2.0 -//Pentabarf//Schedule//EN PUBLISH FDXM7X@@pretalx.t-dose.org -FDXM7X Opening talk in Grote Spoel en en 20260606T095000 20260606T100000 0.01000

Opening talk in Grote Spoel

Placeholder for the opening talk PUBLIC CONFIRMED Talk https://pretalx.t-dose.org/2026/talk/FDXM7X/ Kleine Spoel Peter van Ginneken PUBLISH 88LV8S@@pretalx.t-dose.org -88LV8S How to start anything -- from small projects to hackerspaces to huge events -- when you have only the foggiest of ideas en en 20260606T100000 20260606T105000 0.05000

How to start anything -- from small projects to hackerspaces to huge events -- when you have only the foggiest of ideas

Do you want to do a thing? With software, some tools, electronics, a group of people, or even a big event? Join me in stories and simelairities of new small projects, and how the same patterns are used for big projects, like 4000 people hacker events. PUBLIC CONFIRMED Talk https://pretalx.t-dose.org/2026/talk/88LV8S/ Kleine Spoel Boekenwuurm PUBLISH XBDWMB@@pretalx.t-dose.org -XBDWMB Is Your Secrets Management Open, Simple, and Reliable? en en 20260606T110000 20260606T115000 0.05000

Is Your Secrets Management Open, Simple, and Reliable?

Managing secrets has evolved from sticky notes to thousands of workloads that need to communicate and authenticate securely. But many organisations are still stuck with proprietary, expensive, and complex solutions. In this talk, Robert de Bock (DevOps Architect) and Roel de Cort (DevOps Professional) from Adfinis introduce OpenBao, an open source, vendor-neutral secrets management platform. They walk through why secrets management has become a critical challenge, how OpenBao compares to proprietary alternatives like Azure Key Vault and AWS KMS, and what the path to zero-trust automation looks like in practice. The session includes live demos on migration tooling and horizontal scaling, making it practical and hands-on. PUBLIC CONFIRMED Talk https://pretalx.t-dose.org/2026/talk/XBDWMB/ Kleine Spoel Annebelle van Waardenburg PUBLISH CAD7RW@@pretalx.t-dose.org -CAD7RW FORTH: a pioneering language en en 20260606T130000 20260606T135000 0.05000

FORTH: a pioneering language

The FORTH programming language is very simple to implement on small machines. I the past this was often the first programming language available for a new microcomputer. Therefore a pioneering language. It has also a long history of open-source implementations, dating back to the 1970s. In the early days of the IBM-PC, most free programs did not come with source code and even if they did, they could not be rebuilt without expensive compilers and/or assemblers. But FORTH could compile itself from its own source code, quite an advantage in those days. I will give a small demonstration of the language itself and the way it can compile itself using very little resources. I will also give an overview of past and current open-source FORTH implementations. PUBLIC CONFIRMED Talk https://pretalx.t-dose.org/2026/talk/CAD7RW/ Kleine Spoel Lennart Benschop PUBLISH JGBRNR@@pretalx.t-dose.org -JGBRNR Hey Mum, I'm on Spotify ! en en 20260606T140000 20260606T145000 0.05000

Hey Mum, I'm on Spotify !

[Hacker Public Radio](https://hackerpublicradio.org/index.html) is a technology focused podcast that releases shows every weekday Monday to Friday. Our shows are created by people like you, and can be on any topic that is of interest to hackers, hobbyists, makers, etc. We are a welcoming community that offers positive feedback and encourages respectful debate. This is our 21st year of operation, and we will release our 5,000th show in August. Everything we do is released under a Free Culture License. We do not vet, edit, moderate or in any way censor any of the audio you submit, we trust you to do that. In this presentation we will tell you a bit about our history, our culture, and our plan. We will walk you through picking a topic, give you help on getting a good recording, and then what you need to do to get your show posted. We can then go into what will happen on the back end, how the show is processed and how it gets to our Community Content Delivery Network, and from there to your podcatcher of choice (or Spotify, Apple, Google, Amazon, etc). PUBLIC CONFIRMED Talk https://pretalx.t-dose.org/2026/talk/JGBRNR/ Kleine Spoel Ken Fallon PUBLISH GLJBFE@@pretalx.t-dose.org -GLJBFE Help! Finding your way around a Linux system en en 20260606T150000 20260606T155000 0.05000

Help! Finding your way around a Linux system

How on earth does that work again? That’s a question Linux users often ask themselves. It’s a good time for a bit of self-help, so you can find the answers and sort out any minor issues on your own. We’ll show you the best places to look, both on your Linux system and elsewhere, to find reliable information about the tools. PUBLIC CONFIRMED Talk https://pretalx.t-dose.org/2026/talk/GLJBFE/ Kleine Spoel Frank Hofmann PUBLISH WGQG8V@@pretalx.t-dose.org -WGQG8V Soevereiniteit! Hoe dan? en en 20260606T160000 20260606T165000 0.05000

Soevereiniteit! Hoe dan?

Digitale soevereiniteit klinkt als een groot en abstract begrip, maar is in de praktijk verrassend concreet: wie heeft het laatste woord over uw data, systemen en continuïteit? In deze lezing maakt Brenno de Winter duidelijk dat het geen ideologisch debat is, maar een bestuurlijke vraag over regie, risico’s en verantwoordelijkheid. Aan de hand van actuele casussen en herkenbare situaties laat hij zien hoe afhankelijkheden ongemerkt ontstaan en hoe ze, juist op kritieke momenten, bepalend worden voor beschikbaarheid, integriteit en vertrouwelijkheid. Soevereiniteit blijkt geen alles-of-nietsbegrip, maar een kwestie van inzicht, keuzes en onderhoud. Met het ROT-model (Regulering, Organisatie, Techniek) en concrete stappen biedt deze sessie een praktisch handelingsperspectief. Niet door alles zelf te willen doen, maar door bewust te bepalen waar regie noodzakelijk is en waar samenwerking verantwoord blijft. PUBLIC CONFIRMED Talk https://pretalx.t-dose.org/2026/talk/WGQG8V/ Kleine Spoel Brenno de Winter PUBLISH P3GCLA@@pretalx.t-dose.org -P3GCLA False Sense of Security in Static Analysis: Building a Reliable Python SAST Scanner en en 20260606T110000 20260606T115000 0.05000

False Sense of Security in Static Analysis: Building a Reliable Python SAST Scanner

Python code plays a central role in modern computing, yet Python applications are not immune to cybersecurity threats. Consequently, security has become a critical concern for Python users and developers. Static Application Security Testing (SAST) is a straightforward and proven way to identify vulnerabilities or assess the security posture of Python code before deployment. As a long-term advocate for Free and Open Source Software, I believe in the benefits of using high quality FOSS tools for cybersecurity. Security is never black or white: Context matters. However, using tools that can give a false sense of security is a deadly sin in cybersecurity. In 2025, after extensive research, I decided to create a better FOSS Python SAST scanner: a more reliable, trustworthy and user-friendly security tool. In this talk, I will share my personal journey of creating this tool. You will learn about specific Python threats and how weaknesses in code can be detected and exploited. I will also discuss my architecture and design principles, including why you shouldn't blindly trust AI for security and why a "local-first" approach is always preferable from a FOSS perspective. PUBLIC CONFIRMED Talk https://pretalx.t-dose.org/2026/talk/P3GCLA/ Katoenkamer Maikel Mardjan PUBLISH EUB38M@@pretalx.t-dose.org -EUB38M A Brief Introduction to Resilient Data Backup en en 20260606T130000 20260606T135000 0.05000

A Brief Introduction to Resilient Data Backup

How can you actually structure your data management so that no valuable information is lost in the event of an emergency? But what exactly constitutes an emergency? And what counts as valuable information? What risks need to be considered, and what measures can be taken to mitigate or even completely eliminate these risks? This presentation provides a practical introduction to the fundamentals of resilient data backup. The goal is to help you understand how to plan and implement a reliable and future-proof data backup solution with reasonable effort. PUBLIC CONFIRMED Talk https://pretalx.t-dose.org/2026/talk/EUB38M/ Katoenkamer Andreas Rogge PUBLISH BNMXQC@@pretalx.t-dose.org -BNMXQC MuseScore workshop en en 20260606T140000 20260606T145000 0.05000

MuseScore workshop

Workshop how to use MuseScore, a free and open-source music notation program. Just because it's fun! We'll look at how to navigate through existing scores, use them for music practice, adjust them and transcribing sheet music to practice the input. Please bring your own computer and preinstall MuseScore from musescore.org prior to the workshop. PUBLIC CONFIRMED Talk https://pretalx.t-dose.org/2026/talk/BNMXQC/ Katoenkamer Maja PUBLISH WQGEJN@@pretalx.t-dose.org -WQGEJN We promote and talk about "open", but are we actually -doing- it enough? en en 20260607T100000 20260607T105000 0.05000

We promote and talk about "open", but are we actually -doing- it enough?

As a community we love open source and open standards. Also, we are not afraid to tell others about it! With ongoing geopolitical changes, this very moment might actually be perfect for our community to grow and prosper. Except, there is one big problem we need to discuss: we talk about it, but tend to forget the challenges others encounter. Remarks as "just use Matrix" or "replace the cloud with Nextcloud" might even be counter-productive for our cause. So let's take a step back first, then speed up. In this presentation we take a good look together at some ways of promoting open source, open standards, alternatives to Big Tech, and more. From developer to end-user, we all can do a few small, but powerful things, that really help a lot. Spoiler: Less talk, do more!* Randomized keywords that will be discussed: blog, first impression, social media, community building, website, presenting, ease of use, repair café, local library, documentation, simplicity; *Presenter is given a one-time exception for this presentation PUBLIC CONFIRMED Talk https://pretalx.t-dose.org/2026/talk/WQGEJN/ Kleine Spoel Michael Boelen PUBLISH TSUVAD@@pretalx.t-dose.org -TSUVAD Van terminal naar tafel: communicatievaardigheden voor nerds en en 20260607T110000 20260607T115000 0.05000

Van terminal naar tafel: communicatievaardigheden voor nerds

Veel technisch vaardige mensen herkennen het probleem: je hébt inhoudelijk gelijk, je argumenten kloppen, je analyse is scherp… en tóch ontspoort het gesprek. Waarom? Omdat communicatie veel minder rationeel werkt dan we als nerds vaak hopen. In deze Nederlandstalige sessie kijken we naar communicatie vanuit een technisch én menselijk perspectief. Niet zweverig, maar praktisch toepasbaar. We volgen de route van een boodschap: van gedachten in het brein van de zender, via woorden, toon en lichaamstaal, naar de interpretatie in het brein van de ontvanger. Onderweg gaat verrassend veel mis. Aan bod komen onder andere: - waarom intelligente mensen vaak tóch communicatief vastlopen; - het verschil tussen inhoud, emotie en status in gesprekken; - de invloed van stress, ego en rechtvaardigheidsgevoel; - de Roos van Leary als praktisch model voor interactie; - hoe je minder “botsend correct” en meer effectief kunt communiceren; - hoe je politiek slimmer opereert zonder oneerlijk te worden; - omgaan met conflicten in open source, teams en organisaties; - het voorbereiden van moeilijke gesprekken met behulp van AI. Daarnaast laat de spreker zien hoe moderne AI-tools gebruikt kunnen worden als persoonlijke gesprekssimulator: oefenen met lastige collega’s, formuleren van gevoelige feedback, herkennen van escalatiepatronen en voorbereiden van onderhandelingen. De talk is bedoeld voor developers, sysadmins, open-source contributors, engineers en andere technisch ingestelde mensen die merken dat technische vaardigheden alleen niet voldoende zijn om ideeën écht succesvol over te brengen. Verwacht geen managementjargon of corporate training-taal, maar een eerlijke en herkenbare sessie vol praktische handvatten voor het echte leven. PUBLIC CONFIRMED Talk https://pretalx.t-dose.org/2026/talk/TSUVAD/ Kleine Spoel Jeroen Baten PUBLISH E8NLXD@@pretalx.t-dose.org -E8NLXD The XZ Utils backdoor en en 20260607T130000 20260607T135000 0.05000

The XZ Utils backdoor

Over the Easter weekend of 2024, the cybersecurity community exploded with uproar over CVE-2024-3094, a software supply chain attack also known as the XZ Utils backdoor. The CVE carries a maximum CVSS score of 10.0, signifying its critical severity. Security vulnerabilities with the maximum severity score are rare, but critical-level vulnerabilities are quite abundant. What sets the XZ Utils backdoor apart is the scope of the attack and the massive potential fallout it could have generated if it would have succeeded. Beyond the statistics for this vulnerability, the discovery process, the intricate engineering and social engineering aspects are wildly interesting. Let’s find out what relates a developer at Microsoft, a fundamental open-source project and a set of sock-puppet accounts on GitHub controlled by an advanced threat actor. Brace yourself for an exciting tour past exotic POSIX function control mechanisms, ELF linking symbols, ED448 keys, APTs and just plain coincidence! PUBLIC CONFIRMED Talk https://pretalx.t-dose.org/2026/talk/E8NLXD/ Kleine Spoel Kris van Rens PUBLISH BLLSGB@@pretalx.t-dose.org -BLLSGB Getting started with CI/CD using Forgejo Actions and why this is important AF en en 20260607T140000 20260607T145000 0.05000

Getting started with CI/CD using Forgejo Actions and why this is important AF

Continuous Integration and Continuous Delivery (CI/CD) have become essential practices for modern software development—but many teams still rely on centralized, proprietary platforms like GitHub or GitLab for all their build automation. In this talk, we introduce Forgejo Actions, a powerful, self-hostable CI/CD solution that is largely compatible with GitHub Actions. This makes it incredibly easy for beginners and experienced developers alike to get started with automated testing and delivery pipelines—without surrendering control of their code or infrastructure. We will walk through the core concepts of Forgejo CI/CD: the Forgejo server, the Docker-powered runners, workflow files, and practical examples to get newcomers up and running. In the second half, we zoom out and explain why this matters "AF": digital autonomy, reducing vendor lock-in, and avoiding dependency on increasingly centralized platforms. Migrating from GitHub Actions to Forgejo Actions is often surprisingly painless, giving developers the freedom to host their own pipelines while still syncing code to major platforms when needed. Finally, we'll explore how Forgejo connects to the broader ecosystem—most notably Codeberg, the fast-growing European non-profit hosting platform with 200,000+ repositories and over 1,200 paying members (membership €24/year; €12 discounted). Together, Forgejo and Codeberg demonstrate that modern CI/CD doesn’t need to depend on Big Tech. Attendees will walk away with a clear understanding of how to start implementing Forgejo-based CI/CD workflows today—and why doing so is strategically vital for long-term developer independence. Links: - Forgejo: https://forgejo.org - Codeberg: https://codeberg.org - Codeberg e.V.: https://codeberg.org/Codeberg/org - Forgejo Actions docs: https://forgejo.org/docs/latest/admin/actions/ - Submitter’s involvement (LibrePlan CI/CD work): -- https://github.com/LibrePlan/libreplan -- https://www.libreplan.dev/ PUBLIC CONFIRMED Talk https://pretalx.t-dose.org/2026/talk/BLLSGB/ Kleine Spoel Jeroen Baten PUBLISH 78VB3L@@pretalx.t-dose.org -78VB3L The Fediverse, just a nice place, not an alternative! en en 20260607T150000 20260607T155000 0.05000

The Fediverse, just a nice place, not an alternative!

The Fediverse, a federated network for micro-blogging, video-sharing, picture-posting, vlogging, blogging and much, much more is often misunderstood. This presentation will give you an overview of what it is and what it is not and more importantly how you can participate and what you can do to make the Fediverse even more beautiful. Examples will be show of the good, the bad and the ugly. We will talk about how to counter Fear, Uncertainty Doubt arguments that people will use to not engage in it. We will show you how to lure skeptical people in to using the Fediverse (for your and their own good) in a positive way. And we will help you find and be found on the Fediverse. So we can all prosper and have fun! PUBLIC CONFIRMED Talk https://pretalx.t-dose.org/2026/talk/78VB3L/ Kleine Spoel Koen de Jonge PUBLISH LSNSNF@@pretalx.t-dose.org -LSNSNF Open by Choice, Sovereign by Design en en 20260607T160000 20260607T165000 0.05000

Open by Choice, Sovereign by Design

Digital sovereignty is no longer just a strategic preference; in 2026, it is a regulatory imperative. While the "why" of sovereignty is clear, the "how" remains a challenge for many European enterprises. In this session, we explore how open source is uniquely positioned to deliver true autonomy. We will move beyond theory to discuss the practical implementation of transparency and reusability, focusing on: Policy as a Catalyst: How Open Source facilitates compliance with the Cyber Resilience Act (CRA) and NIS2. Security through Collaboration: Enhancing resilience by leveraging the "Power of Many." Measuring Mastery: A practical look at how organizations can use the Cloud Sovereignty Framework (CSF) to assess their current posture across 8 key objectives—from supply chain to data & AI. Attendees will be introduced to a privacy friendly assessment tool that allows them to benchmark their sovereignty score against EU standards and generate an actionable gap-analysis report. Let’s Dance, not Fight! PUBLIC CONFIRMED Talk https://pretalx.t-dose.org/2026/talk/LSNSNF/ Kleine Spoel Emiel Brok PUBLISH SBXGRQ@@pretalx.t-dose.org -SBXGRQ Games on RISC-V en en 20260607T110000 20260607T115000 0.05000

Games on RISC-V

A computer ecosystem isn't complete without games. In this presentation I will show you where to find games that you can play on multiple architectures, including RISC-V. There are games that are available in repositories, games that you can build from source, games that have been released for RISC-V, and it's also possible to play some games through emulation. This presentation will start with slides, but you will also see live gameplay on actual RISC-V hardware. PUBLIC CONFIRMED Talk https://pretalx.t-dose.org/2026/talk/SBXGRQ/ Katoenkamer LivingLinux PUBLISH ZLFYAP@@pretalx.t-dose.org -ZLFYAP Verifying and Signing Artifacts with Sequoia PGP en en 20260607T130000 20260607T145000 1.05000

Verifying and Signing Artifacts with Sequoia PGP

If you work with source code, you probably care about its integrity. Signing an artifact like a file enables others to not only verify that it wasn't corrupted, but also figure out who authorized it. When used correctly, this information can protect against a range of supply-chain attacks. In this workshop, you'll learn how to verify and sign artifacts, and manage certificates. (We won't cover encryption.) We'll use Sequoia, which is the OpenPGP implementation used by Fedora, RHEL, Debian and Ubuntu to authenticate packages. We'll start by learning how to verify a file and discuss what it means to verify a signature. The focus will be not just on the steps, but understanding what they accomplish. We'll then move on to signing your own software. We'll generate a key, talk about how to protect it and how to get it to your users so they can verify your software. Finally, we'll configure git to sign commits and experiment with sq-git, a tool that helps manage a project's signing policy. PUBLIC CONFIRMED Talk https://pretalx.t-dose.org/2026/talk/ZLFYAP/ Katoenkamer Neal H. Walfield PUBLISH CC987M@@pretalx.t-dose.org -CC987M SSH workshop en en 20260607T150000 20260607T165000 1.05000

SSH workshop

Want to get more out of SSH? Join this hands-on workshop where we explore SSH together — by doing, not just listening. Topics include key authentication, jump host and port forwarding. You bring your device (with an SSH client installed), T-DOSE provides the servers. Audience: Anyone who uses SSH or wants to start — all skill levels welcome. PUBLIC CONFIRMED Talk https://pretalx.t-dose.org/2026/talk/CC987M/ Katoenkamer stappers