GNU Hackers' Meeting 2014

This page contains video recordings from the eight GNU Hackers' Meeting which took place in August 2014 at the Technische Universit√§t M√ľnchen in Garching, Germany.

The GHM 2014 web page has more information about the event.


All videos are published under the Creative Commons Attribution-ShareAlike 4.0 International license, unless otherwise specified. Videos are in the WebM format.

We wish to sincerely thank Matthias Wachs, Carlo von LynX, Bernd Paysan and Sree Harsha Totakura for taking care of cutting and encoding videos. Luca Saiu added the fading intro and outro.

Nicolas Benes: panicd - An Approach for Home Routers to Securely Erase Sensitive Data

The goal of his work is to ensure that secrets (especially key material) stored on your hardware (especially in memory) remain secret even if an adversary attempts to take physical control over the device.

A work in progress.


Sylvain Beucler: Unfork!

"Fork me on BinHub" is getting hype these days. But it's even more interesting to merge, or unfork, similar projects, and making them stay that way. In this session I'd like to present some of the choices I made to merge my projects with others, to prevent gratuitous forks, what challenges we face to get further, and get feedback and experience from the audience.


Ludovic Courtès: We're building the GNU System!

GNU hackers have been building it for three decades, and now GNU Guix is bundling it up together! Two years ago in Düsseldorf Guix was introduced as a possible way to build the GNU system distribution. So much hacking since then! We'll present that and showcase the nifty system configuration and installation tools that have landed recently. We'll talk about the road to version 1.0 of the GNU system and beyond.

This talk is also a call to GNU hackers to unite and shape up the system. Let's GNU things together!


John Darrington: Call for action: A data visualisation layer

Data visualisation is an important aspect of analysis. Whilst there are several free data visualisation libraries available, none have all the features one would desire to include in a comprehensive data analysis tool.

In this talk, I will review the existing solutions, and provide suggestions for providing an extensive library which could fill this gap in the GNU system.

(video, available under the Creative Commons Attribution-NoDerivatives 4.0 International license)

Florian Dold: Taler: Taxable Anonymous Libre Electronic Reserves

This talk will introduce Taler, a Chaum-style digital currency using blind signatures that enables anonymous payments while ensuring that entities that receive payments are auditable and thus taxable.


Christian Grothoff: The GNU Name System

This talk introduces the design and implementation of the GNU Name System (GNS), a fully decentralized and censorship-resistant name system. GNS provides a privacy-enhancing alternative to DNS which preserves the desirable property of memorable names. Due to its design, it can also double as a partial replacement of public key infrastructures, such as X.509. The design of GNS incorporates the capability to integrate and coexist with DNS. GNS is based on the principle of a petname system and builds on ideas from the Simple Distributed Security Infrastructure (SDSI), addressing a central issue with the decentralized mapping of secure identifiers to memorable names: namely the impossibility of providing a global, secure and memorable mapping without a trusted authority. GNS uses the transitivity in the SDSI design to replace the trusted root with secure delegation of authority, thus making petnames useful to other users while operating under a very strong adversary model.


Christian Kalkhoff: Introducing FSFE's Munich team

A presentation of the Free Software Foundation Europe activities, particularly at the local level.


Julian Kirsch: Knock: Practical and Secure Stealthy Servers

Today, port scanners can scan all IPv4 addresses in less than one hour. Port knocking is a method for making TCP servers less visible on the Internet. The basic idea is to make a TCP server not respond (positively) to a TCP SYN request unless a packet has been sent first. This can be helpful for security, as an attacker that cannot establish a TCP connection also cannot really attack the TCP server. There are a bunch of existing user-space tools, such as Knock Knock and knockd. Most of these implementations send some other traffic (such as a UDP packet) to the target host to have it (briefly) open the server port. We present Knock, an implementation of port knocking in the Linux kernel which offers a simple, robust way for user applications to both achieve authentication of the communicating parties and (given a sane protocol) integrity protection of the TCP traffic does not differ in any way from normal TCP traffic and Knock works well for clients behind NATs, as current research shows.

Knock ships as a set of patches to the Linux kernel together with a shared library which enables users to nockify their user-space applications without having to write any line of code.


Bernd Paysan: GForth

Gforth is the GNU project implementation of the Forth programming language. This talk will give an introduction in what Forth is, what the goals of the Gforth project are, and how the underlying vmgen technology can help to implement other programming languages. An outlook of future development will be given.

(video, available under the Creative Commons Attribution-NoDerivatives 4.0 International license)

Luca Saiu: Ode to a childhood dream

I will present a GNU epsilon cross-compiler to the Commodore 64, finally bringing free software to my first computer, twenty-five years later. The clean extensible design of GNU epsilon allows easy portability and a high-level style programming even on a machine with an 8-bit 1MHz processor and 64KB of RAM. A sprite demo will be included.


Alex Sassmannshausen: Self Study with Glean

'Glean' facilitates self-study through tutorials, and 'problems'. The problems are built using different questions types (multiple-choice, open-ended), with arbitrary evaluation rules (e.g. answers could be programmatically evaluated, or based on simple comparison / parsing rules), and rich media support materials (mainly in the form of URIs, which the client renders as it sees fit).


Markus Teich: Group OTR

In recent years instant messaging (IM) gained a lot in popularity. Virtually everyone uses one or more IM solutions (e.g. WhatsApp, Skype, iMessage, Facebook Messenger etc.) for private conversations. Especially the ease of use that comes with this kind of online communication combined with the high availability through the popularity of smartphones makes IM attractive for a broad audience. Also companies have discovered IM as a suitable solution for online business meetings, particularly because it causes no additional costs.

At its heart IM emulates the behavior of a private conversation held in person. Naturally people expect their face to face conversations to have several properties. For example for any party that did not participate in the conversation the (hopefully) honest word of the participants is the only proof of what was said during the conversation (given that no one recorded it). To be a suitable alternative to face to face conversations IM should also satisfy these properties. It is also not astonishing that people without a strong knowledge in computer science and/or cryptography already expect their private online conversation to be held under these constraints.

However, the dominant IM solutions do not satisfy all of these properties. Security concerns fuelled by the revelation of surveillance activities of government institutions last year have lead to a more wide spread awareness for the need to secure communication over the internet. Therefore we are implementing libgotr which tries to solve this problems.

(video, unfortunately damaged in the second part due to a technical problem at recording time)

Andy Wingo: Guile development news

This talk introduces some recent and forthcoming changes in Guile 2, touching several topics which include a new virtual machine, compiler optimizations and compiled code representation.