Ariadne Conill 🐰Apr 15, 2024

One of my larger complaints about Linux Foundation events is that they are very much targeted at corporations with large budgets to send people to conferences.

For example, as someone who has mostly been an indie OSS maintainer over their career, I would love to go to Open Source Summit and meet up with people to discuss what problems they are having with the software I maintain and how we can collaborate on resolving those problems.

But my choices are to register as a "hobbyist" (a frankly demeaning thing to call an indie maintainer) at $249, which requires me to go ask them for a discount code (also frankly demeaning), or register at the full $949 rate, or maybe I could get the "small business" discount code which brings it down to *only* $500. Man, what a favor, huh?

I understand that putting on these events is very costly, but when indie OSS maintainers are given the option of paying nearly $1000 or having to go ask someone for a "hobbyist" discount code, it seems very disrespectful to the maintainers who are building the actual software that this summit is about.

Do you really think the guy in Nebraska who is holding up all modern digital infrastructure in his spare time has the money to spend $949 to go to a conference? For all the talking we do about building inclusive conferences, this has to include *access* for indie maintainers.

Show threadSteve Springett Apr 16, 2024

@ariadne this thread sure sparked a lot of dialog, which is great. IMO, there should be more inclusive conferences, especially for open source.

For security conferences, I’ve always found that OWASP regional and global appsec conferences to be super inclusive and affordable. Additionally, OWASP chapter meetings are free and open to anyone to attend.

BSides are also great to attend. You get some super talented individuals, usually on the offensive or research side, attending them. Again, super affordable. Local security cons are also great. I'm in Chicago and attend THOTCON whenever I get the chance.

For open source, I'd love to go to FOSDEM, but have never had the opportunity to go. It’s difficult to justify the expense of travel, etc, for attending it when my primary day job is not open source. Now, if there were a North American FOSDEM or equivalent, I'd be able to justify that much easier.

But I also try to avoid the big conferences when possible. I attend RSA every 5-6 years because I try to avoid the circus. But this year, I will be there. But it's the same reason I've never attended an LF conference. They're too big. I love to go to conferences where they're small enough that you can sit down with speakers and other SMEs and just talk. I remember my first time going to OWASP AppSec Cali (since been renamed) and it was an amazing experience. You had some of the brightest minds in application security at this small/regional conference and you could just sit and talk with people without all the corporate things getting in the way.

Show threadAriadne Conill 🐰
@stevespringett yep i’m going to be at BSides Seattle this year if you find yourself there. would love to catch up with you about CycloneDX!
Apr 16, 2024 at 3:48pmWeb
Show threadSteve Springett Apr 16, 2024
@ariadne Fantastic. Would love to catch up with you. Let me see if I can make it up there this month and will let you know in a day or two.