OpenWest Conference 2018
7 - 9 Jun 2018 at SLC - Mountain America Expo Center

Check-in to get your badge and other swag

Welcome to OpenWest 2018

When Richard Stallman created Free Software, he launched the Free and Open Source Software movement. FLOSS 1.0 was born. The creation of the Open Source Initiative marked the release for FLOSS 2.0. Now, twenty years later, we're fond of saying that free and open source software has won. It's the default for operating system, for programming languages, and is the basis of software development as we know it. Welcome to FLOSS 3.0. This is what winning looks like…but what's next? [446]

Kyle Rankin is the Chief Security Officer at Purism and a Tech Editor and columnist at Linux Journal. He is the author of Linux Hardening in Hostile Networks, DevOps Troubleshooting, The Official Ubuntu Server Book, Knoppix Hacks, Knoppix Pocket Reference, Linux Multimedia Hacks and Ubuntu Hacks, and also a contributor to a number of other O’Reilly books. Rankin speaks frequently on security and open-source software including at BsidesLV, O’Reilly Security Conference, OSCON, SCALE, CactusCon, Linux World Expo and Penguicon. You can follow him at @kylerankin.

1

It's no longer "Animation on the web" ... the trend is "Animation of the Web." Whether expanding page elements to show more detail, using layers to make a complex topic simple, viewing real-time metrics and BI graphics, or page elements that keep users oriented to a site's Information Architecture and flow, vector images are not just for fancy icons and scalable logos anymore. This talk explores the six tools for bringing movement to your layouts in a way that supports your brand, enhances user comfort and improves their experience, while reducing footprint and enhancing overall performance. Guidelines will be shared for selecting the optimum tools for a particular task, including when in the context of popular DOM manipulation frameworks like VUE and REACT. Demos will range from simple native CSS transforms and using the emerging Web Animation API, to illustrating complex ideas using BI tools like D3 and Chartist. Following the survey of technologies, we will have a deep dive into example implementations for an actual client project as a case study to contrast the animation techniques and highlight the few cross-browser and cross-platform implementation issues you need to avoid in your projects. We will end with exploring Greensock's SVGMorph and SVGDraw plugins. There is a reason GSAP has quickly become the go-to tool for fast, browser-stable production solutions. [449]

It’s great that you’ve moved to microservices, but how are you distributing secrets? This talk offers an overview of Vault’s unique approach to secret management by providing secrets as a service for services (and humans), that is highly scalable and easily customizable to fit any environment. This talk has two primary goals: 1. Identify the new security challenges associated with using cloud technologies and microservices 2. Showcase how the free and open source tool, Vault, can help reduce those security challenges Topics include: - Discussion of traditional security (perimeter security, firewalls, etc) - Identifying new challenges and solutions in cloud and microservices security - Describe Vault’s architecture and how it provides “secrets as a service” - Storing static secrets such as WiFi credentials - Generating dynamic secrets, such as database passwords or cloud credentials - Providing encryption as a service [107]

Business leaders everywhere are looking to data to inform their decision making. Accompanying this demand are misunderstandings of what it takes to transform data into something that can inform a decision. What is the data infrastructure required? In this talk, I'll dispel some of these misunderstandings and discuss what it takes to build good data infrastructure. I'll discuss the components of a good data infrastructure. The best practices and available tools for gathering data, processing it, storing it, analyzing it and communicating the results. The goal is for these components to create a data infrastructure which can evolve from simple reporting to sophisticated insights for decision making. [314] https://www.slideshare.net/DylanGregersen/how-to-succeed-at-data-without-even-trying-102734054

In addition to making you look 1337, the shell enables you to use a computer more efficiently than any other interface. Command line interfaces have been improved upon for decades, becoming highly-refined productivity boosters. This talk will take a beginner from "I don't even like to type" to "I don't need no stinkin' mouse!" by learning the coolest interactive shortcuts and the tricks for automating your life. Bring your laptop and learn secret moves that will make all of your friends wonder "How in the Shell did you do that?" [182]

So, you're a JavaScript developer, and you can get along pretty well at your job. You know how to install packages with npm, configure build tools such as Webpack and Gulp, and you can find out how to do just about anything by Googling it. And while these skills are great, what happens when you can't find the answer you're looking for? Perhaps you're encountering an issue no one has written a tutorial about. What do you do? What if there isn't a package that quite fits the needs of the project you're trying to complete? Well, I'm here to say, don't panic! You've come a long way, and you know a lot of valuable things. It may be time, however, to dive a little deeper and figure out how JavaScript really works. Doing so will help you immensely with architecting your projects, troubleshooting bugs, and communicating with your team members. It'll also help you understand basic computer science principles that can then be applied to other programming languages. Some of the things we'll discuss during this session will be: * prototypes * constructors * value types vs. reference types * classes * scope & context * closures * ...and more! [75]

Test driven development is all the rage. But what is test driven development? It just means that you write your tests before your code, right? Writing the tests first is part of test driven development, but only one part. And some would argue not the most important part. In this session we’ll talk about what test driven development (TDD) actually is and how it differs from other types of testing. We’ll go over the basic mechanics of TDD. Then we’ll write some code using TDD, both to show these mechanics and to illustrate how using TDD can not only add tests but result in better code than we might otherwise end up with. If you’ve never done TDD before or have done a little and would like to learn more, this session is for you. [8]

Projects fail in droves. Systems hiccup and hours of downtime follows. Screws fall out all the time; the world is an imperfect place. We talk a lot about building resilient systems, but all systems are (at least for now) built by humans. Humans who have been making the same types of mistakes for thousands of years. Just because failure happens doesn’t mean we can’t do our best to prevent it or—at the very least—to minimize the damage when it does. As a matter of fact, embracing failure can be one of the best things you do for your system. Failure is a vital part of evolution. By learning to love failure we learn how to take the next step forward. Ignoring or punishing failure leads to stagnation and wasted potential. This talk distills 3000 pages of failure research into 40 minutes of knowledge about the human factors of failure, how it can be recognised, and how you can work around it to create more resilient systems. [204]

1

In this fun talk, we'll go over everything needed to get a raspberry pi 3 built into a gaming system that can support nearly every console game from 15+ years ago and how to make it robust and fun to relive your childhood gaming experience. [179] Contact: [email protected]

0

A common way to approach a complex problem is to begin by reducing it down to a single performance metric. Choosing the right metric for each problem is a valuable skill. Blindly relying on a poorly chosen metric can cause no end of trouble. We will discuss various common metrics (such as accuracy, mean squared error, area under the ROC, log-loss, etc), the strengths and weaknesses of each, and how to know when to choose one of these metrics over another. [325]

Between technologies like React Native, and need to build a backend for your mobile app, these are difficult times for strongly-typed, compiled language, mobile developer curmudgeons. If you come from this kind of background, come find out how to make JavaScript tolerable, or at least sane, through tools like linters, Typescript, and adoption of modern JavaScript features. [232]

When developing web applications, it is not uncommon for web requests to grow in complexity, as well as execution time. Eventually, some of these web requests leave users waiting longer than is generally acceptable. In the case where some of the processing can be done later, in the background (i.e. the user is not necessarily waiting for data in return), Celery allows you to put certain tasks in a queue to be processed asynchronously to the web request. Is this the only problem that Celery can solve? Certainly not. In this session we will walk through a few examples of how Celery can make life easier for you as a web application developer. We will also go through a simple tutorial to learn how to set up a message queue (this is how Celery tracks the status of each task), how to set up Celery workers (such scale, very distribute!), and how to write tasks for the workers to consume. [308]

Corporate management strategies abound, but are there more enjoyable paths? What if we're not in a business? Instead, how about a more human approach people actually want to be lead by, especially if you're not actually a manager? We'll go over some research and anecdotes focusing on the following five topics: - Motivation for Humans - Building Loyalty - Critiquing Productively - Planning and Selling - Firing Positively HR will be displeased, but everyone else will love it. [124]

Often times when you are attempting to perform tasks in AWS, you have to issue a command, wait until the object enters into a particular state, and only then continue on by issuing yet another command (or clicking something else in the UI). In this talk, I will demonstrate how to take control of AWS tasks using the AWS CLI and bash shell scripting. By combining the strategies discussed in this talk, you will no longer have to wait on AWS, nor will you have to employ multi-step, manual processes. Instead, let your scripts do the work for you! We'll start by introducing the AWS CLI and the basics, then I will demonstrate some simple aws cli commands, turn them into functions, and then move on to more complex scripting such as stopping and then starting an ec2 instance, all from one script. We'll also learn about --filter, --query (JMESPath!), and a handful of tips & tricks. [213] Download the presentation (with embedded video): https://upload.openwest.org/s/Q4bFaBMTXtoJgC5

It is projected that $11.7 billion/year will be revenue through Voice Digital Assistants by 2021. By the end of this year 30% of interactions with technology will be through conversations on smart machines or voice systems. Technology enables a more natural conversational experience, Alexa, Google Assistant, Cortana and tech companies are providing the platforms that give users quick answers. Every brand needs to consider their voice and how they are joining the conversation. In this sessions we will provide the platform for why voice and digital assistants are here to stay. Examples of how that is already happening. And the latest in what is possible on Alexa, Google Assistant, and Cortana. [318]

Apache Flink has become the engine powering many streaming platforms at companies like Uber and Alibaba. The benefits of Flink are well documented including it’s streaming first design allowing for low-latency streaming. Flink supports deployments with many resource managers including YARN, Mesos, and Kubernetes. Deploying on Kubernetes has many benefits including making Flink “Cloud Native.” Cloud Native deployments benefit from (1) Log aggregation (2) Tracing (3) Containers and (4) extensibility, among other things. This talk is about making Flink Cloud Native and the benefits that come as a result. These benefits include distributed tracing, log aggregation, service mesh capabilities and new patterns of exposing Flink’s APIs. In this talk, I walk through the process of taking low-level constructs from Flink and plugging them into the Cloud Native ecosystem. I’ll walk through getting distributed tracing, log aggregation and a service mesh working with Apache Flink on Kubernetes. I do this with a demo of live streaming data produced from automobile telemetry data. Attendees can expect to learn about the benefits of Cloud Native deployments of Flink and how to get started with them. They will also walk away with new patterns that can be used in Flink deployments. [447]

DDI is an acronym of acronyms, meaning DNS, DHCP and IPAM. This talk will uncover the basics of the technologies and some best practices.

A dollar sign, while the ubiquitous symbol of the Linux command line, gets boring pretty fast. Learning how to create a more colorful or informative command line prompt is a great way to enhance productivity and make using the command line an enjoyable experience. Beyond getting the office's coolest terminal prompt, you can also use aliases and functions to add new commands in just a few lines of Bash, or extend the functionality of existing command line utilities with ease. [284]

This presentation introduces Vuejs demonstrates some common uses and libraries. I will also provide some comparisons to other Javscript frameworks. [189]

Most engineers are heavily left-brain dominant; we excel at the tasks that the left brain is good at, and we suck at the things that the left brain is not good at. We get by remarkably well with only half a brain, but some tasks that a programmer must perform regularly (including perception, creation, innovation, and problem-solving) can greatly benefit by also using the right brain. Betty Edwards, author of the best-selling book, "Drawing on the Right Side of the Brain", built on the brain hemisphere research of Roger Sperry and used drawing as a vehicle for tapping into the right brain. Techniques taught by Betty Edwards for drawing can be adapted and applied to programming. In this presentation we'll identify programmers' tasks that can benefit from using the right brain, and explore techniques for tapping into the mighty power of the right brain. Imagine what you could do with twice your current brain power! [293]

You've bought into microservices. You've bought into *evented* microservices, and you're even looking at using event sourcing. You see the value of decoupling separate concerns temporally as well as spatially. You want long-term productivity and reliability in your system, and you're willing to learn new techniques to get there. But now what? How do you get events from one location to another? Should you use a broker like Kafka or RabbitMQ? SQS? Kinesis? Redis? CouchDB? What features does your event store need to support? Is it more than just moving messages from point A to point B? Where do familiar technologies like RDBMS fit into this? This is going to be a hands-on talk where we answer these questions and actually implement an event store on top of PostgreSQL. The code will be JavaScript running in Node.js, but the principles will hold for any language. We'll implement a simple event store suitable for use in production and see how an event store differs from a message broker. We'll also see that it's not that difficult to get up and running. [323]

Tom Duff once said, "If your code is too slow, you must make it faster. If no better algorithm is available, you must trim cycles." Once in awhile programmers find an interesting problem that they can't put down. This type of problem becomes a framework for exploring and learning new techniques and tools. My problem was the eight letter problem; a problem where brute force necessarily plays a part in any solution. Normally we would shrug it off and stop there, resigning ourselves to the fact that there's simply no great solution. But it's algorithms all the way down. Just because the top level algorithm is unfortunately constrained doesn't mean those algorithms at the next level down must be. Learn some of the tricks and techniques I discovered along the way, and then go find your own captivating problem. [358]

0

Continuous delivery is the practice of releasing your code early and often. By continually delivering your code, changes become smaller and easier to manage. Releasing early also give you a tight feedback loop between your users and QA. Releasing often can be scary as it increases the risk of bugs and poor quality. Pipelines are a deployment concept that can improve quality while maintaining release speed. Forget releasing every 6 weeks, you could be releasing several times a day. Learn to build a pipeline to release your code safely and quickly, in a sustainable way. [153]

At Rain Agency we use Voxa as the main framework to develop high level Alexa Skill. Voxa is maintained by Rain. Voxa allow us to create skill for brands like Starbucks, Headspace, Scooby Doo, Spiderman and many other skill. Serverless has been the perfect toolkit for deploying and operating serverless architectures through AWS. We tend to deploy a lot lambda, Website, API ,DynamoDb, S3 buckets etc. Serverless allow our developers to focus more on the skill rather than worry about Infrastructure. During the presentation i will explain, * the benefits of both tools. * Real use case * Sample code [348]

Growing up in the United States in the 80s the television were very different to what is found on television lately. The shows all had one thing in common, each episode would find the cast of characters focusing on solving one specific crisis. Miraculously by the end of each thirty minute episode, including commercial breaks, they would have found a solution to the crisis and in the process illustrated an important life lesson to the audience. Gareth Greenaway will look back on many of these lessons and what the free & open source community at large can learn from them. Some of these lessons include: diversity, communication, conflicts with friends, and generally growing up. [57]

0

Want to learn PHP? This beginner level session will introduce you to PHP and its syntax. Learn how to make a 'Hello World' PHP page, create a class, build a method, declare and use variables, and write control structures (if, else, foreach, switch, etc.). Get excited to start developing in PHP and leave with a foundation to go and build amazing PHP applications on. [48]

Break for lunch

My talk would teach the fundamentals of CSS Grid while educating on its history and how to become confident using it. We would learn using example layouts created using CSS Grid that would be available to attendees on GitHub. Here are the topics that I would cover. - What is CSS Grid - CSS Grid Support - The journey to get CSS Grid - Creating the Grid - Placing items - Grid Areas - Nested Grids - Responsive Design using CSS Grid - CSS Grid ♥ Flexbox - Best practices - Common patterns - Helpful Tips - Experimental Layouts - Debugging CSS Grid - CSS Grid shortcomings [391]

Docker has received much hype and attention but moving to an architecture that leverages Docker doesn't happen overnight or without some some bumps and bruises. Some of these challenges include local development, making an image artifact that can easily go from environment to environment without being rebuilt, and even externalizing configuration are just a few things you may encounter. This talk would include high level information on the following topics and any relevant tools I have used to overcome these hurdles while moving to Docker 1. externalizing configuration/secrets - what to do when you need dev or prod specific configurations 1. service discovery - where are the other things I need to talk to 1. logs - how do I get or use them since they are in the container? 1. volumes - do you really need them??? 1. monitoring - is my app healthy? [346]

Most developers are developers, not DBAs, yet many smaller companies have inadequate database experience in-house. This is largely because databases like MySQL and PostgreSQL don't necessarily require a full-time DBA to administer. It's become more important for developers at smaller companies to have some basic knowledge of how to keep their database happy. [2]

This talk will start out by introducing basic bash commands, scripts, and concepts, but then move into some powerful tools you can use to optimize your workflow, like shortcuts, Tmux, Screen, Grep, and several other cool things you can show off to all your techy friends. No prior knowledge of the Terminal or Bash is required, but would be helpful. [377]

Have you ever wasted a day on a meaningless refactoring? What could you have accomplished instead? How do you know what refactorings are worth your effort? When you find yourself in such doubt, there’s someone who can help you: your audience. Who are you doing this work for - your end users? Your fellow engineers? Or even future you? This talk explores techniques for focusing on value. Through a series of examples, we’ll learn how to: Shrink your world down to only what’s relevant Use tests to keep your eye on the target Ask interesting questions about the future … but save the answers for later Through these techniques, you’ll be able to spot valuable refactoring opportunities while avoiding the swamp of distractions. With your newfound coding wisdom, you’ll be the envy of your fellow architects. [301]

3

The DAO hack of 2016 shook the cryptocurrency world, lost many people a lot of money, and resulted in a major schism in the second most popular blockchain in history (Ethereum). The code, however, was Open Source. We'll discuss the DAO, the nature of the hack, the fallout, and the nature of code security in an Open Source world. Relying on "many eyes" is no longer sufficient. [277]

Can the culture of your company negatively impact your software architecture? Should your desired software architecture lead to changing how teams are structured in your organization? In this talk I will discuss how this hidden coupling affects software projects and give some specific examples of how Pluralsight leveraged it. [165]

This year's electronic badge has a lot of cool features. I'll be talking about how it works, and what you can do with it during and after the conference. [389]

According to a 2016 survey by Smart Bear Software code reviews are the #1 way to improve code quality. Come to this session to hear why you should be reviewing code and some tools and techniques for making your code reviews effective. [22]

Spurred on by a legacy code base, I've been extending SQLAlchemy to allow for implicit [authorization, access control](https://github.com/dhiltonp/sqlalchemy_auth) and event systems. I'll share what I've done and how it has simplified the way we write code. Along the way we'll look at testing, APIs and the hairy underbelly of SQLAlchemy. [356]

Cyber Warriors conduct integrated and synchronized offensive cyberspace operations (OCO) by targeting enemy and hostile adversary activities and capabilities. These specialists also conduct defensive cyber operations (DCO) to protect data, networks, net-centric capabilities, and other designated systems. They are responsible for detecting, identifying, and responding to attacks against friendly networks with other lethal and nonlethal actions that enable commanders to gain an advantage in cyberspace, across all domains. While there is much discussion and hype regarding Army Cyber Operations, many questions still exist regarding the path to becoming a Cyber Warrior. This talk will be presented by the Leaders of the Utah National Guard Cyber Protection Team and will outline the mission, organization, positions, training, and selection criteria for the Army Cyber Forces. This will include activities that people interested can do now to increase their chances of being selected into the Cyber Career Track. [362]

0

The 9-5 office job is dead. Every day, more companies are expanding their work-from-home policies or hiring remote workers. But, I get it, it’s tough to make the switch. It feels threatening as a manager to let people work from home. _What are they doing all day?!_ The truth is, remote workers are statistically more productive than employees working from an office. Increasingly, the ability to work from home is what job applicants are looking for from a job posting. And if you don’t support or allow remote work, you’re missing out. This talk will dispel some of the myths of remote work and provide real world examples of how to manage your remote teams from someone who’s been doing it for almost 10 years. [70]

0

What is the interface, and what is the experience, when it comes to voice? Using Amazon Alexa as our guide (since it dominates voice-assistant marketshare), we’ll talk about the voice interface–intents, utterances, and responses–and how to think about the voice experience itself. By the end of this presentation, designers should understand the basic process of design (with a focus on writing scripts and understanding intents and utterances) and what principles govern a great experience (such as keeping it brief, error handling, implicit and explicit confirmation, and more). [306]

Load-balancing with HAProxy [337]

1

So you know the basics about how bitcoin works, but have you wanted to know more about second generation blockchain technology? This talk will start with a quick overview of how bitcoin works, followed by an overview of more advanced blockchain and cryptographic technologies such as: smart contracts, zk-SNARKS, IPFS, graph based chains, and alternatives to proof of work mining. [272]

There's a crazed Vim evangelical in your life. They're always talking about it and trying to get you to use it, but you're skeptical. You tried it once, and it took you 5 minutes and a visit to [this page](https://stackoverflow.com/questions/11828270/how-to-exit-the-vim-editor) to figure out how to quit the damn thing. How is anyone supposed to use this? I used to be like you- until that one fateful day, when I found something hiding under those strange keybindings. Something that convinced me to give it a shot, and made me a better programmer by not worrying about the little things. I'm not going to teach you how to press :q!. I'm going to show you atomic edits, composability, and other advanced editing techniques- just the cool parts that make Vim worth using. I'll introduce you to a mindset of combining simple tools on-the-fly in powerful ways, which embodies the Unix philosophy and makes you a better programmer. If you know Vim, you'll learn something new. If you don't know Vim, you'll absolutely want to learn it after this. [310]

0

It isn't new, and it isn't sexy but Trunk Based Development is key to delivering value at the ever increasing rate that customers demand. The basics are simple: Distance (from master) is dangerous. Never break the build. Release behind a feature toggle In reality very few, if any of us follow these practices perfectly. We will talk about some common scenarios when it makes sense to bend the rules. We will also talk about the scenarios that do not justify breaking the rules. Every company and code base is unique and each has different factors that contribute to picking a branching strategy but the trade-offs for breaking the rules are universal. We will talk about them. After this presentation you will be better able to look at different branching strategies and understand the trade-offs being made. With this knowledge you can then determine if your project is using version control in the most effective way to help you realize the goals of your project. [166]

Why are we, as software developers, so bad at estimating how much work a new feature will take? For years I tried to avoid giving estimates because I was “bad at it” and it was “always wrong anyway”. But as a technical co-founder or a business owner, you need to know. We can do better than in the past! Lets understand *why* it is so hard and what has been tripping us up. I introduce an approach that’s been around a long time in other areas but we don’t see being applied to software. Lets find out *how* to apply this approach to our **existing Agile methodologies** and the way modern teams work today. Finally I introduce an OpenSource tool created for software developers that helps us make better estimates. If you can move text around using your favorite editor, then you can do it too. Using a Markdown-based tool, start giving better estimates and tracking your progress and improvement for your own benefit. [249]

0

Ensuring software reliability, resiliency, and recoverability is best achieved by practicing effective defensive coding. Take a crash course in defensive coding with PHP and learn about attack surfaces, input validation, canonicalization, secure type checking, external library vetting, cryptographic agility, exception management, code reviews, and unit and behavioral testing. Learn some helpful tips and tricks from experienced professionals within the PHP community as we review the latest blogs and discussions on best practices to defend your project. [53]

Have you ever needed a fully configurable temperature sensor to complete your IoT project? This presentation focuses on setting up a raspberry pi with a [sense-hat](https://www.raspberrypi.org/products/sense-hat/) running the pico-engine. Come to learn what it takes to set up a raspberry pi sense-hat, stay to see what configuration the pico-engine provides, leave inspired to create your raspberry pi smart sensor. [331]

ARUP Laboratories’s Biocomputing group built a Next Generation Sequencing (NGS) bioinformatics pipeline from software components deployed in Docker containers. The Biocomputing group needed a reliable framework to continuously build and test these Docker images. TeamCity recently added support for building and managing Docker images, which along with other considerations, made it the right solution to manage a continuous integration (CI) pipeline. [385]

Falcon is a minimal but incredibly fast Python framework for building JSON REST apis. It's opinionated and lightweight, but handles a great deal of requests very quickly if all you want is a thin data access and marshaling layer. We'll go over how to build a db backed login-ready API and how it works. [123]

0

With Finite Element Analysis, it's possible to create models that can be subjected to computer simulations, to determine how devices would work in real life. Unfortunately, traditional CAD systems only produce 2D images that literally don't have the depth needed for computer analysis. BRL-CAD is a system developed by the Army's Ballistics Research Laboratory to create solid models. In this presentation, I will provide an overview of how BRL-CAD uses core primitives to create models that can then be used for simulations. [98]

This talk addresses some of the common issues that open source communities face when communicating, coordinating and executing projects. All from the perspective of the KDE Desktop Environment community. [119]

Security has become even more important these days. Many sites have started using 2-Factor authentication. Now you can make your own 2-Factor Authentication service to add to your own applications. Learn how to build a simple token-based 2-Factor authentication web service using Python's Pyramid Web framework and Google Charts Api. This presentation will explain briefly how TOTP 2-Factor authentication works with a token that changes over time. It will also walk through building a simple web service that creates, stores, and verifies the token, thus creating a additional level of authentication that you can add to your own system. [142]

Virtual scrolling is a dynamic pattern that allows a webpage to look and feel endless while maintaining a small set of DOM elements and listeners. This means less work for the browser and more responsive webpages.

All of us have run into annoying scams on-line. We look at how to detect these and how to stay safe from them. We'll go over the most common scams and how to fight them so that the scammer won't try revenge or threats. We'll see what we can do to discourage these scams and have fun doing it. We'll even see a couple of common scams that let us cost the scammers time and money! [79]

0

MySQL has a capability that allows a knowledgeable user achieve performance speedups while simplifying application logic. A user-defined function (UDF) can be written in C++ thus permitting optimizations on a very low level. UDFs are especially powerful when used to performing complex string manipulations, mathematical logic, and in complex computations that need to maintain a state while examining each row. We will provide some examples of UDFs, explain how they work and how to deploy them, and compare them with benchmarks against more commonly used solutions. [42]

Regex is powerful and awesome. But, there are so many tricks, expressions, and confusing terms. Come learn a beginners way to regex patterns, and see how useful it can be even in personal projects. [92]

0

Software which allows users to interact with through traditional conversation (aka a chatbot) is growing exponentially. Over the next few years, people will begin expecting all software to have natural language built-in. In this presentation we’ll walk through how to get started with Amazon’s Lex platform which is the system behind Alexa. We’ll cover some key lessons learned from going beyond the hello-world of chatbots and building real systems which feel natural. [304] Link to Presentation: https://upload.openwest.org/f/1084

How do you separate business rules from technical concerns? Clean Architecture offers a set of principles and practices to help answer that question. Clean Architecture also promises to make changing systems over time easier. This talk will delve into when and how to apply Clean Architecture to new projects. [104]

When learning a new language, some folks prefer to read the language documentation, or work through simple exercises like you might find on http://exercism.io -- but I prefer to have something more like an actual project. I find that holds my focus a little better, and that I do a better job of absorbing the new language syntax and features if I'm using them for something *real*. In this talk, I'm going to outline why writing a static website generator is the perfect task for this sort of language learning project. I'll cover the code you'll need to write in order to develop a simple template-based website generation system, and show how this particular project actually manages to hit all the points you need to understand to claim basic understanding of a language. [217]

Microservices are autonomous. They don't ask questions; they don't answer questions. They do observe and emit asynchronous messages, but your users, want to see usable information and not just a log of everything that happened. *You* need this too, because you need to know if your system is working. How do we turn streams of events into something usable for us and our users? How do we render UIs while still keeping our concerns separate and not devolving back into a monolithic architecture? This talk will answer these fundamental questions. We'll cover: * The fundamentals of Command-Query Responsibility Segregation and see how this technique integrates seamlessly with event sourcing to produce robust, adaptable systems that make our users happy * The considerations between eventual consistency and immediate consistency and when to apply each * The power of being able to mold data into as many shapes as we need to meet our needs, including ones we didn't think of in the beginning * Fixing bugs in our data A mixture of code and concepts, you'll leave this talk knowing how to get microservices to play well together and make your architecture better. [324]

TestML is an [acmeist](http://acmeism.org) Data Driven Testing language. Define what you want with simple inputs and expected outputs, then write your software in any (or many) modern/popular language(s). The best software is defined by tests. The best tests are mostly data, with the slightest bit of code to let the test framework know what to do with it and what to expect. This is TestML, and it works in the programming languages you'll find here at OpenWest. Learn how to love writing tests, and in a format that you can take with you to any programming environment. [309]

When compared to through hole components, surface mount devices can be intimidating to many hobbyists. This talk will present a crash course on using surface mount devices in your designs. We will cover common packages to be familiar with, design considerations to be aware of, and how to get tooling set up. Using surface mount technology can drastically reduce the time it takes to assemble boards and opens up the door to mass production! [116]

Automate migration of virtual machines with a push of button. The tooling inside of oVirt and ManageIQ can help. Learn about how ManageIQ can accelerate the migration with the insights it has into your proprietary virtualization solution and migrate your virtual machines to an open source platform such as oVirt. [83]

We need to bring civic education and engagement to the 21st century! The first step in increasing civic engagement is providing an easily accessed portal into the world of politics and governance. The next important aspect is to keep the information provided personally relevant to the user. When only relevant information is provided to the user, they are more likely to stay engaged and follow through with learning about their representatives and contacting them without hesitation. We are building a mobile app that provides these two important steps in one convenient location. With it, voters will be able to know exactly who is running for office to represent them. Much time is spent attempting to figure out who our options really are in primary races. Many potential voters become apathetic and disengaged at this stage of the process. We are working to take all of the guesswork out of the equation and let the voter decide who adds up to be the best representative to earn their vote! Why the GNU GPL v3 License? Everyone can use it. Anyone can improve it. Software designed for civic education ought to remain open no matter who may repackage it for their own purposes. [197]

Languages like F# and Haskell offer superior type systems that are great for capturing your domain, preventing errors, and communicating intent. We'll explore Algebraic Data Types in F#, which allow us to create lightweight, composable types. If your main experience with static type systems is in languages like Java or C++, come learn an alternative approach. [294]

Grab some dinner and stop back by the Main auditorium and join us for some board games with fellow attendees. We'll be hanging around till at least 8 p.m.

Welcome to OpenWest 2018

Cydni is a technology exec, digital strategist and speaker. She is CEO of ForgeDX a digital experience platform company. Prior to that she was CEO and founder of venture-backed 3DplusMe, a 3D printing personalization software platform, that was acquired. She spent 4 years at Disney as an Entrepreneur in Residence in Imagineering driving technology commercialization across Theme Parks, ESPN, ABC and Interactive. She is faculty for the Goldman Sachs 10k program and Babson Exec Ed and founder & President of the Women Tech Council. Prior to Disney she was COO and CMO at technology companies that were acquired by Ancestry, Proofpoint & FAST. She has built technology & digital experiences used by the world’s largest brands, retailers and companies including Disney, Microsoft, ProofPoint, Ancestry, Marvel, Star Wars, Facebook, MLB, MLS, Warner Brothers, NFL, Disney Stores, Target and Walmart. Cydni holds a master’s degree in business administration and a bachelor’s in computer science from Brigham Young University.

Mike Place has a twenty-five-year career in and around open-source in just about every way imaginable. Currently, he is the Principal Maintainer of the SaltStack project — one of the largest and most active Python-based open-source projects in the world. When he’s not hacking on code or wrangling developers, he travels the world speaking about DevOps and infrastructure automation. Additionally, he is the Mentorship Director and one of the founding board members of ZimboPy, which offers free classes in Python-based software development to young women in Zimbabwe. In his spare time, he enjoys literature, poetry, and robots.

0

Can learning to think like a designer make you a better programmer? Decide for yourself as we dive into principles of human-centered design. After all, aren't the other programmers who read our code... human? Come learn why there is no such thing as human error, just bad design. Also, learn why immediately solving the problem presented to you isn't always the right thing to do. Instead, it's important to find the right problem before finding the right solution. We'll also explore how existing software design patterns such as DRY and SOLID fit into the world of design.

Come learn about the amazing container orchestration platform from Google. We will cover these topics: - The basic concepts of container orchestration with Kubernetes and why it is getting so much hype right now (31k stars and one of the most active open source projects on Github) - Some of the differences between it and other orchestration software (Docker Swarm, Apache Mesos) - Some of the early gotchas and how you can avoid them in your Kubernetes rollout - Some of the early projects built on Kubernetes that take it to the next level If you are just getting started with containers, or are a seasoned veteran, this is a great opportunity to talk to someone about their experience with these exciting technologies in production. [101]

Once we built APIs. OK, we still build APIs, but that's not all we build. We build streams and queues and other things too, also technically interfaces, but they start to take on a different tone when we use them to feed our applications, to feed our reports. We start to call these data pipelines, because it expresses the important thing here: that the data gets delivered. I like to do a little more with my data. I also like to make it reliable, so when it shows up messy, or when my work on it makes a mistake, I can recover. I also like to handle common issues so that I don't have to attend all the meetings to make excuses for things I forgot to do. This talk builds a foundation for the fundamentals you'll need to build or refine your own data pipelines. Whether you're batching, streaming, or MapReducing your data, you can setup basic principles to ensure you're starting strong. [36]

Starting from the basics, shows how to modify single lines in a file or stream, re-arrange data for easier processing by other tools, idempotently modify entire sections, and more. [335]

As our profession grows and matures, it becomes more and more important for us to develop a sense of what it means to be a software professional. Analogies to existing professions are easily drawn. Precision and analytical problem solving are essential. So are we engineers? Creativity and willingness to try things we’ve never done are core to success. So are we artists? We are a new breed of professional that draws on but is unique from what has come before. [23]

0

Cheap, network connected devices are everywhere but the Internet of Things has created an Internet of silos. Every vendor has their own platform and their own app. What if there was a way to bridge them all and take back control of your smart home? Well there is, it's Open Source, and it's called Home Assistant. Learn how to install Home Assistant, how to connect to existing smart home components (lights, switches, Internet APIs), how to leverage Open Source platforms like Raspberry Pi and Arduino to build your own devices. [7]

When I got married, my parents bought me a day planner and a copy of Stephen Covey's "The 7 Habits of Highly Effective People". I got about twenty pages into the book, got discouraged, and put it on the shelf. Twenty years later, I've returned to the book -- and tried to apply it's teachings to my career. In this talk, I'll discuss seven habits that I've found in common among the most effective software developers that I've encountered over my career. Along the way, I'll share some funny stories and insightful anecdotes that will hopefully help to make you a better developer. [234]

Internet users are accessing web information across a variety of formats and devices. Managing all these touch points and creating brand and messaging consistency is a growing concern. Headless CMSs address this problem by providing a content API and a single control point for managing all of the content while allowing the various sites and apps to handle templating and design. There are side effects to sharing content between touch points, most of which are good, a few of which may be “bad” for your situation, and some of which are simply different. Managing content and developing websites with a headless CMS requires a mindset shift. Because it can be a big shift in mindset, it makes sense to try things out before committing to a headless CMS. Luckily, there are several free and/or open source headless CMSs that you can try out, such as Directus, Cockpit, and Netlify CMS. You can even use the WordPress API to try out WordPress as a headless CMS. [285]

Learn to create web applications in React by doing. Follow along as V School’s head of curriculum Bob Ziroll teaches an introduction to React with enough information to get you started building your own web applications. We’ll help you understand what the hype around React is about, how to create a basic React application, and all the most common topics you need to understand to continue learning React.

0

Have an old mission-critical C library critical to your business? Maybe you want to make it accessible to a newer crop of developers? Perhaps you simply want to avoid a total re-write into a higher level language? Maybe you just want your code to be blisteringly fast, and take advantage of the C-level features of the PHP engine. I'll show you how to make those C functions accessible to your PHP developers, and how you can save time and money by doing so. This lecture will show you how to start a new PHP extension, start strapping in your C library, and gradually add test cases to keep you sane. You'll see mostly C-code, with very brief glimpses of how it translates to be usable in PHP. [150]

Twisted is an event-driven networking engine written in Python. This talk is for people familiar with programming in Python who would like to be introduced to Twisted. We will discuss event-driven programming in general and will look at a few commonly-used classes which support it, showing their use in code examples. We will demonstrate a couple of simple servers and clients. We will talk about the Twisted Application Framework and show its use in a network service. We will examine clients for existing, supported protocols, such as web and IRC. We will talk about where to find information about Twisted, and how to join the community. [139]

0

We're all at different places along our path toward ultimate Perl Mastery, which is of course the end goal of any devoted Perl hacker. Some of us are just beginning and find ourselves facing the perplexities of sigils. Others are further along the path, now trying to wrap their heads around contexts. And then, once you think you're feeling pretty okay with Perl... bam! Regular expressions. Yeah, there's a lot to learn. But the journey is fun! In this talk, I'll present a list of various tips, tricks, modules, techniques, whatever that have helped me level up my Perl. You'll get the most out of this talk if you know at least some Perl or at least are curious about some of the crazy stuff Perl hackers come up with. [397]

This is not the PHP of old. Learn what's changed in the PHP world over the last few years. Classes, objects, statics, traits, unit testing, composer, password hashing; it's a whole new ballgame. Learn what has changed in the PHP world over the last several years. We'll cover The newest PHP language features. Community efforts such as the PHP Framework Interoperability Group, Composer, and PHP the Right Way. How to secure your application using up to date techniques. [29]

Now that CSS grid/flexbox is available in all major browsers, learn how to use them to make layouts. We will be building "Google Inbox" from scratch using css grids + flexbox. Follow along at: http://bit.ly/2kVaK3I [87]

Have you ever wanted to track the location of a physical object? Would you like to trigger an action such as sending a notification or even locking a deadbolt based on the proximity of that object? The problem is, how to do this without spending a small fortune? In this session, Blaine walks through a project that uses multiple inexpensive Raspberry Pi Zero Ws to track a small Bluetooth Low Energy beacon. After a short explanation of BLE beacons, he installs and configures the Pi. Next, he builds a small NodeJS application used to interact with the beacon and sets up alerts with triggering actions. Beacon tracking generates lots of data for analysis, which needs a home, ie, a database. Using REST APIs, Blaine enables the NodeJS application to both GET configuration data and POST beacon data. With the data safely stored in a cloud database, Blaine finishes up with a demonstration of how to use spatial queries to determine the location of the beacon and display this information in an IDE. All code used in the session is available on GitHub under an open source license. Attendees will come away from this session with the tools to build their own beacon scanning system that won't break the bank. [220]

Data science is having a growing effect on our lives, from the content we see on social media feeds to the decisions businesses are making. Along with successes, data science has inspired much hype about what it is and what it can do. So I plan to try and demystify data science and have a discussion about what it really is. What does a day-in-the-life look like? What tools and skills are needed? How is data science successfully applied in the real world? In this talk, I’ll be providing insight into these questions and also speculate the future of data science and its place in business and technology. https://www.slideshare.net/DylanGregersen/wtf-is-data-science-102732655

There's a fundamental problem in this world: localhost. It seems like that's where all the fun happens... but it always happens alone. Isolated. Stuck on the 127.0.0.1 that no one can get to but you. In fact, that doesn't really sound like fun at all, does it? But it doesn't have to be that way. What if every time you were about to localhost, you Internetted instead - for the whole world to see! I'm going to take you on a journey of dynamic domains and introduce you to a new way of developing in which a magical tunnel bridges the gap between your local disk and the global network. Using Dynamic Domains. [375]

#Challenge Every new day seems to bring about new revelations regarding your data and your privacy. Many of these decisions are made without your consent, and often without your knowledge. The businesses and data aggregators that are pursuing and collecting data about you are interested in doing so without limitation. Allowing this to happen can have some serious consequences. #Consequences Once your data is collected a number of outcomes are certain: - You can never remove it - You can never control how it is used - You can never control who it is shared with - You can never know what conclusions are being drawn from the data (or how they are being drawn) - You can never correct erroneous data All of these consequences leave you as simply a subject for analysis and monetary gain. #Empowerment I believe that the only way to solve these problems is to take control of the data you generate or allow for collection. When you limit the data you generate or allow to be collected you become your own superhero with the following powers: - You control who has your information before it can be stored without the need to worry about removal - You control whether your data can be used at all and can prevent misuse entirely - You can decide with whom to share your data - You prevent any conclusions you do not expressly allow (including erroneous ones) - You can be free from worrying about erroneous data by controlling the data in the first place #Tools In addition to careful consideration of your data and your privacy, some tools are needed to make your privacy goals a reality. In this presentation we will discuss and demonstrate effective open-source privacy tools that put you in control of your data. [300]

Ever think about switching to security? Not sure if you have skills or know where your career might end up? Been in security a while and not sure where to take your career? Security is a broad field that could take your career in a number of directions. This talk is aimed at helping those who are interested in security to discover what resources and tools are available to help them on their career path. The presentation will start of with a bird's eye view view of security and domains within that field. From there, the presentation will cover simple approaches to learning more, experimenting, and developing both technical and soft skills. Littered throughout, I will share personal experiences of missteps and successes I've had along my own journey and ultimately, what I wish I had known when I started. [444]

This talk is for you, the documentarian, developer, student, or community member wondering what you can contribute to open source and how to get started Contributing to open source is a great way to give back to a project you care about, grow a community around software, and help make a project more useful. But often those who want to contribute have a few assumptions or misconceptions that prevent them from making that first pull request, including: * I’m not a good enough programmer to contribute to open source * I don’t know the repo well enough to contribute * I don’t write code, so I have nothing to contribute * I’m just a student / community member / manager / llama, I don’t have anything to contribute * Contributing to open source is hard * Contributing to open source doesn’t benefit me at all In this talk I'll discuss several ways open source projects need your help, what to look for in a project you’re contributing to, and some first steps to making your first pull request. The truth is that everyone who uses a technology can help that technology, whether by submitting a bug report, correcting a spelling error in documentation, submitting a patch to fix a bug, adding unit tests, updating dependencies...the list goes on. [59]

React Native is a framework that allows you to build real native apps with Javascript. For developers with a Javascript background, and for companies that can’t justify building native apps for both iOS and Android, it sounds like a dream come true. Come find out if React Native really lives up to it’s hype! [227]

0

Sysdig falco is an open source, container security monitor designed to detect anomalous activity in your applications. Falco lets you continuously monitor and detect container, application, host, and network activity... all in one place, from one source of data, with one set of customizable rules. In other words, think snort + ossec + strace. In this talk, I will discuss how to install falco, how to create monitoring rules, and how to respond to malicious activity. Slides and example code will be provided via GitHub.

We will explore what its like to develop a server side web application using Yesod a web framework written in Haskell. We will go over some of the tricks I've learned while using Yesod for the past year at LiveView Technology. [55]

Microsoft has open sourced .NET and made it cross-platform on Mac and Linux, and done a surprisingly great job of it. In this talk I'll walk you through creating a simple .NET app — LIVE — on a Mac, and I won't use the mouse even once — that's how good the CLI support is. It's easy, and more importantly, it's useful. The .NET Core tooling has made a believer of me — come see for yourself just how good the new open source .NET Core is! [218]

Sometimes, off-the-shelf solutions just don’t quite do the job. They either lack required features, require too much configuration, or aren’t optimized for a specific use case. In my team's case, we had a difficult time finding a reverse proxy that could dynamically discover Kubernetes resources without a large amount of configuration. Luckily for us, Go provides a large standard library that had everything we needed to roll our own. In this talk, I will describe why we made the decision to use Go’s httputil library to create a reverse proxy, rather than leverage Apache or Nginx, and will speak a bit about why others might reach for it as well. After that, I’ll provide a short introduction to Go and we’ll write a simple reverse proxy together. [288]

During the break for lunch, you're welcome to listen to Paul Allen in the keynote room. Following his keynote, he will spend time in a small group Q&A session with those who purchased the Business-level tickets. As a serial entrepreneur, Paul has spent his career building motive-driven companies with talented individuals from different fields. As a founder of 8 companies, Paul has led many executive teams to perform at high levels and engineer hyper-growth into their products and services. Although he is best known as the Founder of Ancestry.com (now worth 2.6 Billion), Paul is hoping to make an even bigger impact with his current company, Strengths Inc.

So, you’ve spent weeks designing a beautiful and usable workflow and interface for your users or clients. You are super excited to release the project and see how people will really experience it beyond the user testing. Quickly after release you learn that people are not happy and you realize that a small piece of your design that you didn’t even think about is making people grumpy… turns out those small things that we all neglect in the design process actually mean a lot. [266]

Rapid innovation, changing business landscapes, and new IT demands force businesses to make changes quickly.  In the eyes of many, containers are at the brink of becoming a pervasive technology in Enterprise IT to accelerate Microservices delivery.  In this presentation, you'll learn about the            • The transformation of IT to a DevOps, Microservices, and Container based Architecture            • What are containers and how DevOps practices can operate in a Microservices based environment            • How Kubernetes can reduce software delivery cycle times, drive automation, and increase efficiency            • How other organizations are using DevOps + Containers with Microservices and how to replicate their success  Also, a demonstration of automated container based Microservices builds and pipelines, running Jenkins CI on Kubernetes, and continuous deployments of containerized Microservices with Kubernetes. [237]

It is generally accepted that you should always use proper version control when developing software. Why wouldn’t you do the same with your database changes? It's even more important as part of a DevOps Continuous Integration strategy. Evolving your database Schema using SQL scripts seems easy at the start, but quickly becomes a nightmare as your application grows more complex. How do you track which scripts have been run? How do you rollback changes? Can you conditionally run certain changes for different environments? In this talk Blaine Carter will discuss using a schema migration tool called Liquibase; a database independent, open source tool for managing database changes. Blaine will demonstrate some of the major features and functionality of Liquibase including how to extract your current schema into Liquibase, make changes and roll them back. You will come away from this session with a better understanding of Liquibase specifically and the value of using a schema migration tool as part your CI/CD strategy. [222]

One challenge in moving to a micro-service architecture, particularly one that leverages Docker, is configuration and secrets. Our apps need configuration in order to run. Not just one configuration, they need a different config per environment with different secrets. After all you don't want to point your dev environment at the production database right? Whether that is locally during development, deployed to a staging environment, or all the way to production we need to give our applications what they need in order to run in that environment. Information in the session would include... 1. where to put configuration and secrets 2. give your app the fishing pole and an address so it can get the fish itself, I mean config... 3. stacking default, external, and environment values to build out your configurations - high level with a node specific example 4. validating the config 5. the freedom externalizing your configuration gives you This session would focus on externalizing configuration using Consul and Vault Tooling is language agnostic but any implementation examples to Consul/Vault would be presented nodejs [349]

Learning React can be confusing. React is a library, but even more than that, React is an ecosystem of tools that you piece together to create an application. This is a powerful property of the React community, however that ecosystem can be frustratingly distracting when you’re a newcomer trying to get your feet wet. The key to avoiding this frustration and confusion is to learn React (and its ecosystem) in the right order. In this talk, we’ll go over what that order is and give a roadmap so you can have a vision of where you’re going. Let’s learn how to learn React! [160]

Mob programming is collaborative coding similar to pair programming. It is described by Woody Zuill as "all the brilliant people working on the same thing, at the same time, in the same space, and on the same computer." In this talk, I discuss my experiences on a team that practiced mob programming daily. I cover what mob programming is, the principles that make it effective, and many of the benefits it provides. [21]

Understanding inheritance within JavaScript is not for the faint of heart. Inheritance is essentially a code reuse pattern. A way for different kinds of objects to share code. The way that you share code matters because if you get it wrong, it can create a lot of problems In this talk, we are going to work through some common concerns, including prototypes, constructors (and super keyword), the new keyword, and how classes work (in JS). [40]

An overview of the protocols that allow a Service Provider (SP) to re-use the authentication services provided by a remote Identity Provider (IdP). Will cover Security Assertion Markup Language (SAML), its nomenclature, and its handshake strategies for authenticating users across federated services. Will show examples of SAML using PHP libraries such as LightSAML for identity providers and OneLogin's php-saml for service providers. Will discuss XML documents used for metadata and x509 certificates used to authenticate transactions. Will show the steps for initiating a SAML authentication validation request, generating a validation assertion, and decoding a validation assertion. Will cover OAuth 1.0 and real-life application using IMS Global's Learning Tools Interoperability (LTI) protocol. Will show examples in the PHP League's OAuth 1 client to accept inbound requests from Instructure's Canvas client. Will discuss shared client keys and shared client secrets used to generate OAuth 1.0 encryption values. Will cover OAuth 2.0, its differences from OAuth 1.0, and real-life application with Facebook and Google. Will show how to register a web application with these identity providers, and how to initiate handshakes using various redirect strategies. Will discuss the difference between authentication and authorization. Will also review the additional layer of extending proxy authorization for tasks and how to use refresh tokens to gain access to authorized services. [73]

Learn the concepts of state management in web applications by doing. Follow along as V School’s head of curriculum Bob Ziroll teaches the concepts of Redux, why it’s useful, and how to use it in a React application.

Join Travis as he explores the fun and challenges of controlling LEGO® Mindstorms using Perl. He will walk through his setup, talk about challenges and bring an example or two to share! [369] Slides (reveal.js): https://github.com/gaudeon/robotics_using_perl_and_mindstorms Demo Project: https://github.com/gaudeon/demo-ev3pm

POE, AnyEvent, and IO::Async are three of the principle options in performing asynchronous operations in Perl. We'll start off talking about appropriate use-cases for evented programming and the challenges of writing for asynchronous systems. Evented systems tend to be chatty, so we'll also talk about messaging and conclude with some examples of how to implement a simple asynchronous task in the various architectures. I promise not to mention "blockchain" in any way but ironically. Probably. [370]

0

The open source community is vast. The greater tech community is even bigger. In the last year, we’ve watched reports about how bad our treatment is of women and marginalized groups within the tech community...it doesn’t take long to find pages and pages of stories. I am a white male from a middle class family and I am well aware of my privilege that other people within our community don’t share due to their gender identity, sexual orientation, mental or physical health, the color of their skin, what part of the world they were born in, etc, etc, etc. This talk will address the problems that exist and how those of us who have privilege can use our powers for good to make the community a better and more inclusive place for everyone. [69]

An intro to some of the language features of the Kotlin programming language, comparing and contrasting those features with Java. [12]

When you think of batteries, do you think, "I'll just slap some AAA or a Lithium batteries in there and call it good." If that's you then this presentation will introduce you to what goes on behind the scene. Some batteries are sprinters, others are long distance runners. Some are fair weather performers, others are hardy. There is a great diversity of batteries out there and understanding their strengths and weaknesses will make your battery powered (embedded, M2M, IoT, etc.) device go that much longer. This talk will also discuss what can be done in code to help maximize the lifetime of battery powered devices. [5]

Capturing Infrastructure as Code is great, but the real power lies in collaboration and reusability. This talk shows how open source tools like Terraform allow us to apply existing technologies and techniques like CI/CD, code review, Pull Requests, and more to Infrastructure as Code. This talk is about stealing… it’s about stealing the existing technologies, practices, and workflows that application developers have had for years and applying them to the operations space using Infrastructure as Code. The two primary components of the talk are: 1. What is Infrastructure as Code? 2. How does the free and open source tool Terraform enable new workflows using IaC? Topics include: - Using Terraform to provision cloud resources - Collaborating on Pull Requests and code reviews - Automatically testing infrastructure changes - Pushing infrastructure changes as a result of a git-merge [105]

0

When training machine learning systems on audio data for tasks like speech recognition it is useful to first transform the audio into a rich intermediate representation like a spectrogram. Although with enough data effective models can be trained to use the raw audio as inputs models which begin with rich representations typically perform better. I will talk about several different audio representation schemes including spectrograms, mel filter banks, and MFCC's and wavelets. We will discuss how each of these representations works, the types of information preserved and destroyed by each, and their strengths and weaknesses from a machine learning perspective. [322]

Do you know your encryption from you encoding? Do you twitch when someone says your password is encrypted - or worse, sends it to you in a plaintext email? Have you ever wondered how you *really* know that the person you are talking to is who they say they are? In the world of web development, you need a basic fluency in cryptographic principles. We'll cover some of the basics that you need to keep your data safe from prying eyes. We'll cover a broad range of cryptographic primitives, including * Hashing functions * Symmetric and Asymmetric Encryption * Message Authentication Codes (MACs and HMACs) * Password salting and hashing Coming away from this talk, you will have a good working knowledge of what technologies you should use (and which you shouldn't) and why you should use them. [243]

One of the things I love about React is how easy it is to encapsulate UI code into a component. I love this because it makes reuse of those components easy. But is it easy? I’ve made my fair share of components that had to accept a bunch of props to handle a growing list of different use cases resulting in a complex render function full of conditional statements and a confusing API for people using this “reusable” component. Eventually it becomes too much and I had to make a new version of the same component to handle slightly different use cases. Lots of code/bug duplication there because my reusable component wasn’t reusable enough. There are patterns that have emerged in React that allow you to promote code reuse without sacrificing the simplicity or flexibility of the component. In this talk we’ll go over 5 of these patterns that will make your React components more useful. [161]

WebSockets are an underutilized tool to take our apps to the next level of interactivity and responsiveness. The front and back end are more tightly coupled. I'll discuss when you'd want to use them and when you might just stick with AJAX. Some history, and some award-winning sites using WebSockets. I'll also discuss an example app under development in the field of education services to show an approach to front-end development using an imperative coding style (non-template-driven approach), and how WebSockets can replace AJAX altogether.

0

New to Go, but not programming? Want a primer on the marvel of goroutines, and channels? Maybe you can almost wrap your head around them, but the synchronization nuances are elusive. In this tutorial, we'll write a small program together to demonstrate the power of goroutines and how they communicate with each other. You'll never go back to Java's threads.

C# has had three updates in less than a year, 7, 7.1 and 7.2. What’s new in these versions? The short answer is a lot. Rather than one or two big features, these releases have added a lot of small features to the language, both to make some kinds of standard boiler plate code easier to write and to add even more features from functional programming to C#. In this session we’ll talk about some of the bigger ticket items like the new tuples, pattern matching and expression bodies, plus a host of smaller features. If you’re interested in getting caught up on the latest C# language features, this session is for you. [6]

57 million Americans have a disability and use the internet daily. It is our job to ensure there is the same experience for all. What are some of the tools we can use to validate our code/design and what are the measurable standards for us to use? Also, what accountability is there with the Department of Justice? [233]

0

It's time that Social Security number become meaningless again. With the open protocol proposed in this talk, people will be able to control what data they share with companies, specified the allowed storage time for that data, and keep a secure record of each transaction. Raw private data will no longer be centrally located. Companies, agencies, and businesses will have solid verification of identities. For this to work, adoption will be vital. This talk is a call for any individual, company, or government entity to engage in building a new framework for identity that is immune to central manipulation or attack. [134]

0

Automattic is a global company with over 670 employees in 60 countries speaking 79 different languages — all working remotely. Even with the inherent diversity in such a global operation, we work hard to build Automattic as an environment where people love their work and show respect and empathy to those with whom we interact. This talk will discuss Automattic's Diversity and Inclusion Strategy, and how we're working as a company to increase workforce diversity, grow internal talent, increase internal engagement, and become a visible culture leader globally. [118]

Getting started with Ansible can be quick and easy, almost as easy as using SSH! In this hands on workshop we will dive into Ansible. Starting with simple command-line examples, then moving into roles and complex configurations which demonstrate the flexibility and idempotency of Ansible. The remainder of the workshop will cover a basic exercise to getting more hands-on familiarity with ansible, playbooks, inventories, tasks, variables, roles, templates, modules, security, configurations, etc. The remaining time, if any, will be Ad Hoc. Essentially, we'll cover advanced topics, gotchas, questions, etc. Including possible topics like: * How to leverage Ansible for cloud and in-house deployments. * Ansible Container * Ansible Galaxy * How to build your own module * Callback Plugins * Your specific questions! Things you should bring to the workshop: - A laptop that can use SSH - Ansible, installed on laptop - An extra battery for the laptop (optional) - Your brain

Designing a great user experience is more than just a pretty looking UI and a user workflow that is efficient and usable. A great user experience is also one that is trusted. To often we break that user trust by designing dishonest interfaces - breaking the users expectation of how the interface behaves. Designing honesty is more than not lying or tricking your users, it’s making sure you are setting their expectations correctly. Let’s chat about what makes an honest interface and how to promote design honesty within you product and company. [267]

Unattended bootstrapping of environments brings with it the challenge of securely transferring sensitive information such as keys without exposing the information or leaving a trail of artifacts that could be used to reconstruct the information or otherwise compromise the security of the information or the resources associated with it. This talk describes one method for securely transferring sensitive data to a computing host during the bootstrap process through the use of AWS Lambda in a single-use configuration. [137]

Make Salt Lake has been designing and deploying an air quality sensor that uses principles of Internet of Things to share and report data. We have continued to improve the sensor hardware, build services, and engage people in the issue of measuring and improving the air we all share. We made it through a full calendar year of data collection and adjustment and learned quite a few lessons about going from a hobby project to something more serious. I'll recap the hardware and software, connect it with general IoT principles, and suggest ways we can apply this work in more sensing projects. [251]

- What makes a web app a PWA - Implementing app like properties (Fast, Offline first, Responsive, Engaging) - Progressively enhance your web app using Service Worker - Creating engaging and fast animations using FLIP - Taking your app offline - Engage using push notifications - How to debug your PWA - Community tools to help create your PWA's - Common patterns - Best practices - Browser support [395]

0

Python is an awesome tool in computer security. In this talk, I will give examples of using Python to automate attacks, such as gathering information about a network, using sockets to connect to remote servers, and using Beautiful Soup to parse web pages. I will also discuss several real-world CTF challenges, methodologies for developing an attack, and how to use Python to automate the attack. Slides and example code will be provided via GitHub.

The richest people in the world became rich through company ownership — stock. More than just the founders make enough money to retire, though. To make it big for yourself, you need to understand what you’re jumping in to. This session covers how to find startups, how to evaluate their risk and reward, and what you need to know about their stock. [162]

Undefined is not a function? A tour of popular languages that compile to JavaScript and when you should use them. Languages talked about: - Elm - ReasonML - TypeScript - Babel - etc... [228]

0

An understanding of program evaluation can be a truly enlightening thing for a programmer. By breaking down the process to its essence and implementing the parsing and interpretation steps for a Lisp, we will explore both the interesting and oddly simple algorithms employed in making a language. Our Lisp will have familiar characteristics like variables, higher-order functions, conditionals, and lexical scope. Code and slides can be found at https://minond.xyz/pti-talk [149]

It's been nearly 10 years since YAML 1.2 was finalized. In this talk Ingy döt Net, one of YAML's creators, will talk about the next YAML spec release (1.3) and what you can expect. You're also likely to learn quite a few things that you didn't know about the current YAML. [311]

For this year's episode of #ShowMeTheBinary we'll be diving deep into one of the fundamental protocols of the Internet: DNS. It's old and it's boring... or perhaps it's just misunderstood. Either way, we all use DNS every day - it's the Internet's phone book, the start of every call to the cloud. Come, relax, and satisfy your curiosity as you learn all about DNS - from Zones and Domains to Resource Records and mDNS and back again - splattered with various record types, endiannesses, and plenty of other things generally considered solved problems. Amazing things that you'll probably never actually need to know, but surely make for great conversation starters! [374]

Powershell is a scripting language and environment that is integrated with all modern version of the Windows Operating System. It provides access to many powerful functions of the underlying operating system that can be used for both good and bad. This tutorial will leverage the work of many leading security experts (such as @mattifestation, @Carlos_Perez, @explanoit , @HackingDave and others) to provide students with a variety of tools and techniques for using power shell during Information Security Testing . This will include both Offensive (Enumeration, Exploitation, Persistence, Post-Exploitation) and Defensive (Enumeration, Detection, Analysis, and Remediation) techniques. This is an Mid-Level to Advanced course. Participants should be familiar with the Windows Operating System and using PowerShell. *IMPORTANT* Participants should bring their own laptop with VMWare player installed. Laptops should have a minimum of 8GB or RAM and be capable of running 3 VM's simultaneously. (2x Windows 7 and 1x Kali Linux). VM's Links and/or Build Instructions will be provided prior to the Talk. [363]

Is Windows holding your PC hostage with a certain program? Would you switch to Linux completely "if only Microsoft Office and Blizzard games worked in Ubuntu"? Do you have trouble getting Netflix or any other application working in Linux? You can delete windows forever after you learn about Linux gaming and compatibility layers! [442]

Machine learning models are becoming more and more commonplace across all software platforms. Amazon Web Services (AWS) is constantly coming out with new tools to do so. In 2017, at re-invent Amazon announced their new service called Sagemaker which streamlines the process for Data Scientists to train and deploy scalable machine learning models. The end result is a convenient API endpoint for easy integration into any software. In this presentation we’ll walk through how to get started with AWS sagemaker covering the three common setups: 1) Amazon’s built-in models 2) Bring your own model 3) bring your own container [303]

2

In this tutorial, we will actually build a fully functional website and utilize all the major features of django, including database ORMs, form processing, building an API, and template/context processing. We will determine the (feasible) features of the website at the beginning of the tutorial and I will show you how to make that happen using, Python, Django, Javascript, HTML, and CSS. This is a great introduction to being a full-stack engineer on a fully featured and easily scalable framework. Tutorial repo in github: https://github.com/tyggna/openwest2018django

An overview of the entire process for anyone interested in entering the space. We’ll talk about bringing a skill to life, from concept, to design, to development, to QA, to certification from Amazon, and finally–end with a skill that works on your Amazon Alexa at home. Basic steps will include: deciding on good use cases for voice; writing out scripts; basic principles of voice experience, such as keeping it brief, sounding natural, error handling, confirmation, etc; create a voice user interface with intents and utterances; creating an AWS Lambda function to help you on the backend; and testing your skills. By the end, you'll be equipped with what you need to start on your journey of voice application design, with handouts and links for learning more. [307]

Apache Solr is a "popular, blazing-fast, open source enterprise search platform." This tutorial takes you from never having heard of Apache Solr to having a working search engine. The focus will be on configuring, indexing, and querying. Proper and effective installation of Solr is outside the scope of this course hence we will use Docker to get started quickly. Prior to attending the tutorial, you should install Docker (https://www.docker.com/community-edition) and run the command `docker pull byuhbll/solr` . This command will cache the BYU Library's Solr image, which is ready to run SolrCloud in a single node. [321]

Break for lunch

Cars and generators that seem to run on water? Sounds impossible! Yet inventors sometimes stumble across a huge energetic phenomena, which they unwittingly attribute to hydrogen, as they explore water electrolyzers, Brown's gas, HHO and hydroxy. This presentation culminates ten years of research and discloses a surprising, new explanation: In an engine's combustion chamber, water nanobubbles or fog particles convert to microscopic ball lightning when subjected to a wide plasma, abrupt electric discharge. For a few milliseconds thousands of tiny plasmoids manifest a huge anomalous force on the piston. The plasmoids self-accelerate due to their coherence with the quantum vacuum's zero-point energy. The behavior mimics a thunderclap. Herein offers an easy success for inventors: Just create the conditions of a thundercloud in an engine's combustion chamber. [130]

Get a jump start on learning container orchestration with Kubernetes! This one-day workshop will take you through the basics of installing a local version of Kubernetes and deploying a full stack web app, complete with all the bells and whistles that Kubernetes offers. We start with a container overview (Docker) and then work through Pods, Services, Deployments, Replica Sets, and Ingresses. We take the approach of learning the concepts in the order of the needs when deploying a full-stack web application, so you understand the “why” behind each primitive. This workshop is targeted at developers who want to learn how to build, deploy, and scale services on Kubernetes. This is NOT for systems engineers who want to learn how to install Kubernetes or learn about the internals. [102]

Do you hate the Facebook API? We all do as well. So stop writing your API in their footsteps. In this talk we will walk through how to construct a RESTful API, what makes an API your users/developers will love, and why you should eat your own dog food with API Driven Development. [32]

Tutorial introducing aspects of robot firmware engineering for control of robotic vehicles. Includes motor and drive control systems. As an example, we will go under the hood to create firmware for a small functional differential-drive robotic vehicle. [292]

=== CLAS BREAK DOWN === a) Presentation about Node.js (No codding) b) Installing software c) Tutorial: Coding of a Node.js + Express.js App (Yes codding) Tutorial Explanation: This tutorial is for beginners because in the presentation I will explain in detail what is Node.js and where it came from, but by the end of the Tutorial, we will have a finish and beautifully styled Node.js application, that we code from zero, and while coding I will explain line by line what is what I'm coding. This presentation is highly attractive for JavaScript beginners. Here are the links to the deploy application that we will be coding as well as the code in a GitHub repository: Live-App: https://mysterious-sands-90715.herokuapp.com/ GitHub: https://github.com/Edxael/StarShip-Heroku -- SCHEDULE -- Presentation ........................ 1 hrs Installing software ............... 0.3 hrs Codding App ....................... 1.5 hrs ******************************************************************* === Software to Install === Is highly advice that you install the following software before the class: 01) Browser: Google Chrome Download: https://www.google.com/chrome/ 02) Tex-Editor for developers(any will work) one example is Visual Studio Code. Download: https://code.visualstudio.com/download 03) Node.js Download: https://nodejs.org/en/download/ 04) **Only for Windows users: Install a console emulator like GIT-Bash https://git-scm.com/download/win https://git-scm.com/downloads "CMDER" Download: http://cmder.net/ ******************************************************************* Note: The Live-App might be slow to load because is hosted on a free Heroku server.