Open Source Forum 2008 toke place in Stockholm on October 7th – 8th. During the first day one of my favorite speakers on this kind of event was having two presentations. First up in the morning Arnoud Engelfriet from ICTRecht in Holland talked about the legal aspects of using and develope open source software and how your company lawyers and engineers could work together with open source. In the afternoon he finished the subject with talking about everything from embedded open source software, distribution of open source software and how GPLv3 could affect your business.

This first day offered a few other interesting presentations such as Alexander Schanz from DFS Deutsche Flugsicherung GmbH who talked about their open source radar data processing system PHOENIX runing on SUSE Linux and Lennart Hagberg from TetraPak who showed us and talked about the open source software behind their communications plattform for videos and documentation, an internal “YouTube”-service together with a wiki for documentation built on LAMP (Linux, Apache, MySQL and PHP) and WordPress.

On day two of Open Source Forum 2008 there were two tracks, one track with presentations like the day before and one track with live demonstrations of products and services. I begun day two at the live demonstrations track listening to Urban Anjar from Ubuntu Sverige talk about Ubuntu Linux and show KVM virtualization on Ubuntu. After the coffee break I ended up talking about Nagios and Op5′s Nagios-based network monitoring system with Jonas Björk and a representative from Op5.

Next up before lunch was Erik Lönroth from Scania Infomate who talked about how the use Linux in their cluster for calculations and simulations. With open standards and open source software they reduced many performance problems, but when they got here they found a new problem, no one had solved the problems they encountered before. To my surprise it would be until this point of this conferense when someone finaly said that you can get far with open source, but when you’re there it’s time to solve the problems never solved before and share them with others. At this moment I found myself thinking that with people like Erik Lönroth out there on the IT departments of the companies there’s hope for open source to survive the step into the world of business.

A presentation that surprised me during this conference was Anders Wallenquist from Vertel/Dataföreningen who talked about the CMS Drupal. I was surprised because I’ve never understood how competent Drupal acctually is and on top of this Dagens Industri, a financial newspaper, will move their webpage to Drupal instead of Escenic and Polopoly like most other newspapers in Sweden uses. To read more about di.se and Drupal IDG wrote about it at http://www.idg.se/2.1085/1.182311.

Back to Open Source Forum 2008, during day two there were two tracks which means a lot of presentations that you don’t have to time to see. I’ve been writing about those presentations that impressed or surprised me during these two days. For the full agenda of this conferense see http://www.opensourceforum.se/Program.htm.

So, what’s my summary of this conferense? Well, it was terribly expencive, only ~50 visitors and I had some very interesting conversations about various subjects with other visitors which would mean that since I’m not paying for it, it was totaly worth it. :)

Thursday and Friday this week I spent at Sec-T, the first security conference for a technical audience in Sweden. It was two days of  great impression, laughter and the terrifying feeling of realizing that no matter what you do you’re fucked, there’s always someone out there that’s one step ahead of you. The event presented a couple of interesting speakers and myself I was mostly impressed by Robert E. Lee and Jack C. Louis from Outpost24 who talked about DoS-attacks and especially their framework sockstress that could send any computer to a certain death within a few minutes with no bandwidth at all. Unfortunately, or maybe fortunately, they left out the technical information on this attack in their speech.

Another interesting speech was made by Bosse Norgren from the IT Crime Section at the National Criminal Police who talked about the challenges with modern forensics and how to prepare for going to court with a computer related crime. I found it very interesting to hear about his experiences with forensics work together with the information on how to present your evidence in court. Together with his presentation about how the IT Crime Section at  the National Criminal Police is organized and how IT crime sections developed within the county police this speech was very interesting for everyone working with IT on a daily basis and sometimes meets the challenge of a computer that’s been compromised.

As it should be there was of course a mystery speaker that wasn’t reviled until the last hour of the event when he went up on stage. This mystery speaker didn’t need much presentation at this event and as most people guessed it was Felix “FX” Lindner who was talking about forensics on Cisco IOS. He begun his speech with the question most of us were asking “why forensics on network equipment?”, but after his presentation of security flaws in Cisco routers we could all agree on the fact that this was something we will do in the future.

This event was the first security conference for a technical audience in Sweden for as long as I can remember and I’m pretty sure there’s never been any conference like this before. On the good side is that the people behind Sec-T seemed eagered to make this an annual event and I will defiantly show up next year.

More information about Sec-T can be found at www.sec-t.org and presentations from all speakers except Felix “FX” Lindner can be found at http://sec-t.org/2008/files/SEC-T2008.zip. This zip-file also contains the challenge from Sec-T so you who weren’t there could check it out. The winner of the challenge contest solved all levels in 2,5 hour which is impressive, even though he didn’t do it all by himself and the fact that another person later told me he solved all levels by himself in about an hour, and I believe him. :)