EuroBSDcon 2018

Last year for EuroBSDcon 2017 in Paris, I caught a horrendous cold on the first day and spent the week in a fragile state, this year I was well prepared and caught the terrible cold in advance. Things kicked off on Monday when I had to go and see a man about a goat at the train station as I was the chosen mule for this leg of the conference. No curried goat for dinner that night.

This was to be my first time in Bucharest and also the first time flying from London Luton Airport. I packed the goat and cough medicine and headed for the train station again on Wednesday morning. By lunch time I had met up with sborrill from the NetBSD release engineering team, we discussed the changes happening in NetBSD-HEAD and the tooling built on top of NetBSD at Precedence before setting off.

Thursday was about the FreeBSD devsummit for me or at least it was meant to be. For the flexibility of being able to use any computer without having to spread keys everywhere and the safety of travelling lightly without important keys, I use a Yubikey which contains a key that provides access to a few non-critical systems. At the devsummit, when it came time for our first break, I unloaded my key from the system and ejected the Yubikey, I don’t know what happened next in my head but when I came back I tried to load my key again from the Yubikey and entered an incorrect pin consecutively until the device was locked. This was a total disaster as I was not carrying the admin pin to unlock the Yubikey and I wasn’t sure what I had done at the time. I spent most of the devsummit trying to understand why I was unable to load my key and how to tell if the device was actually locked or not, documentation is pretty sparse and somewhat poor. It doesn’t help that there are multiple components required to use and manage a security token, all of which are independently developed with separate sets of documentation.

My favourite piece of documentation was from GnuPG.

PIN retry counter

This field saves how many tries still are left to enter the right PIN. They are decremented whenever a wrong PIN is entered. They are reset whenever a correct AdminPIN is entered. The first and second PIN are for the standard PIN. gpg makes sure that the two numbers are synchronized. The second PIN is only required due to peculiarities of the ISO-7816 standard; gpg tries to keep this PIN in sync with the first PIN. The third PIN represents the retry counter for the AdminPIN.

Hopefully, it might be edited at some point in the future.

I eventually gave up, conceding that I am locked out until I get home.

On the Friday, it was time for the NetBSD devsummit. We first covered hypervisors and support of different types of virtualisation in Xen, joerg gave a status update on his ongoing repository conversion work and what avenues it could potentially enable as well as a core and TNF board status update which segued into more technical details such as the DRM update. It was a fun day as we had the opportunity to ask questions and cover the answer in detail, something which is not possible in the conference talk setting. The discussion continued over dinner and late into the night.

For the first day of the conference, I spent the day in room 2. I heard the first of a series of talks on sanitisers, David Carlier and kamil co-presented on the state of sanitiser support. Sanitisers featured heavily at the conference this year which shows the importance of such tooling. Kristaps Dzonsons gave a talk about trying to utilise an open source stack for use with diving, from photo and video management to GPS and the rough edges with some options. Andrew von Dollen gave a talk about utilising the NPF Lua binding to provide a simple high-level interface to the firewall and in the spirit of the Scriptable Operating Systems with Lua paper, using the interface to explore different filtering scenarios with ease. NPF scripting with Lua was previously presented at EuroBSDcon 2014.

I was the last speaker of the day in room 2, I had hoped to present off NetBSD/macppc 8.0 on my 12″ G4 iBook but was unable to get it working with the projector due to genfb(4) not recognising it as connected. Instead I presented using maya‘s Dell XPS 15″ using the latest DRM update in NetBSD-HEAD and everything just worked. In hindsight I should have booted a kernel from HEAD to get radeonfb(4) and try again, but at the time I was actually thinking about recompiling my kernel! 🙂

The day wrapped up with the second keynote by Ron Broersma, he came equipped with a lot of historical memorabilia, It was cool to see a first edition copy of Computer Lib (you can order a copy from Ted Nelson here).

Ron spoke about the evolution of ARPANET & The Internet with an emphasis on the use of Berkeley UNIX. It was amusing to hear how  UNIX tape images had been provisioned out to sites from government agencies, Bob Morris also mentioned the subject in An Oral History of UNIX and getting the initial image to the agencies.

The actually, pieces of the government, peddled the idea of using UNIX to
national security agencies. I kind of laughed at the people there. Because, are
they aware of the fact that the UNIX that they are now running actually got to
NSA in the trunk of my car.

As with Ted Nelson, Ron mentioned priesthoods which I believe is still prevalent in tech communities especially networking. Me and khorben discussed Patterns in Network Architecture: A Return to Fundamentals by John Day which provides insights about how things came to be and an alternative approach to address technical issues in modern day networking.

My favourite historical tidbit from the keynote was that in the pre DNS era when a hosts file was circulated, unofficial revisions were a thing and Berkeley hosts also appeared as Berserkeley on some.  🙂

Day two of the conference began with a heavy dose of sanitisers, kamil this time speaking about finding kernel bugs through the use of sanitisers followed by Yang Zheng on integrating libfuzzer with the NetBSD userland for Google Summer of Code and some of the bug he’d found in NetBSD as a result.

After lunch, khorben spoke about how he got into operating system development, his DeforaOS project and the approach in simplicity it takes with reference to John Day’s Pattern in Network Architecture book.

With a quick change over, maya spoke of the various bugs she ran into on NetBSD and her approach to debug them, covering everything from bugs on DEC Alpha to MIPS to drivers.

For the last stretch of the conference, I headed down to Being a BSD user by Roller Angel. It was a talk about growing within a community and the personal challenges one goes through as they develop. Roller also provided support for users in a technical role and covered the tooling he used to help users learn, such as screen-casting. Afterwards, I headed back up to room 2 for agc‘s talk on source code tracking and the experience with various tools used over the years at Netflix. Things starting life as a bunch of scripts which were added to subversion, migrated to mercurial and now stored in git. Of the dingbats in the talk, my favourite was Jose which the intro for the section on OCA.  When the conference finished, we headed out for dinner. Having heard Scott Long’s talk about Netflix at NYCBSDCon 2014, I asked agc about his experiences in the early days of the appliance project, over dinner we heard about suffering disk firmware issues and building a strategy to re-flash appliances, extending tooling like camcontrol(8) and improving build performance.

Snapped in London, when I returned on Monday:

maya & kamil also wrote up about their experiences here and here.

Slides for my talk “What’s in store for NetBSD 9.0” are available here.


Last week I attended a conference on open source software called FOSDEM in Brussels, the two day event has lots of tracks, based on either specific projects or topics such as Java or securiy.

I attended the following talks
On Saturday
XMPP 101
The Open Observatory of Network Interference
Practical Security for developers, using OWASP ZAP
The future of on non-Linux systems
Declarative style GUI programming
How to build an Identity Management System on Linux

On Sunday
The Lua Scripting Language in the NetBSD Kernel
Supporting the new C and C++ standards in FreeBSD
Improvements in the OpenBSD IPsec stack

My favourite talk of the event was the OWASP talk on Saturday by Simon Bennetts who did a great job of clearly explaining what ZAP can do & how it is of use for testing the security of your web application.
The XMPP 101 talk gave an overview of what the protocol can do, the OONI talk had a very late start & laptop issues, didn’t get much from the talk but it does seem like an interesting project from the info on the website. Matthieu Herrb  talked about the progress of running on UNIX, conclusion “Tough times for non-linux systems”. Marc Balmer gave two talks on using Lua, first in GUI programming & the second on the lua(4) subsystem in the NetBSD kernel, allowing users to explore the system easily & doing rapid prototype without the initial steep learning curve of learning C & kernel internal, making the system internals easily accessible. The last talk on the Security track was on FreeIPA, luckily the slides were quiet detailed as it was impossible to hear the speaker because the mic was hanging too low off  his shirt collar.

The BSD track on Sunday was where I spent most of the day. David Chisnall spoke about the C & C++ standards & the mistakes made by the standards groups which we have to live with. I spent the lunch break talking with David about FreeBSD, how I struggle with doing buildworld on my X61s, what can be done to speed up buildworld, why the buildworld process takes so long & the tools Juniper has developed which allow you to track the dependency path for building each component in FreeBSD base.
Mike Belopuhov spoke about the IPsec stack & NAT64 support in OpenBSD, I had an opportunity to ask Mike about dead peer detection, in my previous site to site VPN deployment I had issues where if the connection dropped at either site, the tunnel with not be re-established, needing manual intervention, It was good to hear that this was a problem with the isakmpd & not necessarily a configuration issue.

There were a lots of projects & businesses with stands, Oreilly had a stand selling books, Google were in the recruitment section, Oracle with three big banners for java, mysql & something else, the lady on the stand was very friendly, telling me about how Oracle participates in open source software such as Java, the penny then dropped about the update 13 release.
It was good to see CAcert had a stand and were looking very busy with assurances. I visited the mozilla stand & had the opportunity to try out the firefoxOS on a nexus s?
I’m strongly considering moving to it as I’d rather go with firefoxOS than android, the lock down of iOS is very painful for sharing data between my own devices & makes it frustrating for getting content from several devices to a single place.
I visited the google stand to talk to the recruiters there, I was curious to learn about their recruitment process, since 2007 I have been approached by Google on 3 different occasion, the most recent being back in July last year. I always assumed they had drives every so many years & I’d just been lucky to have been listed on three separate occasions, it turns out actually that once you’re on their radar, they will make contact every once in a while to see if your situation has changed & if have developed sufficiently since last time to be able to pass the interview tests.
I spoke with others regarding this, with those now employed by them & those who have also been approached in the past, discussing why systems folks are sought after & what options you have should you wish to no longer be contacted (supposedly under Californian law, if a person requests a company to never be contacted again, the company has to comply?).

Over the weekend I spotted a few OpenBSD tops (more hoodies than t-shirts) & met my first MirBSD user/developer, Benny Siegert who was the organiser of the BSD track at FOSDEM.
I also had the opportunity to meet up with/bump into folks from communities such as MetaBUG, OSHUG, LOSUG, Brighton 2600, London *BSD, it was good to catch up.