Presentations

This talk will discuss different ways to crack passwords. There will be a brief history of how passwords are hashed, how hashing works, how long a password should be, how to pick a good password, password managers, and defense against passwords being cracked.

Three ways to crack passwords will be described. Custom open source tools I wrote to help manage password cracking will be described.

I will discuss statistics on 1 billion passwords I have found including password length, use of different character classes such as all lowercase, all uppercase and more. Password patterns will be discussed.

We'll discuss the three main tone mappers in darktable, an application for developing RAW files from your digital camera,  what the tone mapper does well, and how to use them. We'll also cover several other modules and some techniques.

Everyone is running their applications on Kubernetes these days, most of the time the application servers are stateless so it is easy to do so because the database behind the application is responsible for storing the state. What if you would also want to run you database on the same Kubernetes stack. Will you use stateful sets? Will you use network attached storage? These types of storage are introducing a lot of disk latency because of the mandatory network hops. This is why in many environments the database servers still are dedicated machines that are treated as pets while the rest of the fleet is more like cattle.

In this session I will speak about how we run our databases on Kubernetes by using the local ephemeral storage to store your data and also how we are confident we will not loose it in the process of doing so!

This session is a presentation of Data4Citizen, the new disruptive Open Data Platform used by Governments to deploy Open Data Portals, powered by AI and LLM This session explians how Data4Citizen can help users to value the public data, anywhere - anytime, through easy-to-use interfaces and AI companions

Data4Citizen provides more than a simple data catalog, with modules and tools to create maps, interactives Dashboards, etc

“Decentralized Trust for People and AI Agents: A Report from Linux Foundation Trust Over IP (ToIP)” dives into how we can give both humans and AI agents durable, portable trust on the open internet. Drummond Reed—co‑author of the Trust Over IP stack and co‑founder of the First Person Project—will explain ToIP’s four‑layer architecture, which pairs a technical stack (DIDs, verifiable credentials, agent protocols) with a governance stack (community‑defined trust frameworks) so that trust isn’t left to ad‑hoc policies or single vendors.
 

Mesh networking solves the problem of connecting machines across locations, but today it is rarely declarative. Homelabs and enterprises alike rely on imperative setup or low-level WireGuard configurations. This talk shows how Nix can be used to declaratively manage mesh networking with NetBird, reducing drift while improving reliability, security, and reproducibility through open source tooling.

API Priority and Fairness (APF) is a core feature in Kubernetes designed to protect the API server from overload and ensure critical requests are processed even during high traffic. It works by classifying, prioritizing, and managing inbound API requests using a flow control mechanism.

Are you tired of reverse engineering poorly written Perl scripts to get that annoying dependency to work on a modern version of Linux?
Does your lab have a RHEL VM named DO_NOT_DELETE_ME.qcow used for one piece of legacy HPC software?
If so, it may be high time to tame your gnarly software stack with Nix. Join me for a discussion on using Nix to package the seemingly unpackageable!

Disappointed by per-minute pricing and the risks of sending HIPAA data to public APIs, StratusTalk decided to build their own AI receptionist. By embedding the agent directly into their Asterisk/FreePBX offering, they gave it the same tools a human receptionist uses: call transfers, intercom, outbound dialing, and more.  In this talk, Jeff will walk you through their design decisions, their Kubernetes-based solution, and show you live demos of it in action.

At the request of a translation company commissioned by the French government under immigration law, we developed a system that can find a translator among the 125 languages offered in less than 5 minutes, involving Asterisk, an AGI server, AMI connection, an IVR, and other tools.

You’re probably familiar with containers and OCI images, and you’ve probably heard of Nix—usually from that somebody who really, really likes it. This talk explains how containerd assembles containers from OCI images, then contrasts that with how Nix builds reproducible artifacts that can be composed into a complete execution environment. With that foundation, we’ll walk through a few practical ways to use Nix-built components as container filesystems in Kubernetes—ranging from assembling a rootfs from a closure to generating OCI images to running Nix-based environments directly in containers. The goal is to give attendees a clear mental model of both systems and the spectrum of techniques that connect them.

Presenting an offline-first IDE that runs on low-end Android phones. It includes the standard toolchain for Java and Kotlin, a Java debugger, full documentation, open-source textbooks, and a curriculum for classrooms and self-learners. The IDE is user-extensible with plugins and it supports on-phone and remote AI assistance, enabling the two billion people who lack a laptop, reliable Internet, or who live under repressive regimes to develop the apps they need.

Robotics teams are often short of cash, and off-the-shelf hardware solutions are expensive. In 2025 I designed and built a printed circuit board meant to control addressable LED strips whilst utilizing the CAN protocol for communication, which we could use on our competition robot, and which other robotics teams could make or have made for use on their own robots. My primary goal was to create a controller that was considerably less expensive than the other available options while retaining many of the same capabilities and being completely open source.

My presentation will act as a Do-It-Yourself guide to developing open source hardware solutions, following the path I took. I will go through the process of identifying a need for a piece of hardware, determining desired capabilities, designing and testing a breadboard prototype, designing and testing an initial design, identifying key areas of improvement, and then redesigning. I will finish by describing the process of writing code for hardware, and open sourcing the hardware solution(s) and code. 

DevOps has a notoriously steep learning curve. Getting started in the field can feel like being dropped in a foreign country without the ability to understand *anything* about the language. 

A language is more than just the syntax and semantic rules of the words themselves. It also encompasses the shared culture of the speakers. With the proliferation of programming languages as well as the deeply held cultural beliefs of the community, it's easy to see that learning DevOps is like trying to learn a foreign language.

I will review five foundational hypotheses from the field of Second Language Acquisition and relate these hypotheses back to the world of DevOps. DevOps practitioners, trainers, tool builders, and learners should all come away with useful insights to apply to their practice. 

It's no secret that VS Code from Microsoft is a popular code editor. It's free, it's loaded with shortcuts and themes, and you can extend it with the vast plugin network. Some of those extensions are written and maintained by Microsoft, and they've created a few that Postgres administrators will want to know about. With these extensions VS Code becomes more than a code editor, it's a comprehensive database management environment.

The PostgreSQL Extension

The official PostgreSQL extension allows you to connect to databases, manage objects, write queries, export data, and more! We'll explore how it brings database development directly into your editor:

- Connecting to instances and managing credentials
- Browsing schemas, objects, and functions (and getting Intellisense, too!)
- Writing and executing queries
- Exporting results

GitHub Copilot: AI-Enabled Chat Partner

GitHub Copilot brings AI into your workflow, with Postgres-specific suggestions and integrations. It connects to your database and enables an @pgsql chat partner to bounce ideas off of, and even issue database altering commands to if you're truly bold.  We'll learn:

- How Copilot learns your schema and suggests SQL
- Using the agent to help write queries, look for optimizations, and troubleshoot issues
- Security considerations and best practices for safe Production usage

Oracle to Azure Schema Conversion

Oracle to Azure Schema Conversion is an exciting new extension that will radically cut the time it takes to perform Oracle to Postgres migrations. It's powered by Azure OpenAI to provide intelligent transformation capabilities for complex schema operations. This segment covers:

- Analyzing an Oracle schema and suggesting Postgres equivalents
- AI-driven conversion of Oracle native PL/SQL, packages, sequences, etc.
- How the tool flags potential problem areas, and how to test your results

Lastly, we'll talk about why these tools matter, and how their introduction signals a broader shift in database tooling. This talk is ideal for PostgreSQL developers and DBAs who want to streamline their workflows, teams evaluating database tooling options, and anyone curious about how AI is transforming database development. Whether you're a VS Code veteran or have never considered it for database work, you'll leave with practical techniques you can apply immediately.

In this talk, we’ll describe a production-grade NLP pipeline that processes millions of pieces of social media content across TikTok, YouTube, and Instagram using Ray and GPU acceleration. Learn how we use Ray's distributed computing model to orchestrate scalable embedding generation, sharded batch writes to Qdrant for vector search, and end-to-end pipeline tracking with Snowflake. We'll also talk about selecting a vector store and how to best evaluate the many options available.

Artificial Intelligence is an overhyped distraction, except for what it can do for you when using MySQL. AI is strong in he pattern matching area, which means it is great with SQL syntax and examining DDL metadata. This session will cover basic prompting, using AI to repair or augment existing queries, and developing new schemas. And you can write queries in English (or French, or German, or Italian) instead of SQL, saving you a lot of time determining which tables need to be joined where. SO, yes, you do need an AI Assistant to get the maximum out of your MySQL instances, and this session will show you how to do it.

“dRAG Race: Benchmarking Open Source Vector Databases” presents the findings of Kwaai’s intern-led Vector DB Performance project, now accepted for publication in the Journal for Big Data and AI. A cross‑functional cohort of data science and engineering interns—guided by a PhD AI‑robotics advisor and program coordinator—designed and ran a rigorous benchmark of seven open source vector databases under realistic RAG workloads, from corpus design and chunking through automated multi‑run experiments and visual analysis.
 

Building systems that respond reliably to specific changes in distributed data is harder than it should be. This session introduces Drasi, a CNCF Sandbox project that simplifies change-driven design by codifying continuous query and reaction patterns. We’ll show how Drasi helps developers declare which data changes matter and automatically trigger the right downstream updates- no polling loops or custom glue code required.

Beyond everyday scenarios like keeping services and dashboards in sync, Drasi also supports AI-driven workloads where fresh data is critical. From updating embeddings to refreshing model inputs, Drasi ensures AI systems stay aligned with the latest state of the world.

You will learn the fundamentals of change-driven architecture, see Drasi in action, and walk away with practical patterns you can apply in your own distributed or AI-powered systems.

Disks fail, RAM runs short, software breaks, and human error strikes, and data loss follows fast. This talk presents a direct recovery path built on concrete steps used in production: detect corruption through log checks and checksum validation, stop the service to contain further damage, restore from backups that pass verification, use point in time recovery to reach a clean state, extract readable tables when backups fall short, keep pg_resetwal as a last resort when no clean recovery remains, and strengthen the cluster with routine checksums, tested backups, WAL archiving, and replicas that support failover. The session focuses on reliable commands, clear failure patterns, and practical actions applied without guesswork.

This project attempts to present the capabilities of weaving the abilities of artificial intelligence, a Python based interface, and Arduino, to build a voice activated assistant with robotic capabilities and human-like reaction. Through analyzing and acting on the tone of the speaker’s command, the project showcases the power of utilizing multiple systems to achieve a complex output. People attending will learn about the design process of this machine, the integration of AI APIs, voice recognition, and open source software, to display how intelligent and conversational robotics can be achieved with freely available and accessible tools.

What happens when open source, cloud infrastructure, and AI collide? Join Kelsey Hightower, Stormy Peters (AWS), James Bayer (Flox, Ex-Hashicorp), and Ron Efroni (Flox & NixOS, Ex-Meta) to hear what the fastest-moving engineering teams are doing today and what that means for the rest of us. From infra to developer tools to OSS contribution patterns, this panel will surface the real shifts happening across engineering velocity, team structure, and software delivery.

Recent security updates to Linux, such as the new Systemd Unified Kernel Image rely on the discrete or firmware integrated TPM (Trusted Platform Module) to verify boot and release secrets securely. However, there are many known attacks against the TPM chip itself. We will discuss the newly upstreamed Linux Kernel TPM security patches, which not only provide a basis for securely communicating with the TPM but also provide a novel defences against a wide variety of TPM based attacks by using a unique (to Linux) null key scheme. This talk will cover what TPM based attacks are (including interposer attacks), how the Trusted Computing Group expects you to tell you're talking to a real TPM and how you can communicate with it securely and use its policy statements to govern key use and release. We will then move on to how the new Linux Kernel patches extend this and can be leveraged to validate the TPM on every boot and continually monitoring it for any TPM interposer substitutions in real time.  The new TPM trust verification tools are available under LGPL as ancillary tools in the upser space openssl tpm engine project.

From Red Hat to MongoDB, major vendors are increasingly adopting tactics designed to protect market power, limit competition, and restrict user freedom. This talk examines the strategies behind these moves and explores how they affect the broader open source ecosystem and the communities that rely on it.

We will discuss recent examples, the motivations driving these decisions, and the long-term risks posed to innovation, collaboration, and software freedom. Attendees will leave with a clearer understanding of the dynamics at play - and what the open source community can do to remain resilient.

This talk illustrates a novel use case for NixOS—a cloud-native deployment model that treats edge nodes as declarative, reproducible systems while preserving the flexibility required for real-world networking and hardware constraints. It uses Cloud-init to inject secrets, metadata, and environment-specific parameters; a startup shell script to generate a NixOS configuration; and a nixos-rebuild to transition the system into a fully persistent, self-managed state.