At Siemens Open Source 2024, I presented a narrative journey through the life of an Open Source maintainer, structured as a five-act drama with a happy ending. Through the story of “Alex”, a fictional developer, I explored what really drives maintainers, what they actually do beyond writing code, and the challenges they face when interacting with corporate structures. The talk moved from the initial motivation of creating a new tool driven by passion and intrinsic needs, through the growth into respected maintainership with community building responsibilities, to the eventual transition of passing on the role to ensure project sustainability.
I have been invited to talk about Software Bills of Materials (SBOM) in SAP’s Open Source Way Podcast, hosted by Karsten Hohage and with SAP’s Sebastian Wolf as co-guest. We had an interesting conversation about the growing importance of SBOMs in the software industry and their role within Deutsche Bahn. We also discussed the limits of SBOMs and how they can be complemented with other approaches to better understand and manage risks.
Im “Captain it’s Wednesday” Podcast von GNU/Linux.ch sprach ich mit Ralf Hersel über Freie Software bei der Deutschen Bahn. Das Gespräch fand rund ein Jahr nach meinem Wechsel von der FSFE zur DB Systel statt und bot eine gute Gelegenheit, über meine neue Rolle zu sprechen und zu reflektieren, wie ein großer Konzern wie die Deutsche Bahn mit Open Source umgeht. Der CIW-Podcast richtet sich an die deutschsprachige GNU/Linux- und Freie-Software-Community und behandelt regelmäßig technische und gesellschaftliche Themen rund um Freie Software.
At OSPOlogy Live Frankfurt in October 2023, I gave an introduction to Software Bills of Materials (SBOMs) for the OSPO community. Everyone had heard of SBOMs by then – they seemed ubiquitous, with shiny tools sprouting up everywhere. But what were they actually all about? What were the real use cases? And what often caused practical applications to fail? This talk aimed to provide a common understanding without the marketing-speak.
Auf dem 9. Bitkom Forum Open Source in Erfurt präsentierten Cornelius Schumacher und ich eine Erzählung über das Leben von Open-Source-Maintainern, strukturiert als Drama mit Happy End. Durch die Geschichte von “Alex”, einer fiktiven Entwicklerin, beleuchteten wir, was Maintainer wirklich antreibt, was sie jenseits des Programmierens tun und welchen Herausforderungen sie sich stellen müssen. Der Vortrag führte von der anfänglichen Motivation, ein neues Tool aus Leidenschaft und eigenem Bedarf zu schaffen, über das Wachstum zur respektierten Maintainerin mit Community-Building-Verantwortung bis hin zum Übergang der Rolle für die Nachhaltigkeit des Projekts.
I have been using Seafile for years to host and synchronise files on my own server. It’s fast and reliable, especially when dealing with a large number and size of files. But making reliable backups of all its files isn’t so trivial. This is because the files are stored in a layout similar to bare Git repositories, and Seafile’s headless tool, seafile-cli, is… suboptimal. So I created what started out as a wrapper for it and ended up as a full-blown tool for automatically synchronising your libraries to a backup location: Seafile Mirror.
At Upstream 2023, I participated in a fireside chat with Luis Villa (Tidelift) and my colleague Erik Schaufuss exploring the fascinating intersection between Software Bills of Materials (SBOMs) and Hardware Bills of Materials (HBOMs) within Deutsche Bahn’s complex supply chain. As Germany’s national railway company with hundreds of federated subsidiaries, we face unique challenges in managing both rolling stock hardware and the increasingly software-driven assets within trains. The discussion centered on how learnings from the software supply chain transparency movement – particularly around standards like CycloneDX – can inform and improve hardware supply chain management.
So you have a number of Docker containers running web services which you would like to expose to the outside? Well, you probably will at least have considered a reverse proxy already. Doing this manually for one, two or even five containers may be feasible, but everything above that will be a PITA for sure. At the FSFE we ran into the same issue with our own distributed container infrastructure at and crafted a neat solution that I would like to present to you in the next few minutes.
At FOSDEM 2022, I again joined my fellow organizers of the Legal & Policy DevRoom for a panel discussion on the hot topics we observed over the past year in Free and Open Source Software. Together with Bradley Kuhn, Karen Sandler and Alexander Sander, we reflected on the presentations from the day’s track and looked forward to the future of FOSS policy. This panel provided an opportunity to discuss the pressing issues facing the FOSS community from legal and policy perspectives.