Past Meetings

Update: The digital literacy and inclusion talk had to be postponed. Stay tuned for rescheduling details.

Nathan Fish will tell us about the configuration management system SaltStack. He will give us an overview of configuration management, show us the components of SaltStack, lead us through some examples, and offer troubleshooting advice.

Bob Jonkman will demonstrate the XMPP setup he uses for the KW VoIP group.

* * *
Aden Seaman will give us an introduction to functional programming.
He will cover the following topics:

• What functional programming is all about, and how it differs from imperative programming.
• Commonalities and differences between Erlang, Scala, Clojure and Haskell.
• A deeper exploration of Haskell, including its famous type system, functional purity, laziness.
• Implications of the type system on language safety, programming style and constraints, and concurrent programming.

Having recovered from his germ attack, Mark Steffen will give us a talk on OSSIM, an open source SIEM (Security Information and Event Management) system. Mark says that this system is appropriate for small organizations or paranoid home users. He will cover the following topics:

• Traffic analysis (Suricata), including OSSIM's limitations in this area.
• The OSSEC HIDS agent, which looks for bad behaviour and reports back to OSSIM for logging.
• OSSIM alerts and tickets
• Open Threat Exchange
• SIEM correlation engine
• OpenVAS vulnerability scanner (Nessus)

Jason Eckert will revisit his KW Linuxfest talk with a brief history of Linux and open source. It promises to be a fun and interesting talk about where the Linux operating system came from, why it succeeded, and how Open Source has shaped technology today and how it will continue to do so in the future.

Every so often a group of KWLUGers volunteers to rescue laptops donated to the Computer Recycling project at The Working Centre. For assorted reasons it is not viable for Computer Recycling to spend much time refurbishing these laptops itself, so we sort through them, select ones in reasonable condition, then install Xubuntu on them for resale.

You are invited to come help! You do not need to be a Linux nerd or a hardware genius to participate: if you can use a screwdriver, read numbers and follow instructions then you can be helpful. There will be lots to learn, but you can learn it as you go along. Linux nerds and hardware geniuses are also welcome to participate, of course.

To participate, please RSVP using the Contact Us functionality on this website. Because Computer Recycling is ordinarily closed on Saturdays, you will need special instructions to get into the building.

We will start at around 4pm and end around 8pm, but if you can only come later or have to leave earlier that's fine too.

Update: Theo has also been attacked by germs, and he will likely not make this meeting. We will reschedule this presentation and hold a roundtable instead, or fill in an emergency presentation. Watch this space.

Update 2: Theo is not feeling up to giving his Rust presentation, so we will hold a roundtable. We will reschedule the Rust presentation.
* * *

The host for this meeting was acant.

Every so often a group of KWLUGers volunteers to rescue laptops donated to the Computer Recycling project at The Working Centre. For assorted reasons it is not viable for Computer Recycling to spend much time refurbishing these laptops itself, so we sort through them, select ones in reasonable condition, then install Xubuntu on them for resale.

You are invited to come help! You do not need to be a Linux nerd or a hardware genius to participate: if you can use a screwdriver, read numbers and follow instructions then you can be helpful. There will be lots to learn, but you can learn it as you go along. Linux nerds and hardware geniuses are also welcome to participate, of course.

To participate, please RSVP using the Contact Us functionality on this website. Because Computer Recycling is ordinarily closed on Saturdays, you will need special instructions to get into the building.

We will start at around 4pm and end around 8pm, but if you can only come later or have to leave earlier that's fine too.

UPDATE: Unfortunately Mark was attacked by germs over the weekend, and won't be able to present today. His OSSIM presentation has been deferred.

Joff Voskamp will also review his recent experience with Let's Encrypt SSL certificates to secure his websites. He will describe the groups background, how the certificates work, and demonstrate how he is using it.

At the last minute, Jason Zvaniga has heroically volunteered to give a short introduction to cryptocurrencies and the Canada eCoin Project.

Presentation notes for Let's Encrypt

A few quick points:

• if you can point DNS to your webserver you can get a certificate.
• if you're pretty quick with DNS you don't need the webserver. :-)
• individual certificates are only good for 90 days, but the tools make renewing very easy
• there are limits, but they're very high

Year in Review:

• https://letsencrypt.org/2017/01/06/le-2016-in-review.html
• We've hit 50%
• It's not just for web pages any more - other things that can use certificates.
• Self-signed is fine: Anything in-house LDAP, MySQL
• Get yourself a real certificate: Things that face the world: IMAP, SMTP, NNTP
• Dozens more - "egrep 'SSL|TLS' /etc/services|more"

Cert in Brief:

• Self signed -
  • Trust it if you trust the issuer
  • $0 certs. Great for internal use
• Domain Validation - you control the machine (DNS|webserver|etc)
  • Easy to verify - no guaranttees that they are anyone in particular
  • Easy to automate, "easy" to do for free
  • Only usable for externally visible sites
• Organizational Validation - you run the company that runs the machine
  • Harder to verify but they are who they say they are
  • You can't really automate verifying paperwork
• Extended Validation - you run the company that runs the machine
  You are vetted by the issuer
  Hasn't really caught on

Let's encrypt went to public beta in December 2015.

Features:

• ACME DNS challenge enabled January 20, 2016. Support in certbot is coming (harder to automate)
• ECDSA signing enabled February 10, 2016 - full ECDSA chain hopefully by the end of March
• IPv6 enabled July 26, 2016
• Internationalized Domain Names enabled October 20, 2016
• Windows XP interoperability enabled March 25, 2016.

Annual budget for 2017 is expected to be about $2M (USD)

See also:

• https://letsencrypt.org
• https://twitter.com/letsencrypt
• https://certbot.eff.org/
• https://observatory.mozilla.org
• https://www.ssllabs.com/ssltest/
• https://codeascraft.com/2017/01/31/how-etsy-manages-https-and-ssl-certi…

Interested in helping:

• https://letsencrypt.org/jobs/
• https://letsencrypt.org/getinvolved/

Presentation notes for Let's Encrypt

Jason has posted his slides at https://f9ekkdjyuja1sh4cel2o.koad.sandcats.io/index.html#/

The second annual KW Linux Fest is happening Saturday, January 28 at 200 Bathurst Drive in Waterloo. The day will feature a number of speakers. Doors open at 9am, and the first talk starts at 9:30am.

Admission is $5.

Register for the conference by visiting http://kwlinuxfest.ca.

Every so often a group of KWLUGers volunteers to rescue laptops donated to the Computer Recycling project at The Working Centre. For assorted reasons it is not viable for Computer Recycling to spend much time refurbishing these laptops itself, so we sort through them, select ones in reasonable condition, then install Xubuntu on them for resale.

You are invited to come help! You do not need to be a Linux nerd or a hardware genius to participate: if you can use a screwdriver, read numbers and follow instructions then you can be helpful. There will be lots to learn, but you can learn it as you go along. Linux nerds and hardware geniuses are also welcome to participate, of course.

To participate, please RSVP using the Contact Us functionality on this website. Because Computer Recycling is ordinarily closed on Saturdays, you will need special instructions to get into the building.

We will start at around 4pm and end around 8pm, but if you can only come later or have to leave earlier that's fine too.

Justin Filip will lead an interactive workshop on setting up Vagrant. He writes:

Have you ever heard or used the phrase “well, it worked on my machine”? Have you ever tried to replicate your production environment locally and found it to be incredibly difficult, hard to accurately reproduce or completely impossible? Are you trying to do anything at all on a Windows machine?

Vagrant is probably the answer to all of your problems. Whether you are developing by yourself, working with a team, or pushing to a very specific production environment, Vagrant can help you build repeatable, reliable virtual machines in Windows, Mac OS and Linux dev environments.

What to expect:

We will be using Vagrant to create a Ruby development environment that will allow us to create a sample Rails application running on a PostgreSQL database backend. We will touch on topics such as:

• box discovery and providers
• machine provisioning
• plugins
• deployment

No coding or Virtual Machine experience is required but it will help with understanding advanced concepts.

What to bring:

Bring your laptop (Windows, Mac, or Linux machines) with your favourite text editor and please pre-install the latest versions of the following for your operating system:

• Vagrant – https://www.vagrantup.com/downloads.html
• VirtualBox – https://www.virtualbox.org/wiki/Downloads

You will want a laptop that has virtualization extensions enabled. Plenty of RAM (8GB or more) would be helpful.

Colin Mills will give us an introduction to the C programming language. He writes:

C is the backbone of modern computing. Its a broad statement but I
believe it be true. With roots in almost every operating system on the
planet and having a rich forty year old history C still
stands. Providing both flexibility and simplicity C embodies the
world's first portable abstraction over hardware. Having an idea of
memory and lower level programming concepts helps us in all areas
of our computing lives. Come learn the one of the world's first
"higher level" programming from the basics.

Chris Irwin will discuss his adventures with webOS, the open-source tablet/TV/phone operating system you may have never heard of (but might very well use).

Kris Braun will discuss the work he did customizing OpenWRT images for his startup. He may cover topics related to lua, dnsmasq, iptables, and uhttpd.

Every so often a group of KWLUGers volunteers to rescue laptops donated to the Computer Recycling project at The Working Centre. For assorted reasons it is not viable for Computer Recycling to spend much time refurbishing these laptops itself, so we sort through them, select ones in reasonable condition, then install Xubuntu on them for resale.

You are invited to come help! You do not need to be a Linux nerd or a hardware genius to participate: if you can use a screwdriver, read numbers and follow instructions then you can be helpful. There will be lots to learn, but you can learn it as you go along. Linux nerds and hardware geniuses are also welcome to participate, of course.

To participate, please RSVP using the Contact Us functionality on this website. Because Computer Recycling is ordinarily closed on Saturdays, you will need special instructions to get into the building.

We will start at around 4pm and end around 8pm, but if you can only come later or have to leave earlier that's fine too.

University of Waterloo graduate student Nik Unger will tell us about his research. He is creating a state-of-the-art emulation platform that aims to emulate the entire Tor network at full scale. Tor is an open-source tool that helps users to stay anonymous online. He will discuss some of the challenges involved, his approach to the problem, why he chose Linux as a platform for it, and specific features of the Linux kernel that enable his work. He will also share some of this project's implementation details.

Unfortunately, the OpenWRT customization presentation is being postponed. It will be rescheduled. Stay tuned.

* * *
This month's meeting will consist of some shorter presentations:

• Bob Jonkman and Chris Craig will describe the technology and workflow for the incredibly useful WatCamp tech event calendar.
• Kirk Zurell will show us the Guile module he wrote for managing the key retention facilities built into the kernel (!).
• Peter Melse will demonstrate his adventures using a Raspberry Pi 2 as a car computer.
• Andrew Cant will tell us about the Indieweb movement.

This month will be a smorgasboard of short presentations. If you would like to contribute a presentation please contact us.

- John Kerr will show some screencasts he made, and teach us how to make our own.
- Bob Jonkman is organizing a keysigning party. (Instructions for participants)
- Bob Bosiljevac will demonstrate ZBackup.
- Tim Laurence will show us how to identify performance bottlenecks in servers.
- Andrew Cant will demonstrate the static Indyweb.
- Paul Nijjar will give an overview of VLANs: What they are, why they are useful, and how to use them. (Slides, Slide sources)