Category Archives: News

Android Malware Alert

A report was just released regarding malware that targets Android, called Joker. This malware has been around since 2016, but it continues to be one of the major threats to Android devices. It can steal SMS messages, Contact lists, and device information. It can also sign up users for pricey subscription services such as Wireless Application Protocol (WAP) services. This malware gets added to applications that can be downloaded from the Google Play Store, and though Google has removed many of those apps, the malware keeps coming back. So how does it do what it does?

How it works

The apps that get the Joker malware are essentially “knock-offs” of legitimate apps that can fool people into downloading them. They do not directly contain the malware, instead they contain what is called a “dropper”, code which at some future time days or weeks later will contact a remote site and then download the actual malware. This dropper code is heavily obfuscated in a variety of ways. Sometimes the code is AES encrypted, other times it masquerades as legitimate files that are common in other applications such as JSON files and CSS. The download is frequently a *.dex file (Dalvik Executable) which is the native format now for Android applications. Joker can also use code injection to hide inside of legitimate third-party packages that reside on an Android phone, such as org.junit.internal,, or com.unity3d.player.UnityProvider. The security research firm Zscaler issued the most recent report on this, and they explained some of the methods Joker uses to download the malware.

Direct Download

In this scenario, a URL is hidden in the code via string obfuscation. This is a technique for hiding executable code by making it hard for the code to be detected. The Sucuri site gives the example of calling PHP to execute the commands where the functions are broken up into 2-3 character chunks, each chunk inside single quotes, and separated by periods. PHP will then join the chunks, remove the single quotes, and execute the function just created.

Once the URL has been “decoded”, the app will contact a Command and Control (C&C) server to get another URL which will take them to the final download of the malware payload. It also supplies a JSON file that has the configuration information for the final download. Once the JSON file is downloaded and executed, the final download takes place.

One-Stage Download

This variant downloads a stager payload first, which then leads to the final download. The URL for the stager payload is encoded using AES encryption. There are two varieties of stager payload that Zcaler has noted, either an APK file or a *.dex file. This stager is responsible for obtaining the URL for the final payload download. The stager is also responsible for executing the final payload.

Two-Stage Download

In this variant, the infected app executes code to contact the C&C server, which replies by sending a message with the URL for the first stager payload which it hides in the location header. The first stager payload is downloaded and executed, which then downloads the second stager payload, which in turn contains the hard-coded URL for the final payload. That is then downloaded.

Final Payload

Regardless of the download method, the final payload of malware is the same. To begin with, it uses DES encryption to execute the C&C activities. And it uses string obfuscation techniques to hide all important strings.

If you want a more detailed description of all the things the final payload does, you can check this site using a browser that can translate from Chinese to English.

What can you do?

Given that this malware has been infecting apps in the Google Play Store for 5 years now, it does not seem like someone else is going to fix the problem. The Zscaler report says that Google has removed these apps, but cannot remove them from your phone if you had the misfortune to download one of them. Using an anti-malware app on your phone may help, but the techniques Joker uses to hide make it challenging to detect and remove.

Step one is to check if you have one of these apps and remove it manually from your phone. You can see the latest batch of 17 apps Zscaler found at this Web page. Once that is done, there are some common sense precautions you can take.

  • Be careful to only download and install apps that serve a genuine need. Downloading lots of apps willy-nilly will only increase your attack surface.
  • Carefully check the history of the app. If it is fairly new and has relatively few downloads, you should probably steer clear. Remember that Google does remove these apps from the Play Store as soon as they are aware of them, so they don’t tend to last long.
  • Stick with developers that have a good reputation and track record.
  • For apps you rarely use or haven’t used recently, consider uninstalling them. Remember it is about the size of the attack surface.
  • Pay attention to permissions. Every time you install an app, it asks you for permissions to do things. Most people just click OK without paying attention, and that is what malware authors rely on. If a solitaire app asks for permission to access your Contacts list and your SMS, you probably shouldn’t allow it.
  • Manage your existing permissions. A good thing Android 11 does is to allow you to remove permissions for apps you haven’t used in a while. You can read more about this and how to manage permissions in this TechRepublic article.


 Save as PDF

The LastPass Security Dashboard

I just got an e-mail from LastPass regarding a new feature that I wanted to share. It is called the Security Dashboard, and it offers a couple of useful features.

As I have mentioned previously, I am a big believer in using a password manager, whether that be 1Password, Dashlane, LastPass, Keepass, or whatever. I actually use both LastPass and Keepass for two reasons:

  • Lastpass is designed for online use, which is great for Web sites, but problematic for some offline uses.
  • Keepass works much better on my Android phone while LastPass is awkward there and tends to get in the way instead of help me.

So, I tend to think most of them are good, the question becoming one of what works for you. The benefit, though, comes from actually using it. If you want to get some opinions on which program may be best for your needs, there are reviews available that can help you make a choice.

I could have listed many more reviews, so there is no lack of information out there. I went with LastPass years ago because Steve Gibson looked at the technical details and said they were doing it right. And Keepass is a stand-alone desktop program that has a Linux client and is licensed under the GPL. Also I can use it on multiple machines by putting the database in Dropbox where any changes I make on one machine get pushed out to all other machines.

Of course, the main reason you want to use a password manager, whichever one you choose, is so that you can put secure passwords on important web sites. And secure passwords mean long ones with a lot of entropy, as I covered in Passwords, Entropy, and Good Password Practices. Your pet’s name won’t cut it, neither does “leet speak” like substituting the @ sign for the letter “a”. If it isn’t long gibberish, it is not secure, and of course long gibberish is precisely what humans cannot remember. And that is the reason for password managers.

The big problem is that nearly every web site out there is now demanding passwords before you can do anything. And if you reuse passwords, you are at risk. I just checked in LastPass and I appear to have 478 passwords stored there. That is way more than anyone could possibly memorize, you simply have to use a password manager for that. Which brings us to the latest news from LastPass, the Security Dashboard

Security Dashboard

This feature is available to all LastPass users, including those on free accounts. But note that some features are only available to Premium users. To see your Security Dashboard in LastPass, you need to “open the vault”. Since LastPass is normally up and running on my browser (that is the first thing I do after rebooting my computer), all I have to do is click the LastPass icon to open the vault. Then on the lower left I can see the Security Dashboard. Clicking that opens the Dashboard, which has three sections: Security Score, Dark Web Monitoring, and Alerts.

Security Score

The Security Score is a calculated number based on several factors. First, of course, is how long and complex your passwords are. Then adding multifactor authentication to your LastPass account adds another 10 points to your score. A perfect score would be 100 points, but you have to have at least 50 passwords stored in LastPass to get this. That said, I am looking at the section for Security Score, and I don’t see a score anywhere. But the useful part id that I can see the “at risk” passwords, both as an overall percentage (OK, but not the most useful), and also a list of my passwords when I click the View passwords link on the right side of this box. There I can see all of my accounts and what LastPass thinks of my passwords. The information here is useful. The list has these columns in order:

  1. The Website
  2. The User Name for that website
  3. The password strength. The password is obscured, but you can click the eye icon to have it revealed.
  4. The risk if any. Red boxes have risks, green check marks are OK. The risks I see include Reused, Old, and Weak. Old is a matter of debate. I think the best research now says that making people change passwords just because they are old is more likely to reduce security than enhance it. For more on this, see SANS Security Time for Password Expiration to Die. Reused is a problem if you used the same password for anything that needs security. I don’t care if I reused a password because some blog demanded I create a password before reading an article, but I definitely care if I did so for my bank account.
  5. Action to take – This is not all that informative. If you have a green check mark, it will be blank, otherwise it tell you to change your password. But if you click this button, it will open the web site so you can do that, so it is helpful.

After reviewing my list, I noticed I have a lot of stored passwords for places I don’t go to any longer and for accounts I have closed, so no doubt a little pruning of the list is in the cards.

Dark web monitoring

This is all about whether your credentials have been found on the web sites where such things get traded around. Kind of similar to Have I been pwned in my view, but it does make things easy for you. This feature is only available to Premium users (of which I am one). For this, LastPass partnered with Enzoic to use Enzoic’s database of breached credentials. One useful feature here is that you can simultaneously monitor all of your e-mail accounts, or you can decide that some do not need to be monitored. I noticed that one “e-mail” was actually a typo I must have made at one time, and another was a work e-mail from before I retired, so I cut the monitoring there. Honestly, I don’t know that I would pay for a Premium account just to get this feature, but I like that I get it as part of the package. I could do all of this by just going to Have I been pwned and not spend money, but this is very convenient.


This is tied to the Dark web monitoring. Right now it says I don’t have any alerts, but if one of my e-mail addresses/user names was compromised I would get an alert, and a button to click to take me through the process of changing my password.

Bottom Line

I am very happy to be a Premium user of LastPass. We have a family account for my wife and I and it works well. This update basically makes maintenance we should be doing anyway more convenient to do. And now if you will excuse me, I need to go clean up a few passwords.

Listen to the audio version of this post on Hacker Public Radio!

 Save as PDF

Penguicon 2019 Report

This is the latest in my annual recollection of my experience of Penguicon. As always, I have to emphasize that this represents just my own experience of a massive event. We have 1,466 people attending, and over 400 different sessions, each of which lasted at least one hour.  I only could attend a handful of these sessions, and had a great time, but by way of example my friend 5150 was here, and at no time were we both in the same session. So if you were to come you would probably have a somewhat different experience.

Friday, May 3

As usual, I grabbed a dinner after work on Friday, then went to the Westin in Southfield, Michigan for the Con and picked up my badge. We’ve been at this hotel for 6 years now, and it is a fantastic venue for us. I usually purchase my badge a year in advance at the previous con, so I had bought this on the last day of Penguicon 2018, and it was waiting for me when I arrived.  I made a brief tour of the Maker Space, then it was off to the Opening Ceremonies. This is where you get an introduction to the various Guests of Honor as well as hear from the Convention Committee about what to expect over the course of the weekend. Among the guest of Honor were:

  • Saladin Ahmed – An award-winning author who has now gotten involved in writing for Marvel.
  • Mikey Mason – A stand-up comedian with appearances on, SyFy, and MTV Geek News.
  • Zed Shaw – A a programmer and artist who teaches programming and has a series of books (Learn Python The Hard Way, Learn Ruby The Hard Way, Learn JavaScript The Hard Way). He is most commonly known for creating the Mongrel web server for Ruby web applications
  • Daniel Hansen – Daniel Hansen created a business called Crafty Celts to sell his jewelry, and wound up creating jewelry for the TV show The Vikings. He is also active in re-enactment, and taught swordplay over the weekend.
  • Sophia Brueckner – A professor at the University of Michigan, she began as a developer at Google before becoming a designer.
  • Karen Corbeill – Karen is a maker who also loves to teach. After two years as a co-host on the Ben Heck show, she is now on YouTube as part of Element14’s The Learning Circuit

One thing you might notice is that a lot of these people do more than one interesting thing. This is not accidental, as I learned when I talked to the Con Chair, Jessica Roland. She was deliberately looking for people that could tick off different boxes, and I think she did a great job.

After the Opening Ceremonies, I went to an Anime panel on Anime Fantasy-Romance. There was a lot of Anime programming this weekend provided by Paul Kemner, Star Stramel, and A. Carina Spears. I did manage to catch a few in amongst everything else. After this, it was time to join the Ubuntu Release party, an annual event. Ubuntu’s x.04 releases usually are within a few days of Penguicon. At one time it was a place to go to pick up a CD, but no one does that any longer. So now it mostly a place to catch up with your friends. All the members of Sunday Morning Linux Review were there, and I met Jay Lacroix for the first time in person after hearing him on the podcast for a while now. I also thanked Tom Lawrence because his company, Lawrence Technology, sponsored Penguicon 2019. After this it was time to leave since it was the end of a week at work and I need to rest.

Saturday, May 4

Back to the Westin and breakfast from their breakfast buffet. The first event of my morning was Tony Bemus (Sunday Morning Linux Review) doing a presentation on DDOSs and what the average person can do about it. Tony recently changed jobs and is working for a local company on their Cloud team helping to mitigate DDOS attacks for their clients, so he definitely has the skills for a good talk, and he did not disappoint. Then it was off to Truths, Half-Truths, and Sweet, Sweet Lies a panel discussion by Ericka Kahler, Doug Johnson, and Mark Haynes about the pitfalls of being a consultant/contractor in the IT industry. I spent quite a few years doing that, so I wanted to see what they had to say. Then it was off to another anime panel, Supernatural Anime, by the same group of people I mentioned previously. Here the emphasis was more on creepy/scary types of anime. I next went to a screening of The Ghost in the Shell, which in the program was supposed to be the Anime film from 1995. But a mix-up resulted in the showing of the Scarlett Johansson film from 2017, so I left, and decided this was a good time for the Hallway track. I’ve been going to Penguicon for many years now, and I have a lot of friends I see there, so a little socializing is always good.

I decided to get a little “hands-on” next. A local makerspace from Ann Arbor called All Hands Active was on hand throughout the Con for people to drop in and do a little soldering. They offered a simple basic blinking LED badge for free, or you could purchase a more complex one that had a microcontroller and displayed LED text. Since electronics and soldering are not my strong suit, I went with the simple one this time, but I may try to step up next year. We’ll see. Then I went to a presentation by one of our Guests of Honor, Sophia Brueckner, called Critical Optimism, which I thought was fantastic. Sophia looked at how technology is powerful, but won’t necessarily solve all problems. She looks for a path between the extremes of technosolutionalism (technology will solve all of our problems) and a Luddite rejection of technology as evil. This was one of the better things I experienced this weekend. Following this, I was on a panel myself called Unconditional Basic Income, along with Matt Arnold and Zachary Blagg. We had a pretty decent turnout for this, and a lot of good discussion which continued out in the hallway. We may do something next year, and I suggested maybe healthcare would be a fruitful topic to get discussion going. We’ll see how that goes. I then went to the Con Suite to grab some food since it was early evening by this point, then came back for a panel on The Fediverse: Decentralized Social Networking, with Michael W. Lucas, Ed Platt, Matt Arnold, Craig Maloney, and Mark Felder. I was really interested in this one, because last year Ed Platt did a presentation that I thought was excellent, and I asked him if he might do something for Hacker Public Radio. He declined as he was busy, but told me I could use any of his material. So I am working on a series for HPR that will probably go up in Autumn of 2019 where I look at some of the alternative social media. What got me off of my butt on this was the closing of Google Plus, which told me it was time to look around. After this, it was time again to go home and rest up for the last day.

Sunday, May 5

Again, back to the hotel and breakfast, where I met up with Craig Maloney. Craig is the leader of the Ubuntu LoCo that put on the release party Friday night, and he is also active in the Fediverse, so I continued our discussion from last night and got some additional leads and information. And as he is a good friend I have someone I can go to with questions, which is a always helpful. After breakfast, it was time for E-learning Design: The Good, the Bad, and the Very,Very Ugly, by Ericka Kahler and Clif Flynt. Clif is old friend, and when I was teaching I actually had to do E-learning design, so I had a strong interest in the topic. There were many lessons learned here. From here, it was off to a presentation on Solar Panels by my friend Gibson Nichols. I had a strong interest here as well since my wife and I have been planning to get an RV and become “snow birds”, and solar power is very useful when you are mobile and don’t always have utility power available. My last panel of the day was Understanding USB: Why this cable works and that one doesn’t, by Henry Marshall. This was a great technical discussion of all of the different flavors of USB, and I think I learned a few things.

After this I had a few minutes free so I bought my badge for next year, as I always do. It is a little cheaper if you do this, but even if the price was the same I would do it just because I think it helps the Con to have a little working capital as they prepare for the next year. And then it was off to the Closing Ceremonies. At this point the Guests of Honor get to say a few words about their experience, and the staff gets to thank all of their helpers. Awards are given for the best room parties, and then everyone winds down. So I went home and collapsed in my chair because I was really tired.

I think this year’s event was wonderful and as always slightly different from any other year. Penguicon has a permanent Board of Directors, but they pick a new Con Chair every year, and that Con Chair really puts an individual stamp on the event. I am looking forward now to next year.

Listen to the audio version of this post on Hacker Public Radio!

 Save as PDF

Penguicon 2018 Report

Friday, May 4, 2018

As I usually do, I went to work on Friday, then grabbed dinner before heading over to Penguicon. This year was going to be different because I was not responsible for running anything other than my two talks. Last year, after 4 years of running the Tech Track, I stepped down because a) I was tired; and b) you want to bring in new blood to keep things fresh. (Pro tip to event organizers out there.) I found the Registration table, got signed in, and picked up my materials for the two panels/presentation I would be on. Then I headed for the Opening Ceremonies. This is usually an introduction to all of the Guests of Honor and any other VIPs in attendance, and it helps me to get a sense of what the weekend is going to be like. I knew from previous emails that one of the Guests of Honor, Dr. Kristine Larsen, was going to be on my Isaac Arthur panel, but I had never met her. A Guest of Honor I had met and talked to previously was Mary Robinette Kowal and I like her, so that was good.

After the Opening Ceremonies I went to join my friend Craig Maloney for the Ubuntu Release Party. Since Penguicon always happens in late April/early May it pretty much comes on the heels of the April Ubuntu release each year, so we have a get together. I mostly run the Kubuntu flavor and tend to stick to LTS releases, so I expect I will be upgrading as soon as they release to the LTS crowd. Technically it is released as a *.0 release, but they don’t offer it to LTS users until it hits a *.1 level, which will be later this summer I expect. I spent some time various friends there such as Murph who made it up from New Jersey as well as the various Michigan users.

Then I went to see Bob Trembley, Jeff Macleod and Curtis Potterveld demonstrate and discuss various space simulators. They showed several NASA programs that are free and simulate the solar system dynamics. You can use them to see what would happen if the Sun suddenly disappeared (the planets immediately move in straight lines tangent to the previous orbit), or you can look at the collision that they think created the moon when a Mars-size body crashed into the early Earth. Then we ran Kerbal Space Program, which is a pretty accurate simulation of orbital mechanics. Of course, in the best tradition of Mythbusters we made one go “boom” by flying a rocket into the Vehicle Assembly Building. And now, after three hours on top of a full day at work, it was time to go home. I knew I had an early morning ahead of me.

Saturday, May 5, 2018

Saturday morning I had a 9 am panel on Isaac Arthur, where I was joined by Jeff MacLeod and Dr. Kristine Larsen. Isaac Arthur is a very interesting fellow who has a YouTube channel called Science and Futurism with Isaac Arthur. His channel looks at extrapolations of what can happen in the future given what we know about science. Some of it can get pretty far out, but never violates any known laws, so you won’t see warp drives or faster-then-light travel. That still leaves plenty of scope for thinking big, and I enjoy the channel. Give it a look and you might find you like it too.

From there I moved on to the DIY IoT talk by Dave Putz and Connie Sieh. Connie I knew from last year when I asked her to present a panel on Scientific Linux, which she helped to create. This time the presentation was on IoT using things like Raspberry Pi and Arduino to control the cameras and sensors. I think this is the kind of topic that would appeal to Hacker Public Radio listeners, and is a good reason to plan a visit if you can here when Penguicon is on. There are great presentations every year, and Daniel Dugan did a great job of programming the Tech Track this time around. And the following presentation by Karen Burnham was called Turning Materials Science Fiction into Science Fact, and I was pretty sure it would be great. Karen had worked for NASA and for Aerospace companies, but moved to Michigan to work in electric car engineering for Ford Motor Company. I have learned that any talk she gives is going to be interesting, and this did not disappoint.

Noon brought me to Michael W. Lucas‘ talk Large Scale SSH: Keys and Certificates. Michael is a successful author, and his book on ssh was one my principle resources when I did some shows on ssh for Hacker Public Radio. And listeners to the popular Sunday Morning Linux Review will know that he is also the author of numerous books on BSD. He is not only a good author but a good speaker, and I always try to catch one of his talks at Penguicon. I can’t catch all of them because he is glutton for punishment and does way too many talks.

After that I went to a talk called Feminism and Comics, which traced the history of the comics and how the way women were portrayed in them changed over time. Then it was on Gender and Artificial Intelligence. Of course AIs don’t really have any gender, but they are portrayed as having gender. For example, the voices of devices like the Amazon Alexa and Google Assistant tend to be female, though you can change that if you wish. But it is worth some consideration as to why female is the default in this case, what that tells us about our own perceptions.

From there I went to Ask an Astronomer, a panel with Dr, Kristine Larsen, Bob Trembley, Curtis Potterveld, and Jeff Macleod. I have mentioned all of them in previous panels, but Dr. Larsen is an astronomer on the faculty of Central Connecticut State University, and very much a nerd. She has written on the astronomy of Middle-Earth, and a Harry Potter starfinder. Bob Trembley actually works for the Vatican Observatory, which is extremely cool. And both are Solar System Ambassadors for NASA.

Then I went to Tom Lawrence’s talk on Open Source Video Editing Workflow on Linux. Tom is of course well known from being one of the hosts of Sunday Morning Linux Review, and he also has a YouTube channel for his business, Lawrence Systems, which is worth checking out. As a YouTuber he does a lot of video production, and he does does it using Open Source software. So this talk was well-worth catching, particularly in light of my ongoing quest to figure out why kdenlive doesn’t like me.

Following Tom’s talk was my second talk, Diffie-Hellman-Merkle Key Exchange. I already covered this material in a show for Hacker Public Radio so download that if you are curious as to what I covered. It is the same stuff. I believe in using a talk as many times as I can after I put in the effort to write it. In any case, this was well-received by the people there.

By now it had been a long day, from my panel at 9am to my talk that went until 7pm, so I grabbed dinner and went home. That meant missing Michael W. Lucas on a panel called Making a Living as a Midlist Writer, but sometimes you just have to do what you have to do.

Sunday, May 6, 2018

The last day is always a little more laid back because everyone is tired. After breakfast I stopped by the Sunday Morning Linux Review, which was just packing up their gear having finished the show. Then I went to a presentation that seemed promising, called All Energy is Perpetual. Well, it may have seemed promising, but it ended up being pseudo-scientific nonsense. My friend Craig Maloney was getting progressively more annoyed with the speaker, and another audience member got up, said loudly “I’m sticking with science”, and stalked out of the room. It was sad, and unfortunate, but I found the head of Programming, Bagel Garrison, and told her that this was a mistake and don’t bring this person back again. I then went to a talk by my friend Jer Lance, but he never actually made it (I think he was in a meeting than ran long). So all of us in the room talked to each other for the hour. I now had a hole in my schedule, which meant it was time to hit the Dealer’s Room and view the goods on offer. I wasn’t really intending to buy anything (and didn’t) because right now my wife and I are more intent on getting rid of stuff than in acquiring more of it. But a little window-shopping never hurt anyone.

Then it was on to a panel Clamp Studio: Anime Deep Dive. I do enjoy anime, and these kinds of panels are often interesting. Clamp Studio is perhaps best known for Cardcaptor Sakura, and we got a taste of that, but they seem to have a number of interesting titles which we sampled. I followed this with a panel about dysfunctional communication on the Internet, and then finally the Closing Ceremonies. I thought the Closing Ceremonies ran about a half-hour longer than they should have, and was relieved when it ended. But I already have my registration for next year and I am sure it will be well worthy my while. As I was leaving the room I was hailed by Fifty One-Fifty, whom I had somehow not connected with at all. I was really too tired to do much more than exchange greetings with him this time, but I think we will have a little more time together at Ohio LinuxFest.

Listen to the audio version of this post on Hacker Public Radio!

 Save as PDF

Ohio LinuxFest 2017

I made the trek to Columbus yet again for my annual visit to Ohio LinuxFest, and once again I was impressed by a good event. I took the afternoon off from work to drive down from Michigan (about a 3 hour drive) and made sure to get there on time for the opening Keynote, which was Karen Sandler from the Software Freedom Conservancy on “The Battle Over Our Technology”. By an interesting coincidence I had brought her up in a discussion the day before on why I would never trust IoT security if the code was not available. Karen has always been very open about sharing her experience with getting a pacemaker installed, and trying to get a look at the code (which she couldn’t, because it is proprietary). And we have since had a recall that made about 500,000 people go the their doctor’s offices to get a code update because the proprietary code was very insecure. In talking about the importance of Open Source Karen brought up the meta-issue that it is not just about the practical issues of efficiency, but also about moral and ethical issues.

After that we had a nice happy hour sponsored by Fusion Storm that took place in the vendor room, and I got spend some time with 5150, Verbal, and John Miller while enjoying the Nacho bar, and eventually made my way to my room for the night.

Saturday started off strong with a keynote from Máirín Duffy, “Who Cares if the Code is Free? User Experience & Open Source”. Máirín is a UX expert working on the Fedora Project, and really got into the design issues with Open Source, and made a strong pitch for getting people involved outside of coding, and in particular how to get involved in UX. I appreciated this because a healthy Open Source ecosystem requires a lot of different skills, and in my view the idea that coders are the only ones who matter is a kind of sickness in our ranks. After that, there were 4 tracks:

  • Sysadmin and Development
  • /dev/random
  • Career
  • Security

As you might expect, the Security track got most of my attention, and I have to say I was impressed by the speakers there. The first was Kent Adams from SIP.US on VoIP Security Basics. As is usual in the area of Security, none of this was exactly rocket science, but when your phone service comes via Internet Protocol you have all of the usual security issues, such as how your firewall is configured, who might be sending packets your way, and is your software patched and up-to-date. It was a good talk, and Kent was a very engaging speaker. After that, Tom Kopchak from Hurricane Labs  had a talk called “Building a Malware Analysis Lab With Open Source Software”. He talked about using open source tools like Squid, Snort/Suricata, and pfSense, and tying them together with some scripting. Then it was time to break for lunch.

After lunch I started with Roberto Sanchez. Last year he did a very good talk about how he prepares his CS students by getting them involved in tools and practices like using GitHub, making pull requests, and so on. which I really loved. This year, his talk was “Secure Cloud: Linode with Full Disk Encryption”. Linode is a provider that offers inexpensive Linux virtual servers, and Roberto took us through how to do this securely by setting up your virtual server in an encrypted manner. I think a lot of what he discussed would apply in other areas as well, but taking us through the process step-by-step was valuable. Following that I decided to move over to the /dev/random track to hear Dru Lavigne discuss the new features in FreeNAS 11. Dru is someone I have talked to a variety of conferences over the years, including having breakfast together at Indiana LinuxFest a few years back, so I has glad to see her here.

But I went back to the Security track for an excellent talk called “Top 10 Easy Cybersecurity Wins for Linux Environments” by Michael Contino. This was an excellent talk by a very knowledgeable speaker. some of his tips were things I was aware of, but he also brought up some things that were new to me, and I want to follow up on those sometime. After his talk I met up with Joel McLaughlin and Allan Metzler of The Linux Link Tech Show for a little hallway conversation before Joel left, did a pass through the vendor room, then got into a hallway conversation with Michael Contino and a couple of other folks who were at his talk. Then my final Security Track talk was by Cody Hofstetter from Sovereign Cyber Industries, called “Getting Hit by an 18-Wheeler: Privacy and Anonymity in the Modern Age”. Most of what he talked about I knew, but he was such an engaging speaker that I was glad I was there.

The final keynote was Tarus Balog of The OpenNMS Group, who gave us the history of how he came to be the CEO of a successful company that sells free software, and the lessons he learned along the way. I first met Tarus when he gave the very first keynote at Indiana LinuxFest some years back, and he is both a great speaker and a great Free Software advocate. His talk was wonderful, and fitting way to round out the talks for day. We then retired to the ballroom for the after-party, and for me an unexpected finish when I won the raffle for a 3-D Printer. I am planning to donate it to a useful charity such a e-nable, which makes hands for children who lack them.

Overall, it was a very good conference, and I really enjoyed the speakers. But there is a problem here with diversity. Outside of the Keynoters, the only woman I could see presenting was Dru Lavigne, and I did not see any people of color. And based on my experience programming for Penguicon the last 4 years, this is probably because they just waited to see what proposals happened to come in. I have found that you need to pursue people to get the diversity you need, for whatever reason (I suspect “impostor syndrome” plays a role in at least some cases). For example, last spring I had a great presentation to a packed room by Connie Sieh, who created Scientific Linux. What you might not have known is that I was looking for her over a two year period before I found her (she had retired, old addresses no longer valid, etc.) And there were other people I made a point of going after because I knew what they could do. Another example is Ruth Suehle from Red Hat, who I contacted every year to get a presentation. I talked to the person at OLF who will be booking speakers for the coming year and offered to pass along some of my contacts to help in this.

Listen to the audio version of this post on Hacker Public Radio!

 Save as PDF

Penguicon 2017 Report

As always, this is my report on the things I did at Penguicon over the weekend of April 28-30, 2017. Penguicon is a huge event, with probably 500 hours of programming over all of the tracks, so joining in even a fraction of the possible activities is about the best you can do.

This was also my final year as “Track Head” for the Tech Track, a position I have held for 4 years now. I need to refocus my attention, and I think these conventions are better served by the regular infusion of new blood, so it seemed like the right time to move along. I will of course continue to attend each year, as indeed I did before becoming part of the staff, and I will be available to answer questions or provide support for my replacement.

Penguicon starts on Friday evening, and in past years I have been able to grab dinner near my office and then go up the road to Penguicon (one town over from my office). But this year I had a physical therapy appointment after work, so I was rushing around a bit. I did get to Penguicon in time to pick up a white board for the use of one of our Guests of Honor, Sumana Harihareswara. She gave a talk called Things I Wish I Had Known About Open Source in 1998.  The reference here is to when she started in Open Source software, and the lessons she had learned. I’m really glad I started my Penguicon with this talk, she was a very engaging speaker and had some valuable lessons to share.

After that I went by the Ubuntu Release Party, which was in the hotel bar, and caught up with some friends. We chatted for a while, and then I realized I was very tired between the end of a long week and the physical therapy, so I elected to go home and get a good night’s sleep to prepare for the next day.

Saturday I went back in the morning, and had a very nice breakfast at the hotel. They have a great breakfast buffet with a number of things I can actually have (a story for another day; I am diabetic). I could have raced through this to get to panels, but instead took my time, and at 11am I went to the Women in Tech panel. This was put together by Jennifer Cline from Grand Circus, a local training company that also offered several coding workshops at the event. But this panel had a couple of colleagues form Grand Circus, an entrepreneur, and someone from Google (who have a local office in Ann Arbor).  I enjoyed the discussion, and they did a great job. That was followed by a panel on Distributed Game Development: The Benefits of Open Source. The interesting (to some people) twist is that the panelists (Adina Shanholtz, Amanda Lange, Rachel White) all work for Microsoft. I know some in the Open Source community still think of Microsoft as the “Evil Empire”, but I think there is change happening, and if they want to discuss the benefits of Open Source I am happy to encourage that. These ladies did a great job, and even showed some games they had created and told us how they did it.

Then I went to a panel on Creating Webcomics: Logistical Nonsense and Shameless Self-Promotion, with Erirka Wagner and Laura Cascos. They have a comic I really like called Sidekick Girl, but this panel focused on the production issues, web hosting, etc. I then went to Marching Toward the World Brain: Chaos and Self-Organizing Networks, by Michael Grube. He gave a great talk, looking at some his own experiments, and the biggest problem I could see was the room was too small. There were more people on the floor or against the wall than were in the seats. Michael’s talk looked at network theory to see how a computer network could be decentralized and still be programmable and have goals.

Then James Valleroy made a presentation on Freedom Box, Libre Personal Server, This is a project to provide a completely open personal server, which will have its first release in Debian Stretch, and which can be run on a Raspberry Pi. I was very interested since I see a couple of needs that I have which might be met by a Free, Open Source server platform. Then at 4pm I went to panel on Ancient Egypt. That is one of the things that makes Penguicon so special, you can have all of the Technical stuff, but there is lots of other information available. This panel looked at people’s misunderstandings about Ancient Egypt, and a professor from the University of Michigan did some serious myth-busting (no, the pyramids were not grain storage facilities). Following this I went looking for the Tricorder Project Demo, but never did find it, so I instead opted for the Con Suite and some food (again, props to the Con Suite for having stuff I could eat, like fruit and vegetables).

Then it was on to Scientific Linux. This is a distro based on Red Hat that was developed at FermiLab just outside of Chicago, which is a major particle accelerator facility. they had a need for lots of computers to handle the enormous data being generated and analyze it, and turned to Linux as the solution. We had Connie Sieh, who was the founder, and Bonnie King, who took over as Team Lead when Connie retired, so this was very authoritative. Scientific Linux may have started at FermiLab, but it has spread to other facilities, and is a great resource.

I had planned to attend the panel on The Works of Miyazaki, Part 2, but the panel was canceled when the main presenter had to stay with a sick child, so I caught Karen Burnham and Bob Trembley on Space Travel Woes, with and Without Potatoes. Karen formerly worked for NASA, and Bob is with the Warren Astronomical Society, so they had some pretty good stuff to share. Then I went to the presentation All About The Tricorder Project, with Peter Jansen. This was our Hack of Honor this year at Penguicon, and Peter told us the story of how he decided to create a tricorder. This is not a medical tricorder, but it is a hand-held multi-instrument device, with things like GPS, temperature sensors, magnetic sensors, and so on. Peter explained exactly how he did it. And after htis I decided to call it a day and go home.

Sunday started out like Saturday, with a breakfast in the hotel restaurant, and then on the Astronomy 103, with Bob and Connie Trembley. This really turned into a group discussion, and I was able to recommend some podcasts and video casts that they were not aware of. Generally, this became a discussion of astrophysics and weird cosmological stuff. This was followed by Re-Dentralizing the Web, by Ed Platt. Ed looked at the problem  of social media being controlled by a few large companies, and presented alternatives, which I plan to check out, such as Mastodon, a kind of Federated alternative to Twitter. I don’t use Twitter, but I might like Mastodon.

Then it was on to Breaking Into Bots, by Gabrielle Crevecoeur. Her focus here was on creating bots that could answer questions and otherwise converse, and she demonstrated the tools she used to do this and how to to set up your bot in the cloud. I had intended to then go to another Miyazaki panel, but this too was canceled for the same reason because it had same presenter with the sick child. I hope these panels get rescheduled for next year. My wife and I love Miyazaki movies, and I was really looking forward to these panels. so without my Miyazaki fix I kind of wandered the floor and got into some conversations with other Penguicon folks.

Then at 3pm it was Closing Ceremonies time, and following that I went home. I was pretty tired (and how is it that sitting on your butt all day is so tiring?) and looking forward to relaxing a bit. But before I left the Con I made sure to purchase my pass for 2018. Penguicon gets better every year, and I want to be there to see what the next team comes up with.

Listen to the audio version of this post on Hacker Public Radio!

 Save as PDF

Penguicon 2016 Report

As in previous posts on this topic, I want to emphasize that this is not a review of the entire range of Penguicon, but simply a report on what I did and the panels and presentations I attended. Since I was responsible for the Tech Track, you shouldn’t be surprised to find that most of what I did was tech-related, but with the variety of things on offer at Penguicon I managed to get into a few other things as well, including a panel I joined.

Day 1: Friday April 29, 2016

I work not too far from the Westin Hotel, so after leaving work and catching dinner, I got to the hotel and went through registration to pick up my badge and my participant materials. I was just in time for the Opening Ceremonies at 6pm. When you have been working with a group of people all year to put on an event like this, it feels great to see it all come together. All of the Guests of Honor (GOH) were introduced, and this year my friend Deb Nicholson was one of them.

Then I attended a keynote presentation by George Gage demonstrating the electrical activity of nerves using large cockroaches as experimental subjects. He removed a leg, and attached electrodes to it. Then he stimulated the leg and we could view the electrical activity of the nerves. BTW, the cockroaches can grow back a leg when they molt, so this was not quite as cruel as it may seem. From there I went to the new space we had this year in the Executive Meeting Center adjoining the hotel for a presentation on pandemics and and deliberately making diseases extinct. We focused on polio and Guinea Worm (a parasite). And I note that at last report there were only two cases of Guinea Worm in the entire world, so we are close to eliminating this pest, thanks to the Carter Foundation.

Then Pat Baker did a great presentation on the Dark Web Big Three: TOR, I2P, and freenet. I am always looking to schedule some good talks on ways people can protect themselves online, and Pat’s talk was definitely a good one. After this I went searching for the Ubuntu Release Party, but it was nowhere to be found. On Saturday I caught up with Craig Maloney who explained that the party was earlier in the evening, but the program booklet had the wrong time in it. So shortly after 10pm, and the end of a full week at work, I headed for home.

Day 2: Saturday April 30, 2016

I headed back to the hotel in the morning and took advantage of the breakfast buffet to fortify myself for a full day of con activities. To start things off, Jer Lance and Dawn Kuczwara discussed running a technical team and the difference between a manager and a leader. As a Project Manager that is something I have to do a certain amount of, and I really liked their discussion. Then it was off to the Fedora Roadmap. Tom Callaway of the Fedora project has become a regular at Penguicon (along with Ruth Suehle) and I had specifically requested he do this to expand on our Linux offerings. After all, we have Penguin in our name, and we should have a solid group of Linux presentations. Because we have at least 4 Canonical employees in Michigan (that I know of) Ubuntu has always been well covered, but I want to expand that. And I already have Tom working on a Red Hat challenge for next year. We will have some computers set up with deliberate errors in their configuration and see who can diagnose and fix them the fastest. It should be fun. We initially wanted to have this competition this year, but we got the idea too late to pull it together. BTW, Tom and Ruth also did their Raspberry Pi Hacks talk again this year.

Then I went to The Reality and Fiction of Artificial Intelligence, with Ann Leckie, Jason Mars, Lingjia Tang, and Jennifer Marsman. I know this has been in the news a lot, and frequently the focus is on whether it is a danger. these folks didn’t think we were anywhere near a “robot uprising”. Ann is the author of the Hugo Award-winning novel Ancillary Justice, Jason and Lingjia are computer scientists at the University of Michigan who are working in AI, and Jennifer Marsman is a Microsoft evangelist for the Azure Cloud who also did graduate work in AI at the University of Michigan, and helped us in finding the right people to contact there.

I then went to the Penguicon Board meeting. I am not a Board member, but the meeting was open and I wanted to see what was going on. The Board is the long-term continuing management over a number of years, and each year they pick a Con Chair to put the event together and give that person a budget. The Con Chair puts team together, and I am a part of that team. This year the Con Chair was a Scott Kennedy (great job!) and for 2017 it is Cylithria (Lithie) DuBois, who I am sure will also do a great job.

From here I went to a presentation on The Works of Miyazaki. Hayao Miyazaki is the legendary Japanese anime artist and my wife and I are big fans. This presentation focused on his earlier works, and was very nice. After this, Jennifer Marsman did a wonderful presentation Fun With Mind Reading. This combined EEG recording with Machine Learning in Azure to essentially do a kind of lie detection. The idea was to ask a series of questions to which the subject would give a truthful answer, and then the same questions, but this time lying. The Azure Machine Learning would learn the mental pattern of a truthful answer, and the pattern of a lie, and then for future questions it will offer a pretty accurate estimate of an answer to a new question.

At 4pm I went to How Will Technology Change Society? This panel had Deb Nicholson, our GOH from Open Invention Network, Jason Mars and Lingjia Tang from the University of Michigan, Tobias Buckell, a science fiction author, and Edward Platt, one of our Tech Track presenters. This panel got into a number of topics, such as personal freedom in an age of surveillance, and wound up in the area of automation taking away jobs. This was a natural lead-in to our panel the next day called Post-Capitalism so I made sure to invite everyone to come to that.

After this it was time for a break to grab something to eat and to peruse the dealer tables. Everyone who is registered gets access to the Con Suite, where there is food and drink available. That is part of what your registration money buys, and it includes beer for those who want something more adult. And the dealer tables deserve a look since you never know what you are going to find there. Books, jewelry and costumes are always there, but then there are the interestingly different items, which this year included a variety of soaps.

Then it was time for Krunal Desai to do a presentation called The Tech Behind Asteroid Mining. Krunal ran the tech track back when I was a presenter, then went to work as a senior avionics engineer for Planetary Resources, so his presentation was definitely from the front lines. We also paired him with Bob Trembley the astronomy guy on the Science track for a joint panel on asteroid science. And after that I went to Webcomics 101: Logistics, with Erika Wagner and Laura Cascos. I enjoy Webcomics, and I found it interesting to look at the issues involved in producing a comic. They are the people behind Sidekick Girl, which I recommend. I had considered following this with Night Sky Observing with Bob Trembley, but the weather was not accommodating so I decided it was time to call it a day.

Day 3: May 1, 2016

After another Breakfast buffet at the hotel, I started my last day of Penguicon with Michael Rometty, who did a A Look At LibreOffice Base. Michael has a YouTube channel under the name The Frugal Computer Guy, which has his videos from several series that I recommend highly. He is focused on Linux and LibreOffice and does a great job of introducing these things to new user. I was watching his videos on YouTube for a while and then last year discovered that he lives in this area, so of course I wanted a talk from him, and will ask him back next year.

I then went to the planning meeting for next year. We have a number of new faces on the committee as people drop off and get replaced by others, and it does take a lot of work to put together, so while this year’s committee is winding down, next year’s is gearing up.

Following this, Susan Sons did Security Principles for System Administrators. Susan is one of those gems that comes here year after year and gives great presentations. She is a security professional, and her talks are all security-related, and always worth attending. she is one of those people I always make a point to contact when I am planning the Tech Track.

Then came the panel I was on, Post-Capitalism. Matt Arnold and Ed Platt joined me for this, and we looked at how economies evolve and what may come next. A particular focus was on the job market since more and more stuff is getting automated.

After a break for lunch, I attended Ed Platt’s presentation on Free/Open Democracy. He looked at some of the tools available, such as Loomio, Liquid Feedback, and Intertwinkles. These tools help you to create an environment where decisions can be consensus-based and democratic.

And finally, it was time for the Closing Ceremonies. Usually everyone is fairly tired by this point, but there is also a kind of manic energy. Prizes are awarded for room parties and for costumes, volunteers are thanked, and GOHs say a few final words about their experience. Penguicon 2016 was certainly a great event. We had great guests and a record attendance that went over 1600 (we don’t know how much over since Registration stopped mid-day on Sunday and some people were still coming in. We had for the first time a computer lab at Penguicon, and the computers have been stored away for use next year. We could probably make better use of them, particularly in the Tech Track, and I will try to follow up on that for next year. But everyone I talked to had a great time and will be here next year.

Listen to the audio version of this post on Hacker Public Radio!

 Save as PDF

Penguicon 2015 Report

Penguicon 2015 was a great success, and far more happened than I could have been part of. We had about 500 hours of programming, and even my track, the Tech Track, had 100 hours of content. So this report is my own diary of my particular experience of Penguicon 2015. Each person would have their own experience based on the events, panels, and talks they chose to attend. But with this much programming there was plenty for everyone to enjoy. And since most of the team that put this together is coming back for another year, and we have managed to add some more people, I think next year can be even better.

On Friday 4/24/15 I left my office in Dearborn, Michigan, grabbed dinner, then checked in at the event registration desk. I arrived in time for the official opening ceremony at 6pm. Of course, there were talks and events scheduled even earlier on Friday (with 500 hours of stuff to fit in, we used every possible slot), but I was happy to get going then. These opening ceremonies are about introducing the Guests of Honor, advertising events of the upcoming weekend, and so on. And right after the opening we had the first of our two keynotes, Aral Balkan. He is the designer and co-founder of He is very passionate about security and privacy, and his keynote focused on the dangers posed by companies like Google and Facebook who know everything about us. He is trying to create alternatives that really protect our privacy.

Aral was followed by our second keynoter, Bruce Schneier, the Security expert, who gave a talk that fit very well with Aral’s talk. Bruce just published a book called Data and Goliath which explores the problems of mammoth data collection which is happening every moment. Bruce referred to data as the pollution problem of the 21st century. This becomes an interesting problem  because as he noted (similarly to Aral) the biggest source of data collection is private companies, and stopping them might require government action. And the problem with that is that governments are generally happy to have companies do their data collection for them. Bruce thinks this can be resolved with the right legislation, but noted futurist and science fiction author David Brin disagrees, and says that the only thing that can work is radical openness where ordinary people can look at the government just as much as the government looks at us. I lean more to Dr. Brin’s view myself, but no matter which side you come down on this is a big deal for all of us. As part of having Bruce there we arranged to have copies of his book, which he kindly signed for anyone who wanted one. When our Con Chair said he had arranged to have 25 books on hand, I immediately told him to double the order, which was a good thing. We would have angered a bunch of people otherwise. We sold all but 6 copies.

While the book signing was going I was introduced to Fifty OneFifty, who came out from Kansas to see what Penguicon was all about. I was so focused on getting my book and getting it signed that I didn’t spend a lot of time with Fifty right then, but I had more opportunities over the weekend. He did try to get an interview with Bruce for Hacker Public Radio, but unfortunately Bruce could only be at Penguicon for Friday evening so there really wasn’t time.

After that I went to a panel on Welcome to Night Vale, a semi-monthly podcast that I love. I recommend it to anyone who is interested in an offbeat podcast about a fictional town that has been described as Stephen King meets Lake Wobegone. But by about half-way through I could tell I was running out of gas, so it was time to go home.

On Saturday morning I moderated a panel on Getting Involved in the Open Source Community. On the panel I had Ruth Suehle and Tom Callaway from Red Hat, Emily Gonyer from the Gnome Project, and William A. Rowe from the Apache project. It was fun to have all of these people sharing their experiences, and in particular to point out that most open source projects need a lot more help than just coders. So if anyone wants to contribute there are plenty of ways. For my part, I have done things like review documentation for the LibreOffice project, which really means taking a chapter and going through it with the software open in front of me and just verifying that each instruction works the way they say it does, and that the instructions make sense. That is something anyone can do, and lots of projects need people to do things as simple as that.

After this I had a nice hallway talk with Susan Sons, who does our Cryptoparty each year. She has lots of ideas of things we can do to improve, so I enjoy talking to her. One thing we discussed that I definitely want to bring in next year: She and Eric Raymond are looking at some of the base “plumbing” software that we all depend on but which is maintained by one or two aging developers (kind of like what happened to OpenSSL earlier), and they are working to develop good support models.

Then I went to a Maria DB talk by Colin Charles, a developer on the Maria DB team who flew in from Malaysia to tell us about what MariaDB is doing now. This project forked off from MySQL as a result of Oracle taking ownership and messing things up, and is now the default choice on most Linux distros. And by a happy coincidence, just about the time I heard about Colin joining us I read a post from my friend Jorge Castro of Canonical who talked about how MariaDB was now integrated into their JuJu cloud solution, so I signed up Jorge right away, and turned this session into a 2 hour presentation incorporating both MariaDB and JuJu. So a lot of awesome Cloud goodness here. But that was not all. I followed this with a talk from Jennifer Marsman from Microsoft. It was taking a little bit of a chance, but she knew this was an open source convention and therefore presented Azure and emphasized all of the open source software that was ready to run on that platform. Linux distros, Hadoop, Apache Ant, Drupal, and so on. So her talk was very well received and I plan to invite her again next year.

After this was my second panel, this time on Creative Destruction. Mark Haynes put this together, and when he asked me if I knew any economists I decided I should be one of the participants. I looked at the origin of the term as used by Joseph Schumpeter and some of the implications of it. There were others looking at ecology, biology, and other sciences on this panel as well. So I actually participated on something in the Science Track, which was a first for me. But after that I left the con get home since my wife and I had tickets for the Symphony, and I try not to let anything keep me away from that, particularly when Mahler is on the program. (Though to be fair, they do an excellent job on most things.)

On Sunday I got there on time for the recording of the Sunday Morning Linux Review. They always do a live recording at Penguicon, and this year Fifty OneFifty was a guest on the show. This went well as always, and I won bragging rights for the trivia quiz, which took the place of Mary’s usual Is It Alive feature. Then I went to the What’s New in KDE 5 talk, but unfortunately Ryan had to take his wife to hospital so we had some discussion among ourselves in the room for a while. I did check later and Emily seems to be doing fine. Then I decided to get some breakfast at the buffet in the hotel.

Next up was Mary Tomich’s talk Swimming with Dolphin, the KDE File Manager. I had been looking forward to this talk since both Mary and I are KDE users. And she did not disappoint, it was a great talk, and I learned a lot. As a result I made a commitment to try using Dolphin (up to now I was strictly using Krusader) and if I can do everything I need to do there I may switch.

Then I went to one of the Science Fiction panels called Science Fiction Is Now Science Reality. This panel had Karl Schroeder ( a previous GOH), Annalee Newitz of Gawker (2015 GOH), and Charlie Jane Anders of io9 (2015 GOH). We had a very interesting discussion of where science and technology are taking us, and even managed to bring in some optimism. Like many of us, I am no longer interested in reading about dystopias, and sometimes it seems like all current SF is nothing else. I read SF as a kid and it was all about how awesome the future would be, and that is what I want to read now. Karl and I had a very nice breakfast together on a Sunday morning at Penguicon a few years ago when was GOH, and I was happy to renew this slight acquaintance.

Then it was on to Firewalls with pfSense by Tom Lawrence. I just met Tom earlier this year and I am glad I was able to sign him up a presenter. His talk was really good, and I heard a lot of compliments from other attendees. When Tom’s talk was over, Tony Bemus grabbed me, and I joined the Sunday Morning Linux Review teak to do a wrap-up recording on what we saw at Penguicon 2015. And then it was on to the closing ceremonies, which were liberally punctuated by the firing of a T-shirt cannon. Prizes were also awarded for best room party, volunteers were recognized, and so on.

So, that was my personal experience of Pengucion 2015. I am already registered for next year, and have made the commitment to stay on as the Tech Track head, so I will try to do as good a job for next year. I don’t think we could handle any more content than we had, but there are some things I am working on to bring in some specific talks that I think will attract people with a tech interest.

Listen to the audio version of this post on Hacker Public Radio!

 Save as PDF

Penguicon 2015 Call for Talks

I am the coordinator for the Tech Track at Penguicon 2015, which is a combined FOSS/Science Fiction convention held every spring in the Metro-Detroit area. The 2015 event will happen April 24-26 at the Westin Hotel in Southfield, MI. The theme for the upcoming year’s event is Biotechnology and Medicine, looking at how technology is affecting our health and life. But we want a lot of different talks as well, so I will be happy to accept proposals that look a things like cloud computing, security, hardware hacks, and anything else that would be of interest to geeks and hackers.

This year we are experimenting with a new process to gather talk proposals that will also allow some “social” features, such as letting prospective attendees vote on talks they would attend. This helps the programmers to know what talks might be of the greatest interest and thus program the most desirable talks. I know I look at this information in setting my track, and I believe the other track coordinators do something similar. This is something called TuxTrax, and as it is developed it should become even more useful. But if you encounter any problems at all, please do not hesitate to contact me directly. My official Penguicon e-mail is tech at penguicon dot org.

Listen to the audio version of this post on Hacker Public Radio!

 Save as PDF