From: Michael Tremer Date: Sun, 7 Sep 2014 21:47:52 +0000 (+0200) Subject: 2014 - A look into the past and future X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=972791c8efa696607d9e12a5c7628aaae3319b99;p=people%2Fms%2Ftalks.git 2014 - A look into the past and future --- diff --git a/2014_-_A_look_into_the_past_and_future/main.tex b/2014_-_A_look_into_the_past_and_future/main.tex new file mode 100644 index 0000000..709f50d --- /dev/null +++ b/2014_-_A_look_into_the_past_and_future/main.tex @@ -0,0 +1,518 @@ + +\documentclass[serif,mathserif]{beamer} + +\usepackage{beamerthemesplit} + +\usetheme{default} +\useoutertheme{default} + +\usepackage[british]{babel} +\usepackage{amsmath} +\usepackage{amsfonts} +\usepackage{color} +\usepackage{epsfig} +\usepackage{marvosym} +\usepackage{texnansi} +\usepackage{verbatim} +\usepackage{xspace} + +% Make this a 16:9 presentation +\setlength{\paperwidth}{171 mm} +\setlength{\paperheight}{96 mm} +\setlength{\textwidth}{151 mm} +\setlength{\textheight}{86 mm} + +\usepackage[default,osfigures,scale=0.95]{opensans} +\usepackage[T1]{fontenc} +\usepackage[utf8]{inputenc} + +% Set sans-serif font. +%\renewcommand\sfdefault{phv} +%\renewcommand\familydefault{\sfdefault} + +% Define some colours. +\definecolor{myred}{rgb}{0.53,0.01,0} +\definecolor{mygrey}{rgb}{0.6,0.6,0.6} + +% Make a nice gradient as background. +\setbeamertemplate{background canvas}[vertical shading] +[bottom=black, middle=myred, top=myred] + +% Highlight elements in some sort of grey. +\setbeamercolor{structure}{fg=mygrey} +\setbeamercolor{normal text}{bg=black, fg=white} + +% Use round bullets in lists. +\setbeamertemplate{items}[circle] + +% Use bigger fonts for titles. +\setbeamerfont{title}{size=\Huge} +\setbeamerfont{frametitle}{size=\large} +\setbeamertemplate{frametitle}{ + \vspace{3mm} + \begin{centering} + \insertframetitle \par + \end{centering} +} + +% Don't clutter the pages with useless navigations. +\setbeamertemplate{navigation symbols}{} + +% Author information. +\author[Michael Tremer]{Michael Tremer} +\institute{IPFire Project} + +% The title of the presentation. +\title{A look into the past and future} +\subtitle{What happened in the last two years and where are we headed?} + +\date{September 20\textsuperscript{th}, 2014} + +\newcommand{\spacer}{\vspace{4 mm}} + +\newcommand{\screenshot}[1]{\centerline{% + \includegraphics[width=\textwidth]{#1}}} + +\newcommand{\slug}[1]{ + \vspace*{\fill} + + \begin{center} + \LARGE #1 + \end{center} + + \vspace*{\fill} +} + +\begin{document} + \maketitle + + %\section*{Outline} + %\frame{\tableofcontents} + + \section{Introduction} + + \begin{frame} + \slug{The IPFire project was founded in 2005} + \end{frame} + + \begin{frame} + \slug{On November 8th, 2007, IPFire 2.0 was released} + \end{frame} + + \begin{frame} + \slug{Since then, 82 Core Updates and + eight ``major'' versions have been released} + \end{frame} + + \begin{frame} + \slug{IPFire has become a stable and secure firewall distribution + with bleeding-edge features and a broad user base all over the world} + \end{frame} + + \begin{frame} + \slug{It is giving access to the Internet for thousands of students + in universities; and it is doing the same for only one user with + exactly the same code base} + \end{frame} + + \begin{frame} + \slug{It is not just a router or firewall; \\ + it is versatile, robust, and easy to manage} + \end{frame} + + \begin{frame} + \slug{IPFire is Open Source software \\ and free to use for everybody} + \end{frame} + + \begin{frame} + Unless stated otherwise, the shown data was collected from the + commits in the IPFire 2.x main repository (master branch) and + the Core Updates released since the last two years. + \end{frame} + + \section{Release history} + + \subsection{Updates} + + \begin{frame} + %\frametitle{Core Updates} + + \slug{Two major releases, 20 Core Updates \\ in the past two years} + \pause + + \vspace*{\fill} + \begin{center} + \begin{itemize} + \item IPFire 2.11 Core Update 62 to IPFire 2.15 Core Update 82 + \pause + \item Averages every five weeks (used to be every four weeks) + \pause + \item Security updates + \begin{itemize} + \item Four major security issues (1 kernel, 1 strongswan, 2 openssl) + \item Three minor security issues (apache, strongswan, openvpn) + \end{itemize} + \pause + \item Most of the users are running on a recent release + \end{itemize} + \end{center} + \end{frame} + + \section{User Base} + + \subsection{fireinfo} + + \begin{frame} + \frametitle{fireinfo} + + \begin{itemize} + \item A little bit more over ten thousand users send their hardware profile + \item We assume that these profiles are representative for all users + \end{itemize} + \end{frame} + + \subsection{Country statistics} + + \begin{frame} + %\frametitle{Countries} + + \slug{IPFire is running in 165 countries} + \pause + + \slug{...and most popular in Europe} + \pause + + \begin{center} + \vspace*{\fill} + { + \footnotesize + 48\% Germany, 8\% United States of America, 5\% Austria, 4\% Switzerland, + 3\% France, 3\% Italy, 2\% Russia, 2\% Indonesia, 1.6\% Canada, + 1.6\% Great Britain, 1.4\% South Africa, 1.4\% Australia, 1.3\% Poland, + 1.3\% Brasil + } + \vspace*{\fill} + + \url{http://fireinfo.ipfire.org/stats/geo} + \end{center} + \end{frame} + + \begin{frame} + %\frametitle{Countries} + + These statistics become very interesting when compared to the number + of citizens of the countries + \pause + + \begin{itemize} + \item Where are China (0.4\%) and India (0.68\%)? + \end{itemize} + \pause + + Possible explanations: + \begin{itemize} + \item English and German support forum + \item Good coverage of IPFire in German IT magazines + (c't, Linux Magazine, Linux User) + \item Some nationalities are more security-aware (``paranoid'') + \end{itemize} + \end{frame} + + \section{Development Statistics} + \begin{frame} + %\frametitle{Development Statistics} + + \slug{2801 commits in the main repository} + \pause + + \slug{A release branch (\texttt{master}), a development branch (\texttt{next}), + and several feature branches} + \end{frame} + + %% git shortlog --since="2 years ago" | grep -E "^[A-Za-z0-9]" + \begin{frame} + %\frametitle{Contributors} + %\pause + + \begin{center} + \slug{27 code contributors} + \pause + + \vspace*{\fill} + { + \footnotesize + 1084 Michael Tremer, + 844 Arne Fitzenreiter, + 564 Alexander Marx, + 78 Stefan Schantl, + 57 Alf Høgemark, + 51 Erik Kapfer, + 21 Timo Eissler, + 16 Jan Paul Tücking, + 16 Jörn-Ingo Weigert, + 17 Daniel Weismüller, + 13 Ben Schweikert, + 12 Ersan Yildirim, + 3 Jan Lentfer, + 3 Dominik Hassler, + 3 Dirk Wagner, + 3 Hans Horsten, + 2 Bernhard Bittner, + 2 Bernhard Bitsch, + 1 Thomas Ebert, + 1 Stefan Ferstl, + 1 Stefan Ernst, + 1 Logan Schmidt, + 1 Kim Wölfel, + 1 Kay-Michael Köhler, + 1 Julian McConnell, + 1 Jan Behrens, + 1 Axel Gembe + } + \pause + + \vspace*{\fill} + Three Core Developers, Eight Community Developers, 15 one-time contributors + \end{center} + \end{frame} + + + \section{Funding} + + \begin{frame} + %\frametitle{Funding} + + \slug{ + The IPFire project is funded only by donations \\ + and the work of volunteers + } + \end{frame} + + \begin{frame} + %\frametitle{Company funding} + + \slug{Company funding} + + \begin{center} + \begin{itemize} + \item The only companies who provide constant support are + Lightning Wire Labs and TX-Team + \begin{itemize} + \item From selling hardware appliances and support + \item Very few development work + \end{itemize} + \item Unfortunately we do not receive donations from other + companies selling hardware appliances to their customers + \begin{itemize} + \item In fact, companies don't donate much at all + (regardless if they use IPFire or make revenue of it) + \item They mostly support wishes on the wishlist + \end{itemize} + \end{itemize} + \end{center} + \end{frame} + + \begin{frame} + \slug{Home users donate smaller donations, but more often} + + \begin{center} + Not at all related to the usage statistics + \end{center} + \end{frame} + + \begin{frame} + %\frametitle{Where are we?} + + \slug{Where are we?} + + \begin{center} + \begin{itemize} + \item The developers don't need to fund the project with their + own money \\ - which is good :) + \pause + \item The basic expenses are paid: + \begin{itemize} + \item Hosting + \item Parts of this summit + \end{itemize} + \pause + \item but we can do so much more... + \end{itemize} + \end{center} + \pause + + \slug{If every IPFire user would give us one Euro per month, + we don't need to worry about funding - at all.} + \end{frame} + + \subsection{What do we need money for?} + + \begin{frame} + %\frametitle{What do we need money for?} + + \slug{Maintaining the distribution} + + \begin{center} + ... which takes hours per week and is almost invisible work. + This is where the Core Updates that fix your bugs and security + fixes come from. + \end{center} + \end{frame} + + \begin{frame} + %\frametitle{What do we need money for?} + + \slug{Hosting} + + \begin{center} + We are currently running two big machines in two different data + centers. Rack space for one of them is donated. + \end{center} + \end{frame} + + \begin{frame} + \begin{center} + development hardware, build machines, improving documentation, + hiring a community manager, doing a developer/user summit twice a year, + redesigning our web appearance, updating our way outdated forum + and wiki softwares, maintaining and enhancing the project infrastructure: + account system, get more statistics out of fireinfo; + represent the project on fairs \& exhibitions, make people aware of + the project and increase the number of users, do translations + \end{center} + \end{frame} + + \subsection{Wishlist} + + \begin{frame} + %\frametitle{Crowdfunding: Wishlist} + + \slug{Crowd funding} + + \begin{center} + \begin{itemize} + \item Works for collecting money for exciting features: + \begin{itemize} + \item tor + \item Microsoft Windows Active Directory proxy authentication + \end{itemize} + \item Does not work for funding the essentials + \end{itemize} + \end{center} + \end{frame} + + + \section{Features} + + \begin{frame} + \slug{Feature hightlights from the past two years...} + \end{frame} + + \subsection{grsecurity} + + \begin{frame} + \slug{grsecurity} + \pause + + \begin{center} + IPFire is the only free distribution that comes with grsecurity + enabled by default - even on ARM + \end{center} + \end{frame} + + \subsection{Bufferbloat} + + \begin{frame} + \slug{Bufferbloat} + + \begin{center} + \includegraphics[height=.8\textheight]{res/bufferbloat} + \end{center} + \end{frame} + + \subsection{New Firewall GUI} + + \begin{frame} + \slug{New Firewall GUI} + \end{frame} + + \subsection{Cryptography} + + \begin{frame} + \slug{We have been improved cryptography in IPFire \\ on many levels...} + \end{frame} + + \begin{frame} + \slug{We increased default RSA key sizes at all places} + \end{frame} + + \begin{frame} + \slug{IPsec VPNs with Elliptic Curves} + + \begin{center} + NIST and Brainpool + \end{center} + \end{frame} + + \begin{frame} + \slug{Alternative ciphers for OpenVPN and IPsec, because we don't + know who we can trust any more} + \end{frame} + + \begin{frame} + \slug{Entropy} + + \begin{center} + The IPFire system uses hardware random number generators and mixes + the output of them into the system's entropy pool. + \end{center} + \end{frame} + + \subsubsection{DNSSEC} + + \begin{frame} + \slug{DNSSEC} + \end{frame} + + \subsection{ARM} + + \begin{frame} + \slug{We have an ARM version of IPFire} + + \begin{center} + Only 3\% of all IPFire machines are running on ARM + \end{center} + \end{frame} + + \subsection{DDNS} + + \begin{frame} + \slug{DDNS} + \end{frame} + + \subsection{Miscellaneous} + + \begin{frame} + \slug{ + less installation images, + Wireless on RED, + DNS forwarding GUI, + tor, + 5 GHz wireless access points with radar detection, + OpenVPN per-client configuration, + new user interface style, + LTE/3G modem status page, + faster squidclamav + } + \end{frame} + + \section*{The End} + + \begin{frame} + \slug{Questions?} + + \begin{center} + \texttt{michael.tremer@ipfire.org} + \end{center} + \end{frame} +\end{document} diff --git a/2014_-_A_look_into_the_past_and_future/res/bufferbloat.png b/2014_-_A_look_into_the_past_and_future/res/bufferbloat.png new file mode 100644 index 0000000..4e9cd85 Binary files /dev/null and b/2014_-_A_look_into_the_past_and_future/res/bufferbloat.png differ diff --git a/render.sh b/render.sh index 8b2b3fa..afee98b 100755 --- a/render.sh +++ b/render.sh @@ -3,10 +3,13 @@ PDFLATEX="pdflatex" TALKS="2012_-_Introduction_to_the_Pakfire_Build_Service" +TALKS="${TALKS} 2014_-_A_look_into_the_past_and_future" for talk in ${TALKS}; do ( pushd "${talk}" + [ "main.tex" -nt "main.pdf" ] || exit 0 + if ${PDFLATEX} main < /dev/null; then cat "main.pdf" > "../${talk}.pdf" fi