Iván Sánchez Ortega

Iván has been a web developer and FLOSS advocate since the early 2000s; then he bought a GPS receiver and got involved in OpenStreetMap and OSGeo. He’s worked with nautical charts, indoor positioning, USB microcontrollers, LibreOffice, multispectral rasters, all of it with unhealthy amounts of Javascript.


Sessions

07-17
14:00
30min
Approaching Security with Kindness and Compassion
Iván Sánchez Ortega, Jody Garnett

Wow it has been a busy time for security vulnerabilities. FOSS4G software is getting caught up in the general push to regulate IT and impose “security” on the technology that powers society.

This talk explores the tensions, expectations, terrors and triumphs on this hot button topic. We will look at a sensible response to Europe's Cyber Resilience Act and how GeoSever and GeoNetwork policies have been updated to address these concerns for developers, participating organizations and members of the public.

This talk unpacks what this can look like for foss4g projects using real world examples.

  • Built around the experience of the GeoServer project, and the resulting security policy and practices that can serve as a template for our foss4g community.
  • Public institutions can attend this talk to learn how their security policies interact with and affect foss4g technologies.
  • Vendors and service providers can learn how open source supply chains affect their products.
  • FOSS4G projects can attend to learn how to approach security reports with compassion, and a bit of boundary setting, to take care of your codebase and community.

Security is difficult with consequences being felt at all levels. Help meet this challenge by supporting yourself and each other.

Open community
SA01