Post XZ Backdoor workshop
How to change the ecosystem / openSUSE to avoid similar attacks
Schedule

Presented by:

Marcus Meissner

from SUSE

Marcus was born in 1973. He studied computer science in Erlangen, Germany and finished with Diploma. He worked for Caldera from 1999 until the closure of Caldera Linux Business in 2002. He is working for SUSE since 2002, and in the security team since 2004. He has lead the team until begin of 2013 and is now the security project manager. He also is part of the openSUSE Maintenance team and works on a lot of openSUSE packages. In his spare time he is a gphoto (digital camera access library) and Wine developer.

Johannes Segitz

from SUSE

Security engineer at SUSE.

Since my time as a teenager in the 90s I was interested in IT security. After visiting my first CCC congress I got hooked and never looked back. In the last ten years I am a member of the SUSE security team and try to make open source software more secure.

Dirk Müller

from SUSE

Dirk is a SUSE Distinguished Engineer for Linux, working on various open source projects for about 20 years and on openSUSE since the beginning of it.

No video of the event yet, sorry!

After the XZ backdoor it becomes clear that the OSS ecosystem and openSUSE project in interaction with it needs to change.

SUSE has been working on supply chain security improvements, others have too.

This workshop is meant to discuss proposed solutions or ideas from SUSE or outside and collect workable ideas for the openSUSE project.

Here's a collection of topics based on a brainstorming session directly after the incident: https://en.opensuse.org/XZ_backdoor_brainstorming

If you want to join the workshop it could be helpful to have a look at this page beforehand

Date:
2024 June 27 - 14:15
Duration:
1 h
Room:
Seminar Room 1
Conference:
openSUSE Conference 2024
Language:
Track:
Open Source
Difficulty:
Medium

Happening at the same time:

  1. Building Sustainable Value in Open Source: Collaborative Strategies for Development and Maintenance
    2. Start Time:
    2024 June 27 13:30

    Room:
    Seminar Room 2

  2. Agama in action
    3. Start Time:
    2024 June 27 14:30

    Room:
    Saal

  3. OpenQA - review jobs and file bug report
    4. Start Time:
    2024 June 27 14:30

    Room:
    Gallerie

  4. Learning from embedded: less is more
    5. Start Time:
    2024 June 27 14:45

    Room:
    Gallerie

  5. Regulatory Compliance and Foundation Support in Open Source: Pathways to Competitive Advantage
    6. Start Time:
    2024 June 27 14:45

    Room:
    Seminar Room 2