Metaspora☄⁂

Look at ME!

Intel ME Investigation

With Intel's Firmware Support Package (FSP) and the recent release of a redistributable firmware binary for the Management Engine, it has become possible to share full firmware images for modern x86 platforms and potentially audit the binaries. Yet, reverse engineering, decompilation and disassembly are still not permitted. However, thanks to previous research, we can have a closer look at the binary data and come to a few conclusions.
This talk briefly summarizes the fundamentals of developing custom and open source firmware, followed by a quick guide through the process of analyzing the binaries without actually violating the terms to understand a few bits, and finally poses a statement on the political issues that researchers, repair technicians and software developers are facing.

LinuxBoot

Let Linux do it

Instead of proprietary UEFI firmware or other projects maintained outside a user's control, they can apply the Linux kernel to develop modern firmware based on well-tested drivers. That is the idea behind LinuxBoot.
This talk explains what this means a demonstrates application examples.

Open-Source Firmware

Firmware is found in all computing devices, including PCs, laptops, networking equipment, printers, embedded devices such as IoT and industrial controllers, mobile phones, tablets, and more. The community around open source firmware has grown over the last years, allowing for more exchange in the development and granting freedom to end users. Prominent projects like U-Boot, Tianocore, coreboot and others teach how firmware works and welcome contributions.
This talk provides an overview of the current state, an end user report, and a summary of the first Open Source Firmware Conference.

A JavaScript GraphQL Stack Built With Apollo

This talk provides a quick introduction to the GraphQL language itself, the pub-sub and request-response RPC architectures behind it, as well as schema exploration and visual documentation through GraphQL Playground.
While enumerating some use cases, the slides suggest a possible integration with existing services and showcase a set of tooling all based on JavaScript, featuring static analysis through linting, both unit and integration tests, as well as a proposal for logging and performance monitoring.

Build, Package, Distribute

Damit Services skalieren können, wird heutzutage Infrastruktur automatisiert. Doch das ist nur die halbe Miete. Wie sieht es mit der Verteilung der Software aus? Für UNIX-artige Systeme stehen seit vielen Jahren Paketmanager und Paketquellen (Repositories) bereit. Damit kann Software auf Zielsystemen schnell und einfach installiert werden, beispielsweise auf dem eigenen Rechner, aber auch beim Deployment von Services. Für manche Software sind jedoch keine Pakete vorhanden oder Anpassungen nötig, insbesondere bei eigenen Anwendungen. Deshalb stellen viele Systeme die nötigen Werkzeuge bereit, um Pakete anzupassen oder neu zu generieren.

Fail fast and succeed!

Test-Driven JavaScript Application Development

Over time, besides many libraries, lots of development tools were created for JavaScript.
This talk provides a detailed overview of the different kinds of tests, lists the applicable tools for each of them, and points out a selection for test-driven development (TDD) to allow a structured onboarding.