Talks, Summer Conference 2009


Saturday 8-Aug-2009, and Sunday 9-Aug-2009. Last session on Sunday finishes approx 16:00.

Keynote - Why security engineering will just keep on getting harder

Ross Anderson, University of Cambridge

Security engineering is the art, and craft, of building systems to remain dependable in the face of malice, error and mischance. It is backed by a wonderful range of sciences, from cryptographic mathematics and the theory of operating systems through economics and psychology. As we engineer ever more complex socio-technical systems, that involve not just software but hundreds of millions of people and many competing firms, some things stay the same while other things change. New platforms such as Facebook are insecure for the same reasons as old platforms such as Windows and even OS/360. Firms want to collect information about their customers, so they can charge different prices to different people, just as in ancient Rome. Yet some things do change. Ever more applications and websites acquire a "social" aspect as people share stuff with friends; and underlying everything is relentless scaling. This brings us to a crunch point. You can have security, or functionality, or scale. With good engineering, you can have any two of them; but you can't have all three. Where will the fault lines develop, what are the ultimate limits to privacy, and where are the natural boundaries between open and proprietary systems? I can't answer all these questions, but I will try to provide some pointers.

Author Bio: Ross Anderson is Professor of Security Engineering at Cambridge. His professional interests range from cryptography and hardware engineering through security economics, a discipline of which he was a founder, and which studies the dependability of complex systems in the context of the incentives facing their principals. He was also a pioneer of peer-to-peer systems, hardware tamper-resistance, copyright marking and API security.

He chairs the Foundation for Information Policy Research, the main UK think-tank on internet and technology policy issues. He is a Fellow of the Royal Society, of the Institution of Engineering and Technology, and of the Institute of Mathematics and its Applications.

Slides: ross-anderson.ppt

Mobile Phones, Security and Open Source: Make a Difference [Saturday]

Craig Heath, Symbian Foundation

Discussing the real opportunities for individuals to make a difference to the lives of millions of people, by participating in the open source community forming around the world's most widely used smartphone platform. Building on a powerful and flexible platform security model, now is the time for developers to tilt the balance of power away from governments and faceless corporations, by giving end users the tools they need to control and manage their own private data.

Slides here: UKUUG_CraigH.pdf

Author Bio: Craig Heath is Chief Security Technologist at the Symbian Foundation. He has been working in IT security since 1988, first at The Santa Cruz Operation as security architect for SCO UNIX and then at Lutris Technologies as security architect for their Java Enterprise Application Server product. He joined Symbian Software Limited in 2002, working in product management and strategy, and was delighted to join the new open source Symbian Foundation in 2009.

Craig is lead author of "Symbian OS Platform Security" published by Wiley, co-author of The Open Group "Technical Guide to Security Design Patterns" and lead author of The Open Group "Guide to Digital Rights Management".

OpenMoko - a nearly completely open GSM phone

Tom Yates, Gatekeeper Technology Ltd.

The Neo Freerunner is an open-as-possible GSM handset produced by OpenMoko Inc.

From the perspective of an owner and end-user of a FreeRunner, and sometime community contributor, we will consider the history of the device and its predecessor the Neo 1973, and briefly examine the hardware, with particular focus on the features designed to ease software upgradeability.

The evolution of the community and the history of software development, both by company and community, will be discussed, as will the current state of distributions for the phone. The upheavals inside OpenMoko in April 2009 and their immediate and longer-term effects on the development process will be examined.

Particular examples of the open development process will be examined, with emphasis on interaction between community and company. Some examples of community-driven hardware development will feature. The freeing of some of the hardware specifications surrounding the case and consequent products will also be examined.

Author Bio: Tom Yates has been a professional UNIX sysadmin for 18 years, and currently runs Gatekeeper Technology, a free-software systems consultancy based in Cambridge. He co-authored "Building Linux and OpenBSD Firewalls" (Wiley, 2000). His OpenMoko is his only GSM phone

Slides: openmoko.odp Notes: openmoko.odt

Exim and LDAP Making Exim talk to an LDAP directory server

Jan-Piet Mens

The Exim Mail Transfer Agent contains support for querying information from LDAP directory servers. After a short refresher on LDAP and Exim's configuration, this talk will show you real-world examples of how to route e-mail depending on information gleaned from LDAP. We discuss virtual hosting, conditional routing, SMTP authentication, and adding your own attributes and object classes to configure Exim for particular tasks. We also show you how easy it is to add e-mail routing for your choice Groupware system.

Author Bio: Jan-Piet is the author of [Alternative DNS Servers](, a 700+ page book discussing choice and deployment, and optional SQL/LDAP Back-Ends in sundry Open Source DNS servers, and he has authored [different technical publications](

Slides: ukuug-exim-and-ldap-jpmens-4nup.pdf

Bayesian statistics and e-mail filtering

Yann Golanski

Everyone knows the term "Bayesian" and how it promises everything from spam filtering to powerful artificial intelligence. But where does it come from? This talk is a (very short) introduction to Bayesian statistics, how they differ from classic statistics and how Bayesian methods are applied in email filtering software. Mostly, this is a theoretical talk aimed at enhancing mathematical knowledge. For those willing to look at books, "Bayesian Statistics: An Introduction" by Peter M. Lee (ISBN 978-0-340-81405-5) is a good introduction to the subject.

Slides: ukuug2009BayesianEmail.pdf

Author Bio: Yann has been working on the email system for the largest ISP in Europe (Freeserver, hosted by Planet), done academic research in optimisation, graph theory and statistics in Mathematics and worked in the semi-conductor industry. Now, he is working again in the ISP world with Bytemark hosting.

Winning the war on spam

Ian Eiloart

All the legal, human and technical resources so far brought to bear on the spam problem have, at best, simply served to mask the problem - often with nasty side effects. After briefly describing the reasons that it's so easy to send spam, we'll discuss the fundamental problems that remain to be addressed, and how we can get from here to a relatively spam free world. What's required is not new technologies, but adoption of a number of existing technologies, and a political will to move in the right direction.

Author Bio: Ian Eiloart has been postmaster at the University of Sussex for ten years, after graduating there with an MSc in Computer Science and Artificial Intelligence. He's responsible for preventing spam both inbound and outbound, and protecting the reputation of the University's internal and outbound email.


Free as in profit: Free software fonts

Dave Crossland

This presentation will explain how to make money with free software, and use fonts as a case study. It will cover the history and current context of free software fonts, which is likely to be a hot topic by August as per

It relates to UNIX because even the most die hard UNIX terminal user uses fonts. :-)

Slides: dave_crossland-ukuug-free_fonts_web.pdf

Collaborative Web OS - the power of UNIX in the age of Web 2.0

Dave Crossland

This presentation will cover the Collaborative Web OS project. This is a very new project, and its homepage is currently - with a quick introduction video at

It relates to UNIX because it is about introducing a shared feature set to many free software applications typically used on UNIX systems and to some common UNIX server applications.

Slides: dave_crossland-ukuug-collaborative_web_os-web.pdf

The GNUspool printer management system

John Pinner and John Collins

GNUspool is based on a product first written by the author in 1984 but changed numerous times since then and made a GNU package in August 2008. It is a complete replacement for LP, LPR, CUPS etc and offers comprehensive print management across networks with a variety of interfaces.

Author bio: John Collins, after graduating from Cambridge in 1973 has worked in UNIX since 1980 and Linux since about 1998. He's run Xi Software since 1986 which specialises in UNIX Systems Administration Tools.

The Dichotomy of Open Source and Computer Games [scheduled for Sunday]

Steven Goodwin

In this talk, Steven Goodwin gives a broad view on open source software, and its use within the games industry. By demoing the use of open source in games, he breaks some stereotypes commonly associated with companies and corporations when it comes to open source software in general. This includes the myths of open source, licenses, and productivity software. He concludes the talk by revealing some of the complications involved when companies first attempt to utilise open source software, but also indicates the advantages of doing so.

Author bio: Steven Goodwin (London, England) has been in the game industry for over 15 years, progressing from Windows programmer to lead and management roles on console platforms such as the PS2, GameCube, and Xbox. During his time, he was responsible for seven major titles, including the #1 selling Die Hard: Vendetta, which appeared on all three of the above platforms.

As an author he has written two industry-standard textbooks 'Cross-Platform Games Programming', and 'The Game Developer's Open Source Handbook' for Charles River Media, and over 50 articles covering games, development, Linux, and open source.

Eiffel and C

Howard Thomson

Eiffel, the Object-Oriented Language that I have found to be my ideal language for new code implementation, 'C' integration, and 'C' and 'C++' re-implementation. I will describe my transition from 'C' being my primary language for all projects, to using Eiffel for all new code while using Eiffel's facilities to re-use available 'C' and C++ libraries, re-implementing in Eiffel where necessary.

I, and many others, want their code to be reliable, robust, adaptable, efficient, testable, readable and, in general, I want to take pride in what I develop and make available to others. Eiffel and the approach that it embodies make all of the above easier than with other language choices that I have experienced.

Author Bio: From being the Post-Graduate System Manager of a Unix V6 system at Westfield College London in the 1970s, including much kernel hacking and tweaking, through Unix and C code development and maintenance in a small business environment, to my current Free Software efforts, I have always preferred a Unix based development process. I am currently developing my own Eiffel IDE, and contributing to the Bacula backup project.

Advanced LVM

Chris Procter

Any problem in computing can be solved by the addition of a new abstraction layer, and any abstraction layer adds its own problems. LVM is a storage abstraction layer designed to solve the problem of fixed size disks and partitions and allow the administrator to manage disk space, adding, deleting and resizing logical volumes to ensure storage space is available when and where its needed. It is a well known fact that database administrators need all the disk space you have to give them plus about 10 percent. This talk will cover some techniques for adding space where its needed, retrieving it from the places where it isn't and generally trying to please all the people all the time.

Author Bio: Chris has been using Unix in general and particularly Linux for over a decade as a user, systems administrator and consultant. With characteristic timing he joined the telecoms industry just before the telecoms crash and started working for a medium-sized financial institution mere days before the credit crunch. Despite this he is still gainfully employed as a systems and storage administrator working with Linux and HP-UX systems and spends his life hiding from DBAs."

Converting 16k user mailboxes from MBOX to Maildir++

Ian Norton & Paul Tipper:

This paper discusses work done during the Summer term of 2008 at Lancaster University to its main Unix mail store. The system was a single large Unix machine hosting over 16k mailboxes in MBOX format accessed primarily over UW-IMAP and directly with NFS. The usage pattern had accelerated ahead of the upgrade cycle and the load placed on the machine was crippling the service for legitimate users.

The main issues (system loads > 500 and IO recorded over 100%) were fixed in the short term by placing the data on an external disk crate, but this paper covers the long term solution that was put in place to prevent the problem occurring again with the normal growth of use.

The selection and configuration of replacement software (Exim and Dovecot) is discussed as well as the extensive programs written in Perl for sanitising data, locking accounts, transferring data between formats, sanity-checking it and also load testing servers. This was all carried out with minimal per user downtime whilst the system was still serving mail.

Slides, full paper and scripts at

Author Bio: Ian Norton has worked at Lancaster University since 1999 and is currently a systems administrator for centrally provisioned services including email. Whilst not wrangling Exim, herding GNU Linux systems, hacking on Request Tracker or working on physical access control technologies, he can be found lingering on IRC, roleplaying, singing tenor or attempting to perfect his conducting gestures. Having extinguished the latest fire or en-route to the coffee machine, he badgers those around him to improve their documentation and formalise working arrangements with the ITIL framework in mind. More recently he has been acting as co-leader for the North West England Perl Mongers group and carries the important task of ensuring that Pingu arrives on time to group meetings.

Author Bio: Paul Tipper is a Unix sysadmin and coder at Lancaster University who's also in the final stages of completing a PhD for their Computing Department. His research interests have included email, spam and security. He is a journeyman programmer who spends chunks of his time in both Vim and Emacs. He knows and enjoys both Perl and Lisp, he also knows C, PHP, Shell and lots of bits of other languages. He likes Debian but is familiar with a number of Unixes including Solaris. Outside of tech he likes playing Go, roleplaying, practising Iaido and reading strange books.

Open Street Map

CiarĂ¡n Mooney


OpenStreetMap (OSM) is a online project making maps of the entire world freely available to everyone in the world. Volunteers work together collaborating to produce high quality, locally relevant and free data that anyone is allowed to use under the CC-BY-SA license.

OSM was started in 2005 due to the technical and legal limitations of maps produced by companies at the time, eg OS, TeleAtlas etc. Since the project has gathered over 125,000 members and a burgeoning amount of geo-data.

Birmingham is a great example of the work that at be done by volunteers, as it is considered "completed" by the contributors in the area, and progress is now being made to include other geo-graphically relevant data such as bus routes, bus stops and traffic restrictions.

I will talk about the history of OSM, briefly describe how people are involved and how volunteers make their contributions, noteworthy events in OSM history (Gaza Strip mapping, Flickr using OSM data for Beijing Olympics and Iran political protests), explanation of the technical workings (way, node model of data, along with key=value pair tagging schema), and possible uses for the data.

There will also be opportunity to map the local area using, and demonstrations of how this data can be added to the OSM database, along with possible mapping of other areas using Yahoo! aerial imagery. Possibly even a brief tutorial on generating customised maps using Osmarender and OSM data.

Author bio: I am Chemistry graduate from the University of Birmingham, about to start a PhD at University College London. My interest in computers and technology is a welcome distraction. I contribute to the project on an ad-hoc basis, occasionally attending mapping parties. I am a member of the OSM Midlands User Group, and was one of the contributors involved in the coordinated effort to complete the mapping of Birmingham for Christmas 2008. I dabble in a bit of light programming using Python and enthusiastically use Ubuntu on a daily basis, having shunned Windows for almost 4 years.

Moblin - The Netbook GUI

Michael Meeks, Novell

Come and hear about the Moblin project: creating a beautiful, fast new environment to make netbooks a pleasure to use. Understand how the OpenSUSE edition works, it's distinctives, and how you can build and contribute to it yourself. Hear about the fast-boot work and the issues and problems there, see accelerated 3D graphics on the cheapest PC you can buy, experience the net-working, and grok the software stack inside.

Author bio: Michael is a Christian and enthusiastic believer in Free software. He very much enjoys working for Novell where as a member of the Desktop research team he has worked on desktop infrastructure and applications, particularly Moblin,, CORBA, Bonobo, Nautilus and accessibility, amongst other interesting things. He now works as an Architect, trying to understand and nudge the direction of our Linux Desktop work. Prior to this he worked for Quantel gaining expertise in real time AV editing and playback achieved with high performance focused hardware / software solutions.

Slides: michael-meeks.pdf

TeX - Rejoining the mainstream

Jonathan Fine

Much has changed in the world of publishing and communication since the release of TeX in 1982. TeX was rapidly adopted by mathematicians and physicists as a much-loved document preparation system, although with a steep learning curve. It is also used in other specialist areas, such as technical documentation and database publishing.

Since the 1990s computer power and networking has grown many times, as has use of computers. GNU/Linux has become a force on both server and desktop. IBM has been replaced by Microsoft as the dominant commercial force in computing, which is now in turn challenged by Google. People are looking to the internet, particularly the Web, for information, services and solutions.

Although TeX remains mainstream for mathematical content, as open-source software it has slipped, and its web presence is weak. In 2009 TUG was rejected by Google as a mentoring organisation for their Summer of Code. TeX-related websites are somewhat dated and developer communities isolated, compared to the organisations that were accepted.

This talk presents recent work and proposals aimed at helping TeX and related software return to the mainstream of document processing. Topics will include:

1. On-line documentation for TeX, LaTeX and ConTeXt 2. Social networking :

3. Typesetting:

4. Standards:

Author bio: Jonathan Fine is chairman of the UK TeX User Group, and developer of

Slides are here

Mer - Touching Linux

David Greaves

Mer is a new operating system for small, mobile touch-screen devices.

The premise is that we should stop seeing the tablets as strictly under-powered embedded systems, and see them for what they really are: powerful, power-efficient, economical handheld computers.

Mer is, of course, Linux based and layers the best open-source elements of Nokia's Maemo platform over a modern Ubuntu distribution; furthermore Ubuntu-MID have selected Mer as the foundation for their next release.

Currently Mer runs on the Nokia N8x0 & 770 range, the Freerunner, SmartQ tablets and beagleboards. We expect to support the imminent Nokia N9xx device as well.

The talk will introduce issues around the the commercial/open interface in several areas, highlight successes and failures in this area and outline the Vendor Social Contract as a mechanism to codify the relationship.

I will also discuss the goals of the project and how we intend to address them by considering the design issues we face and some solutions.

Finally I will also cover our role as a midstream distribution and dip into how we handle distributed development, communication, processes, packaging and build management.

Mer is a project, we collaborate with Nokia and benefit hugely from Novell's Open Build Service and the Gitorious project.

Author Bio: David has been a solutions architect at a major telco for several years but still knows how to code. He's a passionate believer in the commercial viability of OSS. Previous contributions include kick-starting the git documentation & establishing wikis for Linux RAID and MythTV. He runs linux everywhere.

Slides: Mer-UKUUG-slides.pdf

The future of open source operational support systems in the telecommunications industry

Dr. Craig Gallen

Telecommunications and IT service providers are frequently encumbered with a ponderous mixture of home-brew and custom off the shelf (COTS) operational support systems. Understanding, let alone maintaining, a roadmap for these systems is a major cost for the industry. Most large service providers belong to the TM Forum ( which seeks to manage this complexity by standardising the interfaces between operational support systems. However systems integration is still complicated by the fact that the basic business model of the software vendors involves hiding information (closed source development). The open source network management project, OpenNMS (, has become increasingly attractive to service providers because integration is so much easier to achieve. Recently OpenNMS has been taking a lead in establishing an open source project ( to develop an integration library in support of TM Forum standards. This talk will explorer the experiences of integrating OpenNMS into large scale enterprise and service provider environments and explain the future plans to make the project a more valuable option for these users.

Author Bio: Dr Gallen worked as a senior product manager with Nortel Networks before leaving to pursue his doctoral studies in open source operational support systems at the University of Southampton. He currently is a committer to the OpenNMS project and the leader of the TM Forum Interface Program open source project.

Slides: open-source-telecomms.pdf

Shared-memory Multithreading Is The Wrong Way To Do Parallelism

Dr Russel Winder, Concertant LLP

Every computer is now a multicore machine and hence supports real parallelism. After 30 years of being the coming technology, parallelism has now arrived and is the mainstream.

The problem is, of course, that most programmers don't know how to program parallel systems. Some programmers even think shared-memory multi-threading is the way to do it. OpenMP probably has C and Fortran programmers continuing to believe this. MPI and the far better technologies of TBB, Erlang, Actors and CSP, clearly show this to be an erroneous view.

This session will be a whirlwind introduction to all these technologies of parallelism and will show that processes and message passing are the way forward.

Author Bio:

Originally a theoretical physicist (QCD and that sort of stuff). Then a Unix systems programmer (Seventh Edition, 4BSD and 4.1BSD). Then a Reader in Software Engineering (UCL). Then Professor of Computing Science, not to mention being Head of Department (KCL). Escaped academia to be CTO of a startup (name elided to protect the guilty), but the accountants caused failure. Now a consultant, analyst, author and trainer in all things parallel, Java, Python, Groovy and C++, and a founding partner of Concertant LLP which works in all areas multicore and parallel.

Slides for the session are at:

Optimising the Xapian Search Engine [Sunday]

Richard Boulton

Xapian is a library for implementing free text, ranked, and structured searches. Recently, I've been doing a great deal of work to improve the performance of Xapian for various setups. This has involved tuning algorithms, reworking datastructures, distributing searches across multiple machines, and lots of measuring and tuning of CPU and IO loads. I'll present some of the many traces and graphs obtained while doing this work, and discuss some of the tradeoffs which I've implemented.

Author Bio

I've worked on search technologies in Cambridge, UK, since graduating in Mathematics in 1997, and started the project which became Xapian in 1999, being instrumental in getting it released under the GPL in 2000. Since 2001 I've worked as a consultant, with Lemur Consulting Ltd, helping customers develop and integrate Xapian (and other systems) into all sorts of environments.

I'm currently building a large suite of components (Flax) to provide ready-to-use interfaces for various search and categorisation functions.

I'm still based in Cambridge, and frequently attend community events in Cambridge and London. Follow me on twitter at @rboulton.

Slides: optimising_xapian.pdf

Mashing Up the Guardian -

Michael Brunton-Spall

The Guardian, Europe's largest online newspaper, recently announced the Guardian Open Platform (, allowing developers access to over 10 years worth of Guardian editorial content. This talk will take you on a whistlestop tour of the open platform, showing you how to apply for and use our API keys, how the API itself works, and the sorts of things which have already been done with our data.

I'll also be showing you our open source Python library for accessing Guardian content, and giving you an example of how to integrate it into your own Google App Engine or Django website

API Key: jbynv3fwdp8ju5625mt2axw3 - till Friday 14th August

Slideshare Slides:

Author Bio

Michael Brunton-Spall is a web developer, working for, the website for the Guardian newspaper; the worlds leading liberal voice. His job mostly involves full time Java coding, but he uses every opportunity to utilise Python where possible, and has presented on Google AppEngine and Django a number of times.

MPs' Expenses - an Op's Eye View

Paul Nasrat

The Guardian recently released, a crowdsourcing application inviting members of the public to help dig through the 400,000 pages of MPs' expenses documents released by Parliament. The application was developed in Django in just four and a half days and was deployed using EC2, both of which were firsts for the Guardian. This talk will cover lessons learned building, deploying and scaling the application from an operational point of view.

Author Bio

Paul Nasrat is Lead Systems Integrator at the Guardian.

Paul is a highly experienced systems administrator and software developer specialising in open source and high performance web serving. He is currently a contributor to puppet and factor and has lots of experience developing open source solutions having worked at Red Hat on installer and package management systems for Fedora and RHEL.

Minimising spam: How to slay spam and reclaim your resources

Andrew Richards

Nowadays email is hugely encumbered by spam. This can have the effect of multiplying the resource requirements to process email on the receiving system - your mail server - in terms of bandwidth, CPU, memory and I/O. In addition, where spam is identified some sensible action needs to be taken to reject, quarantine or dispose of the message. If the spam checking is done after the email has been accepted then these actions are fraught with difficulties: If a false sender was specified then a bounce causes "Backscatter"; quarantined messages may be ignored by the mailbox owner; and disposal will destroy genuine messages (false positives).

Deploying most of your anti-spam measures during email receipt (the SMTP session) provides significant advantages: Resource usage can be minimised, backscatter is avoided and false positives can be safely returned to the sender (who is still connected - or at least their mail server is).

Most of the techniques are relatively old-school and well tested so their use need not be feared - but some measures that are ill- considered will also be mentioned to help you avoid using them!

We will look at the structure of an SMTP session to identify where the various techniques can be used to achieve these benefits. Since the vast majority of email is spam and can be identified as such using just the "Envelope" information, there is no need to waste bandwidth receiving the message itself, nor using resources to scan it.

Real-world graphs and figures will also be presented to illustrate the dramatic impact these measures can have. We will consider what characterises spammy behaviour such as botnets sending spam, pertinent to the measures being employed. Finally we will see how these measures are added to real-world systems.

Slides at

Author Bio

Andrew Richards is an email systems consultant, working mostly with systems based on qmail, netqmail and Plesk. He is active in the [net]qmail community and provides a number of open-source patches and add-ons for [net]qmail (here). He has been active in this field for 10 years, building and supporting email systems for businesses of all sizes from handling just a few mailboxes up to systems for ISPs with more than a million mailboxes. He also works on more general Linux, Unix and networking tasks.

Other info

form ukuugexp.pdf

Talks (last edited 2011-01-25 05:42:50 by HolgerKraus)