RMLL Security track - why, how and for which results

September 13, 2017

JC Jones during RMLL Sec 2016 - photo by Eric Leblond under CC BY-NC-SA

RMLL Security track : why, how and for which results

Note: after the lost of the original blogpost from 2017, I have restored an original version that I have updated with additions from late 2019.

After many years of curation of the Security Track of the RMLL (a French generalist multi tracks conference about Free Software), we have decided to create in 2018 a free (as in free beer) event dedicated to Security and Free Software: Pass the SALT, Security And Libre Talks.

For my part, I have started to curate the security track (and adminsys in early years) in 2008 at Mont de Marsan :)

We have decided to do it because as a technical track, we no more felt “at home” in a conference that went more year after year toward a artistic, political and communities direction. This direction was very interesting for the RMLL but too far from our core topic to feel comfortable enough as track curators but also for the event organizers.

We are convinced of the value that Free Software provides to all of us, citizens of the world, in the Security area. And having a conference dedicated to it is a way for us to contribute to its expansion.

On this page, we will expose our goals for this new conference and the way we want to follow to reach them.

Our goals for Pass the SALT

werner Discussion between François Marier, Eric Leblond and Werner Koch during 2013 RMLL Security Track in Brussels - photo CC BY-NC-SA by P. Teuwen

To understand the objectives and the spirit, Peter Czanik, lecturer, gave us some answers in the report of his participation in the RMLL 2017.

Here is how he summarized his coming at the 2017 RMLL Security track:

“I participated again in Security track … “Participated” as I did not only give a talk on syslog-ng there, but also sat in to most of the presentations and had very good discussions both with visitors and fellow speakers. The organizers brought together talks from diverse IT security-related fields, a very good opportunity for cross-pollination of ideas.”

Note: emphasis is on our own.

Peter has perfectly synthesized what we are trying to achieve through the RMLL Security track year after year:

Do our best to facilitate meetings and exchanges between lecturers and the public. The goal is that these exchanges generate collaborations between developers or projects but also produce new features in free software of the Security sphere.

And it is what we will want to achieve year after year with Pass the SALT.

How to reach our goals

Here, we are not going to give a detailed list of things we think that have to be done but rather, a short list of important (according to us) levers that helped us reaching these goals.

1> Cost: a free access event

First of all, we want to provide a free event to attendees. According to us, this is the best way to enable all kind of attendees to come : we think about students or people with low income but it is also a way to see professionals coming on their own without having to negociate money with their company.

2> Content: a security & free software event with most of the security topics covered

While respecting the technical and free software DNA of the conference, we try to ensure that as many security disciplines as possible are represented in the topics covered by the talks and workshops.

During the first 2 Pass the SALT editions, we managed to offer many different sessions with among other topics: low level security, offensive security, secure programming, security at scale, privacy or network security.

We want both attendees and speakers to confront to different disciplines and topics of Security that are not always familiar to them. This allows everyone to discover new fields of exploration and to pick innovative solutions that she/he can reuse in her/his projects or work.

3> For attendees: an open minded and accessible atmosphere

Beyond the different and varied subjects, we also try to establish a climate as friendly as possible in order to maximize exchanges. During the conference, it is very rare to find a “star attitude” among our speakers. They are all free software users and/or developers and so, perfectly understand the importance of sharing with and helping people. So, we set up:

pauses: during which, we do our best to encourage attendees to interact with speakers,
social event: organization provides some (usually 2) free drinks and tries to encourage one more time exchanges between people :)

4> For speakers: a comfortable and caring event

It is also very important for us that the speakers feel comfortable for coming and attending : they usually don’t know the event (and so its attendees), the city and even sometimes the country. So we provide:

a dedicated communication channel: on a private mailing list we provide complete information (how to come, to find accommodations, to do their talk, to contact us, to be reimbursed etc.),
full contact list and fast feedback loop: in order to be able to get in touch and have answers quickly from the org team,
speakers dinner: during the event, we also set up a speakers’ dinner. The goal is to provide them yet another opportunity to get to know each other better, exchange and let ideas “pollinate” :-)

The goal is for all lecturers to come in confidence, get rid of most of their practical questions to be able to take advantage of the event in the most open way.

And for which result?

But so, for real, have you got any results to share? Yes we have! Just give a look to our achievements page :-)