16 oS17x openSUSE Summit at SCaLE17x 2019-03-08 2019-03-08 1 00:15 2019-03-07T23:00:00-11:00 10:00 00:45 Ballroom F Long Talk 2330-network-boot-in-a-zero-trust-environment-with-uefi Network Boot in a Zero-Trust Environment with UEFI How to get your Suse OS to boot or install from a Https server openSUSE Session title: Network Boot in a Zero-Trust Environment with UEFI Description: Network boot is commonly used for everything from booting thin clients to using IT automation for bare-metal provisioning. Unfortunately, most network boot infrastructure is based on outdated standards such as TFTP and PXE. This presents an issue when implementing a Zero Trust architecture, where security principles need to be implemented within the network perimeter. This session introduces modern methods for securing network boot infrastructure, including UEFI Secure Boot and HTTPS Boot, and how they can be enabled with the right combination of firmware and server configuration. Will discuss the details on how to make your latest UEFI firmware use Https and SUSE SLES 12 SP4 and SLES 15 for network installation and boot. Slide have been uploaded to: https://www.slideshare.net/douglasdemaio/network-boot-in-a-zerotrust-environment-with-uefi Session title: Network Boot in a Zero-Trust Environment with UEFI Description: Network boot is commonly used for everything from booting thin clients to using IT automation for bare-metal provisioning. Unfortunately, most network boot infrastructure is based on outdated standards such as TFTP and PXE. This presents an issue when implementing a Zero Trust architecture, where security principles need to be implemented within the network perimeter. This session introduces modern methods for securing network boot infrastructure, including UEFI Secure Boot and HTTPS Boot, and how they can be enabled with the right combination of firmware and server configuration. Will discuss the details on how to make your latest UEFI firmware use Https and SUSE SLES 12 SP4 and SLES 15 for network installation and boot. Slide have been uploaded to: https://www.slideshare.net/douglasdemaio/network-boot-in-a-zerotrust-environment-with-uefi false Harry Hsiung 2019-03-08T00:00:00-11:00 11:00 00:45 Ballroom F Long Talk 2210-teaching-open-source Teaching Open Source "... and miles to go before I sleep" openSUSE There simply is not enough exposure to open source in our schools. Surely, there is much work that can and should be done to introduce secondary (and primary!) students to open source tools, applications, operating systems, and methodologies. But even at the university level there is a surprising absence of knowledge of open source among students, even as they graduate. Despite to abundance of open source software that is essential to the success of the world wide infrastructure of telecommunications, and the increasing reliance of companies upon open source, students are failing to know of its role, influence, and necessity as they enter the workplace. Craig Gardner has been teaching open source in secondary school and university for many years and would like to share some insights into how students, schools, and companies will be better served with a curriculum that includes open source. Craig has worked at SUSE for over 7 years in varying engineering and training roles, and has been a consumer of and contributor to open source projects for over 25 years. There simply is not enough exposure to open source in our schools. Surely, there is much work that can and should be done to introduce secondary (and primary!) students to open source tools, applications, operating systems, and methodologies. But even at the university level there is a surprising absence of knowledge of open source among students, even as they graduate. Despite to abundance of open source software that is essential to the success of the world wide infrastructure of telecommunications, and the increasing reliance of companies upon open source, students are failing to know of its role, influence, and necessity as they enter the workplace. Craig Gardner has been teaching open source in secondary school and university for many years and would like to share some insights into how students, schools, and companies will be better served with a curriculum that includes open source. Craig has worked at SUSE for over 7 years in varying engineering and training roles, and has been a consumer of and contributor to open source projects for over 25 years. false craig gardner 2019-03-08T01:00:00-11:00 12:00 00:45 Ballroom F Long Talk 2279-building-large-health-networks-gnu-health-federation-and-opensuse Building large health networks GNU Health Federation and openSUSE 10 years of Freedom and Equity in Healthcare openSUSE GNU Health is the Free/Libre Health and Hospital Information System that is included in openSUSE. GNU Health combines the socioeconomic determinants of health with state-of-the-art technology in bioinformatics, genetics and proteomics. It provides holistic picture of the person, from the biological and molecular basis of disease to the environmental determinants of health. In addition, it manages the internal processes of a health institution, such as financial management, billing, stock management, pharmacies or labs (LIMS) The GNU Health Federation introduced in 3.4 series allows to build nationwide federated networks with thousands of heterogeneous nodes. The GNU Health federation is revolutionary, and will allow the community, the health practitioners, the research institutions and the ministries of health to have much better perspective and precise information on the individuals and their context. Having the GNU Health Federation in openSUSE (available both for Tumbleweed and Leap) not only provides the development environment, but the server stability to deploy it in hospitals and large heterogeneous health networks across a country. GNU Health is the Free/Libre Health and Hospital Information System that is included in openSUSE. GNU Health combines the socioeconomic determinants of health with state-of-the-art technology in bioinformatics, genetics and proteomics. It provides holistic picture of the person, from the biological and molecular basis of disease to the environmental determinants of health. In addition, it manages the internal processes of a health institution, such as financial management, billing, stock management, pharmacies or labs (LIMS) The GNU Health Federation introduced in 3.4 series allows to build nationwide federated networks with thousands of heterogeneous nodes. The GNU Health federation is revolutionary, and will allow the community, the health practitioners, the research institutions and the ministries of health to have much better perspective and precise information on the individuals and their context. Having the GNU Health Federation in openSUSE (available both for Tumbleweed and Leap) not only provides the development environment, but the server stability to deploy it in hospitals and large heterogeneous health networks across a country. false Luis Falcon 2019-03-08T02:00:00-11:00 13:00 00:45 Ballroom F Long Talk 2246-buffer-overflows-and-counter-meassures-employed-in-opensuse Buffer overflows and counter meassures employed in openSUSE Counter meassures against buffer overflows and how to circumvent them This talk gives a short introduction into buffer overflows, how to exploit them and which counter measures are used in openSUSE Linux to make exploitation harder. We'll cover stack canaries, fortify source, address space layout randomization and NX. We'll see how they work and how they can be circumvented in a live demo of a working exploit that manages to circumvent these security measures. Slides for the talk: https://www.slideshare.net/douglasdemaio/buffer-overflows-and-counter-meassures-employed-in-open-suse This talk gives a short introduction into buffer overflows, how to exploit them and which counter measures are used in openSUSE Linux to make exploitation harder. We'll cover stack canaries, fortify source, address space layout randomization and NX. We'll see how they work and how they can be circumvented in a live demo of a working exploit that manages to circumvent these security measures. Slides for the talk: https://www.slideshare.net/douglasdemaio/buffer-overflows-and-counter-meassures-employed-in-open-suse false Johannes Segitz 2019-03-08T03:00:00-11:00 14:00 00:45 Ballroom F Long Talk 2297-uyuni-adding-flavor-to-open-source-infrastructure-management Uyuni: Adding flavor to open source infrastructure management. Systems management for the open source world openSUSE As Linux and opensource continue to expand into all areas of IT, sysadmins need concise way to manage patches, deployments, security, and configurations to name just a few. The new Uyuni project intends to answer those questions and more. This presentation will introduce Uyuni and give a demo of use-cases across several Linux platforms and architectures. As Linux and opensource continue to expand into all areas of IT, sysadmins need concise way to manage patches, deployments, security, and configurations to name just a few. The new Uyuni project intends to answer those questions and more. This presentation will introduce Uyuni and give a demo of use-cases across several Linux platforms and architectures. false Patrick Swartz 2019-03-08T04:00:00-11:00 15:00 00:45 Ballroom F Long Talk 2366-suse-enterprise-storage-and-ceph SUSE Enterprise Storage and Ceph It's Bigger on the Inside! openSUSE Storage needs are growing .... faster than expected, and faster then can be accommodated by traditional storage. Non-traditional storage solutions are necessary, available, and wonderfully capable. This talk will discuss the problems of the growing shortage of storage, illuminate the hidden secrets of Software Defined Storage (SDS), and demonstrate how Ceph distributed storage is an application for today's storage challenges and prevents tomorrow's growth problems. SUSE participates significantly in the development of Ceph, both for the casual user as well as for the Enterprise. Storage needs are growing .... faster than expected, and faster then can be accommodated by traditional storage. Non-traditional storage solutions are necessary, available, and wonderfully capable. This talk will discuss the problems of the growing shortage of storage, illuminate the hidden secrets of Software Defined Storage (SDS), and demonstrate how Ceph distributed storage is an application for today's storage challenges and prevents tomorrow's growth problems. SUSE participates significantly in the development of Ceph, both for the casual user as well as for the Enterprise. false craig gardner 2019-03-08T05:00:00-11:00 16:00 00:15 Ballroom F Short Talk 2381-the-next-steps-for-open-source-cloud The next steps for open source cloud Privacy and security on the internet are under attack by hackers and international espionage programs. If we want to use the internet as a free and secure medium again then we have to fix the internet to provide the security and privacy that people deserve. The Nextcloud community is build an open source and fully federated and distributed network for files and communication. Everyone can run an Nextcloud server at home or somewhere on the internet and collaborate and share with everyone else. Nextcloud can be used to provide file access, syncing, sharing, calendar, contacts and more in a distributed way. This talk will cover the current challenges around security and how user, companies and institutions can protect themselves. It will also discuss the big new features around End to End encryption and self hosted video/voice communication. It also presents a new architecture to bring the scalability of on premise file sync and share solutions to the next level. Privacy and security on the internet are under attack by hackers and international espionage programs. If we want to use the internet as a free and secure medium again then we have to fix the internet to provide the security and privacy that people deserve. The Nextcloud community is build an open source and fully federated and distributed network for files and communication. Everyone can run an Nextcloud server at home or somewhere on the internet and collaborate and share with everyone else. Nextcloud can be used to provide file access, syncing, sharing, calendar, contacts and more in a distributed way. This talk will cover the current challenges around security and how user, companies and institutions can protect themselves. It will also discuss the big new features around End to End encryption and self hosted video/voice communication. It also presents a new architecture to bring the scalability of on premise file sync and share solutions to the next level. false FrankKarlitschek 2019-03-08T05:30:00-11:00 16:30 01:00 Ballroom F Workshop 2384-turning-your-opensuse-into-your-private-cloud-getting-nextcloud-on-a-device-of-your-choice Turning your openSUSE into your private cloud! Getting Nextcloud on a device of your choice. Come follow along with me as I install Nextcloud on Leap 15 server. openSUSE A private cloud is awesome. With Nextcloud, you can sync your data between your devices (phone, desktop, tablet, you name it), share it with other users on your server, via a public link accessible from a browser or to users on other Nextcloud servers. You can work with others in real-time, editing documents, commenting on files. You can chat or have a video call. Sync your notes. Your bookmarks, your calendars. Read and answer your mail. Handle your passwords. Plan your work. What can't you do? And all that quite simple! Nextcloud is a mere PHP app, not that hard to install and set up. I'll show you! Bring your laptop! We install Nextcloud on your laptop (you must run Linux, I'm afraid, but in a VM is OK), or on a server. Beginners are welcome: for them, we'll have a nice space online to play with! But don't forget your laptop... Here is a link to the .pdf of my slide deck from the talk: https://archive.org/download/scale17x_talk/scale_talk_final.pdf A private cloud is awesome. With Nextcloud, you can sync your data between your devices (phone, desktop, tablet, you name it), share it with other users on your server, via a public link accessible from a browser or to users on other Nextcloud servers. You can work with others in real-time, editing documents, commenting on files. You can chat or have a video call. Sync your notes. Your bookmarks, your calendars. Read and answer your mail. Handle your passwords. Plan your work. What can't you do? And all that quite simple! Nextcloud is a mere PHP app, not that hard to install and set up. I'll show you! Bring your laptop! We install Nextcloud on your laptop (you must run Linux, I'm afraid, but in a VM is OK), or on a server. Beginners are welcome: for them, we'll have a nice space online to play with! But don't forget your laptop... Here is a link to the .pdf of my slide deck from the talk: https://archive.org/download/scale17x_talk/scale_talk_final.pdf false Matthew McGraw