User authentication in mobile and web applications is a very common and integral use case. Implementing basic authentication is an easy solution for developers, but comes with several pitfalls that impair user experience, like (re-)entering passwords, the need to create a new unique password, or even just the input of personal data on a flaky keyboard while registering a new account.
We live in an age when governments, big business, criminal syndicates, terrorist organisations, and the intelligence community are all focusing their efforts on the internet. An age when privacy, identity, and trust have become the key battlegrounds in the fight for freedom of expression and political agency. Do you have a strategy to secure your users' privacy?
Stay away from the internet - limiting the attack surface for modern web infrastructure
Gareth Rushgrove (Docker)
Your database isn't connected directly to the internet, right? Firewalls and perimeter security are no longer enough when it comes to securing internal systems and complex websites. From validating proxies to simpler operating systems, and unit testing your network to unikernels, this talk will introduce tools and techniques to help build secure modern infrastructure and applications.
Surveillance and the erosion of weirdness
Deb Nicholson (Software Freedom Conservancy)
Surveillance through big data sets makes it increasingly uncomfortable to be publicly weird. Our best innovations have always come from innovative thinkers who question the way things are done. To make a web that is a source of inspiration and collaboration, users need to be able to craft their own experiences. We need the freedom to be weird without worrying about repercussions.
Creating the right process to manage open source in the post-Heartbleed era
Jeff Luszcz (Palamida, Inc), Mark Tolliver (Palamida, Inc.)
Most software projects are comprised of 50% open source software (OSS) components, but only about 1% are being tracked and managed. How will you find and fix the next Heartbleed? We'll discuss best practices for implementing an open source management strategy to alleviate your security worries.
Secure open source: Making the web safer, one codebase at a time
Gervase Markham (Mozilla)
Mozilla and partners are developing a new initiative, the Secure Open Source (SOS) Fund, to support security-focussed code improvements for open source projects, and to make the web a safer and more secure place to be. This session will introduce the proposal, explain how it works, and how you and your project can be involved.
NoSQL's biggest lie: SQL never went away
Matthew Revell (Exoscale)
The NoSQL revolution was based on a falsehood: it was never about SQL, it was about alternatives to relational. The thing is, even with all the promise of scalability, speed, and availability, the need to query never went away. In this talk I'll look at how NoSQL databases are bringing back SQL, and other methods, to make it easier to query data, whatever the model.
Enabling development teams to move fast with PostgreSQL
Valentine Gogichashvili (Zalando SE)
This talk will cover the main aspects of how to use PostgreSQL in agile teams. I’ll discuss the processes and best practices that we have developed over time, and introduce the tools that we have open-sourced to make the work of our developers and database administrators easier.
How to fake a database design
Curtis Poe (All Around the World)
Many developers do not understand database design but are still required to design databases. Top-notch developers make database design mistakes with long-lasting repercussions, including code written to work around those errors. This talk avoids confusing jargon. Instead, it presents a few simple rules to remember that will dramatically improve your database design.
Modelling complex game economy with Neo4j
Yan Cui (DAZN)
This talk illustrates with examples how the complex in-game economy of a MMORPG can be modelled as graph data, and how the graph data can then be used to gain insight into and answer difficult questions about the data. I'll illustrate several use cases where we used Neo4j to automate an otherwise manual and error-prone process of balancing the economy.
Real-time music recommendations with Storm
Emily Samuels (Spotify)
At Spotify, we leverage user listening history to generate music recommendations. The recommendations are generated daily by batch Hadoop jobs. New users that stream music won't see recommendations until their second day on Spotify. We improved the new user experience by generating recommendations in real time with Storm. As soon as a user streams a song, we can recommend music to them.
Concurrency first in Rust
Jim Blandy (Mozilla Corporation)
The Rust programming language makes writing multi-threaded code painless. Rust is a systems programming language, with performance comparable to that of C and C++. However, Rust prevents data races at compile time, eliminating many of the opportunities for bugs that make concurrent programming risky in other languages.
Collaboration and Craft
A crash course in tech management
VM Brasseur (@vmbrasseur)
'Programmer' and 'manager' are two different titles for a reason: they're two different jobs and skill sets. If you have managerial aspirations (or have had them foisted upon you), come to this session to learn some of the tricks of the managerial trade.
Collaboration and Craft
Surviving technology transitions: Adding and (more importantly) removing tools from an existing stack
Melissa Santos (Big Cartel), Maggie Zhou (Etsy)
We share our lessons learned in removing and adding technologies, including stories from our Etsy experiences. Expect to come away with a better idea of the technical and political problems involved in these changes.
Collaboration and Craft
InnerSource as the anti-silo: How open source style has broken silos while strengthening systems at PayPal
Cedric Williams (PayPal)
Maturing engineering organizations tend to coalesce into silos around products, technologies, and business units. InnerSource uses proven open source approaches for development inside the firewall, bypassing the constraints of silo architecture while increasing velocity and quality. This session will examine how InnerSource is growing at PayPal and what has been learned so far.
The Physical Web
Scott Jenson (Google)
The number of smart devices is going to explode, and the assumption that each new device will require its own application just isn't realistic. People should be able to walk up to any smart device and not have to download an app first. Everything should be just a tap away. The Physical Web is an open approach to unleash the core superpower of the web: interaction on demand.
Distributed systems in one lesson
Tim Berglund (Confluent)
An overview of key distributed systems concepts through the lens of events at a local coffee shop.
David Baumgold (edX)
You know clone, commit, push, and pull. Now you're ready for the fun stuff. This talk will give you the advanced knowledge you need to take control of your Git repository: rebase, cherry-pick, bisect, blame, squashing, and the reflog. You'll also get a better conceptual understanding of how Git works, allowing you to chain these tools together to accomplish whatever task you need.
Keeping it real time: Globally distributed, high volume data processing optimized for scale, reliability, and cost
Jos Boumans (Krux Digital)
Real time is becoming the norm for data processing. However, doing so efficiently, resiliently, reliably, economically, and at scale is a tremendous challenge. This talk covers the challenges and pitfalls encountered, and a practical how-to on building a globally distributed, high volume, economical real-time infrastructure using open source software in either the cloud or a datacenter.
Using race conditions in correct concurrent software
Devon H. O'Dell (Google)
Race conditions are difficult to identify, debug, and nearly impossible to test repeatably. While race conditions intuitively seem bad, it turns out there are cases in which we can use them to our advantage! In this talk, we'll discuss a number of ways that race conditions -- and correctly detecting them -- are used in improving throughput and reducing latency in high-performance systems.
Scaling MySQL and MariaDB
Max Mether (MariaDB)
There comes a time in each application's life when the needs of the database go beyond what a single server can provide. From standard replication and Galera clustering to sharding in the application layer and key based sharding, this talk will look at different options, how to implement them with MariaDB and MySQL, and look at benefits and disadvantages for each of them.
gRPC - boilerplate to high-performance scalable APIs
Robert Kubis (Google UK Ltd.), Mandy Waite (Google)
gRPC is a language- and platform-neutral RPC framework based on the finalized HTTP/2 standard to build highly performant scalable APIs. Open sourced by Google and internally scrutinized, it is used to build and connect cloud services. In this session you will learn all about gRPC and the benefits of it being based on HTTP/2. On top you'll see how to create a simple service and client using gRPC.
Apache Cassandra: The how and the why
Christopher Batey (Freelance)
Apache Cassandra is one of the most active and used open source projects. This talk will take the audience through how Cassandra is implemented and what are the common use cases for choosing it as your operational datastore.
Technology isn't interesting until it's technologically boring
Chris Chabot (Crate.IO)
The potential of technologies to drive true societal change requires it to be lifted from the arcane, accessible only to the initiated, to something that everyone can use. Cloud computing made massive scale accessible to everyone, smartphones brought computing to a billion people for the first time, and we're at the cusp of making massive data processing available to everyone, not just the..
Break: Coffee Break
Break: Morning Break
12:30-13:45 (1h 15m)
Tuesday Lunch (Sponsored by PayPal) -Birds of a Feather (BoF) Tables and Office Hours
Connect with other like-minded people during lunch at tables designated for certain languages, technologies, and interests. Look for the signs on the tables near the buffet lines each day at lunch.
Tuesday keynote welcome
Rachel Roumeliotis (O'Reilly Media), Peter Cooper (Cooper Press)
OSCON in Amsterdam Program Chairs Rachel Roumeliotis and Peter Cooper welcome you to the second day of keynotes.
AB testing: Test your own hypotheses, and prepare to be wrong
Stuart Frisby (Booking.com)
The rise of AB testing in the world of e-commerce has shifted the focus of product development from being opinion-driven to data-driven. However, the realities of AB testing might not be the reality you expect.
Privacy: The next frontier
Ari Gesher (Kairos Aerospace)
In this talk, Ari Gesher, one of the authors of the upcoming book "The Architecture of Privacy," will illuminate the history of open source disruption and outline a set of important, unsolved problems in privacy protections that are the next frontier in technology democratization.
Kubernetes: Changing the way we think and talk about computing
Mandy Waite (Google)
In this session we'll look at the new metaphors of computing through the lens of Kubernetes, and work out what we as developers need to do to adapt to this new mindset.
Bootstrapping a business around open source
Ninh Bui (Phusion), Hongli Lai (Phusion)
This talk will tell the story of how two 20 somethings in college decided to take their open source app server Phusion Passenger to the next level by bootstrapping a company called Phusion around it back in 2008. Passenger currently powers over half a million sites, and is trusted by companies such as Apple, Sears, NBC Universal and many more.
Growth Hacking: Data and Product Driven Marketing
David Arnoux (Growth Tribe)
David Arnoux will accelerate your learning experience from digital marketing to understand the depths of growth hacking. He will empower you to enter a new era of data and product driven marketing. He will explain what he means with the growth hacking mindset and how to how to apply the growth hacking process for your organization.
Tuesday closing remarks
OSCON EU Program Chairs, Rachel Roumeliotis and Peter Cooper, present their closing remarks.