The largest regional tech conference devoted to all things OPEN: Hardware, Standards, Source and Data. OpenWest works closely with many of the local user groups to plan, develop and operate the conference.

Wednesday 12th July 2017

Morning Meditation (Yoga) in General (1 hour)

Provided by VSchool, Morning Yoga will be conducted by __ and will feature breath control, meditation and other practices to help attendees start out their day well.

Registration in General (50 minutes)

Check-in and registration

Welcome in General (15 minutes)

Welcome to the conference

Security Roadmap for Next Generation of Payment Applications
Keynote by Troy Leach in General (30 minutes)


Keynote by William Hurley (Whurley) in General (30 minutes)


10:30 Deep Learning Optimized Chatbots
Talk by Bob Davis in 200A - Data (50 minutes)

In the last two years, over 275 companies started utilizing chatbots at the core of their service. In April of 2016, Facebook announced the inclusion of chatbots within their messenger app. Samsung purchased the startup by the creators of Siri, called Viv last October, to be the brains behind their new virtual assistant Bixby in the Galaxy S8 ( With this increasing demand for chatbots, don't be left out in the cold wondering how they work or how to create them. Come learn how deep learning based Natural Language Understanding (NLU) can be used to free chatbots from rule based exchanges towards true understanding. [337]

DevOps for the Initiated
Talk by Craig Gardner in 200B - Ops (50 minutes)

DevOps is one of the Industry's great buzz words. You've heard that DevOps (or ITOps, or WhateverOps) will solve all your development-to-deployment problems and how agile processes can increase the velocity of your projects. But you also likely know that it's not a silver bullet that solves all problems. This session will discuss how DevOps helps, what the pitfalls are, and how to avoid failure while squeezing the BEST out of DevOps. [93]

Techniques and Technologies for converting HTML to PDF
Talk by Cory Kirkland in 200D - Web (50 minutes)

Turning a web page into a PDF report is a common requirement for websites. There are many approaches to this problem, the most common is to convert the HTML and CSS into a PDF. If done well, the results can be quite nice. If done poorly, the resulting PDF's can be ugly and unusable. I will discuss some techniques on how to design a web page's HTML and CSS to be clean and presentable both on the web and as a PDF. I will also present the two most common open source technologies for converting HTML to PDF, [PhantomJS]( [WKHTMLTOPDF]( I will show how to use them both, compare and contrast their abilities, and discuss when to use one over the other. [157]

Develop Awesome Websites Using Flask Python
Talk by Christopher William Pitts in 300A - Programming (50 minutes)

In an increasingly interconnected and online world, web development is a skill sought after in every industry and practice. An important component of every web service is the backend running on the server. Flask, a development framework for the Python programming language, makes writing backend code easy, fast, and fun, while providing smooth, fast, and stable service. Prominent examples of Flask in industry include Pinterest, LinkedIn, and powering former U.S. President Barack Obama's 2012 re-election campaign website. Learning to develop websites using the Flask framework is a useful skill for any professional web developer or entrepeneur, and can ignite interest and encourage hobby development in even casual users. [166]

JavaScript the Good-er Parts
Talk by Matt Banz in 300B - Programming (50 minutes)

Douglas Crockford has said that "JavaScript has more in common with functional languages like Lisp or Scheme than with C or Java". Yet most of us try to use JavaScript as a typical Object-Oriented Programming language (with a few callbacks sprinkled in here and there). What if we were to return to JavaScript's roots and actually use it as a functional programming language? (gasp!) Elm has shown how blazingly fast functional programming can be when used on the web. Elm is an amazing language and I encourage everyone to learn it, but what if we applied those same principles to JavaScript and used it as our functional programming language of choice. In this talk, I'll show how JavaScript can be used as a purely functional language by simply ignoring the OOP stuff. I'll show how we can use immutable data structures via Immutable.js to avoid the pitfalls of mutable state. I'll cover the foundational concepts you need to know in order to get started with functional programming in JavaScript.

A method of error handling to prevent descent into Cthulhuesque Madness
Talk by Russel Fisher in 300C - Programming (50 minutes)

A presentation on a method of handling errors that can be used in the MVC/API environments. Or a tale of my battle with Shiva, the many armed destroyer of hopes and sanity. [78]

Games, Jams and Phasers
Talk by Travis Chase in 300D - Programming (50 minutes)

Have you ever wanted to develop a game? Are you already developing games? Join Travis in a discussion about a JavaScript game development group he is a part of via his company. Travis will be talking about the their experiences doing one-day game jams using as their game engine / framework / thing. Travis will also be walking through some code examples using along with providing some useful tips on game development in Come join in on the fun and obtain some useful ideas and tools to make your own games! [108] Presentation Slides Repo:

Better Testing Through Statistics
Talk by Matthew Treinish in 400 - QA/CI (50 minutes)

The OpenStack Gate operates at a tremendous scale, with on average roughly 12 thousand test jobs launched every day. It's exciting to see testing happen at such a large scale. However there is an issue, it is too difficult for humans to deal with all the data being generated or analyze all the results from the testing. To deal with this the OpenStack community has developed and deployed several tools to help deal with the torrent of data. Using and building off these tools have been invaluable especially as the OpenStack project continues to grow. This talk will explain the basics of OpenStack's CI infra and cover the approach and tooling used by the OpenStack community to interact with the large amount of test result. It will explain the techniques used and the benefits derived from having both open test result data and performing analysis on that data to understand the project. [230]

Xamarin, MvvmCross and Rx; Oh My!
Talk by Don Jordan in EH2 - Mobile (50 minutes)

Description on the use and interaction of three really popular frameworks for cross-platform mobile application development. Xamarin allows C# development for Mac, iOS and Android. MvvmCross provides infrastructure to cleanly write and share non-UI layers of application development using the Mvvm development pattern. Rx is a wonderful way to setup and maintain state and event(UX or otherwise) handling in a clear and easy to read form. Included is an introduction to each framework and some lessons learned using all three in a medium to large software project that shares the majority of it's code with other projects. Pros/Cons of using Xamarin as a base platform to abstract iOS and Android development will be discussed briefly. [218]

The 80 Hour Work Week
Talk by Hunter Trawick in HALL1 - Geek Life (50 minutes)

Most developers know what it's like to work 60-80 hours a week at some point, with full time, part time, and side project gigs. And while managing employees, architecting on multiple projects, and trying to get time for a personal life? I'm sure some of you even have families to try to spend time with. I'm going to give you my tips on getting time away from it all, but better yet, enjoying the 80 hours more than you did before. A few personal stories may be involved as well... like the time I crash and burned on the floor after a 28 hour sprint for a product demo. P.S. The demo turned out great. [276]

Linux Security & Compliance Auditing with HubbleStack
Talk by Christer Edwards in HALL2 - Security (50 minutes)

HubbleStack is a modular, open-source security & compliance auditing tool written in Python. Hubble was created by engineers at Adobe Systems in Lehi and open sourced in 2016. This presentation covers Hubble v1 (based on SaltStack) and the new Hubble v2 which no longer requires a SaltStack installation. Hubble has built-in coverage for CIS standards, integration with osquery ( for deep introspection, real-time file integrity monitoring and supports Splunk and/or Slack reporting endpoints. HubbleStack is available as a standalone daemon or as a SaltStack GitFS remote. [21]

Learning to Ask: How to Change Your Career and Your Life
Talk by Clarissa Peterson in HALL3 - Business (50 minutes)

Many of us were raised on the myth that if we work hard, someone will notice and we will be rewarded. It turns out that the world doesn't usually work that way. Career opportunities are out there, but they won't often just magically fall in your lap. Whether it's a raise or promotion, changing to a different type of work, or moving to a new level by speaking at conferences or writing, simply asking for the things you want can sometimes make a big difference. In this talk I'll tell you how in a few months I went from working a unsatisfying job in an anonymous cubicle to being a recognized expert in my field, speaking at conferences and writing a book. I changed my life by learning to ask; you can too. [169]

MySQL - solving problems with MyISAM tables
Talk by Sasha Pachev in 200A - Data (50 minutes)

MySQL database supports multiple storage engines. The two main ones are InnoDB (transactional) and MyISAM (non-transactional). The transactional nature and other features of InnoDB have made it a popular choice in recent years. However, the extra features of InnoDB come at a cost - slower performance, larger storage overhead, difficulty in moving the data from server to server, crash recovery nightmares when things go wrong. There are use cases where MyISAM tables in the hands of knowledgeable DBAs/database application developers will provide a more flexible, performant, and stable solution. We will discuss the advantages and limitations of MyISAM tables, when it is appropriate to use them, how to avoid falling prey to their limitations, and how to fully benefit from their advantages. [2]

Networking for people who don't run networks
Talk by Mike Lovell in 200B - Ops (50 minutes)

The Internet is something we all use on a daily basis. Its operation is full of terms that can be confusing though. IP, Subnet, CIDR, VLAN, Routing, Firewalls, Ethernet, TCP. These are just a few of the terms that are used in network operations. Not all of us are network engineers though. Software Developers, Systems Administrators, and others frequently can avoid digging into this unknown world. But having an understanding of the basic concepts of modern networking can go a long way. This session will go over some of the basics of networking so that you aren't completely confused next time you need to work with a network engineer, work on a networking issue, or work with networks. [356]

AWSome Power: Implementing Continuous Delivery with AWS
Talk by Sam Duzett in 200C - Cloud (50 minutes)

Continuous Delivery is another one of those practices that the industry is widely adopting, but it can be a little daunting (not to mention expensive) to implement. We'll discuss the benefits and reasons why you should (or shouldn't) implement Continuous Delivery and walk through a simple example of implementing it with AWS services. [61]

JSON Web Tokens Will Improve Your Life
Talk by John Anderson in 200D - Web (50 minutes)

SLIDES: JSON Web Tokens, or JWTs (pronounced "jots") are an "open, industry standard RFC 7519 method for representing claims securely between two parties" -- but what does that actually *mean*? If you decode the buzzwords, you'll find JWTs solve common problems around authorization for web and mobile apps in a portable, easily implementable fashion -- and you're going to want to use them *everywhere*. JWTs are designed to be extremely compact -- small enough to be transmitted in an HTTP header, for example -- and can be used in a variety of ways: as authorization tokens, client-side data storage, or even for the implementation of single sign on (SSO) solutions. They're based on a very simple and elegant algorithm that's easy to understand and quickly put to use. JWT implementations are available in virtually every programming language in common use for Web and mobile development. Unfortunately, learning how to use JWTs can be complicated by the terminology that's commonly used. "Claims", "signatures", "body", "payload" -- a large part of learning how JWTs work is deciphering these buzzwords and understanding how they map onto more familiar programming terms. This talk will focus on reducing this barrier to entry and making JWTs understandable to any programmer. This talk will cover: * the structure of a JSON Web Token * the algorithm for generating one * available libraries and tooling * some common scenarios where JWTs can be used. Particular emphasis will be given as to when and why JWTs provide for better solutions than other methods. Attendees should come away from this talk with a full understanding of how to use JWTs for a variety of purposes, and be ready and eager to put JWTs into use in both personal and professional contexts. [112]

Perl Optimization Tidbits
Talk by Daina Pettit in 300A - Programming (50 minutes)

Have you ever wondered how much difference Perl coding styles make to performance? Perl has lots of ways to do the same thing, and some are more readable/maintainable, but are slower or consume more memory...or is it the other way around? We'll look at Perl syntax and see what performs better or worse and why. Maybe your favorite syntax is an awesome efficient race horse, maybe it's a pig, or maybe it makes no difference. Come see your dreams shattered, hopes dashed, or realize how lucky and awesome your syntax choices have been! [383]

The Services Your Microservices Could Be Like
Talk by Ethan Garofolo in 300B - Programming (50 minutes)

Hello developers. Look at your microservices, now back to services, now back to yours, now back to services. Sadly, your microservices aren't actually services, but if they stopped following bad blogosphere advice, they could be. We've all been there— working on a project that has grown large and difficult to work on. You're afraid to make any changes in one part of the system for fear that it will break at least 6 unrelated other parts. It takes you months to bring new team members up to speed on your project. You have deadlines coming up, but your system is so difficult to work on that you just have to accept that working nights and weekends is now the new normal. And then you read about microservices, the idea that you take parts of your big app and put them on a different server and speak to them over HTTP. And then it's all rainbows and unicorns again, right? Right? This talk starts by taking a critical look at the microservices trend, asking and answering important questions like: Does the term "microservice" actually mean anything? Does breaking an app apart make it simpler to work on? What actually is a service? Is the size of a code base what makes it a service or not? Do I need Kafka or RabbitMQ to have a service-based architecture? It then proceeds with a path that actually *can* remove the coupling in your system, exploring architectural ideas like event sourcing and command query responsibility separation (CQRS). This talk is born out of real-world experience, and we'll actually build a small service-based system to illustrate the concepts and give you information you can put into action today. [311]

Staying efficeint and relevant with Modern C++
Talk by Greg Hodgson in 300C - Programming (50 minutes)

This lecture is intended to be an overview of the features introduced in Modern C++ (C++11/14 and C++17) that have allowed for higher-level abstractions, better code maintenance techniques, safer code, and better performance, which is the single most important thing for true C++ programmers. They will be discussed with examples in the context to the problems they solve. Topics we will cover: -Type deduction -Smart pointers -Move Semantics -Lambdas and Algorithms -The modern C++ threading API This is intended to be intermediate level, but everyone is welcome as advanced questions can be answered too. [387]

Javascript: What Not to Use Frameworks For
Talk by Tod Hansmann in 300D - Programming (50 minutes)

You've seen a couple (HA!) Javascript frameworks pop up. Are they worth all the hype? Surely for some things. What we're going to go over are some common scenarios where avoiding using the frameworks might give us some gains in the long run. Avoiding a framework to accomplish a specific task and instead using some good old fashioned vanilla JS may just make porting to the Next Big Thing that much easier. [295]

Opinionated Screed on Unit Testing
Talk by Scott Overholser in 400 - QA/CI (50 minutes)

Unit tests are an important part of writing reliable and efficient code. Why does unit testing evoke such strong differences of opinion among developers?Some developers feel the same about unit testing as they do about household chores. Others eagerly write tests and are not content until their code has reasonable coverage. Developers often take a lazy approach and write full stack integration tests that are fragile and have long run times. Concepts like mocks, stubs, test doubles, isolation, units, integration, statement coverage, branch coverage, documentation, and regression are important to understand and properly apply. These topics will be covered in the context of a Python program that illustrates all of these concepts. [329]

Make Magic with Open Broadcasting Software
Talk by Spencer Krum in HALL1 - Geek Life (50 minutes)

OBS Studio is a FLOSS application that puts you in the directors chair for live streaming or recording. It is built as an application to help video game or creative streamers share their computer screens with a live audience, but it's power goes beyond that. Anyone who is using their computer to tell a story can benefit from the professional touch that OBS can provide. It can manage multiple capture devices, independently combine captured window areas, and overlay text and graphics. I'll show you what this software can do and what you can do with it. A simple example: Presenters often like to include their twitter handle on their slides. When the presenter goes to the terminal, the twitter handle isn't displayed. If the presenter uses obs studio to control the projector display, obs studio can trivially be configured to overlay a twitter handle, company graphic, whatever. [204]

Cloud Security in AWS
Talk by Wes Novack in HALL2 - Security (50 minutes)

This talk will provide an overview and tour of Security in the AWS cloud. We'll discuss the Shared Responsibility Model, Virtual Private Clouds, private and public subnets, NAT gateways, Security Groups, Identity and Access Management, IAM policies, IAM roles, IAM best practices, the importance of transport encryption, and other relevant topics. [292]

Tech Interviews Stink
Talk by James Thompson in HALL3 - Business (50 minutes)

Technical interviews stink. Whiteboarding, take-home exercises and questionnaires produce mixed results. These typical approaches can weed out imposters, but they won’t help you learn everything you need. So, why not try working with candidates? By working with your candidates on exercises or real code you can get a better gauge of technical competence, while also identifying the best communicators and collaborators among your candidates. Come learn how! [11]

Lunch + Panel Discussion: Future of the Technology and Business in General (1 hour, 20 minutes)

Concessions stands and food trucks available on site, along with nearby restaurants. The panel discussion will begin at 12:45pm. Panel discussion to look at the changing landscape of technology and it’s impact on business. All Keynotes invited to participate.

14:00 InfluxDB for time-series data logging
Talk by Brannon King in 200A - Data (50 minutes)

Time-series databases fill a unique niche among logging systems. They are half-way between a relational database and a flat file. InfluxDB (an open source time-series database) is a tool that we have used for telemetry logging at ASI for several years. It replaced MS SQL Server. I will go deep into the "why" on that. I'll show basic insert and query syntax. [173]

Intro to Docker and Ephemeral Systems
Talk by Brandon Gillespie in 200B - Ops (50 minutes)

A walk through of the basics of Docker and the "docker way" that works best, the top mistakes to avoid, and what to know to do it right--with interactive Q&A. [67]

Move your Castle to the Cloud
Talk by Blaine Carter in 200C - Cloud (50 minutes)

Have you been wanting to add some smarts to your castle, but you're concerned about getting locked into an expensive closed system? Getting started doesn't need to be expensive and it definitely doesn't need to be closed. Grab a Raspberry Pi and let's set up OpenHab, an open source solution for empowering your castle (smart home.) I will cover some of the reasons you may want to smarten up your home and talk about some of the devices currently available. I'll discuss some of the features and capabilities of OpenHab, demonstrate installing it on a Raspberry Pi 2 and walk through the built-in control interface. If you're like me, you will want to persist a lot of the data that passes through OpenHab, so I will cover some of the existing persistence options. Having a castle is good, but a cloud castle is awesome. I will demonstrate how to connect OpenHab to a cloud database using a restful interface. I will create the data structures and interface then modify my installation of OpenHab to take advantage of the new data store. I will wrap up the session with a discussion of the OpenHab project and go over a few ways that we can all contribute. You'll leave this session with the tools to track the data in your own IoT projects and hopefully some new ideas. [23]

Creating a RESTful API without losing too much sleep
Talk by Mike Anderson in 200D - Web (50 minutes)

REST (REpresentational State Transfer) continues to be the dominant way to provide a standard method for data access in a web environment. There are a lot of discussions on what makes a good RESTful API, but examples are sometimes hard to come by. How do you structure your code to enable REST but also ensure that you can update and maintain the code over the long haul? It this talk I will walk through some of the things that I have learned in implementing a RESTful API. We will discuss some of the following topics: * Landmines - what are some things not to do when developing your REST stack * Pure data vs hypermedia (HATEOAS anyone?) * Layering the stack to enable automated testing at all tiers * Securing your endpoints * Testing -- tools to explore and validate your endpoints [181]

Introduction to Rust
Talk by Nathan Stocks in 300A - Programming (50 minutes)

Rust is an systems programming language that runs blazingly fast, prevents segfaults, and guarantees thread safety. Language Features: - zero-cost abstractions - move semantics - guaranteed memory safety - threads without data races - trait-based generics - pattern matching - type inference - minimal runtime - efficient C bindings After attending this course you will: - be able to create, compile, and run your own simple Rust project - be familiar with the long list of Rust features - understand some of Rust's strength's and weaknesses - be aware of the current state of the Rust community - start to understand the ownership system's 3 parts: ownership, borrowing, and lifetimes - know some basic Rust This session will be a mix of show-and-tell-slideshow and live-coding. [125]

Implementing a RESTful API with Lumen, an introduction to Lumen and Eloquent
Talk by Kyle Waters in 300B - Programming (50 minutes)

Due to the rise of mobile application restful back ends are in high demand. There are several PHP frameworks that promise to make this simpler. In this presentation I'll show you how quickly you can implement a simple RESTful API using Lumen and Eloquent.

Perl's Modern Features
Talk by David Oswald in 300C - Programming (50 minutes)

The Perl 5 Porters have been steadily adding new features to Perl over the past few years. Maybe you've noticed and have adopted a few into your own code. Maybe you've noticed but haven't begun using them. Or maybe you haven't noticed. Some of Perl's newest features were inherited from the work that has gone into Perl 6. Some of them are uniquely Perl 5. Many of them are highly useful in writing modern code. We'll take a look at the most important of the new features introduced from 5.10 onward, all the way through the experimental Perl 5.25. We'll try to find a few things for every Perl developer, no matter how vigilant you think you've been at keeping up with Perl's modernization. [293]

Talking People Down From Shiny
Talk by Tod Hansmann in 300D - Programming (50 minutes)

Just because a technology is new doesn't mean it's worth building your production software in, but sometimes it is, so it's good we have people looking at new things. When they get stuck advocating the newest thing, how do we use our experience and knowledge of systems to bring them back to the real world without a fight? What if they have the backing of management? We'll discuss some strategies for evaluating the technology from their perspective, the things to say to management, or when you _are_ management and don't want to throw weight around. [50]

The Edge Case of Insanity: How weaknesses can improve testing and how testing can improve weaknesses
Talk by Julene Johnson in 400 - QA/CI (50 minutes)

Anxiety is a part of my life that I often label as “harmful.” Over time, however, I have noticed that skills I developed because of anxiety have the potential to improve my life. My hyper attention to detail, once aimed at germs and other such fear-inspiring aspects of life, can be shifted to software. Suddenly, the minute details that I notice become edge cases instead of insanity. But that is only the first half of the the interaction between weakness and job. Lessons I have learned while working as a tester have helped me to better manage anxiety. This session will discuss my personal experience with how my weaknesses and my career positively affect each other, and how each of us has something unique to give and to learn because of that interaction in our own lives. [251]

Smartwatch Development for the Outdoorsman
Talk by Don Jordan in EH2 - Mobile (50 minutes)

iOS and Android hardware manufacturers have spent a great deal of marketing time and effort pushing smart watches and natural extensions of the smart phone, to relative success and failure. But iOS and Android are not the only fish in the pond. When someone spends a lot of time outdoors for recreation, exercise or general relaxation the hardware and software limitations of the current generation of iOS and Android smartphones becomes apparently quickly, as battery life or app capability when there is not available cell phone service rear their ugly heads. Garmin, Suunto and Polar specifically design their wearable devices to these people. Their devices include hardware capabilities and battery life designed to last through day(s) of activity outdoors. And each have provided tools and services allowing developers to customize how that hardware gets used and activity tracked, recorded and processed. A general introduction to the Ins and Outs of each platform will be presented, and the relative merits of each platform's devices, followed by discussion on how having this hardware available to the wearable and smart phone alike can benefit the user when cell service doesn't provide immediate feedback or updates. [219]

Introduction to Blockchain and Crypto-Currency.
Talk by Ryndon Ricks in HALL1 - Geek Life (50 minutes)

Gain a clearer understanding of blockchain and crypto-currency, including Bitcoin, Ethereum, Dash, and more. Topics of discussion will include wallet software, mining, proof of work (POW), proof of stake (POS), exchange/trading, security issues, and current applications. Bring your laptop or mobile device to participate in live a demonstration using small amounts of real (digital) money. All skills levels should feel comfortable attending. [210]

Random Number Generators
Talk by Aaron Toponce in HALL2 - Security (50 minutes)

We'll discuss several random number generator designs and applications. This talk will be targeted towards developers who want a better understanding of randomness, and how to correctly implement them in their code. We'll look over: * Secure true randomness * Insecure true randomness * Secure pseudorandomness * Insecure pseudorandomness * Standardized designs such as: * CTR_DRBG, Hash_DRBg, HMAC_DRBG * ANSI X9.17, ANSI X9.31 * Dual_EC_DRBG * /dev/random * Mersenne Twister * xorshift128+ [205]

Decorating Your Office: 4 Simple Ways to Increase Satisfaction and Productivity
Talk by Kristy Palombo in HALL3 - Business (50 minutes)

We spend 57% of our waking time at work. While at the office, you are expected to be productive, creative, and social. The design of your office greatly affects how you feel and think. If you haven't consciously noticed how your mood is affected in different settings, I'm sure you've tried to fight for the window seat or wished you could add some color to the walls. This is an outward display of your psychological need for a pleasant space. Additionally, as an employer, it is important to note that millennials expect to be happy and are looking for an experience, not just a paycheck. Decorating your office space for them so they feel fulfilled at work will not only help you in the hiring process, but will also save you money because unhappy employees are more likely to take more sick days and be less productive. Let’s talk about four ideas for decorating your office to make it a pleasant place to be: Own your space. Take advantage of windows and plants. Pay attention to color, lighting, and shape. Adapt to your office. [182]

15:00 Database Optimization for Web Developers
Talk by Steve Meyers in 200A - Data (50 minutes)

Most developers are developers, not DBAs, yet many smaller companies have inadequate database experience in-house. This is largely because databases like MySQL and PostgreSQL don't necessarily require a full-time DBA to administer. It's become more important for developers at smaller companies to have some basic knowledge of how to keep their database happy. [375]

Introduction to Kubernetes and our experience at Vivint
Talk by Ben Mathews in 200C - Cloud (50 minutes)

* overview of problems that kubernetes solves * kubernetes design and use * a description of our kubernetes installation at Vivint

Introduction of Flexbox
Talk by Shaylee Hansen in 200D - Web (50 minutes)

Introduction: Is CSS dragging you down? If you are anything like me you have spent embarrassing amounts of time on CSS. Well I'm here to lighten your load and tell you it is going to be ok. Flexbox is here. So what is Flexbox? It's not another trendy framework that you are going to have spend countless hours learning. Flexbox is part of CSS and was created to make your life as a Web Developer a lot easier. Say goodbye to your struggles with CSS and responsive development and say hello to Flexbox. Description: This Flexbox talk is geared towards those who have just started their journey in the world of world of web development. Exposure to HTML and CSS is a must but beginners are always welcome. The talk will go through an explanation of what Flexbox is and introduces the participants to new Flexbox/CSS properties the talk will end with three resources that they can go and check out on their own to further their skills. For each property that is introduced a live coding example via CodePen will be presented to showcase the properties awesomeness. [128]

Rusty Sword: Game of Infamy! Live-code a game in Rust from scratch in 45 minutes.
Talk by Nathan Stocks in 300A - Programming (50 minutes)

A whirlwind tour of the Rust programming language as we as we live-code a text-based adventure game in 45 minutes! Language Features: - zero-cost abstractions - move semantics - guaranteed memory safety - threads without data races - trait-based generics - pattern matching - type inference - minimal runtime - efficient C bindings Game Features: - Open source - Text-based UI ("TUI"?) - Game loop - Multithreaded - Networked - Compile, run and play the game at the end of the session! This session is meant to be a fun demonstration of what you can do with the Rust programming language. We won't be diving into deep explanations of how things work, but we will be going over what's going on, and why it's so awesome. Oh, and you get to play a game at the end. :-) [126]

SOLID In Practice
Talk by Jessica Mauerhan in 300B - Programming (50 minutes)

SOLID - a set of concepts for designing maintainable and understandable software - yet some of these ideas can be hard to understand themselves. Scholarly definitions and generic examples of these are often still confusing and not applicable to real world applications. By taking a look at an actual application, we'll explore these principles in action, and demonstrate the benefits of following them. [88]

Building A Wrapper API: The case for abstraction
Talk by Aaron Mildenstein in 300C - Programming (50 minutes)

Suppose that an API already exists for a service you use. Now suppose that you want to make a tool that only uses a subset of that API to make it easier to perform certain tasks in that API. This is what I call a wrapper API: A way to simplify or abstract API functions in a way that your tool doesn't have a lot of repetitive code, and that makes it easy for others to build on or contribute to your tool. In this talk I'll describe how I got started creating wrapper APIs for Zabbix and Elasticsearch, and how the latter led to the tool called Elasticsearch Curator. I'll cover topics such as: Design: Am I reinventing the wheel, or is this really going to be a useful endeavor? Classes: When to use them, or whether it makes sense to just stick with a function. Keep moving forward: Your code will always evolve, and your skills improve with use. How to make usable code now, and allow yourself space to improve over time, rather than be stuck in "impostor syndrome" purgatory. Documentation: How to ensure that others will know how to find your documentation, and be able to understand it so they can use your API Project layout and file separation Testing: Why you need both unit and integration tests. How to use Travis CI and GitHub to accomplish this Publication: PyPI, RPM/DEB and other concerns. [308]

Open Source or Public Artificial Intelligence APIs: Google
Talk by Jason Herndon in 300D - Programming (50 minutes)

Amazon and Google have open source, or low cost, artificial intelligence platforms that allow you to process spoken word, images and a ton of other cool stuff. This talk will serve to highlight current product offerings by each of the big companies (Amazon, Google) as well as containing a sample of what each service can do and sample code for each developer to hack on. This talk is part one of a two part series which covers Google’s product offerings. Topics covered: API.AI Google Cloud Machine Learning Engine Google Cloud Vision API Google Cloud Natural Language API Google Cloud Speech Beta Google Cloud Translation API [84]

TestOps is Dead; Long live TestOps!
Talk by Alex Langshall in 400 - QA/CI (50 minutes)

DevOps and continuous delivery are hot topics right now, but how do software testers deal with testing the infrastructure as well as code? One term thrown around the software testing community is the idea of “TestOps”—involving testers in all aspects of software delivery, including infrastructure. We’ll chart the path of the informal TestOps group at Lucid Software, including what we’ve learned and achieved through it: fewer production issues related to deployments, less time fixing test environments, and quicker regression test cycles (from a full week to three days). We will also tackle the thorny topic of the intentionally planned demise of our TestOps group. [48]

Android + Scala
Talk by Gregg Hernandez in EH2 - Mobile (50 minutes)

The Android Runtime (ART) is a Java Virtual Machine (JVM). This provides a great opportunity to use programming languages besides Java to develop full featured Android applications. Scala is a programming language that targets the JVM and blends many concepts of Object Oriented Programming with Functional Programming. Many features of Scala can improve the development experience on Android. Some examples include eliminating the need for common boiler plate, adding type safety to view lookups, and simplifying robust JSON parsing. This session will examine how to leverage Scala and its functional programming features to improve your experience with Android development. [274]

The Next Revolution in Software Engineering
Talk by Matt Ryan in HALL1 - Geek Life (50 minutes)

A revolution in software engineering is on the horizon. What will this mean to you - and what do you need to do about it? From humble beginnings at the dawn of the computing age, software engineering has gone through a number of iterations to reach the present state of the profession. Today demand for employees who can write computer software remains high. The number of people entering the profession lags behind the available positions, even as initiatives are underway to encourage more people to become programmers. Software applications impact every part of our lives, and we rely on software more than ever - and yet it often seems the quality of software today is not even up to the standards of a decade ago. The confluence of these and other industry realities signal that a revolution is coming in our industry. I'll explain what that revolution is, what's causing it, and what it means to us - and what need to do to influence this revolution in a direction that is for the good of all. [185]

Everything you need to know about Cryptography (unless you're a mathematician)
Talk by James Prestwich in HALL2 - Security (50 minutes)

Cryptography is basically magic. It lets computers reach out of pure math, and affect the real world. It sits invisibly under our identities and our money. You may not have heard of AES, but if it doesn't work exactly the way we think it does, the entire economy will collapse and millions of people will die. While the algorithms may always be the domain of the techno-priests, we can (and should!) de-mystify their intentions, their properties, and their uses. An introduction to four important cryptographic primitives: Hashes, Signatures, Symmetric Encryption, and Asymmetric Encryption. Aims to educate non-technical and lightly technical people about the properties of the systems, *not* the algorithms themselves. Everyone should capable of understanding and reasoning about cryptography, without an advanced degree in mathematics. Discusses the relevant properties of each, and why we use them. Shows how almost all security structures are built from them. Goes in depth on PGP, key exchange, TLS, X.509, web of trust, and other foundations of secure communication. [164]

Present Like A Pro - The Next 10 Tips for Owning the Room
Talk by Duke Speer in HALL3 - Business (50 minutes)

Want to take your speaking skills up a level? You have mastered your technical expertise, but now can you inspire and convince others to follow your lead? Whether presenting at a conference, pitching a business idea, or in the spotlight at a management meeting, even brilliant technologists need to learn how to become polished presenters. Your stellar ideas will not find a sympathetic ear without clear and effective communication. Presentation Style: * The critical content to include in the first 30 seconds. Connect or die! * Find your story - Even highly technical presentations benefit from having an emotional bridge to the audience. * Start with Why - Simon Sinek's advice on how to bypass filters in our listeners' brains. * Tricks of the masters to attain and keep perceived eye contact with your entire audience. * Owning the stage - when and how to move or pause to enhance impact. * Being Interactive - methods for continual audience engagement - how to keep eyes off of eyephones. Presentation Tools: * The anatomy of an ideal presentation slide. "Tell don't show" v. "Show don't tell." * Important reasons NOT to use a multi-slide presentation. * Using screen content to subtly enhance your brand. This session will explore ten time-tested and easy to learn techniques of the pros for improving your effectiveness the next time you have to speak on your feet. [321]

16:00 Introduction to NoSQL
Talk by John Kerley-Weeks in 200A - Data (50 minutes)

Understand what NoSQL is and what it is not. Why would you want to use NoSQL within your project and which NoSQL database would you utilize. Explore the relationships between NoSQL and RDBMS. Understand how to select between an RDBMs (MySQL and PostgreSQL), Document Database(MongoDB), Key-Value Store, Graph Database, and Columnar databases or combinations of the above. [385]

Intro to Sysdig
Talk by Garrett Hyde in 200B - Ops (50 minutes)

[Sysdig][1] is open source, system-level exploration: capture system state and activity from a running Linux instance, then save, filter and analyze. Written by the creators of Wireshark, think of sysdig as strace + tcpdump + htop + iftop + lsof + transaction tracing + awesome sauce. With state of the art container visibility on top. This talk will focus on: - How to install Sysdig - An introduction to Sysdig's CLI - Using Sysdig to troubleshoot a system in real-time or postmortem [1]:

Deploying a Bare Metal cloud is not easy
Talk by Julia Kreger in 200C - Cloud (50 minutes)

As clouds grow in popularity, so does the idea of using bare metal hardware directly as clouds, or flexible cloud infrastructure. It can be done, it can be done quite well! But there are always some snags, gotchas, and other pain points that exist. With an understanding of these pitfalls and architectural headaches, an "operator" will have greater success leveraging [OpenStack Ironic][] to build their perfect bare metal cloud. [288]

Leveling Up Your SASS
Talk by Brennan Davis in 200D - Web (50 minutes)

So, you've got the basics of SASS down, and you don’t know how you ever lived without it. You'd like to take the next step on your SASS journey, but are unsure of where to go next. During this hour, we'll become acquainted with some of the more advanced features and techniques of SASS, including how to unit test your SASS mixins and functions. After this, you'll be well on your way to becoming a SASS master! [130]

Introduction to ASP.NET Core
Talk by Nate Zaugg in 300A - Programming (50 minutes)

Microsoft now has more contributes to Open Source than any other company. Their new ASP.NET Core Framework even runs really well on Linux. Plus, C# is a really awesome language! Come learn how to write really awesome web app using ASP.NET Core. We'll start from the beginning, and write a simple web app using C# and deploy it to Linux. fin [341]

Embedded C++ Development for the Game Boy Advance
Talk by Richard Thomson in 300B - Programming (50 minutes)

In this presentation, I'll give an introduction to embedded development using C++. The target hardware environment will be the Nintendo Game Boy Advance. This hardware target is supported by an open source toolchains, a free emulator and a rich user community. Some of the topics to be covered include: * How does the compilation environment differ for embedded systems? * How do I unit test code written for embedded systems? * How do C++'s lightweight abstractions help prevent us from making mistakes when targeting an embedded system? [97]

Understanding OAuth2.0
Talk by Mark Horstmeier in 300C - Programming (50 minutes)

As a developer, access to APIs and resources provided by Google, Twitter, Facebook, and many others can provide a breadth of functionality and information that can enhance your product and save you time. The gateway to many of these resources is OAuth2.0 We will briefly discuss the benefits and use cases of consuming OAuth protected resources and then launch in to a general discussion of the OAuth standard and how you can write or use an OAuth client to gain token based access to these APIs [161]

Open Source or Public Artificial Intelligence APIs: Amazon
Talk by Jason Herndon in 300D - Programming (50 minutes)

Amazon and Google have open source, or low cost, artificial intelligence platforms that allow you to process spoken word, images and a ton of other cool stuff. This talk will serve to highlight current product offerings by each of the big companies (Amazon, Google) as well as containing a sample of what each service can do and sample code for each developer to hack on. This talk is part two of a two part series which covers Amazon's product offerings. Topics covered: Amazon Lex Amazon Rekognition Amazon Polly Amazon Machine Learning [85]

Fantastic Testers and How to Hire Them
Talk by Craig C Randall in 400 - QA/CI (50 minutes)

One day you realize that your testing workload is just too great for your current team size to handle, and you’re going to have to embark on the recruiting train; an overwhelming proposition, particularly for those new to making the trip. Hiring new testers is critical to protecting existing team members from burnout and to cover the volume of testing needs. What makes a good tester? What is a good interview process? What questions should I be asking candidates? How long should the interview last? How do I make the best hire for the team and the company? I can’t really tell you the answers, but I can walk you through the process that has helped me hire the best QA team I’ve ever worked with. [262]

Xamarin: Build you a Mobile App
Talk by Tod Hansmann in EH2 - Mobile (50 minutes)

C# is now open source, Xamarin, the cross-platform runtime for building mobile and desktop apps in C#, has followed the open source path as well. Let's take an overview of how to build a mobile app using some of its core concepts. You'll only need to know some basics on how C# works and how mobile apps are run. We'll explore everything you need to know about Xamarin to get started. [45]

How to be a manageable software engineer -- and like it!
Talk by Jerome Broekhuijsen in HALL1 - Geek Life (50 minutes)

Our relatively young industry is full of stories of "cowboy coders", "lone rangers", "mavericks", and a host of other labels for individuals who worked alone and became legends. For each "legend", there are many thousands of software engineers who are destined to be working for someone else -- to have a manager. To survive (and, ultimately, flourish) in a managed environment, you'll need more than just your technical chops -- you'll have to develop a set of "soft" skills that aren't taught in our formal institutions and programs. You'll need to gain an honest assessment of your potentials, figure out what makes you happy, and then develop a long-range perspective on how you can get what you want in the context of having a manager. This talk is the culmination of nearly 3 decades of experience as both an engineer and a manager. At different stages in my career as an engineer, I've been both manageable and unmanageable; and I have been the manager of the manageable and the unmanageable. I will share my perspective on my successes and failures, and will present some guidelines to help you maximize your happiness as a manageable software engineer. [172]

Security considerations when deploying a Linux web server hosting a website
Talk by Brian Karney in HALL2 - Security (50 minutes)

It is easy to stand up a Linux web-server running any number of CMS or eCommerce frameworks. But the ease of standing up an instance also comes with compromises to security of the system due to open by default configurations and lack of understanding of how to properly secure the system. This talk will cover the key areas you should consider when securing your Linux web server from Operating system, applications stack, and Website perspective. What are some of the risks of doing nothing and steps to help secure your Linux environment before, during, and after deployment. [392]

Data-driven Postmortems
Talk by Jason Yee in HALL3 - Business (50 minutes)

The DevOps movement has not only influenced the tools we use in modern development and operations engineering, but also how we work. As part of how we work, DevOps has changed how we respond when systems inevitably stop working or don't work as expected. This session will provide methods and techniques for gathering information and effectively using that information to avoid and mitigate failure in the future. I'll cover best practices for gathering systems-related data, including monitoring and logging. This session will also cover practices for gathering and recording people-related data; including methods we can adopt from police, accident investigators, and other safety management professions to learn the most from incidents. After discussing how to gather data, I'll discuss how we can use the data to formulate actionable response plans and how to adjust existing organizational practices to avoid repeating failure. I plan to keep the technical portions of this talk at a novice level so that it's accessible to both developers/engineers and those in non-technical roles who will be involved in incident response. [270]

OpenWest Women's Summit in General (3 hours, 50 minutes)

ROOM HALL1 Wednesday, July 12 at 6p the OpenWest venue will open for a free women’s technology summit. It will feature conversations about several important topics including: Breaking into the Industry, Imposter Syndrome, and other topics that many women commonly face. The discussions will be more of a conversation and less of a formal presentation. The summit will also feature HR from several local companies that are interested in hiring attendees. We are currently coordinating our efforts with many of the state’s women organizations including: Women Tech Council, Girl Develop It, Braid and will be reaching out to other groups. Babysitting will likely be provided.

Thursday 13th July 2017

Morning Meditation (Yoga) in General (1 hour)

Provided by VSchool, Morning Yoga will be conducted by __ and will feature breath control, meditation and other practices to help attendees start out their day well.

PCI Community Meeting in General (50 minutes)

(for executives)

Welcome in General (15 minutes)

Welcome to OpenWest Day 2

A Bug in Your Ear: Patching the People Side
Keynote by Deb Nicholson in General (30 minutes)

You notice a bug (problem or opportunity for improvement) and then you put a bug (metaphorical insect) into someone's ear. Most people don't like bugs (actual insects) so have you successfully bugged (bothered) them or have you done A Good Thing? Open source is great and the people are great, but... we could still stand to fix a few things around here. So, when you find yourself with access to someone who could make things better for people who don't feel comfortable speaking up, how do you use this power in a way that contributes to real improvement without eclipsing other people's input? The best way to start a bug report is with a description of the expected or desired behavior. Filing great bug reports on the people side that leave you, your project and the wider community in a better place requires just a little additional finesse. Maybe you'll let me put a bug in your ear about it?

Diversity in Open Source: No Longer at Square One
Keynote by Marina Zhurakhinskaya in General (30 minutes)

Open source overall remains remarkably undiverse, with the latest GitHub survey finding about 3% women contributors, but communities that are making an effort to improve diversity are seeing results. Learn about several major efforts over the last seven years that have had an impact: Outreachy, the Ada Initiative, Python community outreach, the Women in Open Source Award sponsored by Red Hat, and the Open Source Day and Track at the Grace Hopper Celebration of Women in Computing. Hear about emerging trends, such as efforts being made to reach people from a broader set of underrepresented backgrounds and the establishment of paid positions and consulting opportunities for people working to improve diversity and inclusion in open source. You will leave with a good grasp of the history of diversity efforts in open source and inspiration to connect with at least one of them!

Using PostgreSQL as a document store (instead of MongoDB)
Talk by Thomas Hansen in 200A - Data (50 minutes)

A new field type named [JSONB]( was [introduced in PostgreSQL version 9.4]('s_new_in_PostgreSQL_9.4#JSONB_Binary_JSON_storage) which makes it so you no longer need to choose between a relational and document data store. Like mongo, this field can store arbitrary json data so you're not slowed down by complex schemas, but they also allow joins and indexes so you have those relational databases features when you need them. In this talk, I'll cover how to use JSONB field type and compare its usage to the basic MongoDB features. I'll explain the advantages and pitfalls that I've seen from using these fields so you can decide what will work best for you. No knowledge of MongoDB will be necessary to understand the talk, but familiarity with SQL will be helpful. [304]

Introducing Linch-Pin: Hybrid cloud provisioning using Ansible
Talk by Clint Savage in 200C - Cloud (50 minutes)

Linch-Pin is a hybrid cloud provisioner, written in Ansible which provides tooling for provisioning any cloud provider, including multiple clouds at the same time. This presentation will cover the basic provisioning process in Linch-Pin. The inventory generation will also be covered, as this is very useful when configuring the provisioned nodes. Other features will be covered as the project should release a 1.0.0 version before the presentation would be given. These features are extensive and may affect what gets discussed in the presentation. Linch-Pin currently supports Openstack and Rackspace, Google Cloud Engine, Amazon EC2, Libvirt, Beaker, Duffy (CentOS CI Provisioner). More coming soon. [105]

Advanced Search and Replace -- Hands on with regular expressions
Talk by Kyle Waters in 200D - Tools (50 minutes)

An introduction to regular expressions with live hands on examples of common uses. Attendees are encourage to bring their laptops with a regex capable text editor(gedit, notepad++) and the demo file:

Implementing OAuth2.0
Talk by Mark Horstmeier in 300A - Programming (50 minutes)

Facebook, Google and Twitter have made OAuth a common standard in API authentication, but not all OAuth is created equal. The authorization code (server side) flow is the closest OAuth2.0 implementation to the OAuth1.0a specification and provides the *most* security. While you may not need to write your own OAuth server, understanding the fundamentals will help you navigate the OAuth client dance which is base requirement to consuming API resources from Google, Facebook and many other services. I will show you the structure of an OAuth2.0 server implementation which leverages the Apache HTTP authentication handlers to provide token based access to sensitive resources. [160]

C++17: Another big shift for coding in the modern world
Talk by Greg Hodgson in 300B - Programming (50 minutes)

The standard was just updated last year and many new features await the hungry C++ programmer. Some features are purely syntactical and allow convenient , efficient, and easily maintainable ways of expressing code, while other features have inducted in more heavily used libraries from boost. We will cover most if not all of the features universally supported by the major three compilers(gcc,clang,vc++) with some code examples. [388]

Building Zero Trust Computing Applications Using RAET
Talk by Samuel M Smith in 300C - Programming (50 minutes)

RAET (Reliable Asynchronous Event Transport) Is an open source UDP based protocol for secure communications. It is based on the best practices open Elliptic Curve Libsodium library. Essential to Zero Trust computing is end-to-end encryption and signing. RAET uniquely provides a peer-to-peer version of the CurveCP key exchange protocol. This talk will show how to use RAET with different asynchronous execution frameworks including python3 async/await, asyncio, curio, tornado, gevent, and ioflo. This talk will provide an overview of Zero-Trust Computing and how it enables new distributed application architectures. [202] Slides at

Using Open CV to solve a real world problem
Talk by John Harrison in 300D - Programming (50 minutes)

OpenCV allows you to process photos in new and exciting ways. This talk is a real-world use case of the software: building a diagram recognizer for Lucidchart. Our goal was to create a system that would allow a user to take a photograph of a flowchart on a whiteboard and create a Lucidchart diagram from that photograph. We were able to achieve this goal but decided to not commercialize the system. I will discuss the challenges faced, the capabilities of the system, and the real world limitations. [155]

Intro to ROS/ROS2
Talk by Brad Baillio in EH2 - Hardware (50 minutes)

In the robotics community, the Robot Operating System has been growing and flourishing for 10 years as a way to unite the repetitive and hard issues to bringing robots online. It is an online community of innovators dedicated to pushing robotic and AI technology to the next level. We will discuss the ins and outs of ROS and the impetus for and impending release of ROS2. [253]

How to Solve Problems & Understand Any Topic
Talk by Jessica Mauerhan in HALL1 - Geek Life (50 minutes)

Software Engineering is all about solving problems - we write software to solve some problem. So why are we so often frustrated by debugging our code or adapting to change? When confronted with a challenge or a new technology, do you know how to attack that problem and actually learn from it, coming away with a complete understanding of a new concept? Over the past 15 years, I've been teaching myself and then others how to write software, and I've discovered there's so much more to being a good engineer than knowing a language - what we really need to know is how to learn and adapt. Everyone learns differently, but I'll share the techniques I've used to go from a self-taught teenager writing crappy HTML and PHP 4, to making a real career out of solving problems with software - and enjoying the challenges that come along with programming. [90]

5 Ways You Can Keep Your Browsing History Private
Talk by Seth Johnson in HALL2 - Privacy (50 minutes)

5 Ways You Can Keep Your Browsing History Private =========================================== Why should I care about my browsing history? -------------------------------------------------------------- Earlier this year Congress voted to erase landmark broadband privacy protections. Your browsing history is now effectively up for sale. What can I do? ------------------------ What should you do? What can you do? Your news feeds may have discussed the option of VPN, but either did not go into any details or simply stated that is not an effective solution. What to expect -------------------- In this presentation we will review (at least) five different ways to reduce or eliminate this risk. We will implement these methods **hands-on** so you can know how to use them. We will also discuss the benefits and consequences of each method. At the conclusion of this presentation **you will know how to keep your browsing history private**, as well as how to choose the method for doing so that suits you best. [290]

Mythbusting: Big Foot, Essential Oils and Design Thinking
Talk by Patrick Cox in HALL3 - UI/UX (50 minutes)

We can still have fun debunking myths even thought we can't blow up concrete trucks, built giant Lego balls or play tennis on the wings of moving aircraft. The design culture is riddled with myths, legends, theories and assumptions that even the grizzled designer can get caught up, "Aesthetics are not important if you have good usability", "Usability testing is expensive" and "People don't scroll" to just name a few. But people never read on the web anyway so I'm sure you didn't make it this far. [346]

11:30 Database Semantic Layers
Talk by John Kerley-Weeks in 200A - Data (50 minutes)

Semantic layers put usable human-interface layer on top of complex databases allowing business users to more easily explore data for more effective decision making and build reports with limited technical background. Additionally users can be provided limited access control to a variety of views of the database to provide secure access to vital information. [386]

Fox in the Henhouse - Dev vs Ops
Talk by Brandon Gillespie in 200B - Ops (50 minutes)

Devops is a multi-colored challenge faced by everybody. What does it mean to you? Do you understand the difference between dev-owned operations and Devops? How does continuous integration and continuous delivery relate to Devops? Can one do Devops and also meet regulatory compliance? What makes you a good Devops person? The discussion will include experiences shared from big enterprises to small startup systems. [65]

Hybrid Cloud Ops - Using ManageIQ to manage mulit-cloud deployments and automate deployments
Talk by Brandon Johnson in 200C - Cloud (50 minutes)

ManageIQ is the upstream project for the CloudForms product provided by Red Hat. ManageIQ has the ability to manage multiple Cloud and Infrastructure providers such as Amazon Web Services, Google Compute Platform, VMware, Red Hat Virtualization, HyperV and OpenStack. ManageIQ provides a common operating model to manage services running in those enviornments and automate deployments using native automation like CloudFormations or use the CloudForms automation model using Ruby or Ansible. [109]

Starting From Scratch - Vim Basics and Configuration
Talk by Adam Harris in 200D - Tools (50 minutes)

Vim is pretty powerful out of the box, but it's even more powerful when you configure it. In this talk, I'll start out with no configuration and demonstrate some vim basics. Then, I'll start adding more and more configurations to make vim more powerful. I'll also start adding plugins for even more functionality. By the time you leave, you'll be able to start using vim for your day job. [136]

Advanced Python Testing
Talk by Nathan Stocks in 300A - Programming (50 minutes)

Have you ever wondered how to: - run tests in parallel to make you test runs fast? - isolate your unit tests with mock objects? - run integration tests? - do continuous integration? - use Green's advanced test-running features? I will go over these topics as well as other advanced python testing tips and tricks. [122]

Scripting vs. Programming
Talk by Spencer Christensen in 300B - Programming (50 minutes)

There are some generalizations on what “scripting” means versus what “programming” means. In this presentation we will discuss some common perceptions: Scripting often described as: poorly written, not well thought through, not scalable, not enterprise, not readable, not testable, one-off, not reusable, “quick get-it-done work”, not versioned, not readable code, not robust (doesn’t handle errors well), etc. Programming often described as: uses proper version control, uses debugging tools, syntax checkers, testable, unit testing, frameworks, reusable code, libraries, ecosystems for language/tools, "serious work", enterprise ready, readable, documented/commented, robust (proper error handling), etc. Why the difference? We'll discuss factors like: people's own biases, expectations, and assumptions. Perhaps they should be more alike than we think. Perhaps they *are* more alike than we think. Scripting can and should be approached like any other programming work. Programming can and should be simple and flexible like scripting. We'll also explore some common traits for all good code regardless of the language it is written in, including coding standards and practices, design patterns, and simplicity vs. complexity. [206]

How API First Worked For Us
Talk by David Stockton in 300C - Programming (50 minutes)

Over the past few years, we've built an application that helps voters know where their ballot is in the voting process. From the inception of the project, we've gone with an API-first approach, ensuring that every bit of functionality that the site enables was accessible and controllable via APIs. This lead to an architecture that allowed us to build a native iOS application using our APIs in about two months. In this talk, I'll explain how we went about building the application with an API-centric development process, and how that allows for possibilities that we hadn't conceived of when we started out. [286]

Tools of modern JavaScript projects
Talk by Kent C. Dodds in 300D - Programming (50 minutes)

The cry of JavaScript fatigue still echoes in the minds of developers everywhere as they try to wade through the waters of outdated blog posts, tutorials, Stack Overflow answers, and GitHub repos. Just when things seem to start settling in JavaScript, something new comes to shake things up a little bit. I’ll be you tour guide as we navigate through the tooling set up of a modern JavaScript project that’s leveraging these tools in a way that actually enhances the experience of users using the project and developers working on it.

How to defuse a bomb… Wait, I mean a bug
Talk by Michele Campbell in 400 - QA/CI (50 minutes)

Have you ever felt the incredible pressure of trying to get a story tested in a very short deadline? Sometimes it may even feel like you are trying to defuse a bomb. You know it needs to get out, but you are stressed about that bug hiding and waiting to explode right when the end user gets it. This talk will walk you through some useful processes like pair testing, regression testing, and exploratory testing to help you test faster and get a better product to your users. [69]

A "Smart", "Dumb" Doorbell with Raspberry Pi.
Talk by Derek Carter in EH2 - Hardware (50 minutes)

Use a Raspberry Pi and a handful of small electronics to update your old "dumb" doorbell to an IoT connected "Smart" doorbell. * How to connect a doorbell to a Raspberry Pi. * Hardware needed * Software needed * Smart doorbell features * send events * filter events * Dumb doorbell features: * use your old ringer [237]

Never Accept the First Offer
Talk by Tiberius Hefflin in HALL1 - Geek Life (50 minutes)

We’ve all been at the negotiation table, whether we choose to participate or not. It’s easy to avoid this short lived discomfort, but doing so can cost the average person around $500,000 in lost income over the course of their lifetime. Making the decision to negotiate is the first step - this talk will help with the rest. [324]

Friends Don't Let Friends Browse Unencrypted: Running a VPN for friends and family
Talk by John Anderson in HALL2 - Privacy (50 minutes)

SLIDES: In late March 2017, Congress passed a law making it possible for your ISP to sell sensitive private information about their customers -- including their detailed browsing history. Interest in VPN services immediately spiked. But using a VPN doesn't actually solve this problem, it just pushes it further downstream -- because there's nothing preventing your VPN provider from doing similiar undesirable things. That's not to mention that more than half the VPNs in the Google Play store don't actually encrypt your web traffic. So, how are you going to protect yourself? More over, how are you going to help your less technically sophisticated friends and family protect themselves? Chances are, if you're at this conference, you have the technical skills to set up and run your own VPN service, which you can also make available to friends and family. (There's even a chance that all of you using the VPN together might provide better cover for your collective privacy.) Attendees at this talk will learn about various Open Source alternatives that simplify setting up a VPN. The talk will discuss the pros and cons of hosting this VPN service within the US, versus outside the US. Enabling the VPN on a per-computer basis versus a whole network approach will also be discussed. Other, related, privacy-enhancing services (such as centralized ad blocking) will also be covered. With great nerdery comes great responsibility -- come learn how you can help yourself and your friends and family preserve their privacy! [335]

Culturally Aware Design
Talk by Jeff Beatty in HALL3 - UI/UX (50 minutes)

A recent study by the Nielson Norman Group exposed some interesting trends concerning the cross-cultural distribution of users' computer skills around the world. In this session, we'll review how can culture impact the way you design software and what you can do to define your target audience and develop to their needs, no matter where they are in the world. [3]

Lunch + Learning: Business for Engineers
Event Related by John Richards in General (1 hour, 20 minutes)

Concessions stands and food trucks available on site, along with nearby restaurants. Discussion will begin at 12:45pm. John Richards explains equity, points and other issues present in startups and how they relate to the technologist.

14:00 Smart Apps : How to add Artificial Intelligence into your software
Talk by Bob Davis in 200A - Data (50 minutes)

It is commonly said that software is taking over the world, soon Artificial Intelligence will be enhancing the capabilities and user experience of all software. Last year, Eric Schmidt said that rapid eval, cloud computing and machine learning "will be the basis and fundamentals of every successful huge IPO win in 5 years." ( If you're not using machine learning yet, come join us to see how to get started and take advantage of the myriad of open source tools available. We'll cover what is needed to implement machine learning successfully as well as the broad range of plug and play services already available. [332]

Protecting your data with ZFS
Talk by Joseph Brower in 200B - Ops (50 minutes)

This presentation will introduce participants to ZFS, a filesystem designed to be robust and flexible. After participating in this talk, everyone should know what ZFS is, good use cases for implementing such a system, caveats, and have a basic familiarity with a few tools and platforms that leverage ZFS. [223]

From 0 to Swarm in an automated fashion
Talk by Mike Anderson in 200C - Cloud (50 minutes)

With Docker 1.12, the docker team introduce Docker Swarm mode and has continued to enhance it in current releases. It simplified creating a clustered, robust Docker environment for running a set of Docker containers across several machines (virtual or otherwise) similar to what docker-compose did for a single machine. Unfortunately since this is so new, understanding how to set up a swarm and take advantage of it is still like black magic. In this talk we will walk through using Vagrant and Ansible to stand up a reference swarm and some associated infrastructure and talk about some of the strategies used to make this reproducible in other environments. We will then deploy some services (containers) into our swarm and review the different options to enable keeping our services and the swarm healthy, current and available. [179]

The Unlearned Lessons of Vim
Talk by Ethan Payne in 200D - Tools (50 minutes)

Vim has intrigued you in the past, but let's be honest, it's not an easy thing to learn. You've been trying to use Vim just like you would any other editor, but the unfamiliar keybindings are always off-putting. Why is it so hard to wrap your head around Vim? Vim isn't like other editors- so you mustn't approach it as one. Traditional editors provide stand-alone commands to perform isolated actions. Vim's philosophy encourages you to combine simple tools in interesting ways. I will introduce you to this mindset of using a small set of provided commands to construct the action you need on-the-fly. Not only will this allow you to better incorporate the Unix philosophy into your life, it will make you a better programmer. [328]

A Crash Course in Functional Programming
Talk by Stephen Rollins in 300A - Programming (50 minutes)

What is functional programming, and why should you care? Functional programming at its core is programming without side-effects. It is a powerful coding paradigm that makes programs easier to reason about. It provides many benefits, including easier parallelization and memoization, and encourages null-safe programming. Functional programming does not have to be restricted to only be used in functional languages: the concepts and benefits can be applied to any system. In this talk, I will present a high-level overview of functional programming suitable for beginners. I will cover key ideas that make functional programming shine, discuss the pros and cons of functional programming, and share ways to apply functional programming concepts to our daily coding or imperative language of choice. [47]

Taking Your App International: 8 Things You Should Know Before Making the Leap
Talk by Dmitry Pashkevich in 300B - Programming (50 minutes)

You’ve done it. You’ve successfully created an app that’s worth sharing with the rest of the world. But going international requires much more than an optimistic attitude and Google translator. A half-translated application that speaks to consumers like a robot won’t do your product justice or get you the business you need. The internationalization of apps is more than just mapping a list of strings from one language to another. In my presentation, I’ll cover the hard questions every product team should ask before tackling international markets. For example: * Are you accounting for pluralization rules in different languages? * Is your system flexible enough to handle a different order of words? * How do you handle differing date and number formats? * What do you do about strings in your database that need to be translated? Coming from a team that’s just internationalized a massive diagramming web application used by over 8 million people worldwide, I’m confident this presentation will teach you a thing or two. [255]

Scaling the Unscalable
Talk by Clint Goudie-Nice, Matt Ryan in 300C - Programming (50 minutes)

How do you go about scaling an application that wasn't designed for horizontal scale? There comes a point in time when you realize that meeting your customer's demands requires that you figure out how to make your product scale horizontally. And for anyone who has faced this prospect, you know that scalability is not a feature you just bolt on like another web API endpoint. If your product wasn't designed for scalability from the beginning, you are probably facing a massive architectural overhaul to get there. How do you accomplish this feat without completely rewriting the product? Learn from a team who is in the middle of this transition right now about how to identify your gaps, prioritize your work, and even re-envision the purpose of your product to meet scalability demands. In this presentation we will review how we determined we needed to add scalability, and what type of scalability was needed. We will talk about how we determined the problem areas that most needed scale and which obstacles we face to get to where we are going. We will discuss strategies for getting the business side to buy-off on taking the next steps. Since we are in the middle, not at the end, we will also cover the things we haven't done yet and our strategy for addressing these things - including simply waiting a year or two, and why that might be a good idea. Finally, we will talk about what might be most important: How stepping back and taking a fresh look at your product from a high-scale point of view might help you make fundamental changes to how you envision your product as a scalable offering. [184]

Command-line Perl for the shell
Talk by David Oswald in 300D - Programming (50 minutes)

Bash is powerful. But part of the power of Bash is its ability to link together the power of other tools such as sed, grep, find... and even Perl. If you have this feeling that there may be a lot of power useful to the shell locked away in the mysteries of Perl your suspicions are correct. Shell users are divided into two groups; "those people" who know how to invoke Perl usefully from the command line, and everyone else. Together we'll try to demystify Perl's use on the command line so that you, too, can learn to be one of "those people." This talk should be generally useful not only to Perl developers, but also to anyone who spends time in a shell. [294]

Why we can't have the Internet of Nice Things: A home automation primer
Talk by Sean Dague in EH2 - Hardware (50 minutes)

The internet is a vast connected network of computers that has become an essential utility in all our lives. Add to that arrays of sensors and actuators which interact with the physical world, and you have the Internet of Things. One very tangible manifestation of this is the connected / smart home. But all this technology is nascent, and dozens of competing standards exist. This talk is going to look at where we currently stand with IoT when it comes to the realm of home automation. It will explore the standards and vendors at play, the approaches you can take, and the battle for your home that will play out over the next decade. And just when you thought all was lost, we'll introduce you to Home Assistant, and open source community that's emerged as our next best hope to working solutions in this space. [209]

Internet Archive: Universal Access. Open APIs.
Talk by VM Brasseur in HALL1 - Geek Life (50 minutes)

With tens of millions of items in its collections, Internet Archive is one of the largest libraries in the world. It provides free and open access to all of its materials to anyone with an internet connection, making it a treasure trove for researchers, historians, and curious individuals. Of course, having a collection that large doesn’t help anyone if it’s difficult to access. To help with this, Internet Archive has released a number of open APIs and tools to allow people to upload and download items, as well as data mine the metadata for the entire collection. In this session I will: * Give you a tour of Internet Archive and its collections * Introduce you to the APIs and tools you can use to access and contribute to the Archive * Show examples of how other people and institutions are using the Archive [214]

Designing for Your Users: How to Create a Better User Experience
Talk by Clarissa Peterson in HALL3 - UI/UX (50 minutes)

As a developer, you usually have detailed designs, wireframes, mockups, and other documents by the time you start working on a website. But even with that start, you often have to make decisions that will affect the usability of the finished site, such as choosing appropriate input types, maximizing performance, and including accessibility features. Learn to think like a user and uncover usability problems that might not be apparent at first glance. Hear some tips make your site more usable and accessible. User experience isn't just for designers to think about: everyone who works on a website has the opportunity to make the user experience better. Even little changes can make a big difference. [168]

Creating an Open Source AWS Athena
Talk by Jowanza Joseph in 200A - Data (50 minutes)

AWS Athena is a service that allows on demand queries of data stored on Amazon s3. It allows users to separate compute and storage by storing data on s3 at a low cost and querying it on-demand using Presto at a fixed cost. The separation of compute and storage reduces costs and helps to optimize each layer independently. In this talk I will walk through how to create a completely open source alternative to AWS Athena. I'll do this using PrestoDB, Apache Spark and OpenStack Swift. We'll walk through the operational set up, and advantages of this architecture versus more traditional big data architectures. [147]

Using Metricbeat and the Elastic Stack to monitor your systems
Talk by Aaron Mildenstein in 200B - Ops (50 minutes)

Metricbeat is one of the newer members of the Beats family. You can use Metricbeat to monitor individual CPU, disk, memory, and per application statistics, but you can also use it to measure and monitor the performance of: * Apache * ceph * Couchbase * Docker * HAProxy * kafka * MongoDB * MySQL * Nginx * php_fpm * PostgreSQL * Prometheus * Redis * ZooKeeper Metricbeat comes with some built-in dashboards for Kibana so you can get started visualizing the results in a flash! This talk will start by going over basic principles, and then move a full live demo from scratch, installing all the necessary components (Metricbeat, Elasticsearch and Kibana), so you can see how easy it is to get started and get results on your own. [301]

A DevOps State of Mind with Kubernetes
Talk by Chris Van Tuin in 200C - Cloud (50 minutes)

A DevOps State of Mind with Containers and Kubernetes Rapid innovation, changing business landscapes, and new IT demands force businesses to make changes quickly.  In the eyes of many, containers are at the brink of becoming a pervasive technology in Enterprise IT to accelerate application delivery.  In this presentation, you'll learn about the            • The transformation of IT to a DevOps, Microservices, and Container based Architecture            • How DevOps practices can operate in a container based environment            • How Kubernetes can reduce software delivery cycle times, drive automation, and increase efficiency            • How other organizations are using DevOps + Containers and how to replicate their success  Also, a demonstration of automated container builds and pipelines, running Jenkins CI on Kubernetes, and continuous deployments of containerized applications with Kubernetes. [175]

Understanding Docker for Development
Talk by Jessica Mauerhan in 200D - Tools (50 minutes)

Docker is often lauded as a tool for deploying and running applications - but it's also extremely useful for your local development process. Whether you've never used Docker, or you've been using it for a while but aren't quite sure how it all actually works, this talk will give you an in-depth understanding of Docker and how to use it locally. We'll cover creating your own Dockerfiles, building, tagging and pushing images, running containers, networking multiple containers with Docker Compose and debugging your setup. [89]

Effective Architecture
Talk by Jeremy Mefford in 300A - Programming (50 minutes)

In this day of agile development and continuous delivery, curating and maintaining a holistic, strategic architecture can be incredibly challenging. With the demand of agility from the business, there seems to be less and less time given to teams to design up front. How can we keep our systems robust with these pressures? How can we keep the business running efficiently long-term when every team is creating their own solution? From political navigation, to design implementation and governance, architecture is a critical component. We will discuss strategies about how you can help, no matter what your role in the organization is. [296]

A beginner’s guide to ASTs
Talk by Kent C. Dodds in 300B - Programming (50 minutes)

Think of the last time few times you found a bug in your JavaScript. Could you have prevented any of these with a specially tuned custom ESLint rule? Chances are you could have for some of them. Now think of the last time you had to make a trade-off between user experience and developer experience. Should you make it easier to develop this feature, or make the code run faster? Often, you can have both with a custom BabelJS plugin. Learning about Abstract Syntax Trees enables you to do extend tools like ESLint and BabelJS to improve your developer experience without sacrificing on user experience. If you’re intimidated, confused, or curious by the term “Abstract Syntax Tree” then this talk is for you. In this talk, you’ll learn the basics of parsers and the AST that they produce. You’ll also be exposed to practical applications of this knowledge by working through a custom ESLint rule and BabelJS plugin. I hope you’re not afraid of code and graphs. There will be plenty in this talk. Abstract Syntax Trees are… well… Abstract. We’ll use graphs to visualize the tree and code to see the practical application. [361]

Scheme: the reason your programming language has any redeeming qualities at all
Talk by Erik Falor in 300C - Programming (50 minutes)

"A language that doesn't affect the way you think about programming, is not worth knowing." -- Alan Perlis Take a step towards enlightenment by exploring Scheme, a practical and simple dialect of LISP. This talk will demystify those concepts functional programming novices find the most confusing, giving you a whole new way of thinking about programming. When you let go of the imperative programming habits ingrained in your mind you, will realize that not only is there no spoon, but it's recursion all the way down! After returning from the dizzying heights of an unboundedly recursive function call (without exhausting the stack), you will find that your Kung-Foo has become strong enough to power through the mundane "challenges" everyday languages present you. The LISP family of languages are the among the oldest languages in active use today. Learn why today's hottest languages are still trying to catch up to the granddaddy of functional programming. [140]

Putting the Third Dimension in Wolfenstein
Talk by Ben Fillmore in 300D - Programming (50 minutes)

Wolfenstein leapt into the world of 3D in 1992. The software ran on computers weaker than my watch. How did they manage it? In this talk we will go over the theory of a ray casting first person shooter engine, and program a working version in JavaScript. [373]

Quality Assurance? Who needs that!?
Talk by Konnor Willison in 400 - QA/CI (50 minutes)

Ever wonder what would happen if your organization got rid of the quality team? Positions that are dedicated to quality assurance, what if we didn't have them? We are going to explore this idea of 'hybrid engineering' (where everyone owns quality). What are the pain points of switching to this model? What does the organization stand to gain? What does this mean to you as an employee? Lets take a deep dive into the idea of removing dedicated quality assurance positions. [59]

The Air up Here
Talk by Brad Midgley in EH2 - Hardware (50 minutes)

Utah has a serious air quality problem. Working on this problem is a perfect place to find an intersection between the work of citizen scientists, activists, hobbyists, and maybe even politicians. At MakeSaltLake, we are building a device that uses a beautiful little board called the esp8266 to connect to whatever wifi is nearby and make and deliver measurements constantly to a server. It's paired with a PM2.5 sensor that forces air through a chamber and points a laser through it to detect just how breathable the air would be. The resulting data is sent to a message queue on the internet and eventually compiled and analyzed. We'll look at the devices, programming the firmware, and data collection all with the goal of making it usable enough to interest people in getting involved at a large scale. [100]

The Truth About Mental Health and Software
Talk by Georgette Stormont in HALL1 - Geek Life (50 minutes)

A misconception is that mental health is only a concern for people with an active diagnosis or in a crisis period in their lives. The truth is that mental wellness is just as important, if not more so, than physical health and affects all people in some way during their lives. There’s no way to avoid mental health and illness being a factor in the wellbeing of your workforce, but there are ways to avoid letting cultural bias create a toxic environment for mental health. I will be giving information on what mental health is (as well as mental illness), providing ways tech companies can subvert bias and better care for their employees, as well as talking about how to navigate living with mental illness while working in tech on the individual level. [250]

Strategies for Successfully Integrating UX Design with Agile Development
Talk by Jerome Broekhuijsen in HALL3 - UI/UX (50 minutes)

UX Design and Agile Development often have a rocky co-existence. Both are needed to produce successful, usable software, but many attempts to integrate the two have failed, leading to frustration, cost, and failed products. In this talk we explore integration strategies which have succeeded in producing harmonious and synergistic results. We begin by examining the goals, methods, and temperaments of the two camps; on the surface the differences may seem insurmountable, but a deeper analysis shows areas of common ground. We then present specific strategies which leverage this common ground and produce the high potentials of both UX Design and Agile Development. We will leave a little time at the end of the talk for a lively discussion among practitioners in the audience who can share their recent experiences and techniques. [170]

Writing Plugins For The Elastic Stack
Talk by Tal Levy in 200A - Data (50 minutes)

The Elastic Stack consists of a few systems: Elasticsearch, Beats, Kibana, Logstash. In this talk, you will learn how to build plugins that span these products to form a cohesive user experience for custom analytic applications built on top of the stack. We will walk through what it looks like to write Logstash plugin, Elasticsearch plugins, beats, and Kibana plugins. [119]

Beyond Config Management with Salt
Talk by David Boucha in 200B - Ops (50 minutes)

SaltStack is a system management platform written in Python. In this session, we will assume basic system administration skills and a familiarity with common DevOps concepts. We will briefly review a couple architecture layouts, but will quickly jump in to Salt's advanced features. Specifically we will discuss Salt's Beacons for system monitoring, Salt's Event system, Salt Reactors, as well as Salt-API (Salt's native REST api). We will do a live demo of using a Salt Beacon to send Salt Events when there is a system change and display that change on a dynamic dashboard that watches Salt's Event Bus for certain messages. The audience will be able to participate by sending events to this Salt demo server from their cell phones and see them displayed live on the dashboard. [359]

Zero to Cloud in 1 Hour using the Google Cloud
Talk by Robert Aboukhalil in 200C - Cloud (50 minutes)

This talk is a deep-dive into the Google Cloud, aimed at developers who are new to cloud computing (or AWS users considering the switch). In the first part of the talk, I'll discuss major pros/cons of AWS vs Google Cloud (we'll cover pricing, product diversity, and instance configurations). Next, I'll guide the audience through getting started with the Google Cloud and highlight important features, key concepts/jargon, and what to look out for when getting started. [279]

Beware the IDEs of March
Talk by Sam Duzett in 200D - Tools (50 minutes)

Development environments can be the subject of as much religious debate as programming languages (or religion, for that matter) and their number is ever-expanding. As tempting as it is to stick with whatever text editor or IDE you already know, there's a lot out there to choose from and just like programming languages, each has its own use case. From Vim to Visual Studio to "Smart" Editors, there's a lot of different environments that might just suit your workflow better than whatever you're using now. [58]

Programming With Scala Types
Talk by Gregg Hernandez in 300A - Programming (50 minutes)

Many programming languages offer strong static typing. Scala takes this a bit further and provides you with a Turing complete type system. This allows the programmer to express and enforce many constraints at compile time rather than at run time. This presentation will show you how to leverage Scala’s type system to create type-safe data structures that are impossible in many other statically typed languages. We will explore heterogenous lists, coproducts (also called union types), dependant types, and other concepts. Finally, practical applications of shapeless will be examined. [272]

Why WordPress: The case for Entrepreneurial Web Development.
Talk by Shaylee Hansen in 300B - Programming (50 minutes)

I’ve been working professionally as a Web Developer for a little over a year. In that time I’ve come to learn a few things. One of which is that WordPress is not the ugly redheaded step child that many web developers claim it to be. Honestly, I wasn’t a fan and I always preferred working with my dear Django. However, there was one problem that kept arising for me that Django couldn’t solve. It was this, WordPress had a CMS that was well known, very popular and easy to use. Django unfortunately, did not. Having worked for an agency that developed with WordPress and one that developed with Django, I was finally able to see the light and realize that Django isn’t the end all be all to web frameworks. Django is great for developers but WordPress is amazingly simple and intuitive for its users, users that could one day be your future clients In this talk I will go over why you should reconsider WordPress as your chosen web development framework of choice, what it can do for you the entrepreneurial web developer, and how to get started. [267]

An Architecture for Automony
Talk by Dave Adsit in 300C - Programming (50 minutes)

In the 5 years that I have worked as an architect at Pluralsight, we have grown from one team of 4 engineers to over a dozen teams totaling more than 100 smart, professional software craftsmen. During this time, we have also acquired more than half a dozen companies and disassembled a single [monolith]( into 40+ [bounded contexts]( with hundreds of independent microservices. Come to this talk to learn how we integrated .NET, PHP, Python, NodeJS, Ruby, and Scala into a single, functional product offering. Come to this talk to learn how we have embraced team autonomy to create an architecture that allowed us to deliver more than 60 new user experiences over the last year. Come to this talk if you missed our [presentation at The Leonardo]( or would like to see a longer version with more detail. [132]

Realtime client-server communication options for .NET
Talk by Brannon King in 300D - Programming (50 minutes)

Over my past few years at ASI, I've analyzed a number of open-source frameworks for communicating between .NET or Web clients and .NET servers. Our company has needed real-time options that can handle shaky communication scenarios. I would review these options, show some code from each, and show some performance numbers from each. Technologies presented: RPC, Pub/Sub, OWIN, WAMP, DDS, Websockets. Open Source Frameworks presented: WampSharp, SignalR 2, NetMQ, OpenSplice DDS, ASP.NET Core. [159]

The Misunderstood Art of Testing
Talk by Craig C Randall in 400 - QA/CI (50 minutes)

When your role at work is in Quality Assurance, you're bound to hear the question, "What do you do?" It’s a much more difficult question to answer than you would think because what we do in testing is fundamentally different from the rest of the company. Everyone in your company is responsible for creating something; a plan, a report, a forecast, or even the product itself. Testers, on the other hand, are responsible for helping to accomplish nothing; nothing to cause support tickets about, nothing for a sales demo to avoid, nothing for a CEO to have to apologize for. This different paradigm can make it difficult for managers to understand how we work, and it can lead to testers becoming little more than checkers. Let’s talk about why it’s important to champion how QA work differs and why “nothing” is so valuable to your business. [261]

Building a Better Thermostat
Talk by Matthew Treinish in EH2 - Hardware (50 minutes)

After returning from a recent trip that occurred during the middle of a heat wave. I arrived home to find my apartment quite hot, at least 45C inside. Needless to say it wasn’t the most comfortable way to come home after 15 days out of town, I decided it was time for me to do something about it to address this so I didn't come home to that unpleasant surprise again. Normally, this problem is solved by having a thermostat which controls the air conditioning. However, my apartment did not have a thermostat. So I decided to build one using open source software. This talk will cover how I went about solving my problem using existing software and protocols like home-assistant, MQTT, and also some new software that was created for this. It'll also discuss how using open software and home automation I was able to solve my issue but also make cooling my apartment smarter. [229]

Impostor Syndrome: Be Proud of Your Achievements!
Talk by Mark Niebergall in HALL1 - Geek Life (50 minutes)

Impostor syndrome can leave you feeling like you are a fraud and incompetent to be considered a professional in your chosen path. In reality, impostor syndrome is common and occurs when one struggles to internalize achievements and successes. Come feel a burden lifted when you realize that not only are you not an impostor, but you have actually succeeded in achieving something great. Hear about the experiences of others and how to overcome feeling like an impostor, and leave feeling confident in your accomplishments and skills. [35]

The Best Free Fonts and When to Use Them
Talk by Matthew O'Rourke in HALL3 - UI/UX (50 minutes)

As we’ve entered the open source era, we’ve also entered the open fonts era. With literally thousands of free fonts available online, virtually any style or look you hope to achieve can be accomplished with a simple download or two. But which style is right for your project? In order to make sense of the slew of options, it’s important to understand the classic fonts of traditional typesetting. The 10 “greats”, as I call them, represent the major movements in typeface design from Gutenberg to the present. Getting to know these classic fonts and their personalities will be enough to help you choose the right category for your project. [239]

PCI Community Meeting (regionwide) in EH2 - Hardware (1 hour, 50 minutes)


Key Signing Party in HALL2 - Privacy (50 minutes)

A key signing party is a get-together of people who use the PGP encryption system with the purpose of allowing those people to sign each others keys. Key signing parties serve to extend the web of trust to a great degree.

Utah PHP User Group: Review OpenWest Talks in 300A - Programming (45 minutes)

This is a special OpenWest meeting of the Utah PHP User Group. We will share our favorite things learned from OpenWest. You don't have to attend OpenWest to attend the meetup. Please come and share what you learned!

Utah Python: Asynchronous Python
Talk by Nick Humrich in 300B - Programming (45 minutes)

This is a special OpenWest meeting of the Utah Python user group. Come learn about asynchronous programming in python. We will talk about what asynchronous programming is, and what advantages it has. We will write our own event loop in order to understand more about pythons new asynchronous standard library “asyncio”.

PLUG: A Brief History of Open Source
Talk by Doran Barton in HALL1 - Geek Life (45 minutes)

This is a special OpenWest meeting of the Provo Linux User Group. Please join us! The open source movement is older than most of those who participate in it. How did we get here? Who paved these roads on which we travel? This multimedia-enhanced presentation will introduce attendees to some major players and milestone events that have shaped the community and the world in which we live starting in the 1950s leading up to the present day. This presentation is full of information and laughs.

OpenWest After Hours in General (5 hour)

Thursday, July 13 after 6p. Utah-wide, all communities party. Music, Nerf, board games, fun. All communities members, no ticket required.

Red Hat Hackathon in 200A - Data (4 hour)

Red Hat is hosting a Community Night and Hackathon on Thursday, 7/13 starting at 6pm! Come join us to learn more about the local Salt Lake City Red Hat Meet-Up group and how to get involved in the OpenSource community. We will also be hosting a Hackathon during the night that will show how an OpenSource project can give back to the community. Show up to learn more! Red Hat swag will also be raffled during the event!

Friday 14th July 2017

Morning Meditation (Yoga) in General (1 hour)

Provided by VSchool, Morning Yoga will be conducted by __ and will feature breath control, meditation and other practices to help attendees start out their day well.

Welcome in General (15 minutes)

Welcome to OpenWest Day 3

The year for Internet spying reform
Keynote by Kate Tummarello in General (30 minutes)

EFF Policy Analyst Kate Tummarello will walk through everything you need to know about Section 702 NSA spying. What it is, how it impacts your privacy, and why this is the year things might actually change.

Keynote by Dan Lawyer in General (30 minutes)


Intro to React
Talk by Jacob Evans in 400 - Beginners (50 minutes)

Dip Your Big Toe Intro React with V School's Jacob Evans This two-part course will cover the basics of using create-react-app-app. We will be making a static site using JSX ES6 syntax and introducing props and state to make basic apps. A great starting point for anyone interested in the wonderful world of React! [390]

Software Defined Storage : You know, storing all your rapidly growing stuff
Talk by Craig Gardner in 200A - Data (50 minutes)

Most people horde stuff. Lots of it. Think of your school papers, your music, your journals, your health care records, your taxes, your 'to-do' lists, etc, etc, etc....... Now amplify that thought by thinking of all the data that all companies, all governments, all service provides store. Not just today's companies, but yesterday's, and tomorrow's. What about the data that's generated about all of the data? How does all of this stuff get stored? How does it not get lost? How do we make recall and restore that data? How does storage capacity grow at the same rate of the growth of the data? Welcome Software Defined Storage. This presentation will describe how new storage technologies -- new approaches to storing large amounts of growing data -- is being developed and implemented to solve the STORAGE GROWTH problem. In the time that's allotted, I can't make you in expert in how it works, but I can make you aware of how the problem is being addressed, and how Software Defined Storage is the Storage Solution. [106]

Single-Node Kubernetes Cluster on Linode using Project Atomic
Talk by Derek Carter in 200C - Cloud (50 minutes)

Kubernetes isn't just for big clusters. I'll show you how to spin up a simple Kubernetes "cluster" on Linode with Project Atomic. We'll show you how to run containers on the same. [238]

Data Driven Development
Talk by Tyler Henkel in 300A - Programming (50 minutes)

Just having a good idea isn't enough to make your company the next billion dollar IPO. It's all about execution. How can we make sure the things we work on are having the impact we need to achieve the best ROI? The answer is to use data to drive your decisions. In this talk you'll learn practical ways you can implement Lean principles to validate decisions and build better products. We'll examine tools like VWO, Heap, and Fullstory, and how you can use them to develop a feedback cycle that will allow you to get the most ROI out of your projects [156]

The perils of .NET's Task.Run and how to avoid them
Talk by Brannon King in 300B - Programming (50 minutes)

.NET's Task libraries are powerful and handy, but they are easily abused. In particular, the thread pool provides no guaranteed execution ordering, which is critical for small, thread-safe state machines. I will show some abstractions (available in an open source library I wrote called Kts.Actors) that mitigate this issue. I'll also show some examples from MS's TPL Workflow package, which is similar. See I'll also discuss a small state machine example. .NET's async/await push has brought us awaitable socket connections. However, users like to see it in a four-state perspective: disconnected, disconnecting, connecting, and connected. How can you transition between these in a thread-safe manner? [174]

Programming in Bash for Fun and Profit
Talk by Christopher William Pitts in 300C - Programming (50 minutes)

Bash, the Bourne Again SHell, is an sh-compatible shell incorporating useful features from the Korn and C shells. It is the default shell in GNU/Linux, and has recently been added to Windows 10 in their Linux Subsystem for Windows update. Infamous for occassionally obtuse syntax and extreme pickiness about spaces, Bash is often overlooked as a useful tool for developers, generally relegated to a few shell commands in the command prompt. However, Bash's unique integration with the Linux operating system offers powerful opportunities for streamlining and enhancing a developer's workflow. Simple tweaks in a user's Bash configuration can save hours of development time, as well as helping the user be more aware of what is going on in the development environment. [165]

Make Your Own React+Redux
Talk by Jake Trent in 300D - Programming (50 minutes)

React and Redux are libraries that provide great UI abstractions and state management for building web apps. To understand them better, we'll make our own small version of each to encourage deeper understanding. We'll strip out a lot of the stuff React and Redux do in order to see how they accomplish their essential tasks: modeling a component tree, a state tree, connecting the two, and responding to updates. You'll come away with a more foundational understanding of how these libraries work internally. [244]

Control the Real World with Raspberry Pi (Inexpensively!)
Talk by Joel Jacobs in EH2 - Hardware (50 minutes)

Most attendees of OpenWest have mastered control of virtual environments through programming or scripting. I want to show how you can use the skills you already have to begin to control objects in the physical world. I will showcase several simple, low-cost methods of sensing and controlling things like: Sprinkler Control Outlet/Light control Appliance notifications (text when washing machine is finished) Remote-start of Car Infrared control of Electronics and Appliances (A/C units) DIY Apple HomeKit™ & AirPlay™ I plan to show how to find the inexpensive sensors, switches, etc. needed, and how easy it is to understand how to connect and interact with them. [80]

Ethical Software
Talk by James Prestwich in HALL1 - Community (50 minutes)

An overview of how to not be evil. Software is no longer simple. Instead of spreadsheets on a PC we now have social graphs on a massive global network. Software is the foundation or our economy, social structures, and lives. Software creates and defines power relationships between users, corporations, governments, and friends. It determines how you interact with your family, what you learn, what news you read. Software is powerful, and getting more powerful every year. It's time we admitted that, and had a frank conversation about how terrifying it should be. Fortunately, over the last few hundred years, some very intelligent people have put a significant amount of thought into right and wrong. Somewhere along the way, computer scientists stopped worrying about it. Recently, sites like [neveragain]( have demonstrated how poor our industry is at dealing with the ethical problems we've created. This talk is an overview of the history of Normative Ethics, the study of moral actions, and a discussion of its application in modern software engineering. It attempts to define a framework for determining whether software is ethical, or unethical. And it encourages engineers to think about whether software is ethically permissible the same way they evaluate whether it's technically possible. Explains and builds on the following concepts: [Ethical Software]( [Building Stethoscopes]( [We are the watch-maker gods now]( [163]

NMAP 101
Talk by Christopher Hopkins in HALL2 - Security (50 minutes)

An introduction to the popular network scanner NMAP. We'll go through host and service discovery using different types of scans, using the NMAP Scripting Engine (NSE), and even write a simple script of our own. [116]

The Value of Old Programmers
Talk by Tod Hansmann in HALL3 - Business (50 minutes)

Programming becomes more and more popular as we go. Yet we still have few in the up and coming groups that are capable of building the very tools and systems we rely on. Why? We'll explore the research on how programmers and programming have changed over the years, and more importantly how it has not. We'll dive into why old programmers are stigmatized, what we all can do about it, and how to see the extremely important value of experience and understanding, and the importance of the much larger group of us that will never be interested in attaining that depth. Everyone has a place, everyone a valuable work to be done, and it begins with our history. [82]

Building Apps with React
Talk by Jacob Evans in 400 - Beginners (50 minutes)

Dip Your Big Toe Intro React with V School's Jacob Evans This two-part course will cover the basics of using create-react-app-app. We will be making a static site using JSX ES6 syntax and introducing props and state to make basic apps. A great starting point for anyone interested in the wonderful world of React! [391]

Maximizing Logstash performance
Talk by Aaron Mildenstein in 200A - Data (50 minutes)

Logstash can be considered an ETL tool, where it extracts (or receives) data from various sources, transforms it in diverse ways, and then loads it into Elasticsearch (or sends it to other destinations). Because of the incredible flexibility in configuration, there is often more than one way to accomplish the same task with Logstash. This can lead to frustration if the way you've configured something is not as performant as it could be. In this talk I will describe how to avoid the pitfalls of Logstash configuration. I will demonstrate how to measure and monitor performance and see where your bottlenecks are, and then go through different ways to address them. I will show how splitting a workload into different pipelines may be a better option than a highly complex single pipeline, and why this is frequently an optimal choice. This talk will also cover some of the performance improvements and configuration changes coming to Logstash, which further address the same topic. This talk presupposes familiarity with Logstash and its configuration. It will not be as useful to someone without that knowledge. [303]

Secret, secret, I've got a secret!
Talk by Adam Barrett in 200B - Ops (50 minutes)

Hey, I have a secret. Want to now what it is? Then you'll have to attend my talk on Secrets Management with Vault from Hashicorp. I'll give a brief run down of what Vault is and why you should be using it. Then I'll give a brief demonstration of how Vault can change your workflows forever. [378]

Logs Are Magic: Why Git Workflows and Commit Structure Should Matter To You
Talk by John Anderson in 200D - Tools (50 minutes)

SLIDES: Git is a powerful, critical, yet poorly understood tool that virtually all Open Source developers use. One of the key features that git provides is a powerful and comprehensive log that displays the history of all the changes that have happened in a project, including potential developments that weren't ever merged, details about former versions of software that can inform future development, and even such mundane details as whether development on feature A started before or after development of bugfix B. Despite the power and utility of git's log, few developers take full advantage of it. Worse, some common practices that developers have adopted in the name of convenience (or just plain cargo culting) can actually destroy this useful information. Moreover, if developers are following the common exhortation to "commit often", they may end up with logs full of uninteresting noise, as all the details of debugging attempts and experiments are inadvertently recorded. This talk will: * detail the potential benefits of having informative and well structured logs * discuss common developer habits that can make logs less useful * explain techniques to preserve informative development history [113]

Introduction to Microservice Architecture
Talk by Nate Zaugg in 300A - Programming (50 minutes)

People have gone crazy about Microservices in the past couple of years! With the rise of PaaS / the "Cloud", our goal has been to write software that scales appropriately with demand. Microservices holds the key to scalability, but only if they are done correctly. Learn about the tenets of Microservices and how to architect an enterprise system. [336]

Reduce Your Technical Debt
Talk by Mark Niebergall in 300B - Programming (50 minutes)

Technical debt is the work required to properly complete a project. Come see how to identify technical debt in your project and discover some tools to help identify possible problem areas. Learn how to reduce the high interest rate you may be currently experiencing and improve team morale by giving proper attention, time, and resources to paying down the debt on a regular basis. [27]

RXjs (JavaScript Observables)
Talk by Clint Goodman in 300C - Programming (50 minutes)

What can Promises do that Observables can’t? NOTHING!If you’re looking for an introduction into observables (JavaScript realm), this is a great session to attend! You will find that your JavaScript code can benefit greatly when we use observables to tackle certain problems that Promises may not be the best fit for. [370]

Creating REST APIs without code using JSON schemas - Expressa
Talk by Thomas Hansen in 300D - Programming (50 minutes)

[Expressa]( is a node.js library which provides a frontend for site administrators to define schemas, manage content, and set permissions on endpoints based on user roles - all without programming. It's similar to Django, except simpler since it is backend-only and user's are expected to write their own frontend code that contacts the APIs. It's just implemented as an express middleware so it's easy to integrate with other node applications. In this talk I'll go over the basics of creating an API with Node.js and then discuss how more easily you can do the same with expressa. I'll also discuss the difficulties with this approach and how I see the future of API creation. [302]

Brewing Beer with Linux, Python and a RaspberryPi
Talk by Christopher Aedo in EH2 - Hardware (50 minutes)

Making beer with open software is a blast! There are a host of open source programs available for driving the hardware required to brew awesome beer. This presentation will include an overview of the most popular brewing software available with special attention paid to the python-based project "CraftBeerPi". There will also be a detailed review of the system Christopher has been brewing beer with, including all-electric kettles and a temperature controlled fermentation chamber. [217]

Passing the Baton: Succession planning for project leadership
Talk by VM Brasseur in HALL1 - Community (50 minutes)

While sharing of and collaborating on software has been around as long as there's been code, the open source concept and movement only came into being in the late 1990s. There are many who remember a time before open source. Of those, most helped to shape the philosophy, laws, governance, and policies which are the foundation of the free and open source movement we enjoy today. But what happens when these people decide to retire? Who will carry the baton and lead the movement? Thankfully these people are still with us, helping to craft and lead projects, but there are very few younger individuals among their ranks. As we look at the next horizon for our projects, we must consider who will take us there. While we have these founders in our midst, we must take the time to do succession planning. This talk will cover: * Succession planning: what it is & why we need it * What new leaders must know & learn * Steps we can take to develop the leaders of the future [216]

A Security State of Mind: Continuous Security for DevOps with Kubernetes
Talk by Chris Van Tuin in HALL2 - Security (50 minutes)

With the rise of DevOps, containers are at the brink of becoming a pervasive technology in Enterprise IT to accelerate application delivery for the business. When it comes to adopting containers in the enterprise, Security is the highest adoption barrier. Is your organization ready to address the security risks with containers for your DevOps environment?  In this presentation, you'll learn about: - The top security risks with containers and how to manage theses risks at scale including Images, Builds, Registry, Deployment, Hosts, Network, Storage, APIs, Monitoring/Logging, Federation. - How to make your Container enabled DevOps workflow more secure without slowing down your CI/CD pipeline - Automating security vulnerability management and compliance checking for container images Also, a demo of Kubernetes managing the container image lifecycle, automating container security scans, and deployment strategies for security updates at scale including Canary, Blue/Green deployments and A/B testing. [176]

Leadership that Inspires
Talk by Craig C Randall in HALL3 - Business (50 minutes)

Managing a team and getting good results is one thing, but what if your goal is to inspire your team? A manager’s job isn’t simply to ensure that deadlines are met and the work is done correctly. Keeping a team happy and productive takes more than organization and big picture thinking, it takes leadership. Traits such as trust, transparency, ownership, etc., are key to building a team that will feel inspired, but what does that really mean in terms of managing the team? Let’s talk about the leadership traits that direct reports value and appreciate, straight from the horse’s mouth. My team will talk about traits of my leadership they value, and I will provide context on how that trait helps me manage the team for the success of the company. [263]

Lunch in General (1 hour, 20 minutes)

Concessions stands and food trucks available on site, along with nearby restaurants.

Say Hello to Your First Android App!
Talk by Ken Collier in 400 - Beginners (50 minutes)

This course is designed as an introduction to Android for those with a small amount of experience with development and development environments. We will go over the basics for creating a simple Android app and how to navigate through the inner workings of Android Studio - Googles official IDE for Android Development. We will go over basic XML and Java concepts by creating our very own app. If there is enough time, we will also go over a brief introduction of Kotlin and how to use it in Android Studio as well. At the end of the tutorial, you will walk away with a functional app you can show to your friends and family. We will then look at future options for learning available to students and we will look at a more advanced level of the app we are creating. [384]

Introduction to Ansible
Talk by Ben Bankes in 200B - Ops (50 minutes)

Ansible is different than most other configuration management tools. Instead of installing an agent on each machine that needs to be configured, Ansible enables the developer to issue configuration tasks to a fleet of servers over ssh, from anywhere. The goal of this talk is to get you up and running with Ansible. [331]

Alexa, my new best friend: Introduction to building Alexa skills using a FSM
Talk by Steven Hansen in 200C - Cloud (50 minutes)

Conversational technologies such as Amazon's Alexa are one of the latest new platforms where brands and companies can augment the platform with their own custom functionality. On Alexa these are called skills, and in this presentation we will provide the steps for building an Alexa skill with a finite state-machine (FSM) and hosting it on AWS. This presentation will include an introduction to building an Alexa skill and some of the tools that can jump start your skill development. The code examples provided will be in node.js. Steven is the CTO at a RAIN. [RAIN]( provides Voice Design and Development services, RAIN has built many of the [top skills]( currently on the Alexa platform, including Starbucks, Campbell's Kitchen, and Tide. [177]

A Survey of Open Networks (* instructions included)
Talk by Trent Larson in 200D - Tools (50 minutes)

I will offer a survey of popular networks that are open, meaning: anyone can acquire the tools to join the network, help improve it, and maybe even fork it and create their own copy. Areas include: the underlying network (eg. HTTP, IPFS, mesh), cryptocurrencies (eg. Bitcoin), smart contracts (eg. Ethereum), identity (eg. Sovrin), games (eg. Minecraft), and content (eg. Steem). For each area, we will discuss their utility, governance & economics, weaknesses & non-open characteristics, and how to get started playing with it and connecting with other local players. Slides at: [300]

Practical Scalaz
Talk by Gregg Hernandez in 300A - Programming (50 minutes)

Scalaz is a modular functional programming library for Scala which provides purely functional data structures to complement those from the Scala standard library. This session will provide an introduction to Scalaz and functional programming in Scala. I’ll explain and demonstrate a few data structures from the Scalaz library including OneAnd for non-empty collections, \/ for handling success/failure conditions, and Validation for validating non-dependent data. I will also cover how to simplify operations on types like Future[Option[A]] and Option[Either[A, B]] with OptionT and EitherT. [273]

Building an API in the Nginx Event Loop
Talk by Derek Argueta in 300B - Programming (50 minutes)

OpenResty is a series of open-source Nginx modules building on top of Nginx's core functionality. One of its shining features is embedding the Lua interpreter into Nginx, enabling users to script Nginx with dynamic behavior using the Lua programming language. Lua is a lightweight, minimalistic scripting language whose very purpose is to be embedded in high-performing applications. This makes it possible to create middleware, API gateways, web application firewalls, load balancers, and more directly in the Nginx runtime - no proxying to a separate service. In this presentation, we will start with a light introduction to OpenResty and how it interacts with Nginx, as well as a primer to Lua. We will then build a fully-functioning CRUD REST API in Lua, complete with a SQL database. Basic knowledge of web servers is prerequisite. There will be a Docker image available for those who'd like to follow along. [207]

What's New in PHP 7+
Talk by David Stockton in 300C - Programming (50 minutes)

PHP has continued to improve, year after year, decade after decade. PHP 4 to PHP 5 brought better object oriented features. PHP 5.2 - 5.6 brought speed improvements, language and syntax improvements and more. The transition from PHP 5 to PHP 6 brought great T-shirts, but other than that, literally nothing since it doesn't exist. In PHP 7, we get huge speed improvements, primitive type type-hints and return types. Building code with strong-typing allows several categories of bugs to be eliminated entirely. This talk will introduce and cover several of PHP 7 and 7.1s more notable features, how they work, how you can use them and why writing PHP code is more fun and exciting now than it used to be. [285]

Javascript metaframeworks
Talk by Joel Denning in 300D - Programming (50 minutes)

## Abstract: It’s time to tackle this javascript framework thing. If you use Angular, why can’t you also use React? Why don’t the frameworks interoperate? Come see React, Angular and Vue coexisting via a “metaframework.” We’ll start with the “can we?”, move on to the “how?”, and finish with “should we even?” ## Longer description: This talk will explore the landscape of frameworks from a meta perspective: why do we always choose one that we’re stuck with for awhile? Could we get the frameworks to interoperate? How can we migrate from one older framework to a new one without a big-bang rewrite? Single-spa is a javascript library that helps you write mini-apps that coexist in the same page. Each mini-app can be written with its own javascript framework and tech stack. As you navigate around a single-spa website, you switch off between different frameworks like Angular, React, or Vue, all without the page reloading or the user even noticing. You can even have multiple frameworks running simultaneously for the same client side route. The talk will show how single-spa solves the problem and how that has been useful for several local tech companies. ## Extra information / about me: * Slides from previous presentations about this topic: (, especially * An example of multiple frameworks coexisting: * The github project behind that example: * I am most qualified to speak on this subject because I am the author of single-spa, which is used in production by two local companies (CanopyTax and Dealer Socket) and is being experimented with by two more (Alianza and SalesRabbit). I’m passionate about things like client side routers, service oriented architecture in the browser, javascript frameworks, and really just the future of the web. With the presentation, I hope to get people thinking about avoiding rewriting everything to a new framework, splitting apps up into smaller apps that coexist on the same page, and a polyglot of frameworks coexisting. Even for those that never use the single-spa project, those topics are valuable to consider. [389]

Open Source Software in Robotics and Real-Time Control Systems
Talk by Gary Crum in EH2 - Hardware (50 minutes)

Activity and interest in software development for robotics and autonomous vehicles is increasing at a fast pace. Open source licenses such as the BSD, MPL and Apache licenses allow for open source robotics software to be used for commercial applications alongside academic and individual research and development. This talk will cover related architecture and examples of the use of open source software in the robotics industry including the development of autonomous vehicles. Among success stories here and components used in this area are: * ROS, the Robot Operating System (also see OpenWest presentation by my colleague Brad Baillio on Thursday) * Gazebo, robot simulation tool with 3D graphical display and interfaces * Eigen, a C++ template library for linear algebra, matrices and solvers * GNU Octave, a scientific programming language with GUI Also serving as a foundation for robotics development are well known operating systems and languages including Linux distributions, and the C++ and Python programming languages among others. [180]

Patents, Copyrights and Trademarks: Or Why the Future Might Curse Us
Talk by Deb Nicholson in HALL1 - Community (50 minutes)

Patents, copyrights and trademarks form a trio of legal tools often referred to as "intellectual property" law. While each of these tools originally grew from a desire to help new businesses and individual creators find their way to success, today these advantages are better at creating inequity than opportunity. The litigious application of patents, copyrights and trademarks has become so distorted in modern times that their usage often amounts to bullying. In court, the larger, more monied, more experienced party disproportionately wins. Plaintiffs can use the courts to block competition, protect an aging business model, bleed money from a scrappy upstart and otherwise discourage innovation by newer or less established projects. Our modern legal tools frequently enable the consolidation of power into the hands of the already powerful. As free software developers, we want to keep building software without the threat of expensive and/or frivolous lawsuits. Some of our best and most innovative ideas come from small, underfunded projects. Without outside help or protection, these vulnerable projects tend to lose their legal battles. In order to keep the future from cursing us for letting things get worse, we need to participate in the creation of policy. Law is often written by non-technical people, so we need to educate politicians, our fellow voters and potential jurors about how technology actually works. If they don't understand why collaborative software development is critical and how the legal mechanisms affect it, then future generations will be right to curse us for the resulting policies. [241]

Oooh! We've Had an Incident! How Should We Respond?
Talk by Sean Jackson in HALL2 - Security (50 minutes)

It's better to be informed and prepared for an incident or disaster than to be forced to react when the time comes. Being responsible for a network and company or customer data puts an onus on you to know what to do when something goes wrong. My presentation is designed to make you aware of some of that technical debt that is incurred with technology, and ways to plan for managing an incident when one comes up. This is pure blue team stuff; Incident Response and/or Disaster Recovery. Outline: Six Steps of Incident Management Step 1 Preparation 1. NTP 2. Policy 3. Centralized Logging 4. Identity Management 5. System or Service Account Management 6. Jump Bag 7. Out-of-Band Communications 8. Helpdesk 9. Incident Response Team Issues 10. Key Decisions to be made Step 2 Identification 1. Initial Determination 2. Assignment 3. Survey Identification Points 4. Decision Time Step 3 Containment 1. Characterize the Incident 2. Notification 3. Immediate Action 4. Initial Data Collection 5. Immediate Isolation Step 4 Eradication 1. Root Cause Identification 2. Determine Rootkit potential 3. Improve Defenses 4. Vulnerability Analysis Step 5 Recovery 1. Validation 2. Restore Operations 3. Implement Monitoring Step 6 Lessons Learned 1. Management Satisfaction Assessing the Impact of a Security Incident Assessing Impact Effects Essential Paperwork Regulatory Mandates Chain of Custody/Evidence [99]

Cracking the Code Review
Talk by Stephen Rollins in HALL3 - Business (50 minutes)

What makes a truly quality code review? What can you do, both as the one writing code and the one reviewing it, to make the process smoother, more efficient, and more effective? I will cover several pieces of advice that all of us–reviewers and code writers alike–can implement to make the whole code review process as efficient and painless as possible. For the code writer, I will share strategies to make the code review modular, easy to follow, and more likely to succeed when given to reviewers. For the code reviewer, I will suggest ways to provide better feedback and be more complete with less time spent reviewing. [86]

Post - Hello Android
Talk by John Mulholland in 400 - Beginners (50 minutes)

Now that you have written Hello Android, what do you do next? How do you continue to learn and progress to become a full-time Android engineer? John went from self-taught Android developer to contract work and is currently employed as a Senior Android Engineer for Ancestry. This talk covers some of the resources to further your growth in learning Android and how to actually get it done. A version of this has been presented twice at Ancestry and will be modified for OpenWest. [103] Slides at

DOs and DON'Ts of MongoDB
Talk by Jeremy Mikola in 200A - Data (50 minutes)

There are no "best practices" without "worst practices". This presentation will look at common use cases for MongoDB, covering topics such as schema design, querying, and methods of data aggregation. Tips and caveats will be sprinkled throughout as we discuss DOs and DON'Ts applicable to applications and drivers right down to operations and deployment of the database itself. [382]

Salt Stack for Play (How to safely manage and share your config files)
Talk by Zach Gibbs in 200B - Ops (50 minutes)

Our modern computing environment is spread among multiple machines, presenting the need of synchronizing configuration preferences across all our systems. It is also important to share configuration files with friends and co-workers. Doing this safely and securely is easier said than done: - Managing archives on a central server is tedious, slow, and vulnerable to forgetfulness - Shell scripts may automate this process, but entail a high maintenance cost - Configuration files often contain sensitive information which must remain private Fortunately, Salt Stack gives us a better way! Salt Stack is "The most intelligent, powerful and flexible open source software for remote execution, configuration automation, cloud control and event-driven orchestration". It is a robust and proven tool for supporting configuration automation in projects of all sizes. If you are new to configuration management it can be difficult to know where to start. That is where this talk comes in! Learn the basics of Salt Stack by using it to manage configuration files without accidentally leaking passwords and private keys to the world. You will gain valuable, marketable configuration management skills and enjoy the luxury of consistent configurations in all your workspaces. [111]

Container Secrets Done Right
Talk by Brandon Gillespie in 200C - Cloud (50 minutes)

Containers are taking the world by storm, but security is lagging behind in the world of configuration and secret management. The options are varied and frustrating, leaving many to just use insecure but easy options. Learn about this minefield and how to create highly secure ephemeral applications using the open source [Reflex Engine]( Through the use of attribute-based access control (ABAC) and proper security techniques, we can solve this problem. [64]

Survey of Open Source Localization Tools
Talk by Jeff Beatty in 200D - Tools (50 minutes)

Localization tooling can be expensive and overly complicated. In this session, we'll look at the open source localization tool offerings to help you and your business improve the localization process. [4]

Haskell and Elm in Production: An Unexpected Journey
Talk by Casey Allred in 300A - Programming (50 minutes)

Working in a PHP shop we were faced with a greenfield project and an itch to scratch. In this presentation I will discuss what it was like for us to deploy our Yesod (Haskell) web server with an Elm frontend app. Join me as we relive the epic adventure fraught with missteps as we dive into an adventure of the unknown Functional Programming world. [81]

ES6 - The Practical Stuff (JavaScript)
Talk by Clint Goodman in 300B - Programming (50 minutes)

Tentative agenda including: - Arrow functions - Default parameters - Rest parameters - Object spread - Array spread - String interpolation - Object property shorthand - Computed property names - Destructuring - ES6 Modules - String searching - Native promises [371]

Websockets and Event-driven Programming with ReactPHP
Talk by Steve Meyers in 300C - Programming (50 minutes)

Modern browsers support a new standard call Websockets, which allow persistent connections between a browser and a server. We'll discuss how to implement Websockets with your client-side Javascript talking to your server-side PHP, using the ReactPHP framework. [376]

Efficient, Compliant and Secure: You can have all 3!
Talk by Daniel Jeffery in 300D - Programming (50 minutes)

From startups to mega-corps, being lean, efficient and flexible is often viewed as incompatible with secure and compliant with regulations. Regulations and security may be viewed as an obstacle to be short-circuited so they minimally hinder business efforts. If we start with security and best practices in mind we can get ahead of just checking boxes and the potentially conflicting needs of our organizations can be met in a way that enhances productivity as well as security. Small companies and startups in particular can benefit from implementing security and operations discipline before it's costly to overhaul. This talk will focus on how concepts like change control, testing, regular patch management and centralized logging, common in regulated environments, can be implemented efficiently. Particular emphasis will be paid to how these processes can help rather than hinder productivity, in terms of customer experience, service reliability and security. [225]

Small scale profitable open source hardware
Talk by David DeGraw in EH2 - Hardware (50 minutes)

I run a small electronics web store selling open source hardware kits. I would like to talk about strategies for making a profit on small scale hardware sales. Anything from parts sourcing, pcb production, design, marketing, and other business strategies. Most of the talk would be based around my experiences with my shop, what I've learned and mistakes I've made. [107]

Lessons from an old software guy
Talk by Kirk Haselden in HALL1 - Community (50 minutes)

Kirk's seen a lot of different software shops, environments, cultures, products and teams. He's shipped over twenty different products in seven different large, medium and startup companies and lead teams as small as one to as large as 300 team members. In this talk, he boils down the essence of 30 years of experience into important learned lessons. Attendees will enjoy the often humorous and relaxed approach to mapping their career in IT and the software industry that are independent and yet equally applicable to their chosen technology stack, company culture or career path. The lessons vary from his successes and failures to team building, engineering rigor and discipline, ways to distinguish oneself to discovering and plotting a long term career path that brings satisfaction, challenge and continued growth. Attendees will come away with new ideas, encouragement and some guidance for how to choose or accelerate their career goals in the software industry. [224]

Improving Security and Deployment Complexity with SSH Certificates
Talk by Mike Lovell in HALL2 - Security (50 minutes)

SSH Public Keys are a very common way to control access to systems. They make authentication easy and more secure than using passwords. Unfortunately, there are some issues with the most common ways that Keys are used at scale. Deployment of Keys for each user on a large number of systems can be a headache. This almost encourages Keys to have a long lifespan. Keys are usually only used as a simple Yes or No for authentication. SSH Certificates are a way to improve the Deployment and Policy aspects of Systems Administration. They were introduced several years ago but are still not in wide spread use. This session will explore what SSH Certificates are, how to use them, and some tooling to make using them even easier. [151]

Bump, Set, Touchdown!: The importance of onboarding and knowing your team
Talk by Julene Johnson in HALL3 - Business (50 minutes)

It would be hard for a volleyball team to successfully score points if one of the players was trying to score a touchdown. While your career may not be in professional athletics, any company at any stage is a team with a goal. If you and your teammates don’t know the game you’re playing, how to pass the ball, or who should receive it, reaching your goals will be difficult. This session will discuss why training on processes, roles and responsibilities is important, and how knowing those same details about a coworker can help the team achieve their goals and overcome errors in communication, such as disagreements about who owns a task, unrealistic deadlines, or criticism for doing one’s job. [252]

Open panel discussion about Android
Talk by Carl Hickman, Noralynn Valletta, Nikhi Jamili, Jake Stokes in 400 - Beginners (50 minutes)

Panelist: Carl Hickman (Android Developer and Moderator for the discussion) Jake Stokes (Android Developer) Noralynn Valletta (Android Developer) Nikhi Jamili (Technical Recruiter at TEKsystems)

SaltStack 101
Talk by David Boucha in 200B - Ops (50 minutes)

This SaltStack 101 class will take you from installing Salt for the first time to doing real work with Salt. We'll discuss Salt Execution modules, Salt States and templating with Jinja. I'll answer any questions you've had getting started with Salt and help you get started right. We'll go over how to find answers in Salt's extensive documentation and continue learning about all the tools Salt provides. [358]

Terraform the Cloud
Talk by Adam Barrett in 200C - Cloud (50 minutes)

Terraform provides abstractions to many of today's too cloud platforms. Come along on a journey to display the power, and some of the lesser known abilities of this powerhouse tool. Topics covered: zero to hero; imports; remote state; state munging; beards [377]

Flatpak: Portable, Secure Distribution of Desktop Applications
Talk by Owen Taylor in 200D - Tools (50 minutes)

The abundance of Linux distributions and the speed at which they evolve has traditionally made it extremely challenging to distribute binaries of applications. [Flatpak]( is a system for distributing and running desktop applications that allows a single binary to be built once and run on a wide variety of different Linux distributions. Applications are bundled with dependencies to avoid problems like a distribution upgrade causing an application to stop working. Flatpak internally uses many of the same technologies as used in popular server-side container frameworks and supports distribution of applications as Open Container Initiative (OCI) bundles, but is designed for desktop applications installed and run by end users rather than server-side applications deployed by system administrators. Flatpak provides sandboxing, so that an application from an untrusted source can be run without giving the application unlimited access to the user's system. Flatpak uses an innovative system where, in most cases, the permission for the application to access some resource is given implicitly through user interaction rather than by presenting the user with a list of permission choices. One further difference between Flatpak and server-side container frameworks is that Flatpak separates the application from the "runtime" - a layer of base libraries and services that can be shared between multiple applications. The runtime can be updated without needing to rebuild or update the application. This talk will give attendees an overview of the advantages of Flatpak and its technical underpinnings. It will also discuss how Flatpaks are built by developers, how Flatpaks fit into the distribution model, and specifically how they are being used in the Fedora distribution. [380]

Object Oriented Programming in PHP
Talk by Kyle Waters in 300A - Programming (50 minutes)

An overview of object oriented programming in PHP. Inheritance, polymorphism, abstract classes, and factories, come learn how and why to use them.

Beyond Accidental Architecture
Talk by James Thompson in 300B - Programming (50 minutes)

Deliberate software architecture provides numerous benefits to teams; from newer engineers understanding why certain boundaries exist, to helping more senior engineers grow architectural skills. Yet, in many contexts the architectures that exist represent an accident of circumstances. This talk will focus on moving beyond the accidental and introducing intentional architectural thinking to a team. [77]

Question: Should I use Angular or React? Answer: Elm!
Talk by Matt Banz in 300C - Programming (50 minutes)

Trying to decide between Angular or React? That's a tough question. Of course, the answer is... Elm! Elm is a blazingly fast language/framework that compiles to JavaScript. What is Elm's secret weapon? It's a purely functional programming language. In this talk, I'll introduce some of the core concepts of functional programming, which include immutable data, currying, partial application, first-class functions, recursion, and more! I'll also introduce Elm's architecture for building lightning fast websites. Anyone who writes code for the web can benefit from this talk -- even if they aren't using Elm. Since JavaScript has great support for functional programming, the same principles can be used there.

Advanced PHP Simplified
Talk by Mark Niebergall in 300D - Programming (50 minutes)

Increase your PHP skills and improve your architecture as you learn why, when, and how to use advanced PHP features. Abstracts, interfaces, traits, namespaces, and dependency injection will each be discussed with code examples to help make using them simple. All these features will then be brought together to demonstrate clean coding. This will be a perfect presentation to help you sharpen your skill-set to include these tools to make your code even more clean, structured, and awesome! [25]

IoT to the Database: Soldering, ORDS, Oracle Jet, Python and a little PL/SQL
Talk by Blaine Carter in EH2 - Hardware (50 minutes)

If you're like me, you use way too much power and you’re not quite sure where. Tracking your power usage is a great start, but analyzing the data is often easiest when it's in a database. Having to type it in by hand would be a pain; let's void a warranty instead! Building on the Watch me make a Watt-watcher tutorial, I will start by giving an overview of the steps and components used to assemble the hardware. Next, we'll discuss what to do with the data. As the project says, we can save it to a file on our computer, upload it to a database, tweet it or whatever you'd like. Of course, I want my data in a database. I'll simplify the data ingestion by taking advantage of a REST interface to a cloud database. I will walk through creating a table for the data and enabling a RESTful service on it.  Then I'll modify the project to post data to our new service.  Once we get some data in the table, I'll display the data in a graph. You'll leave this session with the tools to track the data in your own projects and hopefully some new ideas.  (But no electrical burns!) [22]

Over-Engineered Jack-In-The-Box - IoT Pico Engine Example
Talk by Adam Burdett in HALL1 - Community (50 minutes)

PicoLabs new Pico Engine is an Internet of Things (IoT) platform. Pico Engine allows easy management of connected devices with rule based behavior, while introducing a new way to represent the real world state of “things”. This new paradigm is called Picos. Picos are very similar to device trees. While a device tree is a data structure that describes hardware, a Pico is a data structure that describe IoT devices. Picos provide concise way to represent “things” states, allowing actor model programing through KRL rules to produce dynamic control and accurate reports of IoT devices. The distributed nature of IoT makes Building large Pico systems intimidating and difficult task to begin. This intimidation can be resolved with better documentation and examples. My goal is to resolve the difficulty of starting a IoT project built on Pico Engine by providing a detailed documented example. This example will serve has a pattern for solving IoT problems with Pico systems. To accomplish my goal, I will present an over-engineered jack-in-the-box built on the Pico engine. The jack-in-the-box will have an observer watching the state of a crank, an actor to trigger the latch opening and other actor playing music to the crank cranking. This demo will be built with a Pico engine running on a raspberry pi with a few components. The Pico system will show how to monitor sensors and react to specific readings. By turning a trivial kids toy into a IoT device I will demonstrate Pico Systems provide a dynamic, informative, scalable solution to Iot problems. The over-engineered jack-in-the-box provides an entertaining working example of all components needed to produce a complex IoT solution. My talk will discuss the engineering behind the over-engineered jack-in-the-box, the role of an actor-model system like the Pico engine in building IoT systems, the underlying components, and the pros and cons of the approach. [277]

Security Starts With You: Social Engineering
Talk by Tiberius Hefflin in HALL2 - Security (50 minutes)

Virus? There’s an app for that. Malware? There’s an app for that. Social engineering? It's a little more complicated. These techniques, used by hackers to gather information on their target, are hard to combat without education - so why don’t we talk about them more often? Aimed at the average user who could be targeted by such an attack, this talk discusses the tools of social engineering, how it can be combated and why so many companies fail in preparing their employees for such an attack. [323]

Leading and Mentoring Software Developers
Talk by Manuel De Leon in HALL3 - Business (50 minutes)

Titles like junior, mid, and senior developers are used by companies without giving it too much thought. This leads to many problems like capable employees still being treated like juniors and not so capable ones (to put it mildly) with senior titles. Companies can't take for granted the professional growth of their employees. This talk is to encourage companies to define titles appropriately and to implement formal mentorship programs. Such programs prevent what I call "juniors forever" (be it in title or expertise) by keeping employees engaged in professional growth activities and recognizing people for their efforts. [120]

EFF Activity in General (50 minutes)


Social with the EFF in General (1 hour, 30 minutes)

Go to a local restaurant and hang out and talk about Amendment 4 issues.

Saturday 15th July 2017

09:00 OpenShift Tutorial
Workshop by Garrett Hyde in 400 - Tutorials (2 hours, 50 minutes)

OpenShift is Red Hat's Platform-as-a-Service (PaaS) that allows developers to quickly develop, host, and scale applications in a cloud environment. This tutorial will be a deep dive into: - Using Ansible to deploy OpenShift in a High Availability (HA) cluster - Managing OpenShift at the infrastructure level - Building, deploying, and managing applications - Integrating logging and metrics for both OpenShift and hosted applications This is an interactive tutorial, so please brink a computer. Also, the conference's WiFi isn't 100% reliable, so please do the following before the talk: o Download Minishift ( o Run `minishift start` to download the VM and configure it. If you want to play with Minishift before the tutorial, here are the docs. ( Minishift is also provided with the Red Hat Container Developer Kit (

Zero to Sixty with MongoDB
Workshop by Jeremy Mikola in HALL1 - Tutorials (2 hours, 50 minutes)

MongoDB is a non-relational, document database that aims to hit a sweet spot of functionality and flexibility. This tutorial will explore the database in hands-on fashion, using its convenient JavaScript shell as our vehicle. To start, attendees will learn all of the MongoDB essentials necessary to develop their own applications, from the server and storage model to querying and indexing. From there, we'll move on to cover advanced topics such as schema design, query optimization and profiling and features such as geospatial indexing and data aggregation. [381]

Hands-on Beginning Python Bootcamp
Workshop by matt harrison in 300A - Tutorials (2 hours, 50 minutes)

Are you new to Python? Or do you feel like you grok the syntax, but would like to understand new idioms or where to use them? Want to watch an experienced Python developer create code from nothing? Instead of just covering the syntax, we will introduce most of Python as we build code together. Bring your laptop and we will program a predictive text engine from scratch together. Follow along as we start with IDLE (or your favorite editor) and a blank file and end with a tested idiomatic Python module that will learn from any text we pass into it, and predict characters or words for us. [339]

Getting Started With The Elastic Stack
Workshop by Tal Levy in 300B - Tutorials (2 hours, 50 minutes)

Elasticsearch is a distributed, RESTful search and analytics engine. This workshop will cover foundational principles of search, and building a working search-engine application from scratch with the open source Elastic Stack (Elasticsearch, Logstash, Kibana, and Beats). [118]

Building Apps for Amazon Alexa (Skills) and Google Home (Actions)
Workshop by Jason Herndon in 300C - Tutorials (2 hours, 50 minutes)

This workshop will cover the high levels of what a natural language processor is and how they work. Then, we’ll dive right into it and build a simple skill together which can be deployed on Amazon’s Alexa. We’ll cover the basics on how to get the Lambda function setup with AWS (in either NodeJS or Python), review the basics of how to build a skill, and cover submission on the skill store. For good measure, we’ll run through how this process looks on Google’s Home device and how you can leverage API.AI to build actions.

How do they do that?
Workshop by Kyle Waters in 300D - Tutorials (2 hours, 50 minutes)

Demonstrations of various security vulnerabilities including sql injection, xss, buffer overflow, brute force, [19]

Lunch in General (50 minutes)

Concessions stands and food trucks available on site, along with nearby restaurants.

You Don’t Know Bash
Workshop by Robert Aboukhalil in HALL1 - Tutorials (2 hours, 50 minutes)

On most days, Bash is a great tool for quick-and-dirty file manipulation and system management. As we’ll cover in this workshop, however, the command line allows us to do a whole lot more than meets the eye, including: - Arrays - Functions - Parsing JSON - Process substitution - Color outputs and much more! This talk introduces advanced topics in Bash, so being familiar with the command line is a pre-requisite. [278]

Hands-on Intermediate Python Bootcamp
Workshop by matt harrison in 300A - Tutorials (2 hours, 50 minutes)

Are you new to Python and want to learn how to step it up to the next level? Have you heard about closures, decorators, context managers, generators, list comprehensions, or generator expressions? What are they and when you should use them? These are features that are new to many and can be intimidating. This hands-on tutorial will cover these intermediate subjects in detail, by modifying existing Python code to take advantage of them. We will provide a base file, and then introduce these features. The audience will get to follow along using their own computer and editor of choice (or can use IDLE as the instructor). You have used Python, but felt like you are lacking in understanding some of the features that Python has that other languages don't. You will leave this tutorial understanding decorators, context managers, and comprehension constructs. Outline By examining existing code we will identify "code smells", where we can use more advanced features of Python. [340]

OpenSSH Lifehacks
Workshop by Erik Falor in 300B - Tutorials (2 hours, 50 minutes)

What if I told you that there was one software package that will protect your communications from snooping governments, let you past annoying firewalls, securely transfer files over the internet, and let your clients test a webapp running on your laptop? ssh(1) was one of the first Unix programs you learned, but you haven't seen all that it is capable of. After this workshop you'll be able to say that you can: * Build an .ssh/config file that protects your privacy AND saves typing * Run programs remotely and securely * Dig a tunnel through a firewall for fun & profit * Set up a SOCKS proxy for private browsing * Create a SSH public/private key pair for more secure and easier logins... * ..and safely protect the all-valuable private key! Discover all of the SSH awesomeness you've been missing all along! [142]

A Three Hour Overview of Computer Organization and Architecture
Workshop by Timothy Stanley in 300C - Tutorials (2 hours, 50 minutes)

This class will start by reviewing binary math concepts, reviewing digital logic, design of a CPU and finally programming the CPU. This class will extensively utilize Logisim, a free and open source logic simulation package. All designs will be made available to the students [146]