Jonathan Lalou's Blog

Archive for the ‘General’ Category

At Devoxx Poland 2022, Viktor Gamov, a dynamic developer advocate at Kong, delivered an engaging presentation on zero trust security and its integration with service mesh technologies. With a blend of humor and technical depth, Viktor demystified the complexities of securing modern microservice architectures, emphasizing a philosophy that eliminates implicit trust to bolster system resilience. His talk, rich with practical demonstrations, offered developers and architects actionable insights into implementing zero trust principles using tools like Kong’s Kuma service mesh, making a traditionally daunting topic accessible and compelling.

The Philosophy of Zero Trust

Viktor begins by challenging the conventional notion of trust, using the poignant analogy of The Lion King to illustrate its exploitable nature. Trust, he argues, is a vulnerability when relied upon for system access, as it can be manipulated by malicious actors. Zero trust, conversely, operates on the premise that no entity—human or service—should be inherently trusted. This philosophy, not a product or framework, redefines security by requiring continuous verification of identity and access. Viktor outlines four pillars critical to zero trust in microservices: identity, automation, default denial, and observability. These principles guide the secure communication between services, ensuring robust protection in distributed environments.

Identity in Microservices

In the realm of microservices, identity is paramount. Viktor likens service identification to a passport, issued by a trusted authority, which verifies legitimacy without relying on trust. Traditional security models, akin to fortified castles with IP-based firewalls, are inadequate in dynamic cloud environments where services span multiple platforms. He introduces the concept of embedding identity within cryptographic certificates, specifically using the Subject Alternative Name (SAN) in TLS to encode service identities. This approach, facilitated by service meshes like Kuma, allows for encrypted communication and automatic identity validation, reducing the burden on individual services and enhancing security across heterogeneous systems.

Automation and Service Mesh

Automation is a cornerstone of effective zero trust implementation, particularly in managing the complexity of certificate generation and rotation. Viktor demonstrates how Kuma, a CNCF sandbox project built on Envoy, automates these tasks through its control plane. By acting as a certificate authority, Kuma provisions and rotates certificates seamlessly, ensuring encrypted mutual TLS (mTLS) communication between services. This automation alleviates manual overhead, enabling developers to focus on application logic rather than security configurations. During a live demo, Viktor showcases how Kuma integrates a gateway into the mesh, enabling mTLS from browser to service, highlighting the ease of securing traffic in real-time.

Deny by Default and Observability

The principle of denying all access by default is central to zero trust, ensuring that only explicitly authorized communications occur. Viktor illustrates how Kuma’s traffic permissions allow precise control over service interactions, preventing unauthorized access. For instance, a user service can be restricted to only communicate with an invoice service, eliminating wildcard permissions that expose vulnerabilities. Additionally, observability is critical for detecting and responding to threats. By integrating with tools like Prometheus, Loki, and Grafana, Kuma provides real-time metrics, logs, and traces, enabling developers to monitor service interactions and maintain an up-to-date system overview. Viktor’s demo of a microservices application underscores how observability enhances security and operational efficiency.

Practical Implementation with Kuma

Viktor’s hands-on approach culminates in a demonstration of deploying a containerized application within a Kuma mesh. By injecting sidecar proxies, Kuma ensures encrypted communication and centralized policy management without altering application code. He highlights advanced use cases, such as leveraging Open Policy Agent (OPA) to enforce fine-grained access controls, like restricting a service to read-only HTTP GET requests. This infrastructure-level security decouples policy enforcement from application logic, offering flexibility and scalability. Viktor’s emphasis on developer-friendly tools and real-time feedback loops empowers teams to adopt zero trust practices with minimal friction, fostering a culture of security-first development.

Links:

• Kong company website
• Kuma project website

Hashtags: #ZeroTrust #ServiceMesh #Microservices #Security #Kuma #Kong #DevoxxPoland #ViktorGamov

Lors de Devoxx France 2022, David Aparicio, Data Ops chez OVHcloud, a partagé une conférence de 44 minutes sur l’apprentissage à partir des échecs en opérations informatiques. David a analysé les post-mortems d’incidents majeurs survenus chez des géants comme GitHub, Amazon, Google, OVHcloud, Apple, Fastly, Microsoft, GitLab et Facebook. En explorant les causes racines, les remédiations et les bonnes pratiques, il a montré comment tirer des leçons des erreurs pour renforcer la résilience des systèmes. Suivez OVHcloud sur ovhcloud.com et twitter.com/OVHcloud.

Comprendre les post-mortems

David a commencé par expliquer ce qu’est un post-mortem : un document rédigé après un incident pour comprendre ce qui s’est passé, identifier les causes et prévenir les récurrences. Il inclut l’historique de l’incident, les flux d’information, l’organisation (qui a agi, avec quelle équipe), les canaux de communication avec les clients, l’utilisation des ressources et les processus suivis. David a souligné l’importance de la transparence, citant des initiatives comme les meetups de développeurs où les échecs sont partagés pour démystifier les incidents.

Il a illustré son propos avec une histoire fictive d’Elliot, un junior qui, par erreur, supprime une base de données de production en suivant une documentation mal structurée. Cet incident, inspiré de cas réels chez AWS (2017), GitLab et DigitalOcean, montre les dangers d’un accès non contrôlé à la production. David a recommandé des garde-fous comme des approbations manuelles pour les commandes critiques (par exemple, DROP TABLE), des rôles RBAC stricts, et des tests réguliers des backups pour garantir leur fiabilité.

Les incidents personnels : le legacy à l’épreuve

David a partagé une expérience personnelle chez OVHcloud, où il gère le data lake pour répliquer les données internes. Lors d’une astreinte, un week-end d’été, il a été alerté d’un problème sur une infrastructure legacy sans documentation claire. Un service saturait sa file de connexions (1024 clients maximum), provoquant des refus. Sans réponse des développeurs, David a opté pour une solution KISS (Keep It Simple, Stupid) : une sonde vérifiant la connectivité toutes les cinq minutes, redémarrant le service si nécessaire. Ce script, en place depuis un an et demi, a redémarré le service 70 fois, évitant de nouveaux incidents.

Un autre incident concernait une application Java legacy, tombant après 20 à 40 minutes malgré des redémarrages. Les logs montraient des déconnexions ZooKeeper et des crashs JVM. Plutôt que d’ajuster la mémoire (heap tuning), David a découvert un script de nettoyage propriétaire dans l’historique. Appliqué deux fois par semaine, ce script a résolu le problème durablement. Ces cas illustrent l’importance de comprendre le legacy, d’éviter les solutions complexes et de documenter les correctifs.

Les pannes majeures : CDN et réseaux

David a analysé l’incident Fastly de juin 2021, où une erreur 503 a touché des sites comme The Guardian, The New York Times, Amazon, Twitter et la Maison Blanche. La cause : une configuration client déployée sans test le 8 juin, activée par une demande du 12 mai, révélant un point de défaillance unique (SPoF) dans le CDN. Résolu en 45 minutes, cet incident souligne l’importance de tester les changements en pré-production (par exemple, via blue-green deployments ou shadow traffic) et de personnaliser les messages d’erreur pour améliorer l’expérience utilisateur.

Un autre cas marquant est la panne Facebook de septembre 2021, causée par une mise à jour du protocole BGP (Border Gateway Protocol). Les serveurs DNS, incapables d’accéder aux datacenters, se sont mis en mode protection, coupant l’accès à Facebook, Instagram, WhatsApp et même aux outils internes (Messenger, LDAP). Les employés ne pouvaient ni badger ni consulter la documentation, obligeant une intervention physique avec des disqueuses pour accéder aux racks. David a recommandé des TTL (Time To Live) plus longs pour les DNS, des canaux de communication séparés et des routes de secours via d’autres cloud providers.

Bonnes pratiques et culture de l’échec

David a conclu en insistant sur la nécessité de ne pas blâmer les individus, comme dans le cas d’Elliot, mais de renforcer les processus. Il a proposé des tests réguliers de backups, des exercices de chaos engineering (par exemple, simuler une erreur 500 un vendredi après-midi), et l’adoption de pratiques DevSecOps pour intégrer la sécurité dès les tests unitaires. Il a également suggéré de consulter les post-mortems publics (comme ceux de GitLab ou ElasticSearch) pour s’inspirer et d’utiliser des outils comme Terraform pour automatiser les déploiements sécurisés. Enfin, il a encouragé à rejoindre OVHcloud pour expérimenter et apprendre des incidents dans un environnement transparent.

Lors de Devoxx France 2022, François Sarradin et Jérémy Sebayhi, membres des équipes data de Carrefour, ont partagé un retour d’expérience de 45 minutes sur l’utilisation de Kafka Streams pour des pipelines big data en temps réel. François, technical lead chez Moshi, et Jérémy, ingénieur senior chez Carrefour, ont détaillé leur transition des systèmes batch Spark et Hadoop vers un traitement stream réactif sur Google Cloud Platform (GCP). Leur talk a couvert l’adoption de Kafka Streams pour le calcul des stocks et des prix, les défis rencontrés et les solutions créatives mises en œuvre. Découvrez Carrefour sur carrefour.com et Moshi sur moshi.fr.

Du batch au stream processing

François et Jérémy ont débuté en comparant le traitement batch et stream. La plateforme legacy de Carrefour, datant de 2014, reposait sur Spark et Hadoop pour des jobs batch, traitant les données comme des fichiers avec des entrées et sorties claires. Les erreurs étaient gérables en corrigeant les fichiers d’entrée et en relançant les pipelines. Le streaming, en revanche, implique des flux d’événements continus via des topics Kafka, où les erreurs nécessitent une gestion en temps réel sans perturber le pipeline. Un événement corrompu ne peut être simplement supprimé, car les données historiques peuvent couvrir des années, rendant le reprocessing impraticable.

Kafka Streams, un framework réactif basé sur Apache Kafka, a permis à Carrefour de passer au stream processing. Il exploite Kafka pour un transit de données scalable et RocksDB pour un stockage d’état colocalisé à faible latence. François a expliqué que les développeurs définissent des topologies—graphes acycliques dirigés (DAG) similaires à ceux de Spark—avec des opérations comme map, flatMap, reduce et join. Kafka Streams gère automatiquement la création des topics, les stores d’état et la résilience, simplifiant le développement. L’intégration avec les services GCP (GCS, GKE, BigTable) et les systèmes internes de Carrefour a permis des calculs de stocks et de prix en temps réel à l’échelle nationale.

Surmonter les défis d’adoption

Adopter Kafka Streams chez Carrefour n’a pas été sans obstacles. Jérémy a noté que beaucoup d’équipes manquaient d’expérience avec Kafka, mais la familiarité avec Spark a facilité la transition, les deux utilisant des paradigmes de transformation similaires. Les équipes ont développé indépendamment des pratiques pour le monitoring, la configuration et le déploiement, consolidées ensuite en best practices partagées. Cette approche pragmatique a créé une base commune pour les nouveaux projets, accélérant l’adoption.

Le changement nécessitait une adaptation culturelle au-delà des compétences techniques. La plateforme data de Carrefour, gérant des volumes massifs et des données à haute vélocité (stocks, prix, commandes), exigeait un changement de mindset du batch vers le réactif. Le stream processing implique des jointures continues avec des bases externes, contrairement aux datasets statiques des batchs. François et Jérémy ont souligné l’importance d’une documentation précoce et d’un accompagnement expert pour naviguer dans les complexités de Kafka Streams, surtout lors des déploiements en production.

Bonnes pratiques et architectures

François et Jérémy ont partagé les pratiques clés émergées sur deux ans. Pour les schémas des topics, ils utilisaient Schema Registry pour typer les données, préférant des clés obligatoires pour assurer la stabilité des partitions et évitant les champs optionnels pour prévenir les ruptures de contrat. Les valeurs des messages incluaient des champs optionnels pour la flexibilité, avec des champs obligatoires comme les IDs et timestamps pour le débogage et l’ordonnancement des événements.

Maintenir des topologies stateful posait des défis. Ajouter de nouvelles transformations (par exemple, une nouvelle source de données) nécessitait de retraiter les données historiques, risquant des émissions dupliquées. Ils ont proposé des solutions comme les déploiements blue-green, où la nouvelle version construit son état sans produire de sortie jusqu’à ce qu’elle soit prête, ou l’utilisation de topics compactés comme snapshots pour stocker uniquement le dernier état par clé. Ces approches minimisaient les perturbations mais exigeaient une planification rigoureuse, les déploiements blue-green doublant temporairement les besoins en ressources.

Métriques et monitoring

Le monitoring des applications Kafka Streams était crucial. François a mis en avant des métriques clés : lag (messages en attente par topic/consumer group), indiquant les points de contention ; end-to-end latency, mesurant le temps de traitement par nœud de topologie ; et rebalance events, déclenchés par des changements de consumer group, pouvant perturber les performances. Carrefour utilisait Prometheus pour collecter les métriques et Grafana pour des dashboards, assurant une détection proactive des problèmes. Jérémy a insisté sur l’importance des métriques custom via une couche web pour les health checks, les métriques JMX de Kafka Streams n’étant pas toujours suffisantes.

Ils ont aussi abordé les défis de déploiement, utilisant Kubernetes (GKE) avec des readiness probes pour surveiller les états des applications. Une surallocation de CPU pouvait retarder les réponses aux health checks, causant des évictions de consumer groups, d’où l’importance d’un tuning précis des ressources. François et Jérémy ont conclu en vantant l’écosystème robuste de Kafka Streams—connecteurs, bibliothèques de test, documentation—tout en notant que sa nature événementielle exige un mindset distinct du batch. Leur expérience chez Carrefour a démontré la puissance de Kafka Streams pour des données en temps réel à grande échelle, incitant le public à partager ses propres retours.

In his captivating 45-minute talk at Devoxx France 2022, Jean-Christophe Sirot, a cloud telephony expert from Sherweb, takes the audience on a historical journey through the cryptanalysis of the Enigma machine, used by German forces during World War II. Jean-Christophe weaves a narrative that blends espionage, mathematics, and technological innovation, highlighting the lesser-known contributions of Polish cryptanalysts like Marian Rejewski alongside Alan Turing’s famed efforts. His presentation, recorded in April 2022 in Paris, reveals how Enigma’s secrets were unraveled through a combination of human ingenuity and mathematical rigor, ushering cryptography into the modern era. This post summarizes the key themes, from early Polish breakthroughs to Turing’s machines, and reflects on their lasting impact.

The Polish Prelude: Cryptography in a Time of War

Jean-Christophe sets the stage in post-World War I Poland, a nation caught between Soviet Russia and a resurgent Germany. In 1919, during the Polish-Soviet War, Polish radio interception units, staffed by former German army officers, cracked Soviet codes, securing a decisive victory at the Battle of Warsaw. This success underscored the strategic importance of cryptography, prompting Poland to invest in codebreaking. By 1929, a curious incident at Warsaw’s central station revealed Germany’s use of Enigma machines. A German embassy official’s attempt to retrieve a misrouted “radio equipment” package—later identified as a commercial Enigma—alerted Polish intelligence.

Recognizing the complexity of Enigma, a machine with rotors, a reflector, and a plugboard generating billions of possible configurations, Poland innovated. Instead of relying on puzzle-solvers, as was common, they recruited mathematicians. At a new cryptography chair in western Poland, young talents like Marian Rejewski, Henryk Zygalski, and Jerzy Różycki began applying group theory and permutation mathematics to Enigma’s ciphers. Their work marked a shift from intuitive codebreaking to a systematic, mathematical approach, laying the groundwork for future successes.

Espionage and Secrets: The German Defector

The narrative shifts to 1931 Berlin, where Hans-Thilo Schmidt, a disgruntled former German officer, offered to sell Enigma’s secrets to the French. Schmidt, driven by financial troubles and resentment after being demobilized post-World War I, had access to Enigma key tables and technical manuals through his brother, an officer in Germany’s cipher bureau. Meeting French intelligence in Verviers, Belgium, Schmidt handed over critical documents. However, the French, lacking advanced cryptanalysis expertise, passed the materials to their Polish allies.

The Poles, already studying Enigma, seized the opportunity. Rejewski and his team exploited a flaw in the German protocol: operators sent a three-letter message key twice at the start of each transmission. Using permutation theory, they analyzed these repeated letters to deduce rotor settings. By cataloging cycle structures for all possible rotor configurations—a year-long effort—they cracked 70–80% of Enigma messages by the late 1930s. Jean-Christophe emphasizes the audacity of this mathematical feat, achieved with minimal computational resources, and the espionage that made it possible.

Turing and Bletchley Park: Scaling the Attack

As Germany invaded Poland in 1939, the Polish cryptanalysts shared their findings with the Allies, providing documentation and a reconstructed Enigma machine. This transfer was pivotal, as Germany had upgraded Enigma, increasing rotors from three to five and plugboard connections from six to ten, exponentially raising the number of possible keys. The Polish method, reliant on the repeated message key, became obsolete when Germany reduced repetitions to once.

Enter Alan Turing and the team at Bletchley Park, Britain’s codebreaking hub. Turing devised a new approach: the “known plaintext attack.” By assuming certain messages contained predictable phrases, like weather forecasts for the Bay of Biscay, cryptanalysts could test rotor settings. Turing’s genius lay in automating this process with the “Bombe,” an electromechanical device that tested rotor and plugboard configurations in parallel. Jean-Christophe explains how the Bombe used electrical circuits to detect inconsistencies in assumed settings, drastically reducing the time needed to crack a message. By running multiple Bombes, Bletchley Park decrypted messages within hours, providing critical intelligence that shortened the war by an estimated one to two years.

The Legacy of Enigma: Modern Cryptography’s Dawn

Jean-Christophe concludes by reflecting on Enigma’s broader impact. The machine, despite its complexity, was riddled with flaws, such as the inability to map a letter to itself and the exploitable key repetition protocol. These vulnerabilities, exposed by Polish and British cryptanalysts, highlighted the need for robust algorithms and secure protocols. Enigma’s cryptanalysis marked a turning point, transforming cryptography from a craft of puzzle enthusiasts to a rigorous discipline grounded in mathematics and, later, computer science.

He draws parallels to modern cryptographic failures, like the flawed WEP protocol for early Wi-Fi, which used secure algorithms but a weak protocol, and the PlayStation 3’s disk encryption, undone by poor key management. Jean-Christophe’s key takeaway for developers: avoid custom cryptography, use industry standards, and prioritize protocol design. The Enigma story, blending human drama and technical innovation, underscores the enduring importance of secure communication in today’s digital world.

Resources:

• Enigma by Dermot Turing

• Our Spy in Hitler’s Office by Paul Paillole

• The Code Book by Simon Singh

• The Codebreakers by David Kahn

Lors de Devoxx France 2022, Brice Dutheil a présenté une conférence de 28 minutes sur le Projet Panama, une initiative visant à simplifier l’appel de fonctions natives depuis Java sans les complexités de JNI ou de bibliothèques tierces. Brice, contributeur actif à l’écosystème Java, a introduit l’API Foreign Function & Memory (JEP-419), montrant comment elle relie le monde géré de Java au code natif en C, Swift ou Rust. À travers des démonstrations de codage en direct, Brice a illustré le potentiel de Panama pour des intégrations natives fluides. Suivez Brice sur Twitter à twitter.com/Brice_Dutheil pour plus d’insights Java.

Simplifier l’intégration de code natif

Brice a débuté en expliquant la mission du Projet Panama : connecter l’environnement géré de Java, avec son garbage collector, au monde natif de C, Swift ou Rust, plus proche de la machine. Traditionnellement, JNI imposait des étapes laborieuses : écrire des classes wrapper, charger des bibliothèques et générer des headers lors des builds. Ces processus étaient sujets aux erreurs et chronophages. Des alternatives comme JNA et JNR amélioraient l’expérience développeur en générant des bindings au runtime, mais elles étaient plus lentes et moins sécurisées.

Lancé en 2014, le Projet Panama répond à ces défis avec trois composantes : les API vectorielles (non couvertes ici), les appels de fonctions étrangères et la gestion de la mémoire. Brice s’est concentré sur l’API Foreign Function & Memory (JEP-419), disponible en incubation dans JDK 18. Contrairement à JNI, Panama élimine les complexités du build et offre des performances proches du natif sur toutes les plateformes. Il introduit un modèle de sécurité robuste, limitant les opérations dangereuses et envisageant de restreindre JNI dans les futures versions de Java (par exemple, Java 25 pourrait exiger un flag pour activer JNI). Brice a souligné l’utilisation des method handles et des instructions d’invocation dynamique, inspirées des avancées du bytecode JVM, pour générer efficacement des instructions assembleur pour les appels natifs.

Démonstrations pratiques avec Panama

Brice a démontré les capacités de Panama via du codage en direct, commençant par un exemple simple appelant la fonction getpid de la bibliothèque standard C. À l’aide du SystemLinker, il a effectué une recherche de symbole pour localiser getpid, créé un method handle avec un descripteur de fonction définissant la signature (retournant un long Java), et l’a invoqué pour récupérer l’ID du processus. Ce processus a contourné les lourdeurs de JNI, nécessitant seulement quelques lignes de code Java. Brice a insisté sur l’activation de l’accès natif avec le flag –enable-native-access dans JDK 18, renforçant le modèle de sécurité de Panama en limitant l’accès à des modules spécifiques.

Il a ensuite présenté un exemple plus complexe avec la fonction crypto_box de la bibliothèque cryptographique Libsodium, portable sur des plateformes comme Android. Brice a alloué des segments de mémoire avec un ResourceScope et un NativeAllocator, garantissant la sécurité mémoire en libérant automatiquement les ressources après usage, contrairement à JNI qui dépend du garbage collector. Le ResourceScope prévient les fuites mémoire, une amélioration significative par rapport aux buffers natifs traditionnels. Brice a également abordé l’appel de code Swift via des interfaces compatibles C, démontrant la polyvalence de Panama.

Outils et potentiel futur

Brice a introduit jextract, un outil de Panama qui génère des mappings Java à partir de headers C/C++, simplifiant l’intégration de bibliothèques comme Blake3, une fonction de hachage performante écrite en Rust. Dans une démo, il a montré comment jextract créait des bindings compatibles Panama pour les structures de données et fonctions de Blake3, permettant aux développeurs Java de tirer parti des performances natives sans bindings manuels. Malgré quelques accrocs, la démo a souligné le potentiel de Panama pour des intégrations natives transparentes.

Brice a conclu en soulignant les avantages de Panama : simplicité, rapidité, compatibilité multiplateforme et sécurité mémoire renforcée. Il a noté son évolution continue, avec JEP-419 en incubation dans JDK 18 et une deuxième preview prévue pour JDK 19. Pour les développeurs d’applications desktop ou de systèmes critiques, Panama offre une solution puissante pour exploiter des fonctions spécifiques aux OS ou des bibliothèques optimisées comme Libsodium. Brice a encouragé le public à expérimenter Panama et à poser des questions, renforçant son engagement via Twitter.

Abstract

At VivaTech 2021, French President Emmanuel Macron joined a panel of European scale-up CEOs to discuss the future of Europe’s tech ecosystem. In a 66-minute conversation, Macron emphasized the need for a robust financial ecosystem, streamlined regulations, and a unified European market to support scale-ups. The panel, featuring leaders from Believe, Aledia, Neuroelectrics, and Klarna, highlighted Europe’s potential to lead in innovation through ethical, sustainable, and citizen-centric approaches. This article explores Macron’s vision for fostering European champions, addressing challenges in funding, regulation, and talent, and positioning Europe as a global tech leader.

Introduction

In June 2021, VivaTech, Europe’s premier startup and tech event, hosted a landmark panel featuring French President Emmanuel Macron alongside CEOs of leading European scale-ups. Moderated by Nicolas Barré of Les Échos, the discussion showcased Europe’s burgeoning tech landscape through the lens of companies like Believe (digital music distribution), Aledia (LED displays), Neuroelectrics (neuroscience), and Klarna (fintech). Macron articulated a bold vision for transforming Europe into a hub for innovation by strengthening its financial ecosystem, reducing regulatory barriers, and embracing a distinctly European approach that blends science, ethics, and ambition. This article delves into the key themes of the panel, weaving a narrative around Macron’s call for speed, scale, and sovereignty in European tech.

Building a Thriving Tech Ecosystem

Believe: Scaling Digital Music

Denis Ladegaillerie, CEO of Believe, opened the panel by sharing his company’s journey from a three-person startup in his living room to a global leader supporting 850,000 artists across 50 countries. Believe, which recently went public via an IPO, aims to dominate digital music distribution by offering artists transparency, better economics, and digital-first expertise. Ladegaillerie credited France’s Next 40 and French Tech initiatives for creating a supportive environment for its Paris-based IPO, noting Europe’s rising prominence as the second-largest music market by 2028. He urged Macron to foster more IPOs by attracting talent, educating investors, and building a pipeline of listed companies to create a virtuous cycle.

Macron responded by emphasizing the need for a robust financial ecosystem to provide liquidity for investors through mergers and acquisitions (M&As) and IPOs. He highlighted France’s Tibi Initiative, which redirected 6 billion euros of institutional savings to tech investments, unlocking 20 billion euros for the sector. Macron proposed scaling this model to the European level, encouraging banks and insurers to invest more in tech equity and fostering cooperation with large corporations for M&A exits. He stressed that successful IPOs like Believe’s enhance Europe’s credibility, attracting analysts and investors to fuel further growth.

Aledia: Industrializing Deep Tech

Giorgio Anania, CEO of Aledia, brought a deep-tech perspective, focusing on energy-efficient LED displays poised to revolutionize augmented reality (AR) within five years. With experience across startups in the U.S., U.K., Germany, and France, Anania praised France’s supportive environment, particularly BPI France’s assistance in choosing France over Singapore for Aledia’s manufacturing plant. However, he highlighted Europe’s lag in capital access compared to the U.S. and China, where “infinite money” fuels rapid scaling. Anania posed three questions to Macron: how to match U.S./China capital access, accelerate European reforms within three years, and simplify regulations for small companies transitioning to industrial scale.

Macron agreed that “speediness and scale” are critical, advocating for a European strategy to attract U.S. and Chinese investors by positioning Europe as business-friendly and innovative. He proposed rethinking procurement to favor startups over “usual suspects” in deep-tech sectors like energy, mobility, and defense, citing SpaceX’s disruption of aerospace as a model. Macron emphasized that deep tech is a matter of European sovereignty, warning that missing the current innovation wave could leave Europe dependent on U.S. or Chinese technologies. To support industrialization, he committed to streamlining regulations to ease the growth of small companies like Aledia.

The European Way: Science, Ethics, and Impact

Neuroelectrics: Innovating in Healthcare

Ana Maiques, CEO of Neuroelectrics, shared her Barcelona-based company’s mission to modulate brain activity for conditions like epilepsy and depression. Demonstrating a cap that monitors and stimulates brain signals in real time, Maiques highlighted Neuroelectrics’ FDA breakthrough designation for reducing seizures in children non-invasively. She emphasized Europe’s potential to address healthcare challenges—mental health, aging, and neurodegeneration—through responsible innovation. Having scaled her company to Boston, Maiques asked Macron how the “European way” could attract the next generation and how the pandemic reshaped his healthcare vision.

Macron described the European way as a unique blend of science, ethics, and economic ambition, resilient to globalization due to its ability to navigate complexity. Unlike the U.S., which prioritizes market efficiency, or China, Europe embeds democratic values and ethical considerations in innovation. He argued that sustainable business requires regulation to protect human rights and prevent unchecked data exploitation, citing the risks of private platforms controlling brain data or insurers using it to discriminate. Macron positioned Europe’s General Data Protection Regulation (GDPR), Digital Markets Act (DMA), and Digital Services Act (DSA) as frameworks for ethical innovation, ensuring transparency and citizen trust.

On healthcare, Macron identified education and healthcare as key investment pillars, advocating for personalization and prevention through AI and deep tech. He highlighted France’s centralized healthcare data as a competitive advantage, enabling secure, innovative solutions if access is managed transparently. Post-pandemic, Macron saw innovation as critical to shifting healthcare from hospital-centric models to citizen-focused systems, reducing costs and preventing chronic diseases through personalized approaches.

Disrupting with Purpose

Klarna: Fintech and Open Banking

Sebastian Siemiatkowski, CEO of Klarna, represented Sweden’s vibrant tech scene, with Klarna’s 90 million users and $45 billion valuation disrupting retail banking. He praised Macron’s business-friendly leadership but criticized Brussels’ slow and ineffective regulations, particularly on open banking and GDPR. Siemiatkowski argued that GDPR’s cookie consent overload (142 lifetimes daily) fails to enhance privacy, while open banking regulations fall short of enabling data mobility to drive competition. He urged Macron to push for consumer-centric regulations that foster innovation and position Europe as a global leader.

Macron defended GDPR as a necessary foundation, ensuring legal accountability and consumer awareness, but acknowledged that regulations blocking innovation are counterproductive. He candidly admitted governments’ reluctance to fully embrace disruptive models like Klarna’s, which can eliminate retail banking jobs. Macron clarified his dual role: supporting innovation that adds new services without destroying jobs, while balancing economic and social priorities. He cited Singapore’s open banking success as a model, suggesting that forward-leaning regulation could attract investment and create jobs, but emphasized the need for European players to lead disruption to maintain sovereignty.

A Call for Speed and Sovereignty

Macron concluded by reiterating the urgency of building a single European market, lifting sectoral barriers, and replicating France’s Next 40 and FT 120 initiatives at the European level. He committed to prioritizing these goals during France’s EU presidency in early 2022, aiming for concrete results. Macron underscored the political dimension of innovation, framing it as a matter of sovereignty to ensure Europe develops its own champions and technologies. By fostering trust through regulation, attracting global capital, and empowering startups, Europe can seize the current wave of innovation to shape a sustainable, ethical future.

Conclusion

The VivaTech 2021 panel with Emmanuel Macron and European scale-up leaders was a powerful testament to Europe’s potential as a global tech hub. From Believe’s digital music revolution to Aledia’s deep-tech displays, Neuroelectrics’ brain health innovations, and Klarna’s fintech disruption, the panel showcased diverse visions united by a commitment to impact. Macron’s vision—rooted in speed, scale, and the European way—offers a roadmap for building a resilient ecosystem. By strengthening financial markets, streamlining regulations, and championing ethical innovation, Europe can lead the next decade’s technological wave, ensuring sovereignty and prosperity for its citizens.

Abstract

At VivaTech 2021, a 29-minute panel titled “Tech to Rethink Our Workplace” explored how technology is reshaping work post-pandemic. Featuring Victor Carreau, CEO of Comet Meetings, Marie Barbesol, co-founder and Chief Evangelist of Klaxoon, and David Gurle, founder of Symphony, the session addressed the shift to hybrid work, employee empowerment, and cultural transformation. Carreau emphasized redefining offices as collaboration hubs, Barbesol showcased tools for remote teamwork, and Gurle highlighted secure communication in regulated industries. This article synthesizes their insights, examining how technology, trust-based management, and flexible work models are crafting a new workplace paradigm.

Introduction

The COVID-19 pandemic accelerated a workplace revolution, forcing organizations to embrace remote and hybrid models. At VivaTech 2021, Europe’s leading tech event, the panel “Tech to Rethink Our Workplace” convened innovators leveraging technology to navigate this shift. Victor Carreau of Comet Meetings reimagined physical workspaces, Marie Barbesol of Klaxoon introduced collaborative tools for remote teams, and David Gurle of Symphony addressed secure communication for financial institutions. Their 29-minute discussion highlighted the pandemic’s lasting impact: a move toward flexible, trust-based, and technology-driven work environments. This article explores their solutions, the cultural shifts they enable, and the future of work.

The Pandemic’s Workplace Impact

A Paradigm Shift

The pandemic disrupted traditional work, with millions transitioning to remote setups overnight. By March 2020, companies faced technical failures—clogged VPNs, downed servers—exposing the fragility of pre-COVID systems. The crisis, as Gurle noted, was a “booster,” accelerating digital transformation and proving employees could work effectively from anywhere. This shift empowered individuals to demand flexibility, challenging rigid office-centric models.

Lasting Trends

Panelists identified enduring trends: hybrid work combining remote and in-person collaboration, increased environmental awareness through reduced commuting, and asynchronous work allowing personalized schedules. These changes, catalyzed by necessity, opened opportunities for better work-life balance, global talent access, and reduced carbon footprints, aligning with broader societal goals.

Klaxoon: Empowering Remote Collaboration

Technology Overview

Marie Barbesol, co-founder of Klaxoon, shared how their suite of collaborative tools, launched in 2015, addresses inefficient meetings. Klaxoon’s apps enable seamless teamwork, from workshops to project management, ensuring inclusivity and decision-making. Pre-COVID, Barbesol observed that 50% of meeting attendees hesitated to share ideas, and only one in four meetings ended with decisions. Klaxoon’s platform counters this with structured, engaging formats. During the pandemic, Klaxoon offered free access, onboarding ten times more users, and launched a virtual whiteboard in September 2020, integrating templates and video for remote collaboration.

Impact and Evolution

Klaxoon’s growth—from a 4-square-meter booth at VivaTech 2016 to a major stage in 2021—reflects its relevance. The pandemic revealed flaws in traditional work methods, prompting Klaxoon to adapt. Managers sought ways to coordinate without endless video calls, while teams needed visual tools to stay aligned. Barbesol highlighted three lessons: remote work requires new methods, asynchronous collaboration boosts efficiency, and reduced travel fosters environmental responsibility. Klaxoon’s tools enable global talent integration and creative, reactive teams, redefining teamwork.

Cultural Implications

Barbesol emphasized maintaining strong company culture through regular synchronization (daily or weekly rituals), cross-team collaboration to avoid silos, and feedback as “the breakfast of champions.” These practices ensure alignment and inclusivity, critical in hybrid settings where remote workers risk disconnection.

Comet Meetings: Redefining the Office

Technology and Philosophy

Victor Carreau, CEO of Comet Meetings, argued that the traditional office is “dead,” but workspaces remain vital for collaboration and socialization. He broke work into three components: production (individual tasks, best done remotely), collaboration (team efforts, often requiring physical presence for complex tasks), and socialization (building bonds that enhance loyalty). Comet Meetings offers modern venues in Paris, Brussels, and Madrid, designed for productivity and creativity, and “Hospitality by Comet,” which transforms corporate offices into collaboration hubs with tailored services.

Impact and Vision

Carreau’s vision positions “meetings as the new office.” Post-COVID, offices must prioritize high-quality engagement over daily attendance. Comet’s venues provide cost-effective, inspiring spaces for one-day meetings, while Hospitality by Comet helps landlords and companies rethink real estate. The pandemic validated remote production, reducing office space needs—Gurle noted Symphony cut its New York office capacity by 50%—but Carreau stressed that physical spaces remain essential for meaningful interactions, provided they are exceptional.

Cultural Shift

Carreau advocated for trust-based management, moving away from command-and-control models. He warned that companies reverting to pre-COVID norms risk losing talent, as employees now prioritize flexibility. Comet fosters culture by increasing virtual touchpoints during full-remote periods and ensuring “amazing” in-person meetings, aligning teams around shared values despite physical distance.

Symphony: Secure Collaboration in Regulated Markets

Technology Overview

David Gurle, founder of Symphony, detailed their role as a digital transformation partner for financial institutions, where strict regulations govern communication. Symphony’s cloud-based platform ensures secure, recorded interactions, critical when non-compliance risks billions in fines. During the March 2020 lockdown, Symphony supported clients like JPMorgan, enabling 250,000 employees to go remote overnight when competitors’ tools failed. The platform’s scalability and compliance features ensured business continuity.

Impact and Adaptation

The crisis transformed financial services, with Gurle noting a cultural shift toward individual choice. Employees, having proven remote efficacy, resisted imposed office returns. Symphony’s reduced office footprint—averaging two employees weekly in New York—reflects this trend. Gurle sees the crisis as an opportunity, fostering a culture of empowerment and flexibility that boosts productivity and loyalty.

Future Innovations

Gurle, with 25 years in collaboration tech, predicted immersive technologies—augmented and virtual reality, spatial audio—as the next frontier. These will recreate in-person experiences remotely, enhancing engagement. Symphony’s regulatory expertise positions it to lead in secure, innovative communication, aligning with the market’s demand for advanced hybrid solutions.

Cultural Transformation

Trust and Empowerment

All panelists emphasized trust-based management. Gurle highlighted “management by objective,” where empowered employees take ownership, increasing motivation and productivity. Carreau warned that without this shift, companies risk talent attrition, as candidates now demand work-life balance. Barbesol’s feedback-centric approach ensures individuals feel valued, fostering loyalty in hybrid settings.

Maintaining Connection

Carreau stressed shared values and frequent touchpoints—virtual or physical—to sustain culture. Barbesol advocated cross-team synchronization to prevent silos, using Klaxoon’s visual tools to connect on-site and remote workers. Gurle noted that reduced commuting frees time for family and asynchronous work, enhancing quality of life and environmental responsibility.

The “COVID Company”

Gurle introduced the “COVID company” concept: fully remote organizations with periodic, high-quality in-person engagements. This model, echoed by Carreau’s “meetings as the new office,” prioritizes flexibility and meaningful connections, potentially redefining corporate structures. Barbesol’s decade of remote work validates its feasibility, offering a blueprint for others.

Challenges and Opportunities

Management Resistance

Carreau identified outdated management as the “elephant in the room.” Command-and-control styles hinder hybrid adoption, risking talent loss. Companies must embrace trust and flexibility to remain competitive, a challenge requiring cultural and structural change.

Technology Integration

Barbesol and Gurle emphasized leveraging existing screens for visual collaboration, transforming workplaces into “visual offices.” Future innovations, like holography, require investment but promise immersive experiences. Symphony’s cloud-based approach and Klaxoon’s rapid product launches demonstrate technology’s role in overcoming remote work barriers.

Talent and Productivity

The shift empowers employees, with candidates demanding balanced lifestyles, as Gurle noted. This drives productivity and loyalty but challenges companies to adapt. Comet’s focus on exceptional meeting experiences and Klaxoon’s inclusive tools ensure engagement, critical for retaining talent in a competitive market.

Future of Work

Non-Linear Workweeks

Carreau predicted a “non-linear week,” where employees choose when to collaborate in-person, work remotely, or travel, prioritizing mindfulness. This flexibility reduces commuting and environmental impact, aligning with Barbesol’s observations on sustainable work practices.

Immersive Collaboration

Gurle’s vision of augmented and virtual reality will bridge physical and remote divides, creating immersive collaborative spaces. Klaxoon’s visual whiteboard and Symphony’s secure platform lay the groundwork, with innovation poised to enhance hybrid experiences.

Trust-Based Cultures

All panelists foresaw trust as the cornerstone of future workplaces. Barbesol’s feedback-driven approach, Carreau’s value-centric meetings, and Gurle’s empowerment model will define cultures that prioritize individual agency, fostering resilience and innovation.

Conclusion

The VivaTech 2021 panel “Tech to Rethink Our Workplace” illuminated a transformative moment for work. Klaxoon’s collaborative tools, Comet Meetings’ reimagined offices, and Symphony’s secure platforms address the hybrid era’s demands, empowering employees and fostering trust. The pandemic proved flexibility’s viability, but management must evolve to sustain it. As technology advances—toward immersive, inclusive solutions—the workplace will become more human-centric, balancing productivity with well-being. VivaTech’s platform amplified this call to action: embrace trust, leverage technology, and build workplaces that inspire.

At Devoxx France 2021, Aurélie Vache, a Google Cloud expert and CNCF ambassador, delivered an inspiring session titled Tips pour combattre le syndrome de l’imposteur (YouTube). This non-technical talk tackled impostor syndrome, a pervasive feeling of self-doubt and illegitimacy despite evident success. Aurélie shared personal anecdotes and seven actionable strategies to combat this mindset, resonating with developers and tech professionals. Aligned with Devoxx’s emphasis on personal growth, the session empowered attendees to transform fear into strength, fostering confidence and community.

Understanding Impostor Syndrome

Aurélie began by gauging the audience’s familiarity with impostor syndrome, noting its growing awareness since her first talk in 2019. She posed three relatable questions: Do you fear asking “dumb” questions? Do you feel comfortable mentoring juniors but not peers? Do you worry others will “unmask” you as a fraud? Many raised hands, confirming the syndrome’s prevalence.

Impostor syndrome, Aurélie explained, is a distorted perception of one’s abilities, where individuals attribute success to luck or others’ efforts rather than their own competence. First identified in women, it affects both genders, with 70% of executives and many developers experiencing it. It manifests as a critical inner voice, whispering, “You’re not good enough” or “You don’t belong”. Aurélie shared her own struggles, admitting she felt unqualified to give this talk, yet used humor to dismiss these “nonsense” thoughts, setting a positive tone.

Celebrate Achievements and Learn from Mistakes

The first strategy is to acknowledge your knowledge, skills, and victories. Humans excel at self-criticism but struggle to recognize strengths. Aurélie advised listing accomplishments, such as solving a tough bug, and documenting them via mind maps to engage both brain hemispheres. She emphasized that no victory is too small and that mistakes are learning opportunities, not failures. For example, recalling a debugging triumph can counter the inner voice’s negativity, reinforcing your competence.

This practice aligns with cognitive behavioral techniques, helping reframe negative thoughts. Aurélie’s transparency about her doubts made the advice relatable, encouraging attendees to start small, perhaps by noting one achievement daily, to build self-awareness and confidence.

Build a Supportive Network

The second tip is to surround yourself with supportive communities, peers, and mentors. Aurélie credited her involvement with Duchess, a women-in-tech group, for helping her overcome self-imposed limits and achieve goals she once thought unattainable. Communities provide a safe space to share fears, reducing isolation. She also recommended learning from mentors or role models, acknowledging that no one knows everything—a liberating truth.

During Q&A, an attendee highlighted how pair programming within communities fosters mutual growth, reinforcing this strategy. Aurélie’s emphasis on collective strength resonated, encouraging attendees to join meetups, user groups, or online forums like Stack Overflow to find their tribe.

Share Knowledge and Contribute

Aurélie’s third strategy is to share knowledge and contribute, even if you feel “less qualified”. Writing blog posts, speaking at meetups, or contributing to open-source projects can boost confidence. She advised starting small—perhaps sharing internally at work—then progressing to public platforms or conferences. Other avenues include teaching kids at coding workshops or tweeting new learnings, as Aurélie did with a Kubernetes tip that resonated widely, proving even “obvious” insights have value.

An audience member echoed this, noting that sharing, even if you’re not the “best,” fills gaps left by others, enhancing visibility and confidence. Aurélie’s call to action—create and share content—empowered attendees to overcome perfectionism and contribute meaningfully.

Embrace Feedback and Positivity

The final strategies focus on mindset shifts. Tip four: seek constructive feedback over external validation, starting with topics you’re comfortable with. Tip five: engage in pair programming to learn collaboratively without judgment, as clarified during Q&A when addressing misconceptions about it being evaluative. Tip six: focus on positive feedback, like supportive colleagues, rather than dwelling on negativity, such as a harsh 2019 Devoxx comment that took Aurélie a month to process. Tip seven: accept that you can’t master every skill (e.g., Rust, Go, serverless) and view weaknesses as growth opportunities.

Aurélie shared a personal rejection from a master’s program due to poor interview performance, yet she thrived in tech, urging attendees to persevere beyond credentials. An attendee’s anecdote about Dan Abramov’s public admission of knowledge gaps reinforced that even experts don’t know everything, normalizing impostor feelings.

Transforming Fear into Strength

Aurélie concluded by framing impostor syndrome as a source of humility, a valuable trait for developers. Admitting “I don’t know” fosters collaboration, as others share similar doubts but fear speaking up. The syndrome, she argued, isn’t a flaw but a catalyst for growth, pushing you to learn, share, and help others. Referencing its mention in The Big Bang Theory, she destigmatized the topic, encouraging open dialogue.

Q&A discussions highlighted real-world challenges, like toxic colleagues amplifying impostor feelings, and Aurélie advised seeking supportive environments to mitigate this. Another attendee suggested companies avoid overselling candidates as “experts,” which can exacerbate impostor syndrome on new projects. Aurélie’s mantra—“You are legitimate”—left attendees empowered to embrace their worth.

Links:

• Aurélie Vache’s LinkedIn: https://www.linkedin.com/in/aurelievache/
• Aurélie Vache’s Twitter: https://twitter.com/aurelievache
• CloudBees: https://www.cloudbees.com/
• CNCF: https://www.cncf.io/

Hashtags: #ImpostorSyndrome #PersonalGrowth #AurélieVache #CloudBees #CNCF

At Devoxx France 2021, François Mockers, an IoT enthusiast, delivered a 32-minute talk titled IoT open source à la maison (YouTube). This session shared his decade-long journey managing over 300 open-source IoT devices at home, likening home automation to production IT challenges. From connected light bulbs to zoned heating and sunlight-responsive shutters, Mockers explored protocols (ZigBee, Z-Wave, 433MHz, Wi-Fi) and tools (Home Assistant, ESPHome, Node-RED, Ansible, InfluxDB, Grafana). Aligned with Devoxx’s IoT and cloud themes, the talk offered practical insights for developers building cost-effective, secure home automation systems.

IoT: A Growing Home Ecosystem

Mockers began by highlighting the ubiquity of IoT devices, asking the audience how many owned connected devices (00:00:30–00:00:45). Most had over five, some over 50, and Mockers himself managed ~300, from Philips Hue bulbs to custom-built sensors (00:00:45–00:01:00). He started with commercial devices a decade ago but shifted to DIY solutions five years ago for cost savings and flexibility (00:00:15–00:00:30). His setup mirrors production environments, with “unhappy users” (family), legacy systems, and protocol sprawl, making it a relatable challenge for developers.

IoT Protocols: A Diverse Landscape

Mockers provided a technical overview of IoT protocols, each with unique strengths and challenges (00:01:00–00:08:15):

• ZigBee: Used by Philips Hue and IKEA, ZigBee supports lights, switches, plugs, motion sensors, and shutters in a mesh network for extended range. Devices like battery-powered switches consume minimal power, while plugged-in bulbs act as repeaters. Security issues, like a past Philips Hue hack allowing remote on/off control, highlight risks (00:01:15–00:02:15).
• Z-Wave: Similar to ZigBee but less common, used by Fibaro and Aeotec. It supports up to 232 devices (vs. ZigBee’s 65,000) with similar mesh functionality (00:02:15–00:02:45).
• 433.92 MHz: A frequency band hosting protocols like Oregon Scientific (sensors), Somfy (shutters), and Chacon/DIO (switches). These are cheap (~€10 vs. €50 for ZigBee/Z-Wave) but insecure, allowing neighbors’ devices to be controlled with a powerful transceiver. Car keys and security boxes also use this band, complicating urban use (00:02:45–00:04:00).
• Wi-Fi: Popular for startups like Netatmo (weather, security), LIFX (bulbs), and Tuya (garden devices). Wi-Fi devices are plug-and-play but power-hungry and reliant on external cloud APIs, posing risks if internet or vendor services fail. Security is a concern, as hacked Wi-Fi devices fueled major botnets (00:04:15–00:06:00).
• Bluetooth: Used for lights, speakers, and beacons, Bluetooth offers localization but requires phone proximity, limiting automation (00:06:00–00:06:30).
• Powerline (CPL) and Fil Pilote: Protocols like X10 and fil pilote (for electric radiators) use electrical wiring but depend on home wiring quality. Infrared signals control AV equipment and air conditioners but require line-of-sight and lack status feedback (00:06:45–00:08:00).
• LoRaWAN/Sigfox: Long-range protocols for smart cities, not home use (00:08:00–00:08:15).

Open-Source Tools for Home Automation

Mockers detailed his open-source toolchain, emphasizing flexibility and integration (00:08:15–00:20:45):

Home Assistant

Home Assistant, with 1,853 integrations, is Mockers’ central hub, supporting Alexa, Google Assistant, and Siri. It offers mobile apps, automation, and dashboards but becomes unwieldy with many devices. Mockers disabled its database and UI, using it solely for device discovery (00:08:30–00:09:45). It integrates with OpenHAB (2,526 integrations) and Domoticz (500 integrations) for broader device support.

ESPHome

ESPHome deploys ESP8266/ESP32 chips for custom sensors, connecting via Wi-Fi or Bluetooth. Mockers builds temperature, humidity, and light sensors for ~€10 (vs. €50 commercial equivalents). Configuration via YAML files integrates sensors directly into Home Assistant (00:10:00–00:11:45). Example:

esphome:
  name: sensor_t1_mini
  platform: ESP8266
api:
  services:
    - service: update
      then:
        - logger.log: "Updating firmware"
output:
  - platform: gpio
    pin: GPIO4
    id: led
sensor:
  - platform: bme280
    temperature:
      name: "Temperature"
    pressure:
      name: "Pressure"
    humidity:
      name: "Humidity"

Node-RED

Node-RED, with 3,485 integrations, handles automation via low-code event-driven flows. Mockers routes all Home Assistant events to Node-RED, creating rules like bridging 433MHz remotes to ZigBee bulbs. Its responsive dashboard outperforms Home Assistant’s (00:12:00–00:14:00).

InfluxDB and Grafana

InfluxDB stores time-series data from devices, replacing Home Assistant’s PostgreSQL. Mockers experimented with machine learning for anomaly detection and room occupancy prediction, though the latter was unpopular with his family (00:14:15–00:15:15). Grafana visualizes historical data, like weekly temperature trends, with polished dashboards (00:15:15–00:15:45).

Telegraf

Telegraf runs scripts for devices lacking Home Assistant integration, sending data to InfluxDB. It also monitors network and CPU usage .

Ansible and Pi-hole

Ansible automates Docker container deployment on Raspberry Pis, with roles for each service and a web page listing services . Pi-hole, a DNS-based ad blocker, caches queries and logs IoT device DNS requests, exposing suspicious activity.

Security and Deployment

Security is critical with IoT’s attack surface. Mockers recommends:

• A separate Wi-Fi network for IoT devices to isolate them from PCs .
• Limiting internet access for devices supporting local mode .
• A VPN for remote access, avoiding open ports .
• Factory-resetting devices before disposal to erase Wi-Fi credentials .

Deployment uses Docker containers on Raspberry Pis, managed by Ansible. Mockers avoids Kubernetes due to Raspberry Pi constraints, opting for custom scripts. Hardware includes Raspberry Pis, 433MHz transceivers, and Wemos ESP8266 boards with shields for sensors (00:19:45–00:20:45).

Audience Interaction and Lessons

Mockers engaged the audience with questions (00:00:30) and a Q&A , addressing:

• Usability for family (transparent for his wife, usable by his six-year-old)
• Home Assistant backups via Ansible and hourly NAS snapshots
• Insecure 433MHz devices (cheap but risky)
• Air conditioning control via infrared and fil pilote for radiators
• A universal remote consolidating five protocols, reducing complexity
• A humorous “divorce threat” from a beeping device, emphasizing user experience

Conclusion

Mockers’ talk showcased IoT as an accessible, developer-friendly domain using open-source tools. His setup, blending ZigBee, Wi-Fi, and DIY sensors with Home Assistant, Node-RED, and Grafana, offers a scalable, cost-effective model. Security and automation align with Devoxx’s cloud and IoT focus, inspiring developers to experiment safely. The key takeaway: quality data and user experience are critical for home automation success.

Resources

• Full Video
• Home Assistant
• ESPHome
• Node-RED
• InfluxDB
• Grafana
• Telegraf
• Ansible
• Pi-hole

In an enlightening session at Devoxx France 2021, Alexandre Navarro, a seasoned Java backend developer, captivated the audience with a deep dive into the world of programmable ergonomic keyboards. His presentation, titled “Maximizing Your Productivity with a Programmable Ergonomic Keyboard,” unveils the historical evolution of keyboards, the principles of ergonomic design, and practical strategies for customizing keyboards to enhance coding efficiency. Alexandre’s expertise, honed over eleven years of typing in the Bépo layout and eight years on a TextBlade, offers developers a compelling case for rethinking their primary input device. This post explores the key themes of his talk, providing actionable insights for programmers seeking to optimize their workflow.

A Journey Through Keyboard History

Alexandre begins by tracing the lineage of keyboards, a journey that illuminates why our modern layouts exist. In the 1870s, early typewriters resembled pianos with alphabetical key arrangements, mere prototypes of today’s devices. By 1874, the Sholes and Glidden typewriter introduced a layout resembling QWERTY, a design often misunderstood as a deliberate attempt to slow typists to prevent jamming. Alexandre debunks this myth, explaining that QWERTY was shaped by practical needs, such as placing frequent English digraphs like “TH” and “ER” for efficient typing. The addition of a number row and user feedback further refined the layout, with quirks like the absence of dedicated “0” and “1” keys—substituted by “O” and “I”—reflecting telegraphy influences.

This historical context sets the stage for understanding why QWERTY persists despite its limitations. Alexandre notes that modern keyboards, like the iconic IBM model, retain QWERTY’s staggered rows and non-aligned letters, a legacy of mechanical constraints irrelevant to today’s technology. His narrative underscores a critical point: many developers use keyboards designed for a bygone era, prompting a reevaluation of tools that dominate their daily work.

Defining Ergonomic Keyboards

Transitioning to ergonomics, Alexandre outlines the hallmarks of a keyboard designed for comfort and speed. He categorizes ergonomic features into three domains: physical key arrangement, letter layout, and key customization. Physically, an ergonomic keyboard should be orthogonal (straight rows, unlike QWERTY’s stagger), symmetrical to match human hand anatomy, flat to reduce tendon strain, and accessible to minimize finger travel. These principles challenge conventional designs, where number pads skew symmetry and elevated keys stress wrists.

Alexandre highlights two exemplary models: the Keyboardio Model 01 and the ErgoDox. The Keyboardio, which he uses, boasts orthogonal, symmetrical keys and accessible layouts, while the ErgoDox offers customizable switches and curvature. These keyboards prioritize user comfort, aligning with the natural positioning of hands to reduce fatigue during long coding sessions. By contrasting these with traditional keyboards, Alexandre emphasizes that ergonomic design is not a luxury but a necessity for developers who spend hours typing.

Optimizing with Programmable Keyboards

The heart of Alexandre’s talk lies in programming keyboards to unlock productivity. Programmable keyboards, like the ErgoDox and Keyboardio, emerged around 2011, powered by microcontrollers that developers can flash with custom firmware, often using Arduino-based C code or graphical tools. This flexibility allows users to redefine key functions, creating layouts tailored to their workflows.

Alexandre introduces key programming concepts, such as layers (up to 32, akin to switching between QWERTY and number pad modes), macros (single keys triggering complex shortcuts like “Ctrl+F”), and tap/hold behaviors (e.g., a key typing “A” when tapped but acting as “Ctrl” when held). These features enable developers to streamline repetitive tasks, such as navigating code or executing IDE shortcuts, directly from their home row. Alexandre’s personal setup, using the Bépo layout optimized for French, exemplifies how customization can enhance efficiency, even for English-heavy programming tasks.

Why Embrace Ergonomic Keyboards?

Alexandre concludes by addressing the “why” behind adopting ergonomic keyboards. Beyond speed, these devices offer comfort, reducing the risk of repetitive strain injuries—a concern for developers typing extensively. He shares his experience with the Bépo layout, which, while not optimized for English, outperforms QWERTY and AZERTY due to shared frequent letters and better hand alternation. For those hesitant to switch, Alexandre suggests starting with a blank keyboard to learn touch typing, ensuring all fingers engage without glancing at keys.

His call to action resonates with developers: mastering your keyboard is as essential as mastering your IDE. By investing in an ergonomic, programmable keyboard, programmers can transform a mundane tool into a productivity powerhouse. Alexandre’s insights, grounded in years of experimentation, inspire a shift toward tools that align with modern coding demands.

Links:

• Watch the full presentation: https://www.youtube.com/watch?v=zCMra9RgCzw
• Follow Devoxx France on LinkedIn: https://www.linkedin.com/in/devoxxfrance/
• Follow Devoxx France on Twitter: https://twitter.com/DevoxxFR
• Visit Devoxx France: https://www.devoxx.fr/