Open source is often discussed through a familiar narrative: community-led collaboration, neutral governance, and voluntary participation driven by shared technical interests.
However, when looking at China in 2025, open source often looks noticeably different — not because different tools are used, but because the constraints shaping them are fundamentally different.
This talk explores how open source in China has evolved under the convergence of three forces: vendor-led engineering realities, explicit policy signals, and intense market pressure — especially under economic tightening and global uncertainty. In this environment, open source is frequently not a starting ideal, but a practical mechanism: to establish de facto standards, to gain global trust, and increasingly, to remain viable through international adoption.
The talk examines why many projects are company-led rather than community-born, why governance often lags behind engineering, and why “going global” is less about expansion than about survival.
The perspective offered is not representative of any state or corporation, but comes from someone who has worked between Taiwanese, Chinese, and global open source communities for over a decade. The goal is not to defend or promote a particular model, but to provide developers familiar with Western open source traditions with a clearer mental framework for understanding how open source behaves under non-ideal conditions — and what that means for future collaboration and governance in an increasingly interconnected open source world.
CS++ is an entirely-led student computer science society in TU Dublin. Our goal is to give our members experiences and skills they won't get in class, this includes going to FOSDEM!
Ontop of that, CS++ maintains a cluster of servers that runs services for themselves and several other societies in the university. Which we have to maintain even though students are in university for only four years.
This Four Year Bus talk covers how we went from an empty room to our current tech stack, as well as how we manage training, handover and long-term planning when everyone involved has a timer until they are hit by a bus.
Okular is multi-platform, fast and packed with features, Okular allows you to read PDF documents, comics and EPub books, browse images, visualize Markdown documents, and much more.
In this talk we will give a quick overview of the past, present and future of Okular.
The goal of the talk is to present the SucréLA project. SucréLA is a fast (USB 3.0) and fully open logic analyzer. For the feature set, it takes inspiration on the great Saleae products. But the goal is to be more affordable for hackers and be fully open source. The board is open (all Kicad files), the PC software is open (sigrok/PulseView), the FPGA gateware is open (in Migen, based on LiteX SoC toolkit, available on gitlab), the mcu fw is open (also on gitlab) and you only need open source tools to hack it (gcc, NextPNR and Yosys: no closed source fpga toolchain needed). The idea is for someone to easily be able to understand, modify, improve and repair it.
Everything is available at https://gitlab.com/yannsionneau/SucreLA/
Licenses: LGPL v2.1 and CERN-OHL-W v2
The humble cellular automaton is a well-studied concept in computer science and has been around for many decades.
A very famous cellular automaton is Conway's Game of Life, which models a simple two-dimensional system of cells living and dying. This cellular automaton, and many others like it, are expressly designed to simulate some aspect of the real world, however simplified the model might be.
I instead like to design cellular automata that have pretty animations and do not attempt to model reality in any way.
In this talk I'll present my small cellular automaton framework "graffito" that I have been working on for the past three years in my spare time. I'll give a few examples of how I like to go about creating new automata and try to inspire you to create your own. I think it's really fun, and sometimes you might surprise yourself with something very cool-looking!
graffito is written in the Futhark programming language, but the takeaways from this talk will be applicable to any language you might want to use for writing cellular automata.
PerlOnJava provides a Perl distribution designed to run natively on the Java Virtual Machine (JVM). It allows Perl scripts to integrate seamlessly with Java-based ecosystems while offering familiar tools and modules for Perl development.
https://github.com/fglock/PerlOnJava
FOSDEM is legendary, but it doesn't run on magic, it runs on people.
Apart from the core organizers, an enthusiastic team of volunteers helps make FOSDEM the fun and safe community event we all love every year. As a long-time attendee, I made the jump to volunteering during the event and discovered a new side of the conference.
In this talk, I'll share my personal journey and what volunteering involves: from simple tasks like setting up directional signs or assisting at the InfoDesk, to setting up and tearing down before and after the event, or helping the video streaming team. I'll share stories of the folks I've met, the behind-the-scenes glimpse I got into this impressive organization, and how truly impressed I am by its operation.
However, the real reason to join is a chance to give back, meet new people, and become an active community builder. FOSDEM needs you to make the event a fun and safe place for all visitors.
What's in it for you? Join this session to learn how easy it is to sign up, the tasks you can pick (even just for a few hours!), and how you can join the effort to make FOSDEM 2026 the best one yet.
You can learn how to sign up at https://volunteers.fosdem.org/.
In 1974 Ken Thompson sent a copy of the then-current Unix distribution to Marin Newell. Fast forward to to July 28th, 2025. In a storage closet of the Robert Ricci’s Flux Research Group at the Merrill Engineering Building Aleks Maricq a research associate found a tape labeled v4 Unix among the documents of Jay Lepreau. This could be significant, because no other version of its source code have survived. The finding was widely reported on the web and even broadcast TV. To avoid high-altitude cosmic radiation and airport scanner damage lab members Jon Duerig and Thalia Archibald undertook an 11 hour drive it to the Computer History Museum in December 2025. There it was decoded and made available using a sophisticated analog to digital pipeline. A few days later, I integrated the tape's contents in the Unix History Repository. This makes available on GitHub a repository, covering the period from Unix's inception in 1970 as a 2.5 thousand line kernel and 48 commands, to 2025 as a widely-used 41 million line system. The 2 GB repository contains about 850 thousand commits and more than eight thousand merges. Based on the repository's contents I provide details regarding the tape's contents, dating, code provenance, and the evolution of programming language adoption.
Through open source, open data and community, Open Food Facts is transforming consumption in many countries! In this talk, we'll dive into how Open Food Facts is helping reshape the food system to reduce its impacts on health and the environment. We'll go through how Open Food Facts helps create a trove of information, and turn it into actionable data for consumers, researchers and policy makers.
We'll show how we are mobilizing technology (mobile crowdsourcing, artificial intelligence and more classic tech) in the pursuit of food enlightenment.
We'll explore how citizens and consumers are using this database to make smarter, healthier food choices, steering the food industry towards a more transparent and sustainable future.
We will finally talk about 2025's exciting developments, Open Prices, the new features in the app (Cosmetics, new circular features of Open Products Facts), and how you can help.
Elixir, Erlang, and Gleam are functional languages that run on the BEAM virtual machine and are widely used for highly concurrent, fault-tolerant systems. However, the standard BEAM VM is too heavyweight for most microcontrollers.
AtomVM is a from-scratch implementation of the Erlang VM designed for constrained devices such as the ESP32 and Raspberry Pi Pico, and it can run in as little as 32 KiB of RAM. The project has been around since 2017 and has grown in community and features (support for multiple MCU families, JIT, and ahead-of-time compilation to native code), so it can now be used in production for both professional and hobbyist projects.
This talk will introduce AtomVM and show how it can be used in real embedded projects, and it will also explain the benefits of using BEAM languages on microcontrollers: such as supervision trees, lightweight processes, and native clustering. We will see how the foundations of a language originally used by Ericsson to power high-reliability telephone switches are still valuable for today’s connected devices.
No previous knowledge of Erlang, Elixir, or Gleam is required.
Links:
Julia is a language particularly well suited for scientific computing - both thanks to inherent language features (including built-in CPU and GPU parallelism, math-oriented multi-dimensional array handling, and top notch performance), as well as thanks to an actively maintained ecosystem of packages. In this talk, I will focus on two of them: Unitful.jl and DifferentialEquations.jl, and on the challenges in using them in concert. Unitful.jl enables to programmatically express and JIT-compile-time verify the consistence of physical units across the user codebase - contributing to readability, testability and maintainability of the code. DifferentialEquations.jl - a flagship Julia numerical computation package - offers numerical solvers for modelling problems across a wide range of domains, including physics. However, as pointed out in several instances by the community, and as will be demonstrated in the talk, getting the two to work together requires attention. I will present a robust design pattern for combing them - leveraging the fundamental trait of physics, namely that physical dimensionality in mathematical models is solely originating from the constants. This solution benefits from Julia syntax, but is in general applicable to analogous tools in other JIT-compiled languages.
Computer systems can unintentionally leak bits of secret information through observable variations in their behavior such as runtime or power consumption. These so-called "side-channels" can be harmful for the security of cryptographic systems where just a few bytes of leaked key material may compromise loads of sensitive data.
In this talk, we will explore how we mitigate typical side-channels in the open-source cryptography toolkit "Botan" and why this has increasingly become a game of cat and mouse against modern compiler optimizations. We will also present how established open-source tools such as valgrind can help find subtle side-channels in a semi-automatic way.
os-test: Measuring POSIX compliance on every single OS
What happens if you run tests on every POSIX system? You find a lot of bugs in every single OS. I parsed the new POSIX.1-2024 standard into API definitions, generated tests, and measured exactly how much of the standard is implemented. I invoked every libc function to see if they work, and began writing detailed test suites. As it turns out, if there's a sentence in POSIX, someone probably implemented it incorrectly. I found missing interfaces, incompatible declarations, namespace pollution, a lot of bugs, interesting benign differences, and many more issues. I published all tests and results as os-test. The volume of test failures makes it virtually impossible to report all individual issues to each upstream. However as all of the data is publicly available online, vendors are now beginning to incorporate os-test feedback into their development and testing process, which ultimately leads to improved POSIX compliance and software interoperability.
In this talk we will dive into the challenges of testing 16 different operating systems, survey the main findings of os-test, and finally determine which operating system takes the lead when it comes to POSIX conformance.
https://sortix.org/os-test/ https://sortix.org/blog/os-testing-posix-headers/
os-test is currently funded by Next Generation Internet Zero Commons.
Whether it's at the top, bottom, left or right, chances are that whatever screen you are currently looking at is showing you what the current time is. While your device will have a built-in clock, it is generally pretty unreliable, either completely losing its knowledge about the current time or drifting away slowly over time. NTP is one of the most important ways by which your device every once in a while figures out what the time is and will adjust its clock accordingly. But NTP is completely insecure, allowing almost anyone with relative ease to change your system clock.
That could result in you missing an appointment, but it could also result in things like TLS certificates being valid/invalid while the opposite is true, kerberos tickets and TOTP tokens failing, databases not synchronizing properly or log traces on distributed systems being almost impossible to decipher.
NTS is here to solve that, but it has seen very little adoption so far. One of the things we need is a good NTS source of time that anyone can use as a default, but NTS has some limitations making it hard to create something like time.ntp.org. We (Trifecta Tech Foundation, makers of ntpd-rs) have some ideas, but we need your help to get it off the ground.
TU Dublin's student radio society has revived itself after a few years of inactivity. In this talk I'll discuss how we got our new beginning as an internet radio station and our migration to becoming fully open source and independent with the help of our computer science society
I will will discuss the challenges of self-hosting internet radio software like Azuracast and Icecast, running an active student society, getting your station out there in the college, and overcoming challenges student societies face post COVID.
The right to repair and reuse is becoming a central pillar of Europe’s digital and environmental agenda. This lightning talk shows how free software can play a concrete and enabling role in this transition, drawing on the real-world experience of eReuse.org and its free software tools DeviceHub, Workbench, and IdHub. Introducing cases of computer reuse, we show how these tools support hardware profiling, inventory management, device digital identifiers, refurbishment, traceability, and lifecycle impact, and how they are used by social reuse and refurbishment entities in different countries. These organisations collect unused computers from donors, refurbish them, and distribute them to new users to extend the useful life of these devices, demonstrating a practical circular economy enabled by open digital infrastructures. We then connect these practices with the emerging concept of Digital Product Passports (DPP): how reuse-oriented data models, transparency, and interoperability already implemented in free software ecosystems can inform future DPP implementations for electronic products. In this context, DeviceHub and IdHub provide support for DPPs using DIDs and Verifiable Credentials. Finally, we situate this work in the broader political and economic context: the repair.eu campaign, EU sustainability regulation, and the strategic role of free software and SMEs in ensuring that DPPs remain open, auditable, and beneficial for society rather than becoming closed compliance tools. The talk concludes with a short, practical reflection on how developers can contribute to reuse, repair, and digital sovereignty through free software.
Modos is an open-hardware company building an ecosystem of E Ink devices to reimagine personal computing with a focus on creating calm, inclusive, and humane technology. It started as an idea shaped by community input, then grew into Modos as we built early prototypes, received a grant, and continued iterating on the hardware through many revisions until where we are today, after a successful crowdfunding campaign, with devices shipping and the foundation in place for the next phase of the ecosystem.
In this talk, we will briefly discuss the underlying technology, share what we learned while building and refining our prototypes, and outline our next steps and future direction. We will cover how we plan to grow an ecosystem of compatible open hardware and applications, and where we want to take Modos next as the community continues to help shape the roadmap.
Your lockfile shows what dependencies you have but not how you got there. git log on a lockfile is useless noise. Who added left-pad? When did we pick up that transitive dependency? Why do we have three JSON libraries?
git-pkgs is a git subcommand that indexes your dependency history into a SQLite database. It parses manifests across 30+ ecosystems (Gemfile, package.json, Dockerfile, GitHub Actions etc) and tracks every add, update, and removal with full commit attribution. Query when any dependency arrived, who added it, and what the commit message said. You can even diff dependencies across branches.
I'll demo the tool and show how a simple schema lets you answer questions your package manager can't.
Amber is an experimental programming language that transpiles to Bash, designed to make shell scripting more readable, safer, and easier to maintain. While Bash is ubiquitous, its syntax and error-prone patterns often slow down development, especially for complex scripts. Amber addresses these issues by offering a clearer syntax, basic typing, structured control flow, and a growing standard library, while still producing compatible Bash code (3.2–5.3).
Written in Rust and supported by modern tooling such as an LSP and editor plugins, Amber aims to improve the developer experience of writing portable shell scripts without abandoning the Bash ecosystem.
Slide link: https://mte90.tech/Talk-Amber/
Youth Hacking 4 Freedom is the FSFE’s very own programming competition for teenagers (14 to 18 years) from Europe. With YH4F the FSFE conveys the values and knowledge surrounding Free Software, provides the chance to develop your own project idea, learn valuable skills for project management, problem solving and of course: programming!
The fifth round of the FSFE's programming competition “Youth Hacking 4 Freedom” is open for registration and will start with the beginning of 2026. "Youth Hacking 4 Freedom" is a programming competition for European teenagers from 14 to 18 years old. The participants have the chance to work on their own project idea with the guidance of experts from the Free Software universe. There are no limitations for the projects as long as they are published under a Free Software license. In this competition young people can test their skills, learn how to work on a project under a deadline, and most importantly have fun while meeting different people from Europe. The contestant can also win up to 4096 Euro. Hear all about the competition and how to participate in it.
After a brief presentation of Access To Information laws ("ATI", which allow citizens to request info or documents from the State), this talk will introduce Alaveteli.org a ruby-on-rails web app designed to make it easier for people to exercise their rights.
We will make a parallel between debugging FLOSS, and understanding how our democracies function with ATI. We will present a few examples of requests and campaigns to show how these transparency laws can empower individuals and make democracies more resilient.
What happens when your server starts signing messages you didn't send?
Recently, the Continuwuity project (a Rust-based Matrix homeserver) fell victim to a targeted, active exploitation campaign. Attackers leveraged two critical vulnerabilities (CVSS 9.9 and 9.3) affecting the entire ecosystem of Conduit-derived servers. By exploiting flaws in the way that servers join and leave chat rooms, attackers forced the server to cryptographically sign unexpected events, with disasterous results. This allowed them to forge "leaves" to decimate public rooms, forge ACL rules to brick them, and temporarily take over an account to exfiltrate over 5,000 messages from the maintainers' private internal chat.
In this talk, Nex and Jade will take you inside the war room during the incident. We'll walk through the attack chain, explaining how attackers tricked the server, and how we figured out what happened. We'll also have a brief look at how we hardened our project against similar exploitation in the future.
Join us for the traditional FOSDEM infrastructure review.