My colleague Frank already shared his impressions from the first half of day one at openSUSE Conference, and I just can second his words about the keynote from Tom, Dave, and Joe about Saltstack and SUSE Manager. (BTW – I always thought a “Reactor Architecture” is something kind of a bit more scary, but yesterday I learned, that in connection with Salt, it is a great tool, an interface to watching Salt’s event bus for event tags that match a given pattern and then running one or more commands in response – thanks Tom!)
After the keynote, a lot of really good sessions were offered, many of them in parallel, so we were spoilt for choice – in a positive meaning, because it was really difficult to decide which session to follow. From my packed schedule, I’d like to hightlight two special sessions.
Stanislav Brabec from the SUSE office in Prague gave an introduction and overview of Weblate. Weblate is a free web-based translation tool with tight version control integration.
It features a simple and clean user interface, propagation of translations across components, quality checks and automatic linking to source files. It comes with tight Git integration and supports a wide range of file formats, which makes it easy for translators to contribute. The Weblate team also writes test suites for their code, and are always looking for people adding test cases for any new functionality to verify that it works.
Stanislav had some really true words we all should keep in mind: quality matters a lot for translations. The best piece of software or documentation is worth nothing (in other languages than the one it was written originally) if the translation is rubbish. And as Weblate is a community project, they are always looking for help. There are dozens of ways to contribute to Weblate, and the team welcomes any help, be it coding help, graphics design, documentation or sponsorship.
Marcus Meißner, the Project Manager for Security at SUSE, talked about Security and openSUSE, and how to secure a rolling release like Tumbleweed. Marcus is also part of the openSUSE Maintenance team and works on a lot of openSUSE packages.
And SUSE is highly committed to delivering best effort security to customers and to the Open Source community. Software security is a complex challenge. Software can provide many of its own security features, such as authentication methods, encryption, intrusion prevention and detection, and backup. At the same time, it can also contain errors (both deliberate and accidental) that can affect the system’s security, including design flaws, programming errors, and backdoors.
The SUSE Security Team addresses all of these aspects of software security, on an ongoing basis. Software security cannot be thought of as a state you can achieve at a specific point in time. Instead, it is a process that must be executed with professional expertise and continuous development. As an example, during the past year, more than 1500 incident bugs alone for openSUSE Leap 42.1 and openSUSE 13.2 kept the Security Team really busy – in addition to all the other work.
Thus it should not be a surprise that Marcus’ final slide was also a call to action to help discover and fix security issues. And I really think the wonderful Security Team at SUSE deserves collaboration and support to ensure they can keep up with the growing requirements also in future.
openSUSE Conference is still in full swing. I would be happy if my short blog might trigger you to join us here at the Z-Bau in Nuremberg for one – or all – of the next three days. The schedule for Friday, Saturday and Sunday offers so many good talks – you should see yourself how difficult it will be to choose.
And if you cannot join in person, there are live streaming and recordings available at https://streaming.media.ccc.de/osc16/.