What a great conference and a start to 2016! I had really nice time during my visit to Université Libre de Bruxelles. Surrounded by really intelligent and skillful people. Clasroom full of top notch speakers (although some had a very strong accent heh), eventually I decided to share some of the talks that i really liked.
~How containers work in linux~
This talk covers the theory of what containers are and how they work in Linux, including why they differ from hypervisors and what specific properties they have. The thing that i really liked from this one is that it was just the right layer of abstraction. Docker is not mentioned much..I have nothing against docker, and use it daily even but what I don't like is, the perception of docker=containers in the industry. So this is also why i really enjoyed this talk because there is a demo section where the speaker goes hands on with just bash to demonstrate containerization.
~**Explaining the Postgres Query Optimizer**~
The optimizer is the "brain" of the database, interpreting SQL queries and determining the fastest method of execution. This talk uses the explain command to show how the optimizer interprets queries and determines optimal execution. The talk assists developers and administrators in understanding how Postgres optimally executes their queries and what steps they can take to understand and perhaps improve its behavior. FOSDEM 2016 still didn't posted this talk online, so i did some digging and found the speaker giving the same talk in Postgres OPEN 2014. Very informative one...
Presented a live-patching technique based on systemtap's programmable in-situ instrumentation. These patches are limited to modifying data instead of code, but are often sufficient to put a bandage on a bleeding security vulnerability - or even a plain bug.
Some security vulnerabilities can't be patched right away. Maybe the vendor hasn't provided an update; maybe the service can't be restarted; maybe the software is private, abandoned, or unchangeable.
Do not despair! Systemtap, a programmable system introspection tool, is customarily used to trace and profile. But its toolkit includes instruments to poke too - to change state. It turns out that this is enough to work around many vulnerabilities. Since systemtap scripts can be run against a live system, we can protect against exploits without a restart. Some problems can be surgically corrected; others require killing the process before it turns to crime.
~Vulkan in Open-Source~
Vulkan is the new next-generation graphics API from Khronos that is meant to replace OpenGL for many high-performance graphics applications. The talk focuses on three main topics: The Vulkan API itself, the impact of of the Vulkan API on open-source software including both open-source applications and running closed-source applications on open-source operating systems, and support of Vulkan APIs in open-source drivers on Intel platforms.