DebConf 2018 in Hsinchu, Taiwan

The yearly Debian Developers Conference was held in Hsinchu, Taiwan, from July 29 to August 5. It was the first time since its inception in 2000 that this annual conference was held in Asia.

The Debian project was founded in 1993 to create a computer operating system together with all necessary utilities and programs that is completely based on free and open source software. It is based on the Linux kernel, but over 50000 free and open source software packages are maintained by a team mostly consisting of volunteers.
The Debian System contains all the necessary programs for a modern day desktop environment, like several internet browsers (e.g., Firefox), Office Suites (e.g., LibreOffice), a variety of mail user agents, photo and video editing software, just to name a few.

But not only the Desktop is well served by Debian, many internet servers use Debian due to its high stability, excellent maintainability, and highest level of safe upgrade paths to new releases.
The "DebConf" is the annual Debian Developers Meeting, where everyone interested in Debian meets for a dense program of talks on a variety of technical, social, and project related talks. The conference has been held since 2000 every year, but 2018 marked the first DebConf in Asia, at the National Chiao Tung University, Microelectronics and Information Research Center (NCTU MIRC), in Hsinchu, Taiwan.

While I have been a Debian Developer for more than 10 years, it was my first time attending a DebConf. I used this opportunity to gave two presentations, one on Analysing Debian Packages with Neo4j (see blogs here,here,and here),as well as a report on the status of Typesetting with Kanji (with TeX in Debian).
Selection of the talks
Due to having at times three to four parallel session, it is unfortunately impossible to attend all talks. Here is a short survey of some of the talks I attended and found interesting (clicking on the title will bring you to the DebConf page of the talk where there is the video is available in some cases):

Heightening security of package distribution by Benjamin Hof
After the opening ceremony Benjamin Hof presented his work towards better security in the distribution of our packages. The ideas look very promising, but due to being (up to now) a one-man-show only time will tell what will find its way into the actual repository management.

Debian Science and Debian R Packaging by Andreas Tille
Andreas Tille reported about packaging activities in these areas. As a regular R user I brought up the same topic about middle-ware in the R session, because I often suffered from unpacked/outdated packages. Andreas presented his packaging scripts that allows creating/updating packages in the blink of an eye. Here of course thanks goes to large part to the CRAN, where there are extremely strict regulations what can be uploaded, which reflects easy packaging. CTAN (the TeX archive) unfortunately historically does not have such a strict set of rules, which makes packaging much more painful.

git-debrebase by Ian Jackson & Sean Whitton

git-debrebase is a new tool for managing Debian packaging in git. I was very much impressed by the very tricky usage of git in areas I have never touched. Unfortunately one sour point did remain all through the end – by now it does not fully support collaboration in the sense that it can deal with digressing histories, one of the big features of git. Fortunately I learned after asking in the QA section, problems only arise when some very restricted branches are digressing, but not on normal operation.

Server freedom: why choosing the cloud, OpenStack and Debian by Thomas Goirand
With more and more services moving into the cloud, the question of lock-in is getting more and more pronounced. In my work environment I am dealing with this and we hope by using Kubernetes Cluster Federation and multi-cloud setups we can avoid the lock-in. Thomas gave a very interesting presentation on his work on OpenStack and the tools around it. Very promising and technically on a high level.

Deep Learning BoF by Mo Zou
Mo reported on the problems of getting Deep Learning tools into Debian: Here not only the pure software, where proprietary drivers for GPU acceleration are highly advisable, but also the data sets (pre-trained data) which often fall under a non-free license, pose problems with integration into Debian. With several deep learning practitioners around, we had a lively discussion how to deal with all this.

Debian Java by Markus Koschany
This talk gave an overview on the packaging tools for Java programs and libraries, and their interaction with the Java build tools like Maven, Ant, and Gradle.

Rethinking font packages—from the document level down by Nathan Willis
With design, layout, and fonts being close to my personal interests, too, this talk was one of the highlights for me. Starting from a typical user's workflow in selecting a font set for a specific project, Nathan discussed the current situation of fonts in Linux environment and Debian, and suggested improvements. Unfortunately what would be actually needed is a complete rewrite of the font stack, management, system organization etc, a rather big task at hand.

My crush on GNU Guix by Vagrant Cascadian
Debian package management is excellent, one of the reasons servers often use Debian. But it has also its problems, in particular that having different versions of the same package installed is normally not catered for. Guix is a (not so new anymore) package manager that is functional, transactional upgrades, roll-backs and much more. I never heard about it (shame on me) and I am very grateful to Vagrant for introducing me to this cool tool!

Cryptsetup in Debian by Guilhem Moulin
With all the travels I am making, I am often concerned that my laptop gets stolen, one of the reasons I emply full disk encryption for my laptop. Cryptsetup is a tool that allows this (and many other things, too), and thus is somehow of great importance to me. Guilhem gave a very interesting presentation on the current status and future plans.

Gnuk+GnuPG Explained for Debian Developers and Users by NIIBE Yutaka (and family)
GnuPG keys are the central tools to upload packages to Debian. Thus, they are of core importance not only for Debian, but many software projects rely on GnuPG for verification and authentication of their packages (TeX Live also uses GnuPG to sign our database). Yutaka and his family gave a funny real-life stage performance on how key exchange works, followed by a bit more technical explanation on the GnuPG hardware token.

SUSI.AI and Personal Assistants in Debian by Mario Behling
Personal assistants are everywhere, your phone probably has either Siri or Google Assistant, in many homes one of the many smart speakers are listing to your voice. But all this is based on closed source, without any knowledge of what information is collected when and phoned home to the main company. Mario presented his working on producing an open (free and open source, specification, access, tools) personal assistant, and how to develop new skills for it.

Issues in the Font Rendering Stack for Non-Latin Scripts BoF by Max Harmathy
With the DebConf held in a non-Lating script country, there have been a few talks about the support for non-Latin scripts in Debian. In this discussion round we touched upon lots of problems for CJK (Chinese-Japanese-Korean) as well as RTL (right-to-left, e.g. Arabic) text. It would be nice to create something like a task force trying to further implementations of better tools and better support in Debian for these languages. My own talk on Typesetting with Kanji was closely related.

Share our Scripts by Paul Wise
A rather funny idea brought up by Paul was to have a session exchanging our most funny, useful, horrible scripts. Day-in-day-out business of many developers and system admins is writing all kinds of scripts doing all kinds of useful things, mostly undocumented and lost in oblivion after some time. Here we exchanged our best examples, which included lots of git scripts, but also some more general VCS scripts. I myself contributed my mail update script and the svn-git collaboration setup script I report on my blog.

AppArmor 3.0 by Seth Arnold
Hardening your server (or Desktop) is always a good idea with the amount of attacks happening on a daily basis. AppArmor is one of these systems that puts the process in the center of the permission management.
Social Program
DebConfs are not only a great chance to learn new techniques in and around Debian, it is also a great opportunity to meet all those people one is often emailing with on a daily basis (including the regular flame wars) face to face, and have a beer over a good chat. In the Noisy Hack Lab, a common space for hacking, there was also a beer bar open in the late afternoon and evening, which gave us good reasons to cool down and chat over excellent local craft beer.

Other events for socializing was the incredible Cheese and Wine Party, where participants brought cheese and wine from their home countries (I brought Sake and dried fish) and everyone was tasting till the late evening all these delicacies.

The conference dinner was held in a fish restaurant with a great selection of food prepared in completey new ways (shrimps on salt and pepper bed). Since we had full program on both weekends around the conference, one day during the week we had various different excursions to choose from, I choose a river tracing trip to escape the heat. In the evening after the excursion we had a nice BBQ with life music and an incredible life sashimi cutting (and eating).

The combination of social interaction and high technical level made this conference a real pleasure to participate, and I hope I can join one of the following DebConfs, although next year's is a bit far in Brazil.

(Photo by Aigars Mahinovs)

DebConf 2018 in 新竹 レポート

Norbert Preining

アクセリア株式会社 研究開発部 所属
北陸先端科学技術大学院大学ソフトウェア検証研究センター 研究員
ウィーン工科大学 研究員
TeX User Group (取締役会員)、Kurt Gödel Society (取締役会員)
ACM, ACM SigLog, 日本数式処理学会、ドイツ数学論理学会