Die Videos werden über ein Java-Applet direkt in Ihrem Browser abgespielt. Parallel dazu werden synchron die Vortragsfolien angezeigt. Wenn Sie das Video mit Hilfe der Zeitleiste am unteren Rand vor- oder zurückspulen, bleiben die Folien stets synchron.

Keynote Address

Sean will share the technical and cultural changes underway at the CIA involving the adoption of wikis, blogs, and social bookmarking tools. In 2005, Dr. Calvin Andrus published The Wiki and The Blog: Toward a Complex Adaptive Intelligence Community. Three years later, a vibrant and rapidly growing community has transformed how the CIA aggregates, communicates, and organizes intelligence information. These tools are being used to improve information sharing across the U.S. intelligence community by moving information out of traditional channels.

If you have a mixed environment, some of these might be on your must-do list: centralizing authentication, access control and policy management in Microsoft AD, using the Group Policy features of Active Directory for Linux management, delivering SSO to your users, and complying with government regulations. How can you pull it all off? We'll discuss the challenges, as well as explore the various options both in the public domain and from commercial providers and discuss their requirements and capabilities. The questions we'll answer include: Why would I want to integrate Linux with Active Directory? What are the issues (e.g., compatibility and maintenance, capabilities, integration, organizational impediments, cost)? What are the choices in terms of technology requirements and components?

Once users have figured out that their computers are slow, there is an uphill battle to improve the performance and at the same time lose that slowness image. In this talk I will report on the development of a Perl-based system for passive application monitoring for a large Swiss telecom company. The system keeps track of hundreds of different performance metrics. Running on over 1,000 client workstations, several gigabytes of performance data are gathered each week and stored in a central PostgreSQL database. An Ajax-enabled Web application allows users to explore, compare, and investigate performance data. Hear how investigating performance problems has turned from random guesswork into a clearly defined process, based on objective measurements rather than rumors.

How do you control for risk from trusted insiders? The nature of the job that system/network/database administrators, application developers, operations center staff, etc., do pretty much requires them to have privileged access to your infrastructure. That very privilege means rogues among such individuals can both do great damage and cover their tracks, so how do you protect your information? This talk proposes a practical, technology-neutral approach to trusted insider controls that adapts readily to your business practices and has proven itself over years of production usage

Security is both a feeling and a reality. You can feel secure without actually being secure and you can be secure even though you don't feel secure. We tend to discount the feeling in favor of the reality, but they're both important. The divergence between the two explains why we have so much security theater, and why so many smart security solutions go unimplemented. Several different fields—behavioral economics, the psychology of decision-making, evolutionary biology—shed light on how we perceive security, risk, and cost. It's only when the feeling and the reality of security converge that we have real security.

Most system administrators fear and hate documentation, both writing and reading it. This presentation attempts to alleviate that frustration by explaining why system administration documentation is important, showing how to resolve common documentation problem areas using real-world examples, and describing how to improve product documentation from your company and from companies that make products that you use.

As electronic voting has seen a surge in growth in the U.S. in recent years, controversy has swirled. Are these systems trustworthy? Can we rely upon them to count our votes? In this talk, I will discuss what is known and what isn't. I will survey some of the most important developments and analyses of voting systems, including the groundbreaking top-to-bottom review commissioned by California Secretary of State Debra Bowen last year. I will take stock of where we stand today, the outlook for the future, and the role that technologists can play in improving elections.

The vision is clear and seductive: take a modest-sized specification of a computing environment and automatically derive all the stuff you actually need, from DHCP configurations to ordering cables. Is it possible to account for every box, every cable, every RAID box, every volume mounted, every OS deployed? I describe an attempt to do so, fighting the forces of Chaos and Nature, armed only with logical positivism, Ruby, little languages, and sarcasm.

Over the years IT resources (disk space, CPU, bandwidth) have gone from being scarce to being nearly infinitely plentiful. Why do our IT policies still reflect the days of scarcity? Seeing the world in terms of "the economics of plenty" brings about a paradigm shift that changes the way we treat our users, manage our systems, and take care of ourselves. Tom will discuss how this change in thinking can improve IT policies and practices and will present his thoughts on why the open source movement depends on this paradigm shift.

Who should attend: Linux system administrators and users.

Ever had a hard drive fail? Ever kick yourself because you didn't keep backups of critical files, or you discovered that your regularly nightly backup didn't succeed? Of course not: everybody keeps regular backups and verifies them to make sure they are successful. But for those people who think they might nevertheless someday need this information, this tutorial will discuss ways of recovering from storage disasters caused by failures somewhere in the hardware or software stack.

Take back to work: How to recover from storage disasters caused by failures somewhere in the hardware or software stack.

Topics include:

• How data is stored on hard drives
• Recovering from a corrupted partition table
• Recovering from failed software RAID systems
• Low-level techniques to recover data from a corrupted ext2/ext3 filesystem when backups aren't available
• Using e2image to back up critical ext2/3 filesystem metadata
• Using e2fsck and debugfs to sift through a corrupted filesystem
• Preventive measures to avoid needing to use heroic measure

Who should attend: Linux Kernel developers and advanced system administrators. Familiarity with Linux kernel internals is extremely helpful.

SystemTap is a tool that allows kernel developers and system administrators to deeply examine the activities of a live Linux system via simple scripts. These scripts allow data from a running Linux system to be extracted, filtered, and summarized in order to help diagnose complex performance problems or track down tricky Linux kernel bugs. A SystemTap script allows handlers to be run when specific events, such as entering or exiting a function or a timer expiring, occur. A handler can extract data from the event context, store it in internal variables, or summarize and print results.

The course will feature examples of how SystemTap can be used to track down system bugs and identify the source of performance problems.

Take back to work: How to install and run SystemTap on your Linux systems and write basic SystemTap scripts and tapsets.

Topics include:

• How to get the latest version of SystemTap
• Managing kernel debuginfo files
• Programming SystemTap scripts
• How to create tapsets
• Examples of SystemTap in action