owned this note
owned this note
Published
Linked with GitHub
FOSSAsia 2019
===
Collaborative notes by Gui An, Joel and QZ
Joel's set of [notes](https://hackmd.io/VDeGTSA_Tp2q8FHZR1blZg?both) for Day 3
# Feature Feature
## Eventyay
![](https://i.imgur.com/UxXPlUH.jpg)
Landing page
![](https://i.imgur.com/nl09ZhI.png)
When speakers submit a proposal we can review
![](https://i.imgur.com/H9u26VM.png)
Then you can approve and send a confirmation e-mail etc or edit the proposals
![](https://i.imgur.com/CcCZ8UH.png)
Once that is done, a session is created and you can schedule
![](https://i.imgur.com/JtB97sX.png)
Super easy to use
![](https://i.imgur.com/UHJVXNH.png)
When it's published it's split into tracks
![](https://i.imgur.com/VMrJeuj.png)
You can create a new speaker according to the e-mail
- also as event organiser you can create new speakers or let people propose and you approve
- everytime a session is created you will get an email as organiser
- Flexibility and ease of scheduling
- ticketing also can
[Discovery Week management page](https://eventyay.com/e/ba96261c/schedule/#track-id-1179)
[Discovery Week Prototype](https://eventyay.com/events/748/)
## Watson
Dug up a [tutorial](https://community.watsonanalytics.com/wp-content/uploads/2017/11/wa_tutorial-3.pdf)
Something from [Quora](https://www.quora.com/Where-can-I-learn-how-to-use-IBM-watson)
Then you need to go to [this](https://console.bluemix.net/docs/services/watson/index.html#about)
## Knative
Found their [Github tutorial](https://github.com/GoogleCloudPlatform/knative-build-tutorials)
## Gitcoin
[Grants](https://gitcoin.co/grants/)
Generally a blockchain driven model for sustaining open source
## Mastodon
[Mastodon](https://joinmastodon.org/) comes with effective anti-abuse tools to help protect yourself. Thanks to the network's spread out and independent nature there are more moderators who you can approach for personal help, and servers with strict codes of conduct.
Perhaps a replacement for SUTD Family/ schoolwide engagement?
Ah okay the federated timeline has some NSFW stuff. Also there's quite a learning curve to making sense of what's actually happening. Might fit another use case
But it would be interesting to host a federated university social network especially for more niche ones like tech and design?
# Talks attended/listened to
## 10 years and back to the future
Set some context on the age of the internet:
1. Howoldistheinter.net
2. wdl.org : Digitised historical documents
What about the future?
Trustworthy: network and code
Not be complacent
Ethical: safe secure fair
Empowering: diverse inclusive encouraging
Human condition means we will make mistakes
The sort of future you would want to live in and for your children.
Triple bottom line: Economic, social & environment. Some parameters to help you with decisions.
From Open Source point of view: Community, contributors & code make up your triple bottom line
---
Hackerspace, moved to Singapore in 2015
----
## State of Open Tech
Introduced some of their projects:
1. Eventyay
1. Neurolab for brainwave detection
![](https://i.imgur.com/2NwYgxn.jpg)
----
## For Your Eyes Only: Betrusted & the Case for Trusted I/O
**Primarily a project sharing and call to action**
Introduced Spectre, a hidden machine state to speed up your computer but can leak information. This is a vulnerability that people could not detect because it was hidden by design.
![](https://i.imgur.com/9kwAwAM.png)
Zerodium payouts for mobile exploits. Demand for exploits very high. If someone had an exploit, governments would gladly bid for it, making it a viable business.
UI is a single factor bottleneck as a local actor can still monitor all your activities
Core tenet of trustable hardware- you can inspect it yourself. It is the verifiability of the hardware integrity that forms the basis of its trustability.
Such hard ware must be connected directly as possible to human i/o.
Suggest having verifiable silicon without an electron microscope. Do this using lasers and allowing you to read out the bist syndrome to correlate with expected silicon pattern. Testing in a non destructive fashion as other methods would require to take apart your chips.
----
## Open Science, Open Mind
Digital transformation happening in Singapore
Intent was for Science center to open up to as many people as possible
Without science no tech
Evidence based
Benefit mankind
Can even be political tool
He's currently learning the business model of FOSS
Challenges us to think about what is the meaning of free and still be able to do good and do well
*interesting to see the common lingo used by public servants here in just an impromptu speech.*
----
## Open Source Industrial AI Capabilities with IBM
**Primarily an IBM sponsor sharing**
Prescriptive approach- simple and accessible data-governance of data
provide consulting, best practices, support to use these open source software
**Watson**- and it's ecosystem, studio,openscale,ML
Openscale-runtime performance of the model, explain model and ensure fairness
Pretrained API- to accelerate dev
Model asset exchange- get started quickly
----
## Open Source Hardware and Education
Open source hardware and education
[Soldercomic](https://mightyohm.com/files/soldercomic/FullSolderComic_EN.pdf) - to teach soldering
Project based learning- maker clubs
[Steamhead](https://en.wikipedia.org/wiki/SteamHead) - increase presence of design in education, sponsoring maker faires and makerspaces
----
## Open Source Culture and Community
Open source culture and community:
1. Software guidelines
2. Open source definition
3. Social contract
Has:
1. Norms
2. Etiquette
3. Rituals
4. History
What are ours?
Violating norms are bad, need to learn social aspects to be effective contributor
Several parallels in about the benefits of community
People stay because of this. People stay because of being in a tribe and a community they belong.
---
## Microsoft's Commitment to Openness and Collaboration
![](https://i.imgur.com/ykePYsZ.jpg)
When Microsoft allowed SQL on Linux, led to much bigger growth in usage
When Github got acquired, their strategy was to wait out the noise when github. And look here now we allow private repos for everyone!
Want to make sure people were using Microsoft's open source software
Vscode- 2015 people have been picking it up, super easy to use
### Demo
Didn't record
Mostly showing how he was using libraries, ease of connecting into the database and creating a json document
*Elephant in room- wait and see if ms open sources windows*
----
## What would you build next with blockchain
IBM built their product with functionalities that enterprise has use for in mind.
Then moving on to develop it to become full scale solution
Open blockchain initiative and IBM 'donated' code
*not sure why he used the word donate here, to me blockchain started out open source*
Hyperledger v1.4 is out!
*last time I touched it was v0.9, is it I obsolete now?*
Added new features already. Driven by need to build a comprehensive solution for enterprise customers
IBM building real blockchain driven solutions which allow you to model different business processes.
Good use cases
1. Does a network exist? Need upstream and downstream to execute processes
2. Where is the information stored? Is it in a single database? Paper? How to share this info
3. Multiple writers that will use this data and contribute to it
4. Is there some level of trust? You need some to proceed with the transaction
5. Need a shared processes
6. Need shared rules
### CAAASE STUDY
[Tradelens](https://www.tradelens.com/) to digitize global supply chain. Need automation engine to process the paper work. Surprise! Here's an actual use case.
So here's the deal with blockchain, it should only be brought up in three cases:
1. New market: eg. real estate blockchain token
1. Business differentiation: cost innovation service
1. Industry utility: optimise b2b cost
Forsee in the future it will be a Network of Networks
*wait isn't this called the internet*
Here's a fledgling example: Interledger protocol, built with intent to connect ethereum and hyperledger
---
## Flowchain/IPFs distributed storage using blockchain technology
**Essentially a Flowchain pitch**
PPKI for the IoT device to resolve computational puzzle
Self organise IoT devices in a p2p network
Key innovation is replacing PKI for fast authentication- should check this
Fundamental improvement to achieve real time data transactions
Virtualchain- every device has its own branch/fork
Don't need to send the virtual block to the internet
Has arduino devices working on this
*leaving this bare because it made no sense to me/will need to read their paper*
---
## Serverless with Knative
KNative serverless framework
- Runs on Google cloud
- On kubernetes
**He has prebuilt pods already**
Main conceptual architecture splits the Knative pods into: Service, configuration, revision & route
It makes a new revision when new route is made. This is created route then auto makes a revision.
**Then he pinged the service**
Ran same image but just changed the configuration- deployed it
Can control amount of traffic to get
Demonstrated that you can simply integrate the cloud storage to the vision API. Do this by having the event listen for a topic and then route it to the service-which calls the vision API and analyses the image
----
## Open source quantum computing
Qiskit
Need to measure the qubit
Bloch sphere to help visualise the quantum state. Perform operations by moving along any point of the sphere
On classical computer you just try to look over every bit
Quantum computer can do it all at one go
Simple to implement the Oracle function
Oracle example is to prove that quantum can do things better than classical computers
----
## Integration of DevOps and Cybersecurity
**More of a reminder that you can actually do security while doing devops and not as an afterthought**
Usually security checks slow down the dev process
But if you start with security in mind it won't cost you your release schedules and it might even get faster
Productivity is about the time you spent writing the actual code vs everything else
## Customizing Debian for RPi and BeagleBone
Working in IoT - AgriConnect, Viet agri-startup
Want for customizing components in Debian - removal of things to trim to just what they need - change in configurations for some software
(removal of known, easily exploitable bugs)
problem: each board family (Rpi, Beaglebone, BananaPi) has drastically different build scripts
use of specific build files for each type of board - borrowing heavily on ARM architecture
Based staging format - each previous layer builds the necessary dependencies and assures its staging before the next
staging format allows for changes to be modularized to the third stage of the OS build script only - since the prior stages are guaranteed to be good
*possibly a format for us to pursue?*
specific builds to include the SUSI software - a use of SUSI
and as per usual Java a shit - need to use `apt purge` on java before installation because it's delicate
`system-udevd` service is delicate - it modifies some special files in the system, which _will_ fuck up anything that changes those before it's run again
he uses BuildKite
---
## Manage a Community like Conducting an Orchestra
@cybette
Carol Chen, RedHat
### Role of a community manager
Is it a behind the scenes job?
A soloist doesn't need a conductor if he's playing alone. The conductor listens for situations that need attention, but the individual musicians do too.
Community manager skillset:
- listening: be attentive and finetune
- communicate * 3
- multi-background
But nobody is looking at the conductor? Yeah maybe, but the individual players watch the conductor through their peripheral vision anyway. The community manager wants the project to succeed, not seek recognition.
Often the CM is the spokesperson toward the community and outside, don't be afraid to speak as your own personality.
Protect and promote your community members!
### QnA
Q: How to manage the need for technical knowledge?
A: Don't try and master everything, if you don't know stuff try and learn from the community member's point of view. You may have technical colleagues that can assist you!
Q: Optimal CM-community ratio?
A: Get a CM team that can cover enough roles that your community needs.
---
## Grassroot Awareness & Civic Tech in Nepal
Nikesh Balami, Open Knowledge Nepal
- Create tools for community to use
- Loves open data and open knowledge
- Run campaigns to promote awarenes of Open Data
- Open Government as a decision making process
### How did they do it?
- Decentralized campaign: hackathons, training, workshops all over Nepal. Reached 14 districts, 7000+ youth and students
- Localizing resources: translating the principles of Open Data into Nepalese
> How can we translate this for the uninitiated?
- Creating human resources: encouraging women to join the Open Data movement
- Reach different people, not just CS people
- If you want long term impact, follow up and engage with the participants.
- Do training for digital literacy in Open Data. Go to target communities and conduct trainings.
### Civic Tech Projects
- Open Data Nepal, something like data.gov.sg
- AskNepal: Every citizen has the right to access information held by public authorities. By Nepal law, they have to respond.
- LocalBoundaries: Just some border data for regions in Nepal
### QnA
Q: What is the strategy to reach and engage with the majority of the population that hasn't even heard of open source, open data or its principles?
A: Plan long events, don't do one-off/one-day, localize it according to the commmunity in question, focus on literacy.
Q: How supportive has the government been?
A: Government has actually been supportive. Although no policing on Open Data yet.
---
## Hacking Education: why my children won't be going to school
Mishari Muqbil, Co-Founder Zymple.biz
mishari.net/contact
DevOps
- Organizes homeschool groups
### Hacking
- Cathedral and the Bazaar, Eric S. Raymond: Two models of development (Saw this in Design in the Anthropocene too)
- Feynman: Study what interests you
- Montessori: Education is a natural process that develops spontaneously in the human being
- Screw this, nothing changed in the education system, let's do something
### Expectations of stakeholders
- Students have the most stake and least say in their education
### Two paths he had
- Learn at school
- Come home and learn about Linux/open source and it was awesome
> Education system is not broken. It's actually wonderfully constructed. It's just that we don't need it anymore. - Sugata Mitra, paraphrased
- Oh hey, we actually don't need school anymore.
- Self learn everything. UK kid finished A-levels at 11.
### Starting Dojos
- Dojos where rich and poor kids come together and learn, connected by the love of coding, science, etc.
- Peers teach peers, peers develop curriculum for peers. Can be better than 'experts' developing curriculum sometimes.
---
## Driving Adoption, Revenue and Engagement: How to Effectively Sell Open Source Strategy
Michael Cheng, Licensing & Open Source Legal, Facebook
m@priorart.io
- Lawyer by training
### Why FB does open source
#### Showcase leadership
- Recruit/retain talent
- Participate in public discourse
- Share research
- Drive conversations about standards!
- 479 Repos, 1.03m followers, 16,000 contributors
#### Reduce costs
- Standardization, free improvement on quality of the stacks that they use.
- Transaction costs are reduced too. Low risk deals can go straight on GitHub without doing legal.
#### Increase revenue
- Customer adoption and retention: opportunity to connect with customers.
### How to pitch open source
- Tech: Each piece of closed software creates friction and transaction costs. Look for some part of your stack that's closed but not the crown jewels. You don't wanna give away the product differentiation for your company, obviously. Does it currently exist, or does it need to be built?
- Impact: For companies that are not likely to be convinced by the philosophical arguments about open source, you have to show driving revenue. Let me give you (open source an existing closed thing) a piece of software **right now** to lower your costs. e.g. Migration (data conversion, parallel systems, unsupported features). Open source and build quality tools to extract data out of legacy systems for customers to use their systems, as well as their competitors systems, or Adoption (glue code, examples, tooling, infra).
- Quantify the impact. Tell people how much impact per unit open source.
- Weigh the issues. You're giving away company property through licenses, so think of **all** the considerations: how much adoption are we _actually_ talking about? Does it hurt the product's distinctiveness? Will it help competitors and do we care? You still have to maintain it open source (sure, costs are less, but weigh this!). Are all the teams in the company notified and bought into the decision? Does it expose data or processes. Legal concerns?
- Pitch. Make sure people really understand what they're getting into. Not everyone outside understands or appreciates open source principles.
### QnA
Q: Share some legal concerns
A: Open source licensing. Rights are not exactly clear. There are IPs, copyrights, trademarks, trade secrets. You can accidentally license something that you don't intend to.
Q: How to manage?
A: Define standards for your open source project community. You have to give up some things, but controls are important.
Q: How do you move the organization from traditional proprietary software mindsets, skillsets, incentives, compensation to open source?
A: Everything is different. Have to pick your battles. Don't try to change things in the monolith. Set up some sort of subsidiary, and build a special open source team from scratch, hope they're successful, then leverage them to change the rest of the company (potential HR issues). Another model is to create financial incentives within the company, or to spin off the entire branch into a private company.
---
## Introducing BuildStream : Distro-agnostic integration tool
trustable build and integration tool - isolated build sandboxes - each build environment is the same
pipeline of filesystem data permutations - each element performs some activity -- input->output filesys
Caching and sharing of built-artifacts - multipurpose build instructions and metadata - want to distro to several target
Want to shift away from huge amounts of time being spent in integrations - complex setup for production builds - large amount of middleware needed to patch because of upstream issues - upstreaming patches enabling cross-compilation - smoketesting builds on new test platforms - everything should just work the same - everything should be containerized - need for repeatable and reproductible build environments
Monolithic repos of build metadata: problems with low level components get forced upstream - high friction to bring a low-level stack forward - need for declarations for every damn thing that's __possible__ to build
We want to prevent this problem so that pushing about the platforms is easier - everything on the same tree is annoying
want to decouple build system away from the actual building process
problems with devs - disorganization - testing only on own build system and then push upstream, call it fixed - BUT: **Lack of tools to test code against predictable integrated product.**
### How BuildStream Does Things
Production builds everywhere by default - all hosts are on the laptop
Focus on reproductible and repeatable: build tool cannot guarantee bit-for-bit reproductibility - but minimize host dependencies for build tool - need to bootstrap fast game
### For the devs
reusable, multipurpose build metadata
*wonder how long this building process takes on average*
build in a containerized environment permanently - every build file in BuildStream is YAML files - specify kind, source plugins, elements - anything to get data in reliable, hashable way
multistrap - an image of multiple architectures - but instead we skip the strapping and then just take the dpkg-configure directly - get the output - not __everything__ works but it's good enough
Why good to have build you can reproduce?
bit for bit - validation. If we don't know what went into the output. Important for security especially critical systems.
---
## VIDEOLAN 4.0
Francois - VLC developer working in codecs
Hardware decoding by default (hardware acceleration) - hardware decoding is very fast - 8K60fps360' was possible
Pipeline - CPU-GPU decoding - scaling, effects, tone mapping before rendering - switching from one to the other is expensive
Problems going forward - HD to 4K is a huge challenge - Subpicture blending, rescaling - subtitle rendering(freetype) - large number of draws needed: **simd helps, but not much** - need to move in shaders, GL
Major issues with hardware acceleration - hardware bugs - black screen/green screen syndrome - reboot as a feature - Drivers, drivers, drivers (broken features in drivers, and we can't tell ) - blacklist - need for testing devices and platforms
Problems with defaults - limited capability or performance issues
Hardware limits - decoding speed in MB/s causes framerate issues - sometimes worse than CPU/software with legacy resolutions - encoding in hardware dependent on kernel -> lower encoding quality and inflexibility
Hardware hell - libVLC wants decoders, not a Media SDK - same API, but differing chipset results in differing behavior - very hard to identify problems
Rendering interaction bugs (OpenGL, d3d11, HDR) -> big problems with hardware - some dumb decoders are driven by hand (VT) - lack of support for interlaced videos etc.
Wanted to GPU render - but problems with fragmentation: SDK, Native UIs, Devices, Chipsets
### Move to 4.0
Major architecture changes: internals:
* internal playlist rework - simpler, delegated features to UI
* input manager - hold and own resources - unified architecture - bowling for gapless playback - but music is a very different world
* Real media library - saving playlists, etc
Clock reworks:
* Originally a PCR update-based clock - based on MPEG2
* Now: runs on main CPU clock - 1 master clock (audio, PCR, clocking) -> 0...N slave clocks (video, subtitles, ...)
* No more resampling and improvements
Movement towards new video output architecture: async audio output: video filters API, touch bar support
Interface refresh: QtQuick, Light/Dark Theme -> VR and side-by-side, MVC video:
Architecture: HMD support build on top of the other layers
### dAV1d codec:
OSS free next-gen codec - *FASTER* IRL: replaces libaom - SIMD, heavily multithreaded
### NEW `B D E`:
Things to google
Meson, Wayland, Vulkan
---
## Open Source and Community Practices
Pays off in the long run but short term you need to get up to speed with the culture and norms.
NO single company that can hire all the smart people in the world
More you help out the more opportunities you have to get involved
Have to be independent, self-determined. Don't wait around for people to tell you to do, just do something
Mentorship programs - prescribe certain things that are easy to do, easy to fix
Find your own niche, do good work, establish trust and good reputation (because it sticks with you)
Observe the common communication channels and understand what's happening before speaking up
Don't assume that the project works like a company
---
## Sustaining in Open Source
**Turns out this was primarily a pitch for Gitcoin**
78% of companies run on open source
92% of application contain open source libraries
**Sustainability**
Semantic UI as a case study - issue came up people asking if it was dead. Jack Lukic had to leave because he couldn't find a way to sustain the project
Event Stream as a case study - somebody else came up to maintain event stream
ESLint, BabelJS - companies willing to pay large sums for enterprise software but don't want to pay for free software
**Blockchain + Open source**
He sees blockchain as a technical stack. Provides financial services on any application. Can practically fund software using blockchain.
## Gitcoin
connect the funds from ethereum/consensys with the dev community
Open source jobs - some sort of mesh like network, but there will still be some hierarchy
How it works:
1. Express interest on the Github issue
2. Propose the work
3. Approved by the maintainer
4. Do the work
5. Submit the work
6. Get paid
Gitcoin Grants: decentralised patreon, for maintainers of OSS projects. Subscription model, get some money every month (EIP1337)
**Constrained Liberal Radicalism (CLR):** matching your grants
**Inflation funding:** the work itself should pay you (transaction pays you). [EIP1789](https://github.com/ethereum/EIPs/issues/1789) - proposing that developers can a % of the block rewards from mining
---
# May the networking gods bless us
Hong Phuc and Mario - co-founders of FOSSASIA. we almost managed to get them to come down on 18/3 but couldn't find a spot. Anyway, would be good to connect maybe a week after FOSSAsia ends and visit their hackerspace
Thorsten Neumann - know him from smartpesa. He's stepping up to do more work for FOSSAsia and has some experience working with SUTD folks (has a good impression too)
Harish Pillay - Red Hat architect, willing to come down and talk to our management too about how to get open source going.
Mitch Altman - spoke very briefly about open source hardware but his core interest is in improving education by being more hands on
General impression is that we could drop a text/e-mail to anyone on the speakers list and they would be open to chat with us too.