OUSPG Open

From zero to impact in 90 days

(was: minimum viable gala 2016)

Follow in your own screen:

https://slides.com/evilon/ouspg-open-2016/live

Or click the image to watch 2-minute video summary.

OUSPG Open

The approach

  • Insanely open

  • Madly repository centric

  • Serious but fun = fu-rious?

  • "Social startups"

Click the screenshot to read the journal

Phase 1: Entrapment

"Make money with computers!"

Phase 1: Entrapment

"contribute and earn"

Phase 2: get to work

 

6 Themes and 90 days

TryTLS

Does Your Library Check TLS Certificates Properly?

Click the image to access the project or down-arrow for details

TryTLS

Does Your Library Check TLS Certificates Properly?

TryTLS

Example Stub

import sys
import requests

if len(sys.argv) < 3 or len(sys.argv) > 4:
    exit("Usage: %s <HOST> <PORT> [CA_FILE]" % sys.argv[0])

host = sys.argv[1]
port = sys.argv[2]
verify = sys.argv[3] if len(sys.argv) > 3 else True

try:
    r = requests.get("https://" + host + ":" + port, verify=verify)
except requests.exceptions.SSLError as err:
    print("REJECT")
else:
    print("ACCEPT")

TryTLS

Shootout - checking distro & language combos

TryTLS

Reaching Out

TryTLS

 

  • Affected at least 3 languages and 2 distros

  • Rustls proud of their work

TryTLS

Looks like TryTLS made it

Libfuzzerfication

Fuzzing for the Rest of Us

Click the image to access the project or press down-arrow for details

Libfuzzerfication

How does it work?

Pull container from Dockerhub

 

Start Writing your own libfuzzer stub

 

Share the Dockerfile with other users

 

Use libFuzzer to collect corpus so that other people can continue where you left off

 

You can start writing stubs without docker.

Libfuzzerfication

Indeed, we used Docker also. :) To make the project easy to approach.

(Watch out the volume mounts though)

Click the image to watch tutorial screencast

URLHandlers

Discover and Hack URL handlers

Click the image to access the project or press down-arrow for details

URLHandlers

Introduction to the problem

Click the image to access the video

URLHandlers

Introduction to the problem

Click the image to access the video

URLHandlers

Reaching out

URLHandlers

Crowdsourcing

URLHandlers

Seems to live its own life now as well

19 Open Sessions 

  • 150+ encounters

  • 60+ people

  • 23+ organisations (academia and industry)

Press down-arrow for videos from open-sessions

19 Open Sessions 

19 Open Sessions 

19 Open Sessions 

Indoctrination

Git

GitHub

Flake

Twitter

Docker

Slack

Atom

Pull Requests

MVP

Issues

Articulate

Commit Often

Workflows and Tools

(.md)

Argue

Etherpad

Atte, Mauri, Mikko, Pauli, Kapu, Contributors..

YouTube

Workflows are more important.

Tooling varies depending on context.

Example: Slack = Communication. Slack != Confidential Communication.

Main Point = Constant Communication.

23 000 messages

255 messages / day

Over 2000 Commits

22 commits / day

Spin & Document

Started from zero. Ended up with ~2700 views totaling to ~15 hours in OUSPG-channel. 16% outside Finland. And ~150+ hours  on AssemblyTV.

 

(Oh, and 30 000 Twitter impressions, 90 link clicks, 25 retweets.)

Reaching Out

83 stars, up to 14 contributors

Thank

You!

Scene Impact Award

By T2

Marketing Award

By David Chartier

Google Award

By Kostya Serebryany and Abhishek Arya

Dev Collab Award

By Jani Kenttaelae

OUSPG Open 2016 has ended! Thank You!

SPECIAL THANKS TO EVERYONE MENTIONED AT:

https://github.com/ouspg/ouspg-open/

Made with Slides.com