WEBVTT

00:00.000 --> 00:13.400
So, I'm presenting today on behalf of US that's a community driven project that I'm

00:13.400 --> 00:18.560
leading it's around for a year and I want to use the occasion here at first time to

00:18.560 --> 00:27.080
a little bit summarize where we are, what it is about, and what are the next steps.

00:27.080 --> 00:30.760
So, why are we doing US?

00:30.760 --> 00:35.940
So last year was emotionally very difficult for some of us it was a year of demigration from

00:35.940 --> 00:39.160
Windows 10 to Windows 11 for many of us.

00:39.160 --> 00:46.600
I also was immigrated against my wish and there are other questions of course that are

00:46.600 --> 00:49.080
relevant in this area.

00:49.080 --> 00:53.960
Some hardware didn't allow for such windows migration because they were end of life, they were

00:53.960 --> 00:56.400
not supported by Windows 11.

00:56.400 --> 01:01.120
And then in my previous rule I was working for data protection authority that also had

01:01.120 --> 01:08.880
a case with Microsoft and then using products for Microsoft at the same time feel a bit awkward.

01:08.880 --> 01:12.960
So it's also a matter of having control of your working environment and there are some

01:12.960 --> 01:15.160
areas that are more important than others.

01:15.160 --> 01:21.160
I would say this is the case for competition authorities, for data protection authorities,

01:21.160 --> 01:22.400
for courts.

01:22.400 --> 01:27.880
But there are also the military, the embassies, the critical infrastructure at large, where

01:27.880 --> 01:34.680
possibly with open source you would have more control and more resilience to carry out

01:34.680 --> 01:35.680
your work.

01:35.680 --> 01:40.520
And these are all the motives where I think there is a good case to use open source also

01:40.520 --> 01:44.560
as a driver for our digital workplace.

01:44.560 --> 01:50.040
Of course we see that there is rarely the case today and there are many reasons I suspect

01:50.080 --> 01:56.560
why we do not all benefit from Linux on our corporate devices.

01:56.560 --> 02:01.640
Immigration is, this can be some difficult to organize, you basically need for some time

02:01.640 --> 02:07.960
two teams at the same time, a Windows team, for the ongoing operations and then a Linux

02:07.960 --> 02:11.040
team to prepare the new set up.

02:11.040 --> 02:17.680
Immigration can be very expensive because the cost saving benefits will only emerge later

02:17.720 --> 02:24.320
and if many people are doing it at scale, then you may not have the know-how in-house

02:24.320 --> 02:29.020
and the ecosystem and comparison to the Windows world is quite small, so there is also

02:29.020 --> 02:35.960
shortage of expertise and in the absence of world models, but we all know where it worked

02:35.960 --> 02:41.160
out perfectly, there are many unknowns yet and there is of course a risk to fail and we

02:41.160 --> 02:47.560
have seen possibly in the Linux migration world more big cases that failed than that

02:47.600 --> 02:50.760
where a success which also makes us not so attractive.

02:50.760 --> 02:54.960
And of course there are the end users who are going to want to have any change at all

02:54.960 --> 03:01.480
and please don't bother them and this is of course also something that a migration

03:01.480 --> 03:07.960
would need to face and not all of these problems can be solved with something like

03:07.960 --> 03:13.560
a US project or a risk-release or some are more inherent to an organization and how

03:13.640 --> 03:18.400
human beings are in general, but I think some elements can be improved if we would collaborate

03:18.400 --> 03:20.400
to explore some energies.

03:20.400 --> 03:26.440
And I see that there are two areas for these energies, the first one is that if we have

03:26.440 --> 03:33.080
a common approach on how to organize such a Linux migration, we would benefit from sharing

03:33.080 --> 03:38.360
of knowledge, from sharing of the expertise that we have around and if we use the

03:38.360 --> 03:44.200
same building blocks that we know already from the cloud technology, from servers where

03:44.200 --> 03:51.560
we have been using Linux for years, we also explore these energies from these investments

03:51.560 --> 03:57.200
in the cloud area and also from the cloud engineers that many public sector organizations

03:57.200 --> 04:00.040
may already have in-house.

04:00.040 --> 04:02.800
So what is the US?

04:02.800 --> 04:08.320
It's not a project of the opinion, but it should be and some people are working active

04:08.560 --> 04:13.560
on changing that, we will see how it goes, it is not a new Linux distribution because

04:13.560 --> 04:18.400
indeed there are already many Linux distributions, but it is also not for private home users,

04:18.400 --> 04:21.920
they can perfectly use whatever Linux distribution they are already around, they don't need

04:21.920 --> 04:24.920
a managed system for themselves.

04:24.920 --> 04:30.560
And it's not a project that is producing original code, of course we propose upstream

04:30.560 --> 04:35.760
changes that would benefit our use case, but we reuse mostly existing codex explained

04:35.760 --> 04:37.800
people how they can use it together.

04:37.800 --> 04:42.440
So it's a proof of concept on the deployment of a fedora-based Linux OS with a KDE plus

04:42.440 --> 04:48.480
my environment and bootable container technology that we know from the server world and

04:48.480 --> 04:50.760
a typical public sector organization.

04:50.760 --> 04:55.440
And it's not limited to the public sector on principle, many companies or NGOs have

04:55.440 --> 04:59.200
merry-similar requirements and could also benefit from such a setup.

04:59.200 --> 05:04.560
So US is a community of people who want to bring Linux to the desktop and the corporate

05:04.560 --> 05:08.680
environment and it's another space with a website where we want to gather all the information

05:08.680 --> 05:11.320
necessary to do that.

05:11.320 --> 05:12.800
So how do we want to do this?

05:12.800 --> 05:17.440
So I have done some research where Linux is used in the public sector on the desktop

05:17.440 --> 05:21.360
and you see there are already quite some areas and it's a little bit growing.

05:21.360 --> 05:27.160
So last week I added this one here in Prague, let's see archiving, the National Archiving

05:27.160 --> 05:34.240
Center where they use fedora, bootable with bootable containers, very similar set up for

05:34.240 --> 05:40.080
there for the rack stations and we see that in Spain especially in the education sector

05:40.080 --> 05:45.280
there's quite some use of Linux but they're all work very isolated and all the setups

05:45.280 --> 05:51.480
are different and therefore we have every struggle again from scratch and the idea is to say

05:51.480 --> 05:56.160
yeah to make it at least easier for those that would like to get on the map that would

05:56.160 --> 05:59.680
like to adopt Linux, let's do a similar fashion.

05:59.680 --> 06:04.600
The proposition here and these are the only two technical slides I think I have is to start

06:04.600 --> 06:10.440
with the container technology where we have a base layer that could be fedora and central

06:10.440 --> 06:16.200
S because these luring mechanisms at the moment best supported by fedora possibly with

06:16.200 --> 06:21.240
KDE then we have maybe a common U.S. layer with things that every organization certainly

06:21.240 --> 06:28.600
needs but then of course every organization could add another Docker layer with their specifics

06:28.640 --> 06:35.520
they are drivers for their printing system, their VPN whatsoever then we package this with

06:35.520 --> 06:41.360
a tool that is core blue build it's open source we can do this in our existing get continuous

06:41.360 --> 06:49.320
integration system and then with his bootable C technology we can transfer this on a desktop

06:49.320 --> 06:56.640
without any hypervisor and with the form and server that is normally used to manage servers

06:56.680 --> 07:03.040
we can actually also manage these desktop devices so that they will get provisioned fully

07:03.040 --> 07:08.680
automatically and also keep up to date and then of course for the users we would have something

07:08.680 --> 07:17.640
like free e-pa where users then can authenticate using the central directory of users to the

07:17.640 --> 07:25.760
laptop and it also supports somewhat active directory to have intermediate hybrid setup and

07:25.800 --> 07:31.040
this I think what we will need to to face we will have first organizations with only windows

07:31.560 --> 07:35.240
that use X of directory then in the next step we want to add

07:35.920 --> 07:41.800
some working groups that work then with a Linux desktop that is authenticated

07:42.800 --> 07:50.280
and authenticated via free e-pa possibly still embedded and part of the X of directory and eventually we can take this array and

07:50.280 --> 07:53.600
we end up with an organization fully on open source

07:53.600 --> 08:04.600
so now let's boot up the system so where are we so far we have raised awareness on these matters

08:04.600 --> 08:11.600
with users through our personal network through social media and we have reached out and had discussions

08:11.600 --> 08:17.600
with the UPN data protection by the UPN Commission's digit department, connect department,

08:17.600 --> 08:24.080
HRDS department with a joint research center that also this already using Linux,

08:24.080 --> 08:31.600
e-rogers, duropole, the U-parlement courts, we have also spoken to international organizations such as the

08:31.600 --> 08:38.600
International Committee of the Red Cross, the United Nations, the International Criminal Court and the International Court of Justice

08:38.600 --> 08:48.600
and with a number of e-member states with denom, with senders, well-known and these four are here at Lissie Coldstein with the Ospo of the Netherlands

08:49.600 --> 08:57.600
with the people from the Ospo of Luxembourg and we had a demo where we showed that during the talk

08:57.600 --> 09:07.600
we can provision hands off a machine with the US and we will do again a demo most likely early in February in Madrid

09:07.600 --> 09:12.600
so I hope that we will also have some discussions with the Spanish

09:12.600 --> 09:19.600
and normally I would expect that this year we will also have a first feasibility study with the pilot and a public sector

09:19.600 --> 09:25.600
organization with 150 seats possibly but we can only talk about it more after it happens

09:25.600 --> 09:34.600
so what has been the feedback so far? What do people want? So when I talk to them they do not want to have anything innovative

09:35.600 --> 09:42.600
they want to have something that is already around for 20-30 years at best that works really well with thousands of seats

09:42.600 --> 09:47.600
and they don't want to be the first one to use it, they want to be the last one using it

09:47.600 --> 09:55.600
they want to have enterprise support, they want to have enterprise tools for life cycle management of everything, monitoring and so on

09:55.600 --> 10:04.600
and if we now consider that those that have an urgent need for digital sovereignty will be moved first

10:04.600 --> 10:12.600
then this will be called, it will be the military, it will be secret services and they require of course a compliance with many different rules

10:12.600 --> 10:18.600
so if you have the first one for a product to go through this this will be very hard

10:18.600 --> 10:27.600
so ideally we rely on tools that have been already certified before in various contexts to make this process easier

10:27.600 --> 10:37.600
then of course organizations often have already some sort of Linux use so they may have containers, they may have servers, VMs

10:37.600 --> 10:47.600
or they may have open theirs that also has internal Linux distributions and then the question is do they want to have another one for the desktop or do they want to benefit

10:47.600 --> 10:54.600
from doing the supply chain security under certification only once and use it for all of these use cases

10:54.600 --> 11:02.600
so ideally there is this idea to have consolidation to one or very few Linux distributions in their organization

11:02.600 --> 11:10.600
and then on the server side SAP is very important for many of these organizations and they don't want to change everything at once

11:10.600 --> 11:20.600
so whatever it is would be nice if it has support for SAP and then some of the tools like MATLAB or SPSS or whatever this organization is doing in substance

11:20.600 --> 11:26.600
then it should be of course supporting the sovereignty of the organization should be sustainable

11:26.600 --> 11:35.600
and I talk about this in a moment a little bit more and many public sector organizations really like supporting their local economy

11:35.600 --> 11:42.600
so if they can have a local champion that would be something that they would check out first this was my impression

11:42.600 --> 11:50.600
but then again with the consistency it is difficult because your local economy might not provide everything

11:50.600 --> 12:01.600
and then you will start importing other softwares from other governments and they have maybe the internal different dependencies

12:01.600 --> 12:12.600
and this is why I think if as Europe or even large on a global scale we can agree on a set of digital public goods that we use again and again

12:12.600 --> 12:20.600
we get closer to the goal of having consolidation with the tool and it will be much easier to support and maintain them in my view

12:20.600 --> 12:33.600
so what is the commission saying on the topic of digital sovereignty much has been said in speeches which is a difficult to process

12:33.600 --> 12:46.600
in this precise context part there is actually a project ongoing for cloud purchase system that allows institutions to get sovereignty in the cloud space

12:46.600 --> 12:56.600
so that they have prepared an annex with the sovereignty objectives that gives a few details on how to measure specifically digital sovereignty in the context of cloud

12:56.600 --> 13:02.600
so this framework does not apply for us because we are not doing cloud to redo the desktop operating system

13:02.600 --> 13:09.600
but there are still some elements that I think can give an idea of how these organizations are thinking about sovereignty

13:09.600 --> 13:21.600
highlight already two of the criteria there is this one of one strategic sovereignty it assesses ownership stability amongst many other things

13:21.600 --> 13:30.600
and then there is another criterion number five which is about supply chain security will also point out that the graphical origin plays role

13:30.600 --> 13:39.600
there is another talk about this specific document and what it means and how organizations can assess their own products

13:39.600 --> 13:46.600
offered by Emil Brook tomorrow from open so I all invite you to check that out I try to be there as well

13:46.600 --> 13:55.600
so what does it now mean for our question for the distribution that U.S. showed a build upon

13:55.600 --> 14:07.600
I have written a blog post was a number of points, tables and numbers to also get some feedback from the community and the community then normally answers

14:07.600 --> 14:19.600
but fedora is too much of the U.S. how come that we do not use outpind Linux and yeah I think if we do not do it was nix so as we are doing something one

14:19.600 --> 14:26.600
so I this is like 80% of the feedback that I have and I want to remind everything also here through this talk again

14:26.600 --> 14:36.600
it is very different if you want a corporate managed Linux fleet and an organization that is a court or if you are in your hacker space

14:36.600 --> 14:42.600
and you have also your own Linux computer so you have much more freedom in the second case

14:42.600 --> 14:55.600
so when we now look at those Linux distributions that I have been battle tested where there is a support network of at least one big player

14:55.600 --> 15:05.600
they are not so many Linux distributions so there is Debian which is not profit in the U.S. but also in France managed by volunteers

15:05.600 --> 15:13.600
but many organizations and companies work with stebian and can offer support there is Ubuntu which is a company in the UK

15:13.600 --> 15:26.600
200 million dollars apparently revenue there is open user which is more revenue more staff with a headquarter in Germany and it is registered in Luxembourg there is redhead

15:26.600 --> 15:41.600
which is again factor I don't know 10 more revenue more staff in the U.S. but also in the U. Interestingly there is the Armalinox Foundation which is a foundation in the U.S.

15:41.600 --> 15:47.600
backed by some big players and then there is the rocky Linux Foundation that is something very similar

15:47.600 --> 15:58.600
so what are the takeaways here? Fedora is factor 10 bigger and most of the developers in the U apparently work with this with Fedora

15:58.600 --> 16:05.600
and that also mirrors here in the room when I asked who is using open user Fedora there were a lot of hands on Fedora

16:05.600 --> 16:10.600
many people overestimate the market share that Ubuntu has on the Linux market

16:11.600 --> 16:18.600
I think Ubuntu really made Linux more known but it is a lot of private users it is not so much the corporate users

16:18.600 --> 16:29.600
and also the cloud business to drive the adoption of the Linux distributions and it seems that open user because it is certified for SAP products

16:29.600 --> 16:38.600
is used a lot in the cloud area as well and Ubuntu may have less paying users even though it is very well known brand

16:38.600 --> 16:49.600
so now the problem is that all these distributions are there good enough for us and this is why I think it was so nice that we had the previous two talks

16:49.600 --> 17:00.600
where we heard first about the public product organizations so we could now ask is anyone of these distributions that we have seen

17:00.600 --> 17:07.600
close to that or there was this idea of the digital public goods in the previous talk

17:07.600 --> 17:13.600
and I can tell you that the user Linux enterprise has been certified as a digital public good

17:13.600 --> 17:17.600
and also Fedora is a digital public good

17:17.600 --> 17:28.600
but when we look at the criteria that the European Commission put out for the cloud where they look for long term ownership stability

17:28.600 --> 17:38.600
I wonder how these mechanisms the digital public goods and the initiatives around it, the infrastructure around it are reflecting that well

17:38.600 --> 17:44.600
so I think that could be a gap in the certification mechanism because if you want to have very good ownership stability

17:44.600 --> 17:52.600
I think the first talk that we are the second talk in the track today on the digital public good

17:52.600 --> 18:01.600
organizations is pointing to the right direction we want to have some sort of a nonprofit foundation that is financially stable

18:01.600 --> 18:07.600
and when you would ask governments in the you they would prefer that they are of course based in the you

18:07.600 --> 18:14.600
or alternatively for governments they would own the product that would of course also give them a lot of ownership stability

18:14.600 --> 18:21.600
and when we now look through the distributions that I have had on the previous slide we see that red head as well as based

18:21.600 --> 18:27.600
so not good Fedora has no separate legal entity not good

18:27.600 --> 18:34.600
Suze enterprise is the u-base so that would tick the box but open Suze has no separate legal entity

18:34.600 --> 18:42.600
there are some people from Suze that point to the geico foundation but I do not understand how sustainable the geico foundation

18:42.600 --> 18:46.600
is at the moment and who is backing it apart of Suze itself

18:46.600 --> 18:52.600
there is the al-malino foundation that seems to work very well but it is u-s based and who knows

18:52.600 --> 19:01.600
loud red head how sustainable that can be there is Ubuntu in the UK so that is a company not a foundation

19:01.600 --> 19:08.600
d-b-n has several legal entities a foundation also in France but it does not have the innovation

19:08.600 --> 19:14.600
the technical features that we would need for our model of u-s that would help organizations

19:14.600 --> 19:19.600
to do the customizations on their end and share most part of the of the base and build it in their

19:19.600 --> 19:28.600
good art continuous integration service so this is why at the moment d-b-n is not ready to take the role of Fedora

19:28.600 --> 19:35.600
so what we would actually need is a better governance for these Linux distributions something

19:35.600 --> 19:42.600
that is really matching the requirements of the public sector something that is matching the public mandate

19:42.600 --> 19:48.600
that the sector has so what we do not want is that a company can go on with

19:49.600 --> 19:55.600
with institution rate until entire European public sector is using it and then try to

19:55.600 --> 20:01.600
change their licensing, stop the development and we have seen some of these products going

20:01.600 --> 20:09.600
that pass in the last year and of course it would be unclavered to now bet on the wrong underlying

20:09.600 --> 20:16.600
distribution that would then be prone to go a similar pass so easily d-b-n would now come up

20:16.600 --> 20:23.600
and also of a boot C support then it would be on the plan for u-s or almalinux could

20:23.600 --> 20:29.600
also incorporate a foundation outside of the u-s could be in the European Union the

20:29.600 --> 20:36.600
zoo foundation could also improve their at least their marketing and explain better what they

20:36.600 --> 20:42.600
can do what they are about that would all help a lot and now I'm coming to my last slide

20:43.600 --> 20:49.600
I was very much inspired by the Davos speech of the Prime Minister of Canada

20:49.600 --> 20:58.600
that we heard some ten days ago Marcani who was addressing the situation of sovereignty

20:58.600 --> 21:04.600
as well and he said risk management comes at a price but that coast of strategic autonomy

21:04.600 --> 21:09.600
of sovereignty can also be shared and I think this is not only true for the economies

21:09.600 --> 21:16.600
it's also true for the operating system on the in the public sector collective investments

21:16.600 --> 21:21.600
in resilience are cheaper than everyone building their own fortresses shared standard

21:21.600 --> 21:26.600
reduced recommendations complementaries are positive sum and the question for middle powers

21:26.600 --> 21:32.600
like Canada is not whether to adapt to the new reality we must the question is whether

21:32.600 --> 21:37.600
we adapt by simply building higher walls or whether we can do something more ambitious

21:38.600 --> 21:44.600
something together and this is why also for us it is of course a goal to not bring

21:44.600 --> 21:51.600
possibly only two three u countries behind the common goal but at best a much broader community

21:51.600 --> 21:57.600
and therefore maybe the next u-s and inside was a little bit too narrow it could have been

21:57.600 --> 22:03.600
something more ambitious because I would be happy when we can also share the goals that

22:03.600 --> 22:10.600
you with u-s with other middle powers like Canada like Brazil like India like Mexico or

22:10.600 --> 22:16.600
Australia and then I wonder if we want to reach out to these communities and say let's

22:16.600 --> 22:22.600
share the the common investment and build the strategic autonomy together what would

22:22.600 --> 22:30.600
be their take on the Linux distribution would there also be a fan of next OS would they

22:30.600 --> 22:37.600
do they know already open to them can we can we forge an alliance on on one of these and this

22:37.600 --> 22:43.600
is why I feel for the u-s project we will certainly try to aim for Linux distribution

22:43.600 --> 22:49.600
that does not only help us with the consensus in a few member states possibly in the u but

22:49.600 --> 22:58.600
at best also on a much more global scale and here by I want to close my talk I'm happy

22:58.600 --> 23:03.600
to have any questions you may have I think we have five minutes left three okay

23:03.600 --> 23:08.600
two and a half then it has to be very very good questions on the point please

23:29.600 --> 23:35.600
so what would it say the question is now how can how much how closely are to mitigate the risks

23:35.600 --> 23:43.600
so there is someone who is estimating creating a foundation and building the distribution

23:43.600 --> 23:50.600
independently from a company would possibly take three for people you do it over three years

23:50.600 --> 23:59.600
for the beginning it's five million euros so and more users you have the more clearer

23:59.600 --> 24:06.600
is the use case I'm in talks with open user and with al Malinox to tell them about the difficulties

24:06.600 --> 24:11.600
that I see and if they can improve their their stands we will see how it goes some have

24:11.600 --> 24:18.600
already yeah shown some interest I would say and I'm quite quite optimistic that we can get a

24:18.600 --> 24:25.600
step further this year one more question

24:25.600 --> 24:40.600
so the question is if I had on my radar to just use the enterprise linux for us

24:40.600 --> 24:55.600
so the question is if I had on my radar to just use the enterprise linux for us

24:55.600 --> 25:08.600
I'm sorry I'm unable to answer that question any other question

25:08.600 --> 25:23.600
okay that's one suggestion

25:23.600 --> 25:29.600
the question is why not reach out to private companies and help build a building

25:30.600 --> 25:39.600
of course totally true so my vision is that there's a foundation that has a lot of companies

25:39.600 --> 25:45.600
big companies that are supporting it and it could be through the defense sector it could be the banking sector

25:45.600 --> 25:52.600
it would be those private sectors that also work in critical infrastructure who have an interest to have an alternative

25:53.600 --> 26:01.600
who would then also back such a foundation and yeah we're trying also to find context and this

26:01.600 --> 26:08.600
cases but it is not very straightforward but yet on our radar so I think we at the end of the

26:08.600 --> 26:18.600
talk thank you so much

26:18.600 --> 26:24.600
and please set me an email for any follow-up