This weekend is the FOSDEM event held in Brussels. This is a major event for the open source software landscape in Europe. Thousands of geeks coming from several countries to discuss about software freedom during a full two-days planning. All major projects are represented, core-developers are present and always available for a chat. To resume, it’s the place to be. I’m not a developer but it’s good to have an overview of what are the rising technologies or projects.
I started my day with the keynote presented by Eben Moglen who spoke about the importance of free software in our daily freedom. The recent events in Tunisia and Egypt were good examples in Eben’s talk. The “source code” became more and more important in the political landscape. Social networks are great tools to keep people updated (in real time) about what’s happening but they have a big issue: they are centralized and operated by companies doingâ€¦ business! Twitter and Facebook are the most common examples. Based on the data they collected from users, data mining is performed. Those companies have to do some business and their main resource: our private data. According to Eben, the topology used by the current social networks is too much centralized and must evolve to a meshed network to avoid any centralization of the data. There already exists a project called the “FreedomBox” to circumvent this problem. Based on cheap hardware the box would offer more privacy to the users. Based on software like OpenBTS or Asterisk to provided phone services and peer-to-peer applications to exchange data. Nice talk but, IMHO, a little bit too extremist. I fully agree on the protection of our privacy but, before deploying new technologies, why not educate people to use the existing ones safely? The keynote was followed by a good Q&A session which proven that this is a “big topic”.
I spend the rest of the day in the “Security and Hardware Crypto Devroom” which was well organized and moderated. The planning focused mainly on OpenSC, PKCS#11 and SSH. First, thanks to Jean-Michel PourÃ© (gooze.eu) who offered a free crypto-card to all the attendees! He briefly introduced crypto devices, how they work and how to use them in the right way. To resume this half/day, the following topics were covered:
- Cool presentation of libssh. Have a look at it if you need to implement SSL/SSH support in your software. Easy to implement using the online tutorial.
- The developer of libcurl also make intensive use of SSL libraries, up to seven different instances! He explained why. A comparison of those libs is available on the cURL website.
- Once of the libraries used by cURL is CyaSSL which focuses on performance and size. This library targets embedded application and real-time operating systems. It can also use GPU’s!
- Fridib is a free browser extension developed in parallel to the official Swedish digital ID’s extension which lacks of Linux support. Nice work.
- EJBCA is an open source CA. It was explained how to manage the smart cards lifecycle.
- A discussion about PKCS#11 URLs or how to exchange objects and their corresponding API’s.
For time reasons, I was not able to attend the latest talks but it was a good day as usual. If you were not able to attend, all talks were recorded and should be available soon on video.fosdem.org. The only small negative remark is size of the room: not all people were being able to find a free seat. This can also be seen as positive, more and more people interested by security topics? 😉
Some words about the overall organization… A well-oiled organization, a top-notch network with IPv6. What else?