail encryption being done for them.
So if you install any mail pad, or any mail to zero in the future,
for each mail account you have, have been automatically created an RSA for 1096 key,
a key pair, and then the public keys are attached to every email,
and it's got all their power, all the peer, you can make a patient partner.
Also has PAP, it will be automatically imported, and then you can start to enter.
So then you can even verify if you have fears, because you are a journalist,
of man-to-middle attacks, you can start to, you can even verify and turn your channel green.
And from a technical point of view, that's perfectly secure.
So there's no much criticism you can have against this, because it's just,
we also have code outdated in our engine, so that everyone can have some trust
that we are doing the right things. We are using technology correctly.
We are not doing all crypto. We are just using what's already available.
That's all of the truth.
Yes, so we are not a crypto project.
We are more like a usability project using existing crypto,
and those are the political work and community work.
So we are active on these several fronts, super.
Now, what are the things?
If I keep this behind a part of the market, and they decide to use the keys of generation
and the peer pressure that dies, all the emails are gone.
Yes, that's a good point, and we also thought about it.
We have a key synchronization protocol at hand.
It's not cloud-based, or platform-centric, like I mean, there are other projects also in the
which provide easy-to-use mailing encryption, but as a platform.
So the purpose of the platform.
So what we do is, if you have an eye for it, that's a thunderbolt installation,
for both installations fully independent of each other without communication,
you can do that before that.
Just key materials created on both sides.
The oldest key, the only thing to be the one you want to be the subject key.
Because we probably would keep the ready since three years,
and all people know you are the key, so you want to stay in that key.
And now you probably bought the iPhone installed pad for iOS,
and a new keypad.
How does that help iOS know that I am iOS?
Yes, the common denominator is that you need the common mail address.
So you want to use the same mail address on both devices,
or usually that's also requirements for companies, or for regular use.
If they want to be able to read their messages, I probably could make an email
about the last mile, last week, or in the last week.
But you have to be able to receive this email.
You have to add an email account, or my answer,
to read three seed mails from it.
So there is a mail sent through your email address.
Basically, you just configure the same email address on both devices,
not generate keys independent of each other.
And then, one of the both devices start to send this covering messages
or what does it mean?
That means you just send technical emails,
or if it's just a email, what to oneself.
And those devices do email, and react to it and say,
yeah, I'm here.
And then you can say, yeah, okay, you are here.
Do you want to be able to become a device with me?
And then you can say, yes.
And what you do to confirm this, you compare again, you trust for it.
You just need a common trust.
So on both these places, the same words are visible.
These are combined fingerprints.
And then you just accept, you channel turns on both devices three.
And then your private key material is fully transmitted in all directions,
I mean, for this device.
And then you can read your own and your new emails,
regardless whoever receives them before and stuff like that.
So that's the way we have it.
If you lose a device, you can say a device lost.
And you can even say, I want to recreate all of my chemistry,
because my device are hacked or something.
And that's the way we go with you.
So, of course, even if you have a hacker attacking your iPhone,
they can read all your cross-credications.
But that's a problem with OpenGP in general,
because it's not for the secrecy of OpenGP.
For OTR and Omega and stuff,
you can at least still read your emails.
If you have at least two devices,
we will probably also add some backup feature for users with just one device.
But we are not yet sure how one would have been using a friendly way.
That's an issue.
Because if you, I mean, there's not a project called OTRP proposed
to just provide your private key,
as soon as it generates you to deliver it again.
And just let it be encrypted there with a post-crease,
which is very long.
But I am not very content with the people
who are able to re-enter a post-crease,
which has been needed for longer,
or 20 charge, whatever.
So, because you need some entropy for this physical otherwise,
if then it's a hack for your mail server,
or just get related,
it can probably be tripped the private key,
and then use it against you.
So, if you have two devices, you should be fine.
You have, of course, a problem with everything is burned.
Everything is burned, and you use everything that you have in your project.
But I think that you have also been able to propose that.
So, this key synchronization thing is really one of our big differentiators
to author projects,
because there is no cloud in between.
And then you can also think a little bit further.
Of course, you will do it.
You will also be able to share your contact data
and your events, call into data,
across devices,
in a way, without any cloud in between.
So, fully clear.
Also, as you can send around your private keys,
through your mail address,
you can also send your calendar data,
and you were event data.
I mean, there are some standards for this,
I think, or whatever,
and then you can just import it,
and then it is displayed in your mail user agent,
like always,
or the data you guys do.
And we use two avoid race conditions,
we use SQL transactions.
So, on each type of device,
you have an SQL line database.
By the way, all the trust that you trust,
from a patient partner and stuff,
is not saved in the key range,
of canopiG,
it is saved separately in the database.
So, you can send,
given the trust separately from canopiG.
Is that another vulnerability?
It's locally saved.
I mean, if your device is hacked,
you are lost anyways,
because your private keys lost.
And so, it's just a project.
It's just a project.
It's a laptop.
In my case,
it's not only in secret terms,
but also in the train hours,
it's only, I mean,
we are not good for against everything.
Help is about ending mass surveillance.
If you have specifically targeted surveillance,
like NSA dollars,
with computer access operations,
then you have a problem, of course.
But that's very costly,
and I don't think they are able to afford this
for the whole planet.
So, for our interest,
it's worth roughly,
like, you can put it on the screen.
Yes.
We didn't implement this.
It's easy.
It's easy.
All the family.
And then,
it will just work.
It will just work.
If I give this to my mother,
it says,
no, you have computers,
but you can barely use email,
and stuff like that.
So, we should be able to try to give an email to me,
which is perfectly fine and crypt,
with no PG,
without, without,
without,
without touching everything.
There's no passwords for the effort.
No, that's also thing we decided,
we don't want to use pass phrases by default,
but we support them.
So, if someone wants to enter a post phrase,
for a specific time,
for five minutes,
and now we're something like that,
it's fine with us,
but we don't think,
we won't oppose any of the users.
We want to have an experience,
like signal,
or WhatsApp,
and that,
imagine WhatsApp into this
in pass phrase,
like,
I think everyone is 99% of the user base,
immediately.
So,
you cannot do that,
because we are usability projects,
but we support it.
I mean, that's not a point.
We want to have that,
it's fine.
Even the trust,
the green channel thing,
with verification of,
of your identification partner,
that's just nice to have,
in my opinion,
because I would be already fine,
if I would receive more.
And if you could email specifically
from companies,
like flight companies,
like insurance,
if it's not really,
if it's,
if it's ever encrypted,
like,
race not put,
that would be like,
plaintext model.
If it's yellow,
that means perfectly encrypted,
it's already fine.
There might still be a middle attack point,
on the middle,
but that would be the price for it.
And then you can say,
probably,
if I give you a way,
if companies could
put your channel,
we'd probably decorate
and play it on some stuff,
no idea.
But there will be solutions,
I'm quite sure.
So basically,
once you start installing those,
as you go out,
and you have to,
you have to,
as you have this,
then transparently,
in the background.
Yes, it just starts up.
Yes.
Yes. There's also principle
that we don't have some users,
that means,
if that key generation process,
at the very first start,
is not yet finished,
you can already start to write emails,
which are shown,
with privacy status,
unencrypted.
So one secure is the term,
because we call it blind people,
we need to show a word.
So a word?
Yes.
And,
and,
yeah, you can just,
I mean,
we don't want users
not to be able to communicate.
Communication is priority first.
And then it's,
it's a security,
it's a security,
it's a security,
it's a security.
Eurocentric design is a security.
It's a virus.
Virus.
Virus.
It's a security and a nice term.
For people.
Yeah, well, we have a,
we have a code for that.
The pet foundation will make sure
that every project,
which is used at the trade market,
which is pretty private,
and the movement stuff like that,
they will have to have a code
out that's done on there,
on every release.
So companies will be able to
afford design short,
for community projects,
and we will organize funding for them.
Okay.
So the code out it must be complete,
that means technically complete,
really, with details,
as far as possible,
because in close terms,
so it might be a problem,
like WhatsApp.
But for open-source projects,
networks must really be complete,
and carried out by an independent third party,
which is specialized,
on code out this,
and without ties to secret services,
and military.
So we're,
at far as much as we can tell.
So,
the virus,
which have these principles,
are very welcome to be listed
at pet foundation site
as trustworthy companies,
but they will also meet them in person first,
because they will really want to know,
that they don't oversee,
box,
or somehow propose to create some
sneaky packages,
kind of things.
So,
if you say,
if it's a virus,
I think it could,
it could be,
it could be complicated.
No,
while I'm actually more,
I think,
it's a virus.
Yeah, it's virus,
it becomes a virus.
Yeah, I mean,
we have really the idea,
that we end mass surveillance here now.
I mean,
in the next one or two years,
we'll be available on all platforms.
There is also pet security,
commercial entities.
We have a red hat,
like business model,
so they will try to sell,
our open-source software,
companies,
with service contracts,
and we expect lots of emails
to be encrypted with pet.
Yeah.
In the future,
or, I mean,
we'll be great at this.
We'll be great at this.
We'll be great at this.
We'll be great at this.
We'll be great at this.
We'll be great at this.
We'll be great at this.
Yeah.
That will be really cool.
Yeah, so, yeah.
And in the end,
we'll have lots of
cypher techs around,
and these programs from the NSA,
like XK score,
will be even more work
less than now,
we know.
And that's just the beginning,
as I said,
in the beginning of this interview.
We will also activate
with pet 2.0,
we'll activate
the GNUNet.
GNUNet is an official GNU project,
which provides a peer-to-peer framework
for secure
and to end-in-trip communications.
You have, first,
you have encryption
and transcription on device level,
so you have a public
and private key for your device,
and then you have also private
and public key for your youth,
for your identity.
It's called, I think,
In SecureShare,
it's a project of GNUNet.
It's called AGO,
so that's yourself.
You can have different AGOs.
You can be,
you can be real,
you can have a real name,
then some,
some whistleblower name,
you can take,
then some journalist name,
some company name,
so you can choose different identities,
and then,
and then you have,
so that means you have,
inside the device,
encrypted thing,
you have the user
encrypted thing too.
And metadata will be protected by default,
so that means
you won't see anything anymore.
You just see,
okay,
someone connected to GNUNet,
like with Tor,
but you don't really see what this person
is doing inside the GNUNet.
Yeah.
And we really want to deploy the GNUNet
on a worldwide scale,
really in extreme,
numbers.
Just make it become...
Yes, widespread.
Yes, yes, of course.
So what the surveillance guys are doing is nice for them.
What we are doing is not so nice for them,
and we just do a counter-project here.
Nothing less than that.
And we are very confident
that we will achieve the goals.
Excellent.
What's coming up next?
Well, you already just got that.
Have you missed anything?
No.
I think it's,
it's most important things
that I've said.
Oh!
How can I install it?
Where can I get it from?
Yes.
At the moment,
there is a pep for Outlook,
that you can get...
there is a shop on the commercial side.
You can also build it yourself,
but the company is not interested
in providing it fully for free,
so they sell it.
Yeah.
But that's just for Outlook.
For Android,
you have a version.
You can just enter pretty easy privacy in Google Play Store.
Then you can get a pep for Android for free.
And there's also an after-read version
for people who don't like to play.
For iOS,
there will be, of course, a version in the App Store.
Yeah.
We will also provide instructions for jailbreaking
to build it yourself,
and install it yourself.
At the foundation side,
the company side has no interest in that, of course.
Obviously.
Because commercial interests.
And for any mail,
you can just...
in the future,
we'll just be able to install the add-on
through your package system,
or within Windows,
we just add it.
That's incredible.
You can...
Yes.
And then,
the software,
which is needed,
you can download automatically
without user interaction.
Like it is done already now for Windows,
where also GPG for Win,
is installed automatically silently in the background.
So the same thing happened for pep.
But we will go,
even step forward with any mail,
we'll put the whole thing together,
any mail to zero,
or any mail pep.
We'll just take it and put it in the Thunderbird.
So we have a user base of 40 million users there.
More or less,
I don't know if the figures are still correct,
but it's in that direction,
which will be able to encrypt by default automatically
without interaction.
That's a base install of Thunderbird.
Yes.
Absolutely excellent.
Yes.
That is fantastic.
And then, if you take this together with Outlook,
and enter it at IOS,
you will have lots of more cyber packs
in the very near future.
Yeah.
We are really working hard,
even day and night,
some of us,
to just achieve these goals,
these still this year.
In Switzerland,
we have even good reasons for that,
because we also introduced mass surveillance.
We will be put in place by September 1st.
There's a secret service law,
where you can have fiber cables and everything.
And there's also a law for the reception law,
where you can install throwing horses,
retain data for six months on all channels,
not just service providers,
also providers like Dreamer,
ProtonMade,
they want everything.
It's really the big cook there.
And people were not very active,
so it was a little bit difficult to stop these laws.
For the secret service law,
we even have the referendum,
but it failed.
With more than 60% of the people saying yes,
the secret service law,
because of the terrorism happening around Switzerland.
So we have a direct democracy,
but that's no guarantee we mess around with our basic rights.
So we also have,
because we are based in Switzerland,
we also have an ice local context
to put this stuff out.
But of course,
the project is worldwide.
Yeah.
Very good.
Excellent interview.
Thank you very much for checking the time.
Hi everybody, I'm at the FreeBSD Foundation booth,
and I'm talking to Benedict Oysling.
I just had to put the number there,
or I wouldn't be able to remember
when I'm editing the shows exactly.
So what is FreeBSD for those who don't know?
Well, FreeBSD is an operating system
for regular computer users.
So we're actually quite old system.
We're stemming from the University of California at Berkeley.
That was developed in the 1970s.
And it evolved since then.
It became an open source project in the 90s.
And we have been an open source project ever since.
And it's released under a BSD license of Jessica.
That's the GPL-free operating system.
We have our own license with only three clauses in them.
And that actually draws a lot of people to our project,
because some companies are reluctant to use the GPL.
And the BSD license is more integrating
those commercial components for them.
So that's a better alternative for them.
So what's been happening in the last year with FreeBSD?
Oh, we did a lot of good.
We have a big release.
We had a big release coming out at FreeBSD 11.
It featured a lot of new stuff like Embedded Work,
new Wi-Fi drivers.
We have our own hypervisor now called B-Hive,
the BSD hypervisor.
And we're doing a lot of work behind the scenes
to exchange our build tool chain.
So for a lot of time, we had the new compiler collection.
But now we have the Clang LVM Bootstrap tool chain.
So we can build not only the kernel,
but also all the user-land tools with it.
So FreeBSD is a complete operating system.
We're not only providing a kernel,
but we're also building the user-land tools
around it, all the libraries,
all the shared utilities that you are using.
And building that as one big package
is actually a good system to have,
because it's all produced by one vendor.
Are you reliant on a lot of the GPL stuff
or are you becoming less reliant on GPL stuff?
Yes, that's our overall goal
to have BSD licensed tools,
and don't rely on external compiler tools
just to build the operating system.
And what have you planned going forward this year?
This year, we're trying to get not only involved in other.
So we're not going to BSD conferences only
without the foundation,
but we're also trying to be at other conferences
where we aren't featured that much.
As development-wise, we're trying to evolve our current system
into adding more features,
like getting more support for virtualization options.
And we also want to include more wireless drivers
and graphics that became extra graphics drivers.
That's a big feature,
because a lot of people are asking for BSD on the desktop.
There are distributions of FreeBSD on the desktop,
called TrueS.
But they also need the graphics support
to run the latest stuff.
We're also having a project to integrate WALEN.
We have an initial version in the system now,
and we hope to have that as an alternative
to the other old X11.
A lot of stuff going on.
Anything else that we missed?
BSD is a very nice community.
We have a very good documentation.
We have a complete handbook on our website.
And if you want to go to a BSD conference,
I encourage you to do that.
So we have three major conferences.
First one is Asia BSDCon in March.
The biggest one in North America is BSDCon in June.
And the European BSDCon,
that's the traveling circus.
It's a different country each year,
and this year we're going to be in Paris.
So if you want to get involved,
or look at what the BSDs are doing,
those conferences.
Excellent stuff.
Thank you very much for taking the time
and good luck with the rest of the show.
Hi, I'm Matt, the Illuminos booth,
and I'm talking to Hans Rosenfeld.
And can you tell me what the project is?
So Illuminos is an operating system core
based on Open Solaris,
which is developed independently of Oracle,
who have stopped that a couple years ago.
And we are building the system in collaboration
with a couple of companies that use it for their products.
There's also a lot of community users.
And they usually take the core that we provide,
which is the kernel libraries,
user-land utilities, demons,
whatever makes a Solaris system.
And put whatever else you need to make it a complete function
like OS distribution,
and tailor that to their specific needs.
During the first .com boom,
the Solaris was powering a lot of that.
Is this still the case today that
its Illuminos has taken over that role
and still as relevant today as it was in the past?
Well, Illuminos is certainly not as relevant
as Solaris used to be.
It's a very small community,
but it's making progress.
It's getting more importance
to more companies using it.
And I recently learned it's used in Cloud Computing
even in Germany, where I'm from.
And the company named Giant
is using it in Cloud Computing.
They recently got bought by Samsung.
They're building a Cloud for them based on their technology.
There's an example, Rector, TGYL,
it will build storage systems based on Illumos.
Okay.
And what has been any major milestones this year?
Major milestones this year.
So we had greatly improved NVME support,
which was actually added.
In 2015 already, we improved that in the last year,
greatly.
We recently gained USB 3 support,
which has been quite a problem for Ill,
because the company developed a student really considered
that important, but that has changed now.
And the distributions have made brokenness on themselves.
Open Indiana is one of the distributions
doing a desktop system.
They are currently modernizing the software
that they ship for desktop purposes to save.
Got a multi desktop
and brand new Firefox and all that kind of stuff.
So you would be the equivalent
to Linux of the distribution world.
You would be at top level.
Yeah.
So except that the difference is,
Linux is just a kernel.
We are a kernel library,
a kernel library, a user learn, whatever you need.
But pretty much the core of what used to be serverless.
Okay.
And what's happening this year?
What are the plans going forward?
I love this stuff.
I don't know what does different company's plan actually?
Yeah.
It's obviously going to be improvements in terms of
virtualization cloud computing support coming from giant.
The USB 3 support is going to be improved greatly.
I'm personally working on improving NVME support,
which is quite a big deal right now.
Not sure what other company's plan really.
So you basically develop whatever you accept or whatever comes with.
Yes, yes, no strong leadership or anything that that's a direction.
It's just a loose collaboration.
Whatever the community wants to do, that's exactly.
And has it been a bit of a success, do you think?
Are you getting more developers?
Slowly, but steadily, yes.
Well, we've been there seven years.
We've been a small community then.
There's still a small community, but we're slowly growing.
Very slowly.
So, where can I go to get more information?
Well, there's obviously a Lumos.org.
There's ISC channel, a Lumos on a free note.
There's a couple of ISC channels and websites dedicated to the different distribution,
smartOS.org, openindiana.org.
And can I, if I go to your website, I'll get links to this.
Yeah, yeah, yeah, links.
There's a wiki and a link site.
Okay, thank you very much for taking the time and enjoy the rest of the show.
Hi, everybody.
This is Ken.
I'm at the K1A9 Open Susie booth and I'm talking to Douglas Demayo.
Hi, Douglas.
What has you here at Fostem?
Well, so we come here every year to basically, you know,
show our support for Fost and also have an appearance
and talk about the things that we have new that are coming out.
So what is Open Susie for people who don't know?
Well, Open Susie is the oldest distribution, Linux distribution.
And basically, we have two rolling releases.
Sorry, we have two distributions.
We have a rolling release called tumbleweed.
And we have what is called leap.
Open Susie leap.
And that's sort of like the traditional Open Susie that most people are familiar with.
And the current one we have out right now is 42.2.
And that came out in November.
And just recently, we got the cloud images up for EC2 and also Google's cloud and a bunch of others.
So we have a lot of cloud images out that people can use for whatever purposes they have.
And you're based here in Germany area?
I, the projects all over the world, but most of the people that are coming here to Fostem
are coming from Germany, but we have a large presence in Europe, America, South America, Asia.
So we'll have some people come here to Fostem from those different locations,
but most people are coming from Germany.
Now, you said Open Susie was an oldest distribution.
Surely Debian and Slackware would beat you to it.
Exactly, exactly.
But we're talking about the bigger ones.
Yes.
Okay.
Fight more for the Debian team later.
I'm going to interview them.
So tell me, any new plans for what's going to be happening this year with the Open Susie?
Well, right now we're working on 42.3, as well as 43, kind of happening at the same time.
We do have some, a few new things coming out.
Of course, we have different projects within the Open Susie project.
The Open Build Service Open QA, if you're familiar with that.
Okay.
And then, of course, we have Portis as well in machinery.
Those are two other projects that you might be familiar with.
Give us a little down on those.
So Portis is a way of managing your container images, right?
Yeah.
I can't really talk specifically about it because I'm the PR guy.
I know a little bit, I know, I know a little bit about it, right?
So that's a project that started about a year and a half ago.
Okay.
And, you know, we're just trying to push that information out there so people can try it, see what they think about it.
And then, of course, machinery is sort of a project that we've been working on about the same amount of time.
And this allows you to, yeah, see what's on your system.
You could also use it on other distributions to kind of see what's on your system.
It's really sort of a, it's a combination of tools into one big tool.
Okay.
Very good.
And so, do you get a lot out of fostering every year or what is the goal?
Why, why even bother coming?
Well, you know, this is really about meeting, meeting people within the community.
And then, of course, rekindling old friendships.
So I mean, there's a lot of people.
I've only been here two years, you know.
And, of course, many other people that come from open Susa have been coming here for years, for years.
And, of course, it's always nice to meet up with them.
And, of course, you have new people coming that are unfamiliar with the different projects that are here.
And, you know, that's kind of why we're here, right?
We're here to bring people into the foster world, you know, the open source world.
And that would be ideal, yes.
Okay.
Thank you very much.
Anything else when I missed?
Yeah.
So, yeah, with Tumbleweed, you know, if you're familiar with that, that's our rolling release.
And the numbers have grown on that.
There are a lot of users, a lot of people that are using it.
And, if you're familiar with Arch Linux, you know, it's sort of exactly.
But, you know, of course, we compile that.
So, when you get daily snapshots in it, and it's pretty much daily snapshots.
I mean, this past, I just wrote a story yesterday and in the past eight days, we had seven snapshots.
We got, of course, it's, you know, a system D, you know, 232 has been out for a bit.
But, you know, what we got fed into the rolling release.
And then we were the first, basically, to get a, other than probably,
Neon, get a KDE 5.9 in.
And that was basically the same day.
There's, I use KDE, and I have this problem to do with the formatting of days from here.
So, it's a one day specifically year, year, year, dash, dash, dash, dash, day, day, day, day.
Every time I come to FastTime, people tell me that bug is fixed, but it's not fixed.
It's an underlying bug in the, in the KDE, in the QT toolkit.
How can I get this fixed? Who do I need to buy beer for? Irish Whiskey.
I don't care.
Couple of nice tea, whatever it takes.
There's a guy, there's a guy that's going to be here named, I can, I always say Alex, but I know it's different.
He's from Spain.
Go talk to him, and he will probably help you out.
Or, you could probably talk to Harold Sitter.
He's working with KDE Neon, with Jonathan Burdell, yeah.
And so, I'd go buy beer for them, and they could...
I've already decided it doesn't work.
Okay.
Okay, thank you very much for taking the time, and have a great show.
Thank you.
Hi everybody, I'm at the CentOS booth, and I'm talking to...
I'm in Arratton.
What is CentOS?
Okay, CentOS is, of course, a Linux distribution.
I'm free to use from the community, built by the community.
But it's built from a red hat on the price of the next sources.
Meaning that we just take the red hat on the price of the next source of the RPM.
We just recompile it.
We just sometimes modify our ad component that the company is interested in.
And then we distribute that to people so that they can consume directly.
So, this is a red hat sponsored project, but not a red hat project.
It is a red hat sponsored project, so we have resources.
I'm a red hat employee myself, and we are other colleagues who are working on that.
But we are working.
CentOS is not only the rebuild of distribution these days,
it's also a platform for other projects to contribute and work on.
So, for example, we have worked a lot with people having interest in the cloud,
solution like AirDU for OpenStack, storage solution like Glister or SEF,
and all those kinds of other projects that they are interested in.
So, we have specifically built for them.
Okay, how does it differ for something like Fedora,
which is also a red hat project?
So, yeah, Fedora is considered the upstream of what REL will become in the next years.
So, REL is basically a snapshot and it's to put a version of Fedora on point in time.
We are downstream of REL, but still some other project would like to have a stable project.
They would like to have a stable platform that they want to build on top
and not care about the platform itself.
So, CentOS is perfect for them because they don't care about the platform,
they just build on top and they just can have community members doing their testing
on that platform and not care about the platform anymore.
How does that, if I had the choice between Core OS and Red Hat Enterprise Linux
and Oracle Unbreakable Linux?
Which one should I pick?
Well, I'm not sure I would be objective, but I would say,
it was CentOS, but it's CentOS is not only about the bits and bytes of distribution,
but also about the community and the spirit around the community.
So, that's what we have built in the last 10 years,
more than 10 years for CentOS.
I think the strongest point of CentOS is the community.
And the C in CentOS is also a community.
What's the E?
What's the E then?
What?
What?
What?
What?
What?
Oh, very good.
Do not know that.
Learn something new every day.
But is CentOS not just a gateway drug?
It's like a subpar product that will force people to get support from Red Hat for Enterprise Linux?
What do you mean by that?
Can you provide for Enterprise Linux?
Oh, you know, here you can use this free thing, but when they murder hits the fan,
then you're going to have to upgrade and actually run real Red Hat Enterprise Linux.
It's, well, it turns into a certain discussion here,
but I would say that it depends on your needs, right?
So, depending on your needs, you probably need or not.
A company you want to knock at the door if there is a problem.
Of course.
Kind of, they don't.
Exactly.
So, tell me, what have been the major achievements here in the last year?
So, in the last year, because we had more time to work,
which is we were doing that on our free time before,
and now some of us have a chance to work on that on a daily basis.
We have achieved a lot, and before it was just a distribution.
And those days, we had some, we built some bridges with other projects,
meaning that we are doing a lot, a lot of integration testing with all the projects,
like CI.
We achieved a lot at the CI and CD platform, like CI, the center of the road,
which we built.
And a lot of other projects are just testing their bits before it's released,
with some, it's making...
Well, the one thing is now that we have built confidence with the user,
because it's not just something that we just built when we had spare time,
but some professional aspect on that.
It is quite used there in the old cloud, I must say.
And coming up next year, what's that?
So, the plan is also to expand the DCI environment in collaboration with other projects.
Container is a thing.
So, we are at the moment working on something that would let other people
to build a kind of pipeline to build a container and test validated
and distributed through registry.ci, the registry and centers of the road as well,
so that they could automatically have pre-built application,
validated tests on centers directly.
Very good.
And are you going to be at other shows or...
What's the focus?
Yeah, depending on the event, some people will like to,
obviously, attend and show show centers.
Okay.
Cool.
Thank you very much for taking the time and enjoy the rest of the show.
I'm at the Fedora booth.
Very, very colds Fedora booth here.
They've been stuck at the door.
I don't think...
I've got just advantages and disadvantages.
What I'm talking to?
I'm just in Florey.
I'm a contributor for about a year and a half now.
Okay.
What is Fedora?
Fedora is a free and open-source Linux operating system that's,
I think, can be pretty accurately described in our four foundations.
Freedom, friends, features first.
So, Fedora has a very strong commitment to free and open-source software
and that all of the software that we do have available by default
in our repositories is open-source.
We don't have proprietary or third-party programs
that are proprietary in the distribution by default,
because we're very committed to trying to find the best open-source solution for our users.
Features in first, from a development side, I think, is also important
because Fedora is very committed to trying to champion new open-source tech
and trying to do it in a way that's stable and is also trying to push forward
and try out these new things for everyone else in the Linux community as well.
And lastly, I think friend is important too,
because it's a community that spans the entire world from six out of seven continents.
So, maybe seven, I don't know.
But there's a very large community of people working on a mixed variety of different parts of the project.
So, I think you can really sum up Fedora through our four foundations.
Okay, very good. And what has been happening in the Fedora Commute projects in the last year?
The last year. So, one of the biggest things that just actually recently happened
was the Fedora Cloud Edition, which was one of the three primary offerings of Fedora,
along with the Workstation and the Server.
We moved the Cloud Edition away as a primary one.
And instead, we're now offering the Fedora Atomic Host,
which is really exciting for people who are looking at building new cloud infrastructure
or trying to experiment with new things along those lines.
If you're doing things with Kubernetes or OpenShift,
Fedora Atomic would kind of be your base that you're putting in there.
And right now, there's kind of like a short term, like what can it do now?
And then a long term, what do we want it to be?
Short term, it's kind of, if you're familiar with the Fedora development model,
it's kind of like Fedora Raw Hide,
and that it's the latest and very cutting edge of Fedora.
But, it's very easy for you to roll back if something goes wrong,
whereas it was in Raw Hide proper.
Like, okay, what were wrong? I need to downgrade it.
I need to fix my kernel or do whatever.
With Tomette, you can just roll back your entire system state
to exactly where it was before.
And does that also apply to applications that we're running?
Sorry.
Does that apply to my own applications that we're running?
So long term, so right now, it's definitely something that's very new
when it's shaping, or it's in the process of shaping into something
that will be a long term or that will end up being something that will be useful
for workstation and server.
So the idea is that you could be, let's say that you're doing something
with you upgrade your networking, network manager on your laptop,
and then your driver's broke or something where you don't have wireless
connectivity.
So it's like, what are you going to do?
You can't look up troubleshooting or how to fix it.
So the idea is that you would have an atomic-like workstation
so you can just roll your entire system state back to the way it was before
and you can fix whatever the problem was or go deeper that way.
And the same thing for the server side too.
And that's kind of where we want it to go long term.
Short term right now, there's a few people who are using it
as their daily driver desktop, but it's still kind of a wild ride
from what I'm taking is it's a two-week release cycle.
So it moves very quickly.
But the idea is that even though it's moving so fast because of the design
where you can roll back your system state if you need to,
it's supposed to be even more stable than the raw hideoffering would be.
So I really think the next year or next two years for the atomic coast
will be very exciting for Fedora.
And it's definitely something that a lot of people in our community
are very excited and passionate about.
And we're also working closely with the Sentos community on that as well,
as far as I'm concerned.
But that's something that recently changed and some of the bigger things
that one of the new campaigns that we launched for this past year
was Fedora loves Python.
And we have a few stickers around the booth for that.
But the idea is that we're trying to reach out to the people who are using Fedora
instead of trying to be Fedora's great for everyone,
which I would say it is.
But the idea that we're trying to get to is that we're trying to target communities
of developers that are working with a specific set of software
that we feel that Fedora has a very strong offering on.
And for us, Python is everywhere in Fedora.
Within not only in the distribution, but our community as well.
A lot of the infrastructure and applications that we're building in Fedora
are heavily based in Python.
So it's very easy for us to kind of explain and show all the amazing ways
that you can do things with Python in Fedora.
There's actually a site, I want to say it's...
I want to say it's actually just Fedora loves Python.org.
I'm not 100% sure on that.
There's actually a website that really goes into this
and shows all the specific things about why you'd want to use Python as a Fedora.
As a Fedora developer, why Python is great?
And the advantage that it would provide to you
versus another distribution.
But that's something that's really cool too that we've been doing for, I guess,
probably the past eight months.
And if you end up catching us at an event I know in North America or Europe,
you'll probably be able to find some of the Fedora loves Python stickers floating around too.
Are you going to many more festivals or more events during the year?
As far as I know right now, there's a few things that we have lined up for the next few months.
I know Picon Slovakia.
We should have a presence there.
And the next major conference I can think of in the Europe region
will be Ozcal, which is open source conference Albania.
This is usually the heaviest part of the world.
Okay, yeah.
So I'm not sure for a lot in America and Asia.
In North America, I think the next thing that we have coming up
is the Southeast Linux Fest, which will be in May or June.
And we always have an annual presence there.
And then I think there's one more event in the next few months in North America too,
but I'm not a little unsure on this specific.
Beyond Fedora.org, I guess, get Fedora.
Be sure to be promoting it on the Fedora magazine is the great place to look for
anything that's coming up in the Fedora community,
as well as actually finding great guides about how to get the most out of Fedora.
So I would definitely recommend the Fedora magazine as a great way to keep in touch
with everything that's happening in the Fedora community.
And also to find out maybe ways you can better utilize or use Fedora in your own system.
Thank you very much for taking the time and enjoy the rest of the show.
Thanks.
You've been listening to Heca Public Radio at Heca Public Radio.org.
We are a community podcast network that releases shows every weekday, Monday through Friday.
Today's show, like all our shows, was contributed by an HBR listener like yourself.
If you ever thought of recording a podcast, then click on our contributing
to find out how easy it really is.
Heca Public Radio was founded by the Digital Dog Pound and the Infonomicon Computer Club.
And it's part of the binary revolution at binwreff.com.
If you have comments on today's show, please email the host directly.
Leave a comment on the website or record a follow-up episode yourself.
Unless otherwise status, today's show is released on the creative comments,
attribution, share a light, 3.0 license.