[Reproducible-commits] [presentations] 01/01: some updates
Holger Levsen
holger at layer-acht.org
Wed Jun 22 21:24:53 UTC 2016
This is an automated email from the git hooks/post-receive script.
holger pushed a commit to branch master
in repository presentations.
commit ccfc449301edb82c1a9436dc7f47b88a8ca148d2
Author: Holger Levsen <holger at layer-acht.org>
Date: Wed Jun 22 23:24:41 2016 +0200
some updates
---
.../2016-06-23-openSUSE-Conference-2016.tex | 50 ++++++++++++++++++----
2016-06-23-openSUSE-Conference-2016/notes | 7 +--
2 files changed, 43 insertions(+), 14 deletions(-)
diff --git a/2016-06-23-openSUSE-Conference-2016/2016-06-23-openSUSE-Conference-2016.tex b/2016-06-23-openSUSE-Conference-2016/2016-06-23-openSUSE-Conference-2016.tex
index e5b35a7..5214ec2 100644
--- a/2016-06-23-openSUSE-Conference-2016/2016-06-23-openSUSE-Conference-2016.tex
+++ b/2016-06-23-openSUSE-Conference-2016/2016-06-23-openSUSE-Conference-2016.tex
@@ -274,14 +274,20 @@ and some hints where this might be going…}
\end{center}
\end{frame}
+
+
\begin{frame}[fragile]
\frametitle{A few examples from that 31C3 talk}
\begin{itemize}
\item CVE-2002-0083: remote root exploit in \texttt{sshd}, a single bit difference in the binary
- \item<2-4> 31C3 talk had a live demo with a kernel module modifying source code in memory only
- \item<3-4> financial incentives to crack developer machines…
- \item<4-4> {how can you be sure what's running on your machine or on a build
+ \item<2-5> 31C3 talk had a live demo with a kernel module modifying source code in memory only
+ \item<3-5> Financial incentives to crack developer machines… attack one, 0wn
+ millions.
+ \item<4-5> {How can you be sure what's running on your machine or on a build
daemon network? Are your computers really always physically safe?}
+ \item<5> Hacking OBS is very affordable for state sponsored
+ attackers and large criminal organisations and AIUI would expose all SuSE
+ installations. You are a target because your customers are.
\end{itemize}
\end{frame}
@@ -298,6 +304,21 @@ and some hints where this might be going…}
\end{center}
\end{frame}
+\begin{frame}
+ \frametitle{Summary: the source of the problem…}
+ \begin{itemize}
+ \item Free Software is great!
+ \begin{itemize}
+ \item Use
+ \item Share
+ \item Study
+ \item Modify
+ \end{itemize}
+ \item<2> Free Software is about source code, but noone uses the sources, we all
+ use binaries.
+ \end{itemize}
+\end{frame}
+
\begin{frame}
\frametitle{The solution}
@@ -305,8 +326,10 @@ and some hints where this might be going…}
\begin{center}
\Large{
Promise that anyone can always generate
- identical binary packages
- from a given source}
+
+ bit by bit identical binary packages
+
+ from a given source.}
\end{center}
\end{frame}
@@ -653,7 +676,7 @@ hour, minute & \multicolumn{2}{l}{hour is usually the same… usually, the minut
211 without a note }
\item<2-4> { 655 packages failing to build, but only 149 without a note }
\item<3-4> { maintained in \texttt{notes.git} }
- \item<4> { currently Debian only, but cross distro notes are planned}
+ \item<4> { currently Debian only, but we will turn those into cross distro notes}
\end{itemize}
\end{frame}
@@ -776,7 +799,7 @@ Build-Environment:
\frametitle{\texttt{.buildinfo} files elsewhere}
\begin{itemize}
- \item neither used nor specified elsewhere
+ \item neither used nor specified elsewhere \textbf{yet}
\item it's clear we need something like them
\item it's clear what needs to be specified
\item it "just" needs to be done…
@@ -826,7 +849,7 @@ Build-Environment:
reproducible in a meaningful way}
\item<3-4> Debian \texttt{unstable} still needs changes to \texttt{dpkg} and
\texttt{ftp.debian.org} (for keeping \texttt{.buildinfo} files)
- \item<4> what's beyond (rebuilding, \texttt{.buildinfo} file signing and
+ \item<4> What's beyond (rebuilding, \texttt{.buildinfo} file signing and
distribution, user tools) mostly still needs \it{design} and code
\end{itemize}
@@ -897,7 +920,7 @@ Build-Environment:
\item tests maintained by h01ger so far… but Ed Maste has recently started
work
\item recreating the build env: ?
- \item hopefully soon testing ports (=packages) too
+ \item soon testing ports (=packages) too
\end{itemize}
\begin{tikzpicture}[remember picture,overlay]
\node[shift={(-0.11\paperwidth, 0.2\paperheight)},at=(current page.south east)] {
@@ -947,9 +970,18 @@ Build-Environment:
\item not yet: \texttt{https://tests.r-b.org/f-droid}
\item maintained by Hans-Christoph Steiner and h01ger
\item work has just begun…
+ \item<2> need help with vagrant. please contact me if you can help…
+ \end{itemize}
+\end{frame}
+
+\begin{frame}
+ \frametitle{Status openSUSE}
+ \begin{itemize}
+ \item Watch Bernhard's talk directly after this one!
\end{itemize}
\end{frame}
+
\begin{frame}
\frametitle{More projects with known activities}
\begin{itemize}
diff --git a/2016-06-23-openSUSE-Conference-2016/notes b/2016-06-23-openSUSE-Conference-2016/notes
index c43dc77..b9299ad 100644
--- a/2016-06-23-openSUSE-Conference-2016/notes
+++ b/2016-06-23-openSUSE-Conference-2016/notes
@@ -1,19 +1,16 @@
notes for suse conf talk
------------------------
- show an issue? and a package note? (by common problems?)
-
+- add suse logo…
- give 1-3 examples of unreproducible issues
open in browser
linux
libreoffice
-- collaboration:
- - multi distro notes
to keep in mind:
- explain reproducible suse talk after this one
-- whats the name of the opensuse build system?
-- add slides(?): sources are nice, because 1-4, but everybody uses binaries…
+- whats the name of the opensuse build system? exactly that.
old notes
---------
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/reproducible/presentations.git
More information about the Reproducible-commits
mailing list