Podcasts about CentOS

I met Daniel Andrews through someone who has been monitoring Unstoppable Mindset and who told me that Daniel would be an interesting guest. How true it was. Daniel is a South Carolina guy born and bred. He makes his home in Columbia South Carolina. While in college he took a summer job with Cutco Cutlery after his sophomore year. I guess he liked the position because he stayed with Cutco for 15 years in sales positions.   While at Cutco his mentors introduced him to the concept of personal development. As you will see, he is widely read on the subject and he also learned to put his book learning to good use.   In 2013 he made the move to becoming his own boss and developed a true entrepreneurial spirit that still drives him today. He helps clients grow their businesses by seeking real quality contacts. He tells us that his goal is to introduce clients to 72 or 120 clients per year. As Daniel points out, a network of thousands of people is not nearly as effective as a smaller network of persons with whom you develop real credible relationships.   Daniel offers many wonderful and relevant tips on relationship and network building that I believe you will find useful. And, if you want more, Daniel provides his phone number at the end of this episode so you can reach out to him.       About the Guest:   Daniel grew up in Columbia, South Carolina after his dad moved from active duty USAF to reservice duty, in 1976. He attended college in Atlanta Georgia, where he took a summer job with Cutco Cutlery after his sophomore year, in 1988. His mentors, Ray Arrona, Ken Schmidt (RIP), Earl Small, and Don Freda introduced him to the concept of personal development, and his early career (the “summer job” lasted 15 years) was influenced by the writings of Zig Ziglar, Og Mandino, and Dale Carnegie.   He moved to St. Louis, Missouri in 2003 with his first wife, and switched careers. In his second career, a mix of B2B and B2C, he was influenced by  the writings of John Addison, Harland Stonecipher, and Jeff Olsen, encouraged by his mentor Frank Aucoin.   After his move to Houston, Texas, in 2013, he decided to become a true entrepreneur, and not just an independent contractor. The E-Myth Revisited, by Michael Gerber, Quench Your Own Thirst, by Jim Koch, and Profit First by  Mike Michalowicz were instrumental in making this jump, and he's currently engrossed in Super Connector by Scott Gerber and Give & Take by Adam Grant, as he builds a business based around showing people how to identify, find, meet, and grow relationships with a handful of key referral partners, to make sure there is a steady pipeline of 72-120 warm introductions to ideal client prospects every year.   He's been married to Adina Maynard since July 5th, 2019, after he returned to his hometown in the fall of 2016.     Ways to connect with Daniel:   Other handles: DanielPAndrews@outlook.com Pinterest link: https://www.pinterest.com/danielpandrews/   Daniel Andrews' personal FB link: https://facebook.com/danthemanwiththeplan1967   Daniel Andrews LinkedIn URL: https://www.linkedin.com/in/niasoutheast/   FB link - business page https://facebook.com/danandrewsnia   My video platform https://events.revnt.io/cutting-edge-business-coaching-llc   About the Host:   Michael Hingson is a New York Times best-selling author, international lecturer, and Chief Vision Officer for accessiBe. Michael, blind since birth, survived the 9/11 attacks with the help of his guide dog Roselle. This story is the subject of his best-selling book, Thunder Dog.   Michael gives over 100 presentations around the world each year speaking to influential groups such as Exxon Mobile, AT&T, Federal Express, Scripps College, Rutgers University, Children's Hospital, and the American Red Cross just to name a few. He is Ambassador for the National Braille Literacy Campaign for the National Federation of the Blind and also serves as Ambassador for the American Humane Association's 2012 Hero Dog Awards.   https://michaelhingson.com https://www.facebook.com/michael.hingson.author.speaker/ https://twitter.com/mhingson https://www.youtube.com/user/mhingson https://www.linkedin.com/in/michaelhingson/   accessiBe Links https://accessibe.com/ https://www.youtube.com/c/accessiBe https://www.linkedin.com/company/accessibe/mycompany/   https://www.facebook.com/accessibe/       Thanks for listening!   Thanks so much for listening to our podcast! If you enjoyed this episode and think that others could benefit from listening, please share it using the social media buttons on this page. Do you have some feedback or questions about this episode? Leave a comment in the section below!   Subscribe to the podcast   If you would like to get automatic updates of new podcast episodes, you can subscribe to the podcast on Apple Podcasts or Stitcher. You can subscribe in your favorite podcast app. You can also support our podcast through our tip jar https://tips.pinecast.com/jar/unstoppable-mindset .   Leave us an Apple Podcasts review   Ratings and reviews from our listeners are extremely valuable to us and greatly appreciated. They help our podcast rank higher on Apple Podcasts, which exposes our show to more awesome listeners like you. If you have a minute, please leave an honest review on Apple Podcasts.       Transcription Notes:   Michael Hingson ** 00:00 Access Cast and accessiBe Initiative presents Unstoppable Mindset. The podcast where inclusion, diversity and the unexpected meet. Hi, I'm Michael Hingson, Chief Vision Officer for accessiBe and the author of the number one New York Times bestselling book, Thunder dog, the story of a blind man, his guide dog and the triumph of trust. Thanks for joining me on my podcast as we explore our own blinding fears of inclusion unacceptance and our resistance to change. We will discover the idea that no matter the situation, or the people we encounter, our own fears, and prejudices often are our strongest barriers to moving forward. The unstoppable mindset podcast is sponsored by accessiBe, that's a c c e s s i capital B e. Visit www.accessibe.com to learn how you can make your website accessible for persons with disabilities. And to help make the internet fully inclusive by the year 2025. Glad you dropped by we're happy to meet you and to have you here with us.     Michael Hingson ** 01:21 Well and hello everyone. This is Michael Hingson, your host for unstoppable mindset. We're glad you're with us today, and really glad to have the opportunity once again to be with you and talk about all sorts of different sorts different kinds of things, as we do every week. That's why we call it an unstoppable mindset, where inclusion, diversity and the unexpected meet, because unexpected is much more fun. Keeps us all on our toes. Our guest today is Daniel, and would like to welcome you to unstoppable mindset, and we really appreciate you being here. Yeah,   Daniel Andrews ** 01:58 it's good to be here. Happy to participate. And really, I'm honored by the fact that you invited me to be here. So thank you for that. Well, we   Michael Hingson ** 02:05 made it. It's It's been fun, and we, we got introduced through Noah, who, I guess, does publicity for you.   Daniel Andrews ** 02:19 He and I have talked about that at some point. I'm trying to remember the entire chain that got me to you. You know, the person introduced me to him, to her, to him, to her, to him, to her, to you, right? I need a family tree of an introductory tree on my wall over here. I just keep up with all the connections. Yeah?   Michael Hingson ** 02:38 Keeps you alert and keeps you alert, you know, yeah, for sure. Well, I really am glad that you're here. And Daniel has a, I think, a great story to tell. He lives in Columbia, South Carolina, which he's really mostly called home, although he was born elsewhere, but sort of since roughly a fair, well, a fairly short time, he moved to Columbia and has been there. So I won't go into all those details. We don't need to worry about him, unless he wants to tell them, but Columbia has been home most all of his life. He did live a little ways, a little while away from Columbia, and on that, I'm sure we're going to talk about, but nevertheless, Columbia is home. I've been to Columbia and enjoy it, and I miss South Carolina sausage biscuits. So I don't know what to say, but nevertheless, one of these days, I'm sure I'll get back down there, and the people I know will make some more. But meanwhile, meanwhile, here we are. So why don't you start by telling us a little bit about kind of the early Daniel, growing up and, you know, all that, just to give people little flavor for you, sure,   Daniel Andrews ** 03:46 older brother two years older than me, exactly. I mean, within a couple days of two years, we're the only two no other siblings. Dad was an Air Force fighter pilot, and people think that must be pretty cool, and at some level, it is. But to help frame it better and give you a better detail of the experience of being the son of a fighter pilot, I encourage people that I talk to to remember the movie Top Gun. Not the second one where everybody was a good guy, they were older and more mature and, you know, but in the first one where there was the good guy that was a jerk and the bad guy that was a jerk, but they were, they were both jerks. And you know, it's a weird environment to grow up in when the biggest compliment one man can pay another is you don't suck that bad, right? That's literally the biggest compliment they're allowed to pay each other. So I grew up always thinking like I was coming up short, which has got some positive and some negative attributes. My clients love it because I tend to over deliver for what I charge them, but it kills my coach because he thinks I'm not I'm not fairly pricing myself in the marketplace, but I it made me want to be an entrepreneur, because the benchmarks are clear, right? You? In a sales environment, you know whether you're ahead or behind. You know what you got to do to catch the number one guy or gal if you're trying to beat the competition, you know how big your paycheck is going to be if you're working on, you know, commission or base, plus commission and and I really enjoyed the environment of being, I don't want to say competitive, but knowing that, you know, I was competing with myself. So many of my friends are employed by academia or small companies or big corporations, and even when they benchmark really good results, the pay, the compensation, the time off, the rewards, the advancements aren't necessarily there. So I really like the idea of having a very specific set of objectives. If I do this, then that happens. If I work this hard, I get this much money. If I achieve these results, I get, you know, moved up into into more authority and more responsibility, and that really made a world of difference for me, so that that has a lot to do with it. And as a result of that, I've opted for the self employment   Michael Hingson ** 05:54 certainly gives you lots of life experiences, doesn't it?   Daniel Andrews ** 05:58 It does. And I think, I think that people that work for other people is certainly learn, learn a lot as well. Meaning, I've not had to have extended co worker relationships or manage those over time. My first wife was fond of saying that Daniel's good in small doses, right?   Michael Hingson ** 06:15 So here we are, Ayan, so you're, you're telling us a little bit about you and growing up,   Daniel Andrews ** 06:22 sure it just you know, father is fighter pilot, right? And always pushing me to do more, be more. And that led me to choose a route of self employment, usually as a in the early parts of my career, independent contractor for other people. So I still had a structure to work in, but I knew what my objectives were. I knew how much money I would earn if I produced X result. I knew what it meant to get more responsibility, and that worked well for me. And then about eight years ago now, I decided to become a full fledged entrepreneur and really do my own thing and create some fun stuff. And it's been a fun ride in that regard, but I do love the freedom that comes from setting my own objectives on a daily basis. Yeah,   Michael Hingson ** 07:07 there's a lot to be said for that, and then not everyone can do that, because it does take a lot of discipline to be an entrepreneur, to do the things that you need to do, and know that you need to be structured to do the things that that have to be done at the same time. You do need to be able to take time off when that becomes relevant. But still, it does take a lot of discipline to be an entrepreneur and make it work successfully,   Daniel Andrews ** 07:35 right? And I don't know that I've mastered the discipline for it, but at least I'm working on my objectives and not somebody else's. The only person I'm letting down is me. You know, when I, when I, when I miss a deadline or don't execute, so that feels better to me than having the weight of somebody else's expectations on me   Michael Hingson ** 07:52 counts for something, doesn't it? I think so well. So you, you grew up in Columbia, but then you went off to college. Where'd you go to college?   Daniel Andrews ** 08:02 Down in Atlanta, Georgia, small school there. But I had a choice of three places, and each of them had offered me scholarship funds that equaled the same cost to me. IE, the packages were different, but the net cost to me in each case was going to be about the same. So rather than pick based on the financial aid or the scholarships are being offered, I picked on which city it was in. And I figured being a college kid in Atlanta, Georgia was a good move. And it turned out it was a good move. There was lots to see and do in Atlanta, Georgia, only about four hours from home. And it just it worked out to be pretty good that my other choices were Athens, Georgia, which is strictly a college town. And you know, when the summer rolls around, the place is empty. It goes down, and the other was a school and Farmville, Virginia, excuse me, the closest town is Farmville, Virginia, where the 711 closed at six. And I'm not exaggerating when I say that, yeah, not too sure. I want to be that far out in the sticks right as a 19 year old away from home for the first time, I wanted. I wanted. I wanted to have something to do with my freedom, meaning, if I was free to do what I wanted to do, I wanted to have something to do with that so and not not sit around Farmville, Virginia, wonder what was going to happen next. Yeah. Well,   Michael Hingson ** 09:19 so what did you major in in college?   Daniel Andrews ** 09:23 That question always comes up, and I'm always hesitant to answer that, because people think it has something to do with what I do today, and it does not in any way shape or stretch. I got a BS in psychology, which I tell people was heavy on the BS and light on the psychology, but at   Michael Hingson ** 09:38 the same time. And so my master's degree is in physics, although I ended up not going into physics, although I did a little bit of science work. But do you would you say, though, that even though you got a BS in psychology and you went off and you're clearly doing other things, did you learn stuff, or did that degree benefit you? And do you still. I have skills and things that you learned from that that you use today. I   Daniel Andrews ** 10:04 used to tell people that I had three facts that I used in college, that I learned in college, that I used on a daily basis, and for the longest time, I could recite all three. But nobody asked me what they were for the longest time, and I'm sure I still use all three of them, but I can only recall one, so the answer is, for the most part, no. But I think I went to college for a piece of paper. Someone else was paying for it. In this case, the school, not my parents. It was a scholarship, and I went to school not to learn anything. I went to school to get a piece of paper. I started off as a physics major, by the way, and when I got to the semester where they were trying to teach me that light is both a particle and a wave, I'm like, Yeah, we're going to need a different major, because I did not get my head around that at all. And and the degree that was had the least hurdles to get to switch majors and finish at that moment in time with psychology. So that's the route I took. I was just there for the piece of paper.   Michael Hingson ** 11:05 Physics wasn't what you wanted to do, huh?   Daniel Andrews ** 11:08 I did. But if the textbook had said light has attributes of both a particle and a wave, I might have been able to grasp it a little bit quicker. But it said light is both a particle and a wave, and it was the week of finals, and I was struggling with the intro in chapter one for the textbook, and I'm like, yep, might be time for different major at this point,   Michael Hingson ** 11:29 my master, my master's is in physics, and you mentioned and I enjoyed it, and I and I still have memories and concepts that I learned, that I use today, probably the biggest one is paying attention to detail and physics. It isn't enough to get the numeric right answer, you got to make the units work as well, which is more of a detail issue than just getting the numbers, because you can use a calculator and get numbers, but that doesn't get you the units. And so I found that skill to be extremely important and valuable as I worked through physics and went through and I actually got a master's and also a secondary teaching credential, and I thought I was going to teach, but life did take different directions, and so that's okay.   Daniel Andrews ** 12:18 Well, when you frame it that way, I will say that there is something that I learned that I that I use, maybe not in my work, but in my field of vision, and that's this, you know, lab and experimental methods taught me to ask the question, how did they ask the questions? Right? What was the structure of the test, the experiment, the the data collection right? Because you can do an awful lot of things. For example, they have found that if a doctor says to a patient, we have a chance to do surgery, there's a 10% chance of success, meaning that you'll live, they get a better up to uptake than if they say there's a 90% chance that you'll die. Yeah, it's the same information, but you always have to look at the way the questions are framed. Polls are notorious for this right data collection from my days in Cutco, I read a study and I put quotes around it right? A study that said that wooden cutting boards retain less bacteria than plastic cutting boards or polypropylene polyurethane, which is clearly blatantly wrong if you're treating your cutting boards correctly. And I looked into it, and they simply wiped the surface and then waited a day and measured bacteria count? Well, if you don't put it what you can dishwasher a plastic cutting board and sterilize it, right? Why would you simply wipe the surface? In the case of the wood, the bacteria was no longer at the surface. It had sunk into the woods. So there's not as much on the surface. I'm like, oh, but it's still there. It's just down in the wood. You have to literally look at the way these tests are done. And I guess the wooden cutting board industry paid for that study, because I can't imagine anybody else that would would a care and B make the argument that a wooden cutting board was better than a plastic one for sanitation reasons,   Michael Hingson ** 14:13 because it's clearly all it's all sales. And of course, that brings up the fact that you get that kind of knowledge honestly, because when you were a sophomore, you got a summer job with Cutco.   Daniel Andrews ** 14:24 I did, yeah, and I remember 3030, what is that? 36 years ago, now having to explain what Cutco was, but Cutco has been around for so long in America that most American households have at least some Cutco on them at this point. So I find most people already know and understand, but it was a direct sales job. It was not structured the way an MLM or a network marketing company has, but my job is to literally take, you know, a kit full of samples, right? Some some regular, normal, standard products that we would use and sell, and take them into people's homes and sit at the kitchen table and demonstrate. Right? The usefulness. Go over the guarantee, go over the pricing options, and you know what choices they could pick stuff out, and it turned out to be a lot of fun. Turned out to be more lucrative than most people imagine. I don't want to brag too much about how much reps make doing that, because then customers get upset we're being overpaid, but yeah, that's not true either. But it was a blast to to do that and the learning environment, right? What I learned about setting my own goals, discipline, awareness of the way communication landed on other people. I don't the psychology of communication, being around people, helping them understand what I knew to be true, finding ways to address concerns, issues, objections, without making them feel wrong or awkward. You know, it was a good environment, and that's why I stayed for 15 years. For   Michael Hingson ** 15:52 me, after college, I went to work with an organization that had developed a relationship with Dr Ray Kurzweil, the futurist and who now talks a lot about the singularity. And at that time, he had developed a machine that would read print out loud. Well, it would read print, and he chose, for the first application of that machine to be a machine that would read print out loud so that blind people could read print in books, because his technology didn't care about what type styles or print fonts were on the page anyway. After the job was over, I went to work for Ray, and after about eight or nine months, I was confronted with a situation where I was called into the office of the VP of Marketing, who said, your work is great. We love what you do, but you're not doing anything that produces revenue for us, because I was doing Human Factors work helping to enhance the machine, and so we're going to have to lay you off, he said. And I said, lay me off. And he said, again, your work is great, but we don't have enough revenue producers. We're, like a lot of startup engineering companies, we've hired way too many non revenue producers. So we got to let people go, and that includes you, unless you'll go into sales. And not only go into sales, but not selling the reading machine for the blind, but there's a commercial version that had just come out. So I ended up doing that, and took a Dale Carnegie sales course, a 10 week course, which I enjoyed very much. Learned a lot, and have been selling professionally ever since, of course, my story of being in the World Trade Center and escaping on September 11 after that, I still continue to sell. What I tell people is I love to view my life as now selling life and philosophy. Rather than selling computer hardware and managing a hardware team, it really is about selling life and philosophy and getting people to understand. You can learn to control fear. You can learn to function in environments that you don't expect, and you can go out of your comfort zone. And there's nothing wrong with that, you know. So that's it's been a lot of fun for the last 23 years to do that.   Daniel Andrews ** 18:00 Okay? Now you got me curious. What's the commercial application of a machine that will take a printed book and read it out loud? What I can clearly see why people with various and sundry?   Michael Hingson ** 18:12 Well, for people who are blind and low vision, well, so let's, let's deal with it. The commercial application for that particular machine is that people will buy it and use it. Of course, today it's an app on a smartphone, so it's a whole lot different than it was as a $50,000 machine back in 1978 1979 but the idea behind the machine was that libraries or agencies or organizations could purchase them, have them centrally located, so people who never could read print out loud before could actually go get a book, put it on the machine and read it.   Daniel Andrews ** 18:46 Okay? So this would make sense libraries and institutions of public knowledge, okay. But then, as I could see, where someone would want one in their home if they had need of it. But I was just curious about the commercial application well.   Michael Hingson ** 18:57 But then over time, as the technology advanced. As more were produced, the price went down. And it went from $50,000 down to $20,000 and you started to see some in people's homes. And then, of course, it got less and less and less and eventually, before it became almost a free app on a smartphone today, it used the Symbian operating system and Nokia phones, and the the technology, in total, was about $1,800 and then, of course, it became an app on a smartphone, and a lot of OCR today is free, but the other side of it was the machine I sold was a version that banks would use, lawyers would use, other people would use to be able to take printed documents and get them into computer readable form, because people saw pretty early on that was an important thing to be able to do so they could peruse databases and so on and so the bottom line is that it was very relevant to do. Yeah, and so there was commercial value, but now OCR has gotten to be such a regular mainstay of society. You know, we think of it differently than we did then, very   Daniel Andrews ** 20:10 much. But yeah, we still have one that can read my handwriting   Michael Hingson ** 20:15 that is coming. You know, they're my handwriting. I wanted to be a doctor, and I passed the handwriting course, but that's as far as I got. But, and as I love to tell people, the problem was I didn't have any patients, but, you know, oh boy. But the the bottom line is that there were applications for it, and and it worked, and it was great technology. So it taught me a lot to be able to be involved in taking the Dale Carnegie sales course, and I know he's one of the people that influenced you in various ways. Very much, very important to recognize for me that good sales people are really teachers and advisors and counselors. Absolutely you can. You can probably talk people into buying stuff, which may or may not be a good thing to do, but if we've really got something that they need, they'll figure it out and they'll want to buy   Daniel Andrews ** 21:11 it. Yeah, the way it was summarized to me, and this particularly relates around, you know, the Cutco product or another tangible you know, selling is just a transference of enthusiasm, meaning, if they knew and understood it the way I did, it would make perfect sense. So the question was, how do I find a way to convey my enthusiasm for what I knew about the product? And as simple, I don't wanna say simple, it sounds condescending in as few words as possible, in ways that made it easy for them to digest, right? Because some people are, are tactile, and they want to hold it, look at it. Others are, you know, knowledge oriented. They want to read the testimonials and a guarantee and, you know, things like that. So just, how do you, how do you kind of figure out who's looking for what? Yeah,   Michael Hingson ** 21:56 and the reality is, everybody is a little bit different in that arena. And as you said, conveying enthusiasm, you'll either be able to do it or you'll find that what you have isn't really what's going to make them enthusiastic, which can be okay too. Yep, the important thing is to know that and to use that information. And when necessary, you move on and you don't worry about it, correct? We have cut CO knives. We're we, we're happy. But anyway, I think the the issue is that we all have to grow, and we all have to learn to to do those things that we find are relevant. And if we we put our minds to it, we can be very productive people. And as you pointed out, it's all about transmitting enthusiasm, and that's the way it really ought to be.   22:54 Yeah, I think so.   Michael Hingson ** 22:55 So you talk about, well, so let's, let's go back. So you went to work for Cutco, and you did that for 15 years. What would you say the most important thing you learned as a as a salesperson, in working at Cutco really came down to,   Daniel Andrews ** 23:16 there's so many fundamental lessons in the direct sales industry, right? It's why, you know, so many people got their start with Encyclopedia Britannica or Southwestern books or Cutco knives, right? There's a, there's a, I mean, in the 90s, CentOS, the uniform people and sprint when cell phones were new and actually had to actively be sold because people had to be talked into it, yeah. You know, they ran whole recruiting ads that said, Did you used to sell knives, entry level work, starting at base, you know, salary plus commission, right? Because it was so foundational. So it's hard to say the most important thing, but I would say the ability to take control of my own schedule, and therefore my own actions, right, was a huge part of it. But then the ability to really know what, understand the people that I was working with as customers. As my time at ketco matured, and even after I left working with them full time, I still had a database of customers that wanted to deal strictly with me and the fact that they were happy to see me right? That when I was again, after I'd moved away, if I came back to town, that my customers would be like, Oh, I heard you're in town when you come to our house and have dinner, right? And just the way, I was able to move from business relationship into one where I really connected with them. And you know that many years, seeing that many customers give me some really cool stories too, which I'm not going to eat up most of this, but I've just got some fun stories of the way people responded to my pleasant persistence, follow through, follow up, knowing that I could run into any one of them anywhere at any moment in time. And not feel that I had oversold them, or I had been pushy, right, that they would be happy and what they bought. And as a matter of fact, I've only ever had one customer tell me that they bought too much Cutco. And she said that to me when I was there sharpening her Cutco and selling her more. And she said she had bought more than she needed for her kitchen. Initially, I'm selling her more for a gift, let me be clear. And I paused, and I said, Do you remember how the this is like five or six years later? I said, you remember how the conversation went? Because I use the story of that demo when I'm talking to other people and to other reps. She said, Oh yeah, no, no. She goes, I will 100% own that I chose to buy more than I needed. She goes, I was not trying to pin that on you. I was just trying to tell you that that's what I did. I said, Oh, okay, because I wanted to be clear, I remember very clearly that I offered you the small set, and you chose the big set. And she goes, that is exactly what happened. I made the choice to over buy, and that's on me, and that level of confidence of knowing I could go through time and space, that I could meet my customers here, you know, when I came back to town, or now that I moved back to town, and I don't have to flinch, right? But I'm not that I did it in a way that left them and me feeling good about the way I sold them. That's pretty it's pretty important,   Michael Hingson ** 26:15 and it is important, and it's, it's vital to do that. You know, a lot of people in sales talk all about networking and so on. You, don't you? You really do talk about what I believe is the most important part about sales, and that's relationship building, correct?   Daniel Andrews ** 26:34 I took, took my theme from The subtitle of a book called Super connector, and the subtitle is, stop networking and start building relationships that matter. And I'm, I'm comfortable using that, by the way, there's another book titled networking isn't working, and it's really hitting the same theme, which is, whatever people are calling networking is, is not really, truly building a network and relationships that make a difference. It's social selling. I call it sometimes. It's being practiced as speed prospecting, right? Or marketing by hand. There's, there's, there's a bunch of ways that I can articulate why it's not literally not networking. It's simply meeting people and treating them very one dimensionally. Will you buy my thing? Or do you know somebody That'll buy my thing right? And those are very short sighted questions that have limited value and keeps people on a treadmill of thinking they need to do more networking or meet the right people. I get this all the time, if I can just find the right people, or if I could just be in the right rooms, right at the right events, and I'm like, or you could just be the person that knows how to build the right relationships, no matter what room you're in. Now, having said that, are there some events, some rooms, some communities, that have a higher likelihood of high value? Sure, I don't want to discourage people from being intentional about where they go, but that's only probably 10 to 20% of the equation. 80 to 90% of the equation is, do you know what to do with the people that you meet when you meet them? Because anybody that's the wrong person, and I simply mean that in the context of they're not a prospect. Knows people that could be a prospect, but you can't just go, Oh, you're not going to buy my thing. Michael Hinkson, do you know, anybody that's going to buy my thing that's no good, because you're not going to put your reputation on the line and refer me somewhere, right until you have some trust in me, whatever that looks like.   Michael Hingson ** 28:30 And that's the real issue, right? It's all about trust right down the line. You know, network is meeting more people, meeting more people. That's great. I love to meet people, but I personally like to establish relationships. I like to get to know people, and have probably longer and more conversations than some of my bosses would have liked. But the result and the success of establishing the relationships can't be ignored   Daniel Andrews ** 29:05 correct. And I think that you kind of threw in a word there that I think some people will internalize, or it will reinforce some of their preconceptions. And I think it's worth addressing. And I'll just give you a quick example. Six, six weeks ago, four weeks ago, I had a conversation with somebody I was introduced to. His name happens to be Michael as well. Michael, Mike Whitmore. He was impressed with the quality of our first well, it went 45 it was scheduled for 25 and I went 45 because we really gelled. And he invited me to come to a cocktail party that was being hosted by a company he was affiliated with three hour event, and we spoke again later to make sure you know everything was in order, because it involved me flying to Salt Lake City for a cocktail party I did. He was there. We spoke briefly. We both mingled with other. People. I had breakfast with him the next day. This is yesterday that I had breakfast with him. And as we're talking, he's like, Okay, I have 80 people that need what you've got. He's, he's basically, after a few conversations, gonna refer about $400,000 for the business to me, right? And I'm like, Okay, and so what people miss is that you can build that relationship quickly if you're intentional about building the relationship. And where I see the mistake most people make. And God bless Dale Carnegie, and Dale's Carnegie sales training course, right? But that that the model, what I call the cocktail party model, or the How to Win Friends and Influence People, model of getting to know somebody you know. How about that ball team? You know? Did your sports club win? Right? How's the weather up there? Did you hear about the you know, how's your mom, right? When's the last time you were camping with the fam? All legitimate questions, but none of them moved the business conversation forward. And so the ability to build a productive business relationship faster by focusing on the mutual shared value that you have between each other and the business aspects, and including the personal as the icing on the cake is a much better way to do it, and that's why I was very particular about the fact that, you know, when I was talking about my experience with ketco, that it was over time that the personal aspects, that the friendship looking aspects, evolved On top of the business relationship, because it is way easier to mix the ingredients, to put the icing or friendship on the cake of business than it is to establish a friendship and then go, by the way, it's time for us to talk business, right? You need to our client, or you need to let me sell what I'm offering that can get become jarring to people, and it can call into question the whole reason you got to know them to start with, right? So I much prefer the other route. And just one other brief example, speaking with a woman in a in what I, you know, a first paired interview, Quick Connect, 25 minutes long, and she's like, understand, you know, relationships, it's the, you know, it's the way to do it, right? It's the long play, but it pays off over time. And you know, as long as you stay at it, and I'm like, Why do you keep saying it's the long play? Well, because relationships take time. And I'm like, You say so. And we started to run long and realized we had more value, so we booked it. Ended up being about four or five weeks later, because my calendar stays pretty full, and she's so we've been in 125 minute phone call. We start the second zoom with her, with Peggy asking me who's your target market again. And I gave her the description for a $25,000 client. And she said, I have three people that I can refer you to in that space that might might want to be clients. And then she started to try and tell me how relationships are the long play? Again, I'm like, thank you. Hold up. We spent 25 minutes together a month ago, and you started this conversation by referring $75,000 worth of revenue to me. What makes you think relationships are the long play? I think you can make them last if you want them to last, but it doesn't take a long time to build those I said I knew what I was doing with those first 25 minutes. That's why, at this stage of the game, you're looking to refer business to me. Yeah, right, yeah. And so I don't think it's a long you're not establishing a marriage relationship, right? You're not deciding who your new best friend is going to be, right? You're trying to establish a mutually beneficial business relationship and see what it takes you right with the right set of questions, it goes so much faster   Michael Hingson ** 33:49 and and that's really a key. And for me, one of the things that I learned in sales, that I really value a lot is never answer or ask close ended questions. I hate yes and no questions, because I learned a long time ago. I don't learn much if I just ask somebody. Oh, so you, you tell me you need a tape library, right? Yes, and you, you ask other questions, but you don't ask the questions like, What do you want to use it for? Why do you really need a tape library today? What? What is it that you you value or that you want to see increased in your world, or whatever the case happens to be, right? But I hate closed ended questions. I love to engage in conversations, and I have lots of stories where my sales teams. When I manage teams, at first, didn't understand that, and they asked the wrong questions. But when I would ask questions, I would get people talking. And I was I went into a room of Solomon brothers one day back in like, 2000 or so, or 2000 early 2001 and I was with. My best sales guy who understood a lot of this, but at the same time, he wanted me to come along, because they wanted to meet a sales manager, and he said, I didn't tell him you were blind, because we're going to really hit him with that. And that was fine. I understood what he what he meant, but also he knew that my style was different and that I liked to get more information. And so when we went in and I started trying to talk to the people, I turned to one guy and I said, tell me what's your name. And it took me three times to get him to say his name, and finally I had to say I heard you as I walked by. You know, I know you're there, what's your name? And then we started talking, and by the time all was said and done. I got everyone in that room talking, which is great, because they understood that I was really interested in knowing what they were all about, which is important,   Daniel Andrews ** 35:53 correct? And I mean part of it right, particularly if you're problem solving, right? If you're there with a solution, a sales environment, open ended questions, predominantly the way to go. There's always going to have to be some closed ended right? What's the budget for this? Who are the decision makers in the process? But, and I certainly think a lot of the same ones apply in decision making. Meaning, it's probably an 8020 split. 80% of the questions should be open ended. 20% you know, you know, you just need some data from the other person, right? Because, as I'm meeting people, I need to decide who to refer them to, right? I know I can think off the top of my head of three different resume coaches, right? People that help people get the resume, their cover letter and their interview skills together. And one charges, you know, four to 5000 for the effort, right, depending on the package, right? One charges between 2030 500 depending on one guy charges, you know, his Deluxe is 1200 bucks, right? And the deliverable is roughly the same. Meaning, I've never looked for a job using these people, because I've been self employed forever, but I would imagine the deliverable is probably not three times as or four times as good at 5k at 1200 Right, right? But I need to know the answer, what you charge, because the rooms I will put people in are going to differentiate, right? I actually said it to the guy that was charging 1200 I said, Where'd you get the number? And he told me. And I said, Do you realize that you're losing business because you're not charging enough, right? And he said, Yes, some prospects have told me that. And I said, I'm sorry. Plural. I said, How many? How many are going to tell you before I before you raise your rates? And I said, here's the thing, there's communities, networks that I can introduce you to at that price point, but the networks that I run in won't take you seriously if you're not quoting 5000 for the job. Yeah? And he just couldn't get his head around it. And I'm like, Okay, well, then you're stuck there until you figure out that you need to triple or quadruple your price to hang out in the rooms I hang out in to be taken seriously.   Michael Hingson ** 37:57 Yeah? And it is tough for a lot of people, by the way, with that Solomon story, by the time I was done, and we had planned on doing a PowerPoint show describing our products, which I did, but even before we did that, I knew our product wasn't going to do what they needed. But went through the presentation, and then I said, and as you can see, what we have won't work. Here's why, but here's what will work. And after it was all said and done, one of the people from near the back of the room came up and he said, we're mad at you. And I said, why? He said, Oh, your presentation was great. You You gave us an interesting presentation. We didn't get bored at all. The problem was, we forgot you were blind, and we didn't dare fall asleep, because you'd see us. And I said, well, well, the bottom line is, my dog was down here taking notes, and we would have got you anyway, but, but, you know, he was he we had a lot of fun with that. Two weeks later, we got a proposal request from them, and they said, just tell us what we're what we're going to have to pay. We got another project, and we're going to do it with you. And that was   Daniel Andrews ** 39:02 it, yeah, and because the credibility that you'd established credibility,   Michael Hingson ** 39:07 and that is a great thing,   Daniel Andrews ** 39:09 that was part of the discussion I have with some of my clients today when I hold a weekly office hours to see what comes up. And I said, it's just important to be able to refer people to resources or vendors, as it is to refer them to a prospect, right? If you don't have the solution, or if your solution isn't the best fit for them, the level of credibility you gain to go, you know what you need to do? You need to go hang out over there. Yeah, right. You need to talk to that guy or gal about what they have to offer. And the credibility goes through the roof. Well,   Michael Hingson ** 39:39 we've been talking about networking, and I think that's everything we've talked about. I think really makes a lot of sense, but at the same time, it doesn't mean that you don't build a network. It's just that networking and building a network are really two different sorts of things. What are some of the most important things that you've learned about building. That   Daniel Andrews ** 40:00 works. Sure, there's several, and some of them come as a bit of a shock to people. And I always say it's okay if it's a shock to you, because it was a shock to me. But I don't take I don't have opinions. I have positions based on data. Right? You know that from your from your days as a scientist, what you think ought to be true absolutely irrelevant in the face of what the data tells us is true. But I think one of the important things is that it's possible to give wrong. Adam Grant says in the first chapter of his book, give and take. That if you look at people's networking styles, and I'll use the common vernacular networking styles, you have givers, people that tend to give more than they, you know, receive takers, people whose objective is to always be on the plus side of the equation. And then matchers, people that practice the degree of reciprocity. And I would even argue that that reciprocity and matching is a bad mentality, just so you know. But if you look at the lifetime of success, a career is worth of success. In the top levels of success, you find more givers than takers and matchers, which makes a lot of sense. In the lowest levels of success, you find more givers than takers and matchers. They're giving wrong. They tend to polarize. They tend to either be high achieving or very low achieving, because they're giving wrong. And so I and Michael, let me use his name. We had breakfast yesterday morning after the happy hour, and I said, Mike, are you open for coaching? And he said, You know I am. He said, I didn't have you flat here in Salt Lake City, because I don't respect you. What do you got for me? I said, Josh kept thanking you yesterday for the things you've done for him in his world lately, you know, over the last several years. And he kept saying, What can I do for you? And you said, Oh, no, I just love giving. I love giving, right? You know, it's not a problem. You know, I'm in a great position. I don't need to have a lot of need of resources. And I said, and you're missing the fact that he was explicitly telling you this relationship feels uneven. I said it takes longer to kill it, but you will kill a relationship just as quickly by consistently over giving as you will by taking too much. And it's a little more subconscious, although in Josh's case, it was very conscious. He was actively trying to get Mike to tell him, what can I do for you so I don't feel like I'm powerless in this relationship. And Mike was like, Oh my gosh, I never thought of that. Said, Look, I said, I don't know how your kids are. He said, well, two of them are married. And I said, my grown daughter argues with me over who's going to buy dinner. But I get it because I used to argue with my dad, who was going to buy dinner. Yeah, dinner together, right? It feels weird for someone, even somebody, that loves you, right? And, of course, the only way I can do it with my daughter is to explain, it's her money anyway. I'm just spending her inheritance on her now, it's the only way she'll let me buy dinner every time we meet, and she still insists that she pays the debt, because over giving will get in the way of what we're trying to accomplish, right? That's fair, yeah. And so people miss that, right? I get this law of reciprocity. If I just give and give and give to the world, it'll all come back to me. No, ma'am. We have 6000 years of recorded history that says that's not   Michael Hingson ** 43:18 how it works. There's there's something to be said forgiving, but there's also receiving. And in a sense, receiving can be a gift too. So you're mentioning Michael and Josh. Josh would have loved, as you're pointing out, Michael to tell him some things that he could do for Michael, and that would have been a great gift. So the reality is, it's how people view giving, which is oftentimes such a problem. I know, for me as a public speaker, I love dealing with organizations that are willing to pay a decent wage to bring a speaker in, because they understand it, and they know they're going to get their money's worth out of it. And I've gone and spoken at some places where they say, well, we can't pay you a lot of money. We're going to have to pay just this little, tiny amount. And invariably, they're the organizations that take the most work, because they're the ones that are demanding the most, even though they're not giving nearly as much in return. And and for me, I will always tell anyone, especially when we're clearly establishing a good relationship, I'm here as your guest. I want to do whatever you need me to do, so please tell me how best I can help you, but I know I'm going to add value, and we explore that together, and it's all about communication.   Daniel Andrews ** 44:48 I think so well. And in the case, you know, just go back to the mike and Josh story real quick, right? There's, there's number one, there's a sense of fairness. And I don't like the word reciprocity or magic, right? I like the word. Mutuality, but there's a sense of fairness. Number one. Number two, it's a little bit belittling to Josh, for Mike to act like Josh doesn't have anything to offer him, right? It's a little bit condescending, or it could be, Mike doesn't mean it that way, right? No, what he means is my relationship with you, Josh is not predicated on us keeping a scoreboard on the wall and that we make sure we come out even at the end of every quarter, right? But, but. And then the third part is, you know, I said, Mike, think of how good you feel when you give. He says, I love it. It's great. That's why I said, so you're robbing Josh of the feeling of giving when you don't give him a chance to give. I said, you're telling him that your joy is more important than his joy, and he's like I never thought of over giving or not asking as robbing people of joy. I said, You need to give the gift to Josh and the people around you to feel the joy that comes from being of use, of being helpful, of having and I said, even if you have to make something up or overstate the value of a of a task that he could do for you, I said, if you literally don't need anything in your world, Mike, find some job Hunter that's looking for work. And say, Josh, as a courtesy to me, would you meet with Billy Bob and see if you can help him find work somehow give Josh the sense that he's contributing to the betterment of your world, even   Michael Hingson ** 46:26 if it may not work out that this person, Billy Bob would would get a job, but it's still you're you're helping to further the relationship between the two of you, correct, right? You're   Daniel Andrews ** 46:38 helping him feel like he's an equal in that relationship. And that's an important part of it. It really is. It's now I do an important part. I do believe we absolutely should tithe. We should give of our time. We should be at the homeless shelter on Thanksgiving. If that's what we're called to do, we should be, you know, you know, aid to the poor, you know, mentoring junior people who don't have a lot to offer us. I absolutely believe that's true. So when I say give strategically or given a sense of mutuality, but we need clear delineations on you know what we're doing, because if we give indiscriminately, then we find out that we're like the people in chapter one of Adam Grant's book that are in the lower quartile of success, even though we're quote, doing all the right things. And the best way to make you know, the example I give on that, and I'll articulate this little bit, I'm holding my hands apart and moving them closer together in stages, just because the visual will help you here too. But I tell people, right? I hold my hands apart and I say, you know, we're going to spend this much time on the planet alive, right? And this much time on the planet awake, right, and this much time on the planet at work. And then I'll pause and go, these are approximations right, because clearly they are right, and this much time on the planet dealing with other people. So if, if it's true that we only have a limited or finite resource of time to spend building a network with other people, then why wouldn't we choose people whose message is worth amplifying and who we're well positioned to amplify and vice versa? And to make that even more clear for people, if you're a real estate agent, you could find a lot of people that would refer business to you, but you could find a few people that would refer a lot   Michael Hingson ** 48:25 of business, a lot of business. Yeah,   Daniel Andrews ** 48:27 you could find a mortgage lender, a divorce attorney, a moving company, a funeral home director, a nursing home director, right? And and if you're going to spend time building relationships with people, why wouldn't you find the people who are positioned to touch more people that you need to touch, particularly if there is some mutuality, meaning, as a real estate agent, I would be just as likely to be able to help a mortgage lender, a moving company, a funeral loan director, etc, etc, etc, right? All those things can come into play. And you know, the John gates, the salary negotiation coach, right? And Amanda Val bear, the resume writing coach, anybody can refer business to Amanda, but John's going to refer a lot more business to Amanda. Anybody can refer business to John, but Amanda's going to refer a lot more business to John. And and, you know, given that we've only got a finite number of conversations we're able to hold in our lifetime, why wouldn't Amanda and John be spending time with each other rather than spending time with me, who might occasionally meet somebody who needs them, but not on a daily basis the way Amanda meets John's clients? John meets Amanda's potential clients.   Michael Hingson ** 49:32 So here's the other way to spin. May not be the right word, but I'll use it. Frame it. Frame it. So you've got somebody who you're not giving a lot of, let's say a real estate agent. You're not giving that person a lot, but you're giving Elmo Schwartz, the real estate agent down the street, a lot more referrals and so on. Then the real estate agent who you're not referring a lot of people to, comes along and says, You. You know, I know you're really working with this other guy, but you know you and I have have had some conversations, and so how come I can't take advantage of the many opportunities that you're that you're offering? And I, for me, I always rejoice when I hear somebody ask that question, because at least they're opening up and they're saying, What do I need to do? At least, that's what I assume they're asking,   Daniel Andrews ** 50:24 yes, yeah, and that's a question that I teach people to ask, under what conditions would you feel comfortable referring business to me, right? Right? And you know, they may go, well, we don't share the same last name, but all my referrals go to, you know, Billy Bob, because he's my brother in law, and Thanksgiving gets weird, right? If he realizes I've been given leads to you, right? You know, it may never happen. Now, in my case, I believe in having multiple referral partners in every industry, right? Yeah, I don't just pick one, because personality plays part of it, right? I mean, and we can go back to real estate just because you say you're a real estate agent, I'm a real estate agent. I mean, we're calling on the same market. Same market at all, right, right? You could be a buyer's agent. I could be a seller's agent. You could be calling on, you know, what's a probate and estate issues? I could be dealing with first time homebuyers and young people, right? And therefore, and a lot of times it's personality, meaning, I personally, is not even the right word approach to business, meaning, there's some people that I would send to Ann Thomason, and there's some people I would send to Kim Lawson, and there's some people I would send to Elaine Gillespie, and some people I'd send to Taco Beals, right? Because I know what each of their strengths are, and I also know what sort of person they want to work with, right? Right? That's 1/3 person would appreciate them.   Michael Hingson ** 51:42 And that's the important part that that when somebody comes along and says, How come such and such, you can answer that, and you can do it in a way that helps them understand where they can truly fit into what you're offering, and that you can find a way to make it work, and that's really important. I've always maintained the best salespeople or teachers, pure and simple, in almost everything, and preachers, but but listening preachers. So it is, it is important to, yeah, well,   Daniel Andrews ** 52:16 and I bring this up in the context because we have a Bible college here in our town. So when I was a manager for Cutco, right? We get the college kids, right? Some of these seminary students, you know, looking for summer work and right? And they're like, you know, how does sales relate to, you know, being in the ministry later, I said, man. I said, Are you kidding? You kidding? I said, it's the purest. I said, you've got the hardest sales down on the roll. You ask people to pay the price now, and the payoff is at the end of their life. That's not sales. I don't know what is. At least, when people give me money, I give them something for it within a couple of days, you know, I said, I said, You better be good at sales if you're going to be your preacher eventually. Because you the, you know, the payment, the cost comes now, and the payoff, the reward comes later. I said, Man, those are the same but teachers the same way, right? You've got to invest the kids, the kids or the student, no matter how you know and what they're learning and why it's going to be relevant down the   Michael Hingson ** 53:06 road, right? Yeah, well, you You clearly have, have accepted all of this. When did you realize that maybe you were doing it wrong and that you re evaluated what you do?   Daniel Andrews ** 53:17 That's a great story, and there was a light bulb moment for me, right? I think the kids these days call it the origin story, right? You know. And and to tell the story correctly, but I have to give labels to the other two people involved, because their names are so similar that when I tell the story, I managed to confuse myself who was who. So I was in St Louis, Missouri, which, for reasons I won't go into for this podcast, is a weird town to be involved in B to B business in. They literally would prefer to do business with somebody they went to high school with. It's just a It's strange, but true. And I can go into the background of why it's true. It just is. It's accepted by people that have sold in towns other than St Louis. It's they know that St Louis is weird. Okay, so I'm having trouble not getting the traction I want. Who's in my industry, he agrees that we're going to partner and we're going to have a revenue share. I don't believe in finder's fees, but if you're going to co create the value with me, that's a different thing altogether, right? Writing a name on a piece of paper, I'm not paying for that. But if you're going to go with me on the appointment and help me get the job done. Yeah. Okay, back to the point. So my wingman, right? My partner, I call him wingman for the version this story, local, been around forever, prospect, business owner, right? We've got a B to B offered that's going to be fairly lucrative, because he's part of a family that owns a family businesses quite, quite a large there in St Louis. And we had met with the CFO because that was the real touch point on the business. As far as the value proposition over lunch, the four of us have been there prospect wingman CFO, of the prospect of myself, and it went reasonably well. Out they wanted to follow up to make the decision, which is not, not atypical. So we're back there standing in the parking lot of the prospects business, and the prospect points at me and says, Who is this guy? And my partner says, he's my guy. And the prospect points at me and goes, but I don't know this guy, and my partner says, but I know this guy, and the prospect points me and says, Well, what happens if something happens to this guy? And my partner says, I'll find another guy. And that was the purest, simplest form of what's truly happening when you're building a network. See, my days at Cutco were predicated on some of the same things. I go to Michael's house. I asked the name of your neighbors, your best friends, your pastor, your doctor, whoever you think, and then I would call them Hey, your buddy Michael insen said you'd help me out. So I'm borrowing a little bit of credibility, but the sale was made in the product, right? I'm only asking for a moment of your time, but I expected to show up, meaning I was only borrowing someone else's credibility to get a moment of your time. But I expected to show up and let the product and my Sterling personalities, I like to think of it, shine through and make the sale. There you go. And I realized, because when the prospect pointed me and said, Who is this guy, I thought my partner would say, he's my guy. Daniel, here's your chance to rise and shine, bring it, do that song and dance that you do, right? And he didn't. He kept the focus on the real point, which was that the prospect had credibility with my partner, and my partner had credibility with me. Yeah, right. And, and, and in that moment where he refused to put the spotlight on me, my partner kept it on himself, and he said, Mr. Prospect, don't worry about him. I'm not asking you to trust him. I'm asking you to trust me. And that was the light bulb where I said, Oh, what we're building is not introductions. We're building endorsements. When I get to the prospects door. I have the all the credibility that came from Bert, who referred me right, whatever credibility my partner, Bert, had with the prospect Butch. I show up on Butch is doorstep with that credibility. And when Butch starts to question it, the prospect starts to question it, my partner goes, What do you question? You're going to question him. We're not talking about him. We're talking about you and me, and we've known each other 30 years. What are you doing here? And I'm like, oh, that's why we're doing this. That's the point. I'm not asking to borrow your Rolodex. I'm asking to borrow your credibility.   Michael Hingson ** 57:38 And the other part of that question that comes to mind is, did the credibility that Bert and Butch have with each other ever get to the point where it transferred to you, at least in part? Oh, yeah,   Daniel Andrews ** 57:55 yeah, we got the sale. Yeah. I mean, that was the conversation where he's like, All right, we're going to do this. I'm like, because it was a big deal. It was a very large deal. And, yeah, but in   Michael Hingson ** 58:04 general, you know, I hear what you're saying, and in general, somewhere along the line, the prospect has to say, has to hopefully recognize this other guy really is part of the process and has value, and so I'm going to like him too, correct,   Daniel Andrews ** 58:23 and you can drop the ball. It's possible to screw it up, but I'm starting at a level 10 in the case of this particular pair of people, and it's mine to lose, as opposed to starting from zero and trying to get up to five or six or eight or whatever it takes to make the sale, and that's the biggest difference, right? It will, it will transfer to me, but then it's up to me to drop the ball and lose it, meaning, if I don't do anything stupid, it's going to stay there. And you know what was great about my partner was he didn't even not that I would have but he didn't give me any room to say anything stupid. He's like, he's like, let's not even talk. Put the spotlight on Daniel. Let's keep the spotlight on the two of us, and the fact that I've never let you down in 30 years. Why would you think this is going to be a bad introduction   Michael Hingson ** 59:09

A special guest joins us for the news, then we dive headfirst into our RT Linux kernel adventures—where speed seduced, but stability ghosted us.Sponsored By:Tailscale: Tailscale is a programmable networking software that is private and secure by default - get it free on up to 100 devices! 1Password Extended Access Management: 1Password Extended Access Management is a device trust solution for companies with Okta, and they ensure that if a device isn't trusted and secure, it can't log into your cloud apps. Support LINUX UnpluggedLinks:

We're diving into the world of the Extra Packages for Enterprise Linux (EPEL) and its latest milestone, EPEL 10. Discover how EPEL supports enterprise users by expanding software availability, the new features of EPEL 10, and the crucial role it plays within the Fedora and RHEL ecosystems. Whether you're an enterprise user or a community enthusiast, learn why EPEL is essential for driving innovation and collaboration in the open-source world. The Fedora Podcast features interviews and talks with the people who make the Fedora community awesome! These folks work on new technologies found in Fedora, produce the distro itself, or help put Fedora into the hands of users. There is so much going on in Fedora that it takes a whole podcast series!

Apple's AI Rollout Woes, Japan's Supercomputer Ambitions, and the Future of Social Media In this episode of Hashtag Trending, host Jim Love delves into the slow rollout of AI features in Apple's iPhone 16 series, raising concerns about its competitive edge. The show also covers Japan's plans to build the world's first Zeta class supercomputer, which promises unprecedented computational speeds. Additionally, it explores the potential of Microsoft's Azure Linux in the wake of CentOS's demise and the growing regulatory actions against social media platforms and tech giants globally. 00:00 Introduction and Headlines 00:29 Apple's AI Rollout: A Disappointment? 02:58 Japan's Ambitious Zeta Class Supercomputer 05:57 Microsoft's Surprising Move in the Linux World 08:14 The End of the Free Ride for Social Media Giants? 11:02 Conclusion and Sign-Off

The week brings the drama, from kernel hackers retiring in frustration, to a panning take on COSMIC, to a high profile fork of a very popular database program. It's not all drama, as Linux celebrates an all-time high in market share, Microsoft's LinkedIn moves to Microsoft's Azure Linux, and the Mono project calls Wine its new home. For tips we have findfs for looking up filesystem devices, bython for python with braces instead of whitespace, and gh for command line Github manipulation. You can find the show notes at https://bit.ly/3XrIhWj and enjoy the show! Host: Jonathan Bennett Co-Hosts: Ken McDonald and David Ruggles Want access to the video version and exclusive features? Become a member of Club TWiT today! https://twit.tv/clubtwit Club TWiT members can discuss this episode and leave feedback in the Club TWiT Discord.

2024-08-06 Weekly News — Episode 217Watch the video version on YouTube at https://youtube.com/live/Z3m5Nd7HoJc?feature=shareHosts: Eric Peterson - Senior Developer at Ortus SolutionsDan Card - Senior Developer at Ortus SolutionsThanks to our Sponsor - Ortus SolutionsThe makers of ColdBox, CommandBox, ForgeBox, TestBox and all your favorite box-es out there. A few ways to say thanks back to Ortus Solutions:Buy Tickets to Into the Box 2025 in Washington DC https://t.co/cFLDUJZEyMApril 30, 2025 - May 2, 2025 - Washington, DCLike and subscribe to our videos on YouTube. Help ORTUS reach for the Stars - Star and Fork our ReposStar all of your Github Box Dependencies from CommandBox with https://www.forgebox.io/view/commandbox-github Subscribe to our Podcast on your Podcast Apps and leave us a reviewSign up for a free or paid account on CFCasts, which is releasing new content regularlyBOXLife store: https://www.ortussolutions.com/about-us/shopBuy Ortus's Books102 ColdBox HMVC Quick Tips and Tricks on GumRoad (http://gum.co/coldbox-tips)Now on Amazon! In hardcover too!!!https://www.amazon.com/dp/B0CJHB712MLearn Modern ColdFusion (CFML) in 100+ Minutes - Free online https://modern-cfml.ortusbooks.com/ or buy an EBook or Paper copy https://www.ortussolutions.com/learn/books/coldfusion-in-100-minutes Patreon Support (Stupendous)We have 57 patreons: https://www.patreon.com/ortussolutions. News and AnnouncementsBoxLang — Dynamic : Modular : Productivehttps://boxlang.io/https://boxlang.ortusbooks.com/New Releases and UpdatesCFConfig v2.0.6Now supports BoxLang serversSpreadsheet-CFML v4.1.0 – v4.2.0Add moveSheet()Add sheet position to sheetInfo() propertiesUpgrade POI to 5.3.0, commons-csv to 1.11.0 and excel-streaming-reader to 4.4.0Allow datatype to be specified with addColumn()Sentry v2Updated to match Sentry's current event structure designcbq v3.0.8 – v3.0.9SyncProvider bug fixesBoxLang Betas — Beta 2 through 8Beta 2New FeaturesEncryption module — bx-password-encryptNew event: onRequestFlushBufferAbility to coerce BoxLang functions, lambdas, and UDFs, to well-known functional interfaces for Java interopAdd parallel streams from BoxLang arraysTruthy / Falsey completion for boolean casterNew Fluent Attempt BIF and classAdd the ability to add member methods to BoxLang classes — built-in class serialization to JSONNew static helper on Array class: fromString( list, delimiter ) to create quick BoxLang arrays from stringsNew BIFs for registered interceptors into the request pool and the global pool: BoxRegisterRequestInterceptor, BoxRegisterInterceptorwriteDump abort supportwriteOutput on complex BoxLang types should call the toString() on itNative encrypt, decrypt and generateSecretKey() BIFsBug FixeswriteDump expanded collapsed supportwriteDump top supportlistDeleteAt returns a list with multiple delimiters as a list with whole delimitersstructNew with localeSensitive flag throws errorstructKeyTranslate returns voidstructGet does not create struct when missingstructFindValue returning null ownerNo named applications not auto creating nameApplication listener requests interception points not registeredAmbiguous if statements when not using curly bracesthis.javasettings not expanding to correct pathingthis.javasettings ignores paths to actual jars and classescfdirectory fails on centOS, converting datetimedateAdd() modifies its argumenttoString not formatting doubles correctlyAttempt to cast instead of expecting strings inside isValidRegression on JSON serialization of box classes with JSON exclude annotationshttps://www.ortussolutions.com/blog/boxlang-100-beta-2-launchedBeta 3New FeaturesImplement query cache abilityCoerce java SAMs (Single Abstract Method interface) from BoxLang function interfacesAsyncService support for Virtual Thread Executors (create/manage)Bifs for module info: getModuleList() and getModuleInfo( module )Dumping of Java Classes now includes a dump of the toString() value to visualize values betterNew dump template for BoxLang FunctionsAllow the createDynamicProxy BIF to support the request class loader so it can load classes from loaded libraries in the application.bx, runtime, and more.New Script Binaries for bxCFTranspiler, bxCompiler, bxFeatureAudit tools in the distribution bin folderImprovementsRefactor JDBC connection retrieval out of the QueryOptions classDynamic method matching discovery algorithms updated to do 2 pass algorithm: exact then loose coercion matchingImprovement of cache service and cache provider methods for easier BoxLang interactionsRefactored the dump css to resources/dump/html/Dump.cssMigrate dynamic proxies to native java implementation from the JDKPassing the session id to the onSessionStart listenerGive better warnings if the sessionStorage is not a valid stringBug Fixesattributecollection not handled properly on cfthrowLeft in system out calls that need to be removedJSR ScriptEngine starting runtime without debug flag if passedCreating a default cache was not setting the right name and a "default" already registered exception was being thrownDefault argument values not always checked for typeImplements missing from Box Class metadataStatic Scope missing from metadatahttps://www.ortussolutions.com/blog/boxlang-100-beta-3-launchedBeta 4ImprovementsQuery caching improvements and compatibility updatesEnsure request attributes are available to the web runtime scopebx-compat CFML compatibility module updates to ensure null query column values are returned as empty stringsBug FixesFixes compilation issue with variables name cfcatchCFML compatibility for CGI.QUERY_STRING when not providedFix null queryparam functionalityhttps://www.ortussolutions.com/blog/boxlang-100-beta-4-launchedBeta 5New FeaturesData NavigatorsOriginal ConfigurationStringBind BIF and member functionAt...

Im Juli sorgten gleich zwei SSH-Bugs für Aufsehen. SUSE Manager 5.0 und openSUSE Leap Micro 6.0 sind erschienen, während CentOS 7 endgültig eingestellt wurde. Weitere Backup-Softwarehersteller planen Proxmox-Support und NVIDIA meldet sich nach längerer Zeit mit neuen Treiber-Neuigkeiten. Firefox 128 verärgert mit einer neuen Standard-Einstellung, das openSUSE-Projekt diskutiert lebhaft ein Rebranding. Canonical will Docker-Container zukünftig bis zu 12 Jahre unterstützen, während FreeBSD den Supportzyklus verkürzt. Neben eurem Feedback besprechen wir auch Veranstaltungstipps.

This week in Linux, we got new releases from EndeavourOS, Pipewire and more. Linux Mint is in the news this week with the Beta of their next major version of their distro. A new security vulnerability was found in OpenSSH and CentOS Linux has officially reached the end of the road. All of this and […]

SHOW NOTES ►► https://tuxdigital.com/podcasts/this-week-in-linux/twil-270/

The US government is worried there might not be enough trained workers to fill the needs of the CHIPS act. President Biden has announced a Workforce Partner Alliance (WFPA) to ensure the gap for skilled workers will be closed as soon as possible. WFPA is designed to reward providers with grants of between $500,000 and $2 million to provide the training for these new chip facilities. Is this something that we can count on? Or will it turn into another boondoggle like ITT Tech? This and more on this week's Rundown. Time Stamps: 0:00 - Welcome to The Rundown 1:19 - CIQ Offers a CentOS Bridge 6:12 - CyberRatings Gives Cisco's Enterprise Firewall a "Caution" Rating 10:32 - AI Innovation in Oracle HeatWave GenAI 17:35 - OpenSSH A Little TOO Open 21:39 - AI Power Draw Dims Net Zero Promises 29:06 - Nokia to Acquire Infinera 33:27 - CHIPS Act to Train Workers to Avoid Labor Shortages 44:49 - The Weeks Ahead 46:30 - Thanks for Watching Hosts: Tom Hollingsworth: https://www.twitter.com/NetworkingNerd Stephen Foskett: https://www.twitter.com/SFoskett Follow Gestalt IT Website: https://www.GestaltIT.com/ Twitter: https://www.twitter.com/GestaltIT LinkedIn: https://www.linkedin.com/company/Gestalt-IT Tags: #Rundown, #CHIPSAct, #CentOS, #Linux, @TheFuturumGroup, @TechstrongGroup, @TechstrongTV, @CyberRatings, @Cisco, @Oracle, @RonWestfallDX, @Google, @Nokia, @Infinera, @SFoskett, @NetworkingNerd, @GestaltIT,

Kaspersky has released a virus scanner for Linux; should you run it? OpenBSD finally has Wayland support, OBS has a new Beta, and WSL leans into the Hypervisor. Then there's Gnome, which sort of worries us. Then for tips we've got gping for a snazzy ping tui, iVentoy for a selectable PXE boot, devicetree options in Grub, and hostnamectl. The show notes are at https://bit.ly/4aSADaP and we will see you next time! Host: Jonathan Bennett Co-Hosts: Rob Campbell, Ken McDonald, and David Ruggles Want access to the video version and exclusive features? Become a member of Club TWiT today! https://twit.tv/clubtwit Club TWiT members can discuss this episode and leave feedback in the Club TWiT Discord.

Three revelations from Red Hat Summit. Our on-the-ground report will separate fact from hype.Sponsored By:Tailscale: Tailscale is a programmable networking software that is private and secure by default - get it free on up to 100 devices!Kolide: Kolide is a device trust solution for companies with Okta, and they ensure that if a device isn't trusted and secure, it can't log into your cloud apps.Core Contributor Membership: Save $3 a month on your membership, and get the Bootleg and ad-free version of the show. Code: MAYSupport LINUX UnpluggedLinks:

Thank you to the folks at Sustain (https://sustainoss.org/) for providing the hosting account for CHAOSSCast! CHAOSScast – Episode 83 In this episode of CHAOSScast, Georg and Dawn chat with guest Edward Vielmetti, Developer Partner Manager at Equinix, where he oversees the Open Source Partner Program. Today, they delve into the significance of measuring open source community health using CHAOSS metrics. Edward discusses the importance of providing infrastructure support to open source projects and how Equinix uses CHAOSS metrics to evaluate project health and manage resources efficiently. The discussion also covers the challenges of maintaining open source project health, including governance, code quality, and resources, with insights into predictive metrics and the impact of corporate involvement in open source communities. Press download now to hear more! [00:01:36] Edward introduces himself, tells us what he does, provides a background on Equinix, and talks about their dedicated cloud offering and support for open source projects. He discusses the absence of formal CHAOSS metrics at Equinix but mentions they compare them with internal considerations to ensure project health. [00:06:24] Edward talks about external factors like internal conflicts or external shocks to the system and the importance of being a stabilizing force. [00:9:59] Georg outlines three categories of project health: community activity, code quality, and resources. [00:10:58] Edward talks about using spend as a top-line metric for resource adequacy and the importance of rapid build and test cycles for software projects. [00:15:33] Georg acknowledges Edward's comprehensive view, noting the need for specialized infrastructure beyond what hosting platforms like GitHub and GitLab offer. Edward emphasizes that developing certain kinds of software requires direct access to hardware rather than virtualized environments. [00:19:06] Dawn brings the conversation back to CHAOSS, mentioning context working groups and Edward's active participation in the corporate OSPO working group. Edward talks about the challenges at Equinix in forming a formal OSPO and the value of sharing and learning from peers through CHAOSS. [00:22:33] Dawn appreciated the diversity of companies in the CHAOSS OSPO working group and the broad exchange of ideas. Edward reflects on his long history with open source, noting the evolution and professionalization of the industry. [00:25:32] Georg asks about the future of open source and CHAOSS's potential role, and Edward mentions the trend of open source projects changing control for financial gain and discusses how CHAOSS could help predict or quickly identify such changes. He proposes the collection of certain metrics, such as the number of legal notices a project receives, as indicators of the project's environment. [00:29:44] Edward shares a story, without taking sides, about Terraform relicensing by HashiCorp and the subsequent forks of Terraform, focusing on the OpenTofu fork and the licensing issues around patching from differently licensed software. [00:34:05] Georg discusses observing early risk indicators in projects, such as when a single company's influence increases, potentially raising the risk of unilateral changes, and he expresses a desire for a predictive model for open source project trajectories. [00:35:44] Dawn calls such predictive modeling difficult due to the rarity of events and stresses the importance of community participation for early detection of issues. [00:37:53] Georg brings up the Linkerd project's approach to engaging with the vendor ecosystem and the changes in their release strategy to encourage commercial support, and Edward compares this with CentOS's transition to CentOS Stream. [00:41:48] Georg reiterates the value of participation in open source to be aware of and potentially influence project developments. Value Adds (Picks) of the week: [00:42:29] Georg's pick is finding people that have something you need, and he found someone who was giving away dirt for free that he needed for his garden. [00:43:29] Dawn's pick is Barefoot Day - A family holiday every April 9. [00:44:34] Edward's pick is participating in Ann Arbor's “Visit Every Park” challenge and keeping a log of all his visits. Panelists: Georg Link Dawn Foster Guest: Edward Vielmetti Links: CHAOSS (https://chaoss.community/) CHAOSS Project X/Twitter (https://twitter.com/chaossproj?lang=en) CHAOSScast Podcast (https://podcast.chaoss.community/) podcast@chaoss.community (mailto:podcast@chaoss.community) Georg Link Website (https://georg.link/) Dawn Foster X/Twitter (https://twitter.com/geekygirldawn?lang=en) Edward Vielmetti Blog (https://vielmetti.typepad.com/w8emv/) Edward Vielmetti Mastodon (https://hachyderm.io/@w8emv) Edward Vielmetti LinkedIn (https://www.linkedin.com/in/edwardvielmetti/) Equinix (https://www.equinix.com/) OpenTofu Project X/Twitter re: OpenTofu's legal notice from HashiCorp (https://twitter.com/OpenTofuOrg/status/1776398008558493991) xkcd-Compiling (https://xkcd.com/303/) XZ Utils backdoor (https://en.wikipedia.org/wiki/XZ_Utils_backdoor) UNIX System Laboratories, Inc v. Berkeley Software Design, Inc. (https://en.wikipedia.org/wiki/XZ_Utils_backdoor) “Betrayal is the Internet's business model”-Michael Lucas Website (https://mwl.io/archives/23490) Special Guest: Ed Vielmetti.

Coming up in this episode * Themes Are More Global Than You Think * Kdenlive Does Some Layering * The History of LXDE * To Qt, or not to Qt? * Then, we call an audible 0:00 Cold Open 2:17 Theme of the Crop 16:22 The Lost Edit 28:11 The History of LXDE 55:51 How'd LXQt and LXDE Go? 1:24:28 Next Time 1:31:13 Stinger The Video Version https://youtu.be/Y8_rMTmnIXc

First up in the news: Mint 21.3 "Edge" is out, Ubuntu taking heat over Pro packages, Bazzite 2.2 is out, BunsenLabs Boron is out, Parrot 6.0 is out, we say Goodbye to Ginny, RPi Compute Module 5 is in the works, Say Hello to Wilma, RH causes issues for CentOS, and DSL Linux makes a resurgence In security and privacy: Ring will stop giving video to police, and AnyDesk responds to a major hack Then in our Wanderings: Bill is moving gear around, Joe upgrades, Moss takes a new tablet, and Majid is drinking the Samsung Kool-Aid Download

Happy New Year! In this episode we're talking about exceptions, how they work, and how they evolved. Expect the unexpected. # Timestamps (00:00:00)  INTRO (00:01:43)  How does a 'try' block work? (00:04:00)  How many 'try' blocks can you fit on a bus? (00:05:56)  How does Python store the current exception? (00:09:30)  Pre-history: exceptions as strings (00:12:59)  Try out string exceptions with CentOS 5 (00:14:28)  PEP 341: Combining 'finally' and 'except' in one 'try' block (00:16:15)  Core Hacker in Residence (00:16:51)  PEP 3109: Raising exceptions in Python 3K (00:19:17)  Automatic tuple unpacking for raised exceptions?! (00:21:55)  PEP 3110: Catching exceptions in Python 3K (00:26:00)  Foreshadowing: exception groups (00:27:10)  PEP 3134: Exception chaining (00:29:12)  __cause__, __context__, __traceback__ (00:31:50)  Back in the day we had to walk uphill both ways (00:32:56)  PEP 409: Suppressing exception chaining (00:34:44)  Raise from None? Or raise from Ellipsis? (00:37:11)  __supress_context__ (00:38:13)  Semantic difference between 'pass', 'None', and '....' (00:41:02)  NotImplemented vs NotImplementedError (00:43:02)  Zero-cost exceptions in Python 3.11 (00:51:12)  Reconstructing exception table entries dynamically (00:52:51)  Objects/exception_handling_notes.txt (00:54:19)  PEP 654: Historical context (00:56:58)  PEP 654: BaseExceptionGroup and ExceptionGroup (00:58:29)  PEP 654: except* (01:03:23)  PEP 678: Exception notes (01:06:09)  PEP 657: Cooler Errors (01:08:36)  A message to language implementers (01:09:15)  Fine-grained error locations in tracebacks (01:12:05)  This is useful for tracing coverage and Specializator (01:13:50)  Hacker in Residence fired? (01:16:25)  WHAT'S GOING ON IN CPYTHON (01:16:58)  Copy&patch JIT PR open (01:21:30)  Free-threading progress: GC split, stop-the-world (01:24:22)  The buildbots are red (01:25:27)  Faster CPython changes: interpreter code generator refactors (01:26:27)  Eval Game crash fix (01:28:41)  Three developers in residence! (01:29:54)  OUTRO # Links https://compilercrim.es/rust-np/

On this episode of Modern Web Podcast, host Simone Cuomo interviews Alvaro Saburido, a DevRel engineer and open-source developer. Alvaro talks about his project TresJS, a declarative way to create 3D experiences in Vue.js, and the importance of community-driven projects. He also discusses CentOS, Vitepress, the potential for innovation in virtual and augmented reality and the power of open-source. Sponsored by This Dot Labs  

Can we save an old Arch install? We'll attempt a live rescue, then get into our tips for keeping your old Linux install running great.

In this episode, Jay and Joao catch up on recent stories. Among the topics they'll discuss another version of CentOS going end of life (and why upgrading isn't so straight-forward), the recent curl vulnerability, and more!

Fedora Linux wouldn't be possible without the community, the people. In our ongoing focus, How Do You Fedora, we meet these amazing people and learn their stories. We'll be chatting with Neal Gompa, a long time contributor for CentOS and Fedora! The Fedora Podcast features interviews and talks with the people who make the Fedora community awesome! These folks work on new technologies found in Fedora, produce the distro itself, or help put Fedora into the hands of users. There is so much going on in Fedora that it takes a whole podcast series!

AWS Morning Brief for the week of October 23, 2023, with Corey Quinn. Links: Introducing Amazon EC2 R7i instances AWS announces Amazon Redshift integration with Visual Studio Code AWS announces member account level credit sharing preferences CloudWatch launches out-of-the-box alarm recommendations for AWS services Leapfrog from CentOS 7.9 to Red Hat Enterprise Linux 8.9 with Convert2RHEL and Leapp Utilities on AWS Enhance your security posture by storing Amazon Redshift admin credentials without human intervention using AWS Secrets Manager integration Archive to cold storage with Amazon DynamoDB  Keeping an eye on your cattle using AI technology  Top 10 unforgettable moments from AWS GenAI Day  Stellantis: driving innovation by investing in employees' digital skills

Jeff Geerling, Owner of Midwestern Mac, joins Corey on Screaming in the Cloud to discuss the importance of storytelling, problem-solving, and community in the world of cloud. Jeff shares how and why he creates content that can appeal to anybody, rather than focusing solely on the technical qualifications of his audience, and how that strategy has paid off for him. Corey and Jeff also discuss the impact of leading with storytelling as opposed to features in product launches, and what's been going on in the Raspberry Pi space recently. Jeff also expresses the impact that community has on open-source companies, and reveals his take on the latest moves from Red Hat and Hashicorp. About JeffJeff is a father, author, developer, and maker. He is sometimes called "an inflammatory enigma".Links Referenced:Personal webpage: https://jeffgeerling.com/ TranscriptAnnouncer: Hello, and welcome to Screaming in the Cloud with your host, Chief Cloud Economist at The Duckbill Group, Corey Quinn. This weekly show features conversations with people doing interesting work in the world of cloud, thoughtful commentary on the state of the technical world, and ridiculous titles for which Corey refuses to apologize. This is Screaming in the Cloud.Corey: Welcome to Screaming in the Cloud. I'm Corey Quinn. A bit off the beaten path of the usual cloud-focused content on this show, today I'm speaking with Jeff Geerling, YouTuber, author, content creator, enigma, and oh, so much more. Jeff, thanks for joining me.Jeff: Thanks for having me, Corey.Corey: So, it's hard to figure out where you start versus where you stop, but I do know that as I've been exploring a lot of building up my own home lab stuff, suddenly you are right at the top of every Google search that I wind up conducting. I was building my own Kubernete on top of a Turing Pi 2, and sure enough, your teardown was the first thing that I found that, to be direct, was well-documented, and made it understandable. And that's not the first time this year that that's happened to me. What do you do exactly?Jeff: I mean, I do everything. And I started off doing web design and then I figured that design is very, I don't know, once it started transitioning to everything being JavaScript, that was not my cup of tea. So, I got into back-end work, databases, and then I realized to make that stuff work well, you got to know the infrastructure. So, I got into that stuff. And then I realized, like, my home lab is a great place to experiment on this, so I got into Raspberry Pis, low-power computing efficiency, building your own home lab, all that kind of stuff.So, all along the way, with everything I do, I always, like, document everything like crazy. That's something my dad taught me. He's an engineer in radio. And he actually hired me for my first job, he had me write an IT operations manual for the Radio Group in St. Louis. And from that point forward, that's—I always start with documentation. So, I think that was probably what really triggered that whole series. It happens to me too; I search for something, I find my old articles or my own old projects on GitHub or blog posts because I just put everything out there.Corey: I was about to ask, years ago, I was advised by Scott Hanselman to—the third time I find myself explaining something, write a blog post about it because it's easier to refer people back to that thing than it is for me to try and reconstruct it on the fly, and I'll drop things here and there. And the trick is, of course, making sure it doesn't sound dismissive and like, “Oh, I wrote a thing. Go read.” Instead of having a conversation with people. But as a result, I'll be Googling how to do things from time to time and come up with my own content as a result.It's at least a half-step up from looking at forums and the rest, where I realized halfway through that I was the one asking the question. Like, “Oh, well, at least this is useful for someone.” And I, for better or worse, at least have a pattern of going back and answering how I solved a thing after I get there, just because otherwise, it's someone asked the question ten years ago and never returns, like, how did you solve it? What did you do? It's good to close that loop.Jeff: Yeah, and I think over 50% of what I do, I've done before. When you're setting up a Kubernetes cluster, there's certain parts of it that you're going to do every time. So, whatever's not automated or the tricky bits, I always document those things. Anything that is not in the readme, is not in the first few steps, because that will help me and will help others. I think that sometimes that's the best success I've found on YouTube is also just sharing an experience.And I think that's what separates some of the content that really drives growth on a YouTube channel or whatever, or for an organization doing it because you bring the experience, like, I'm a new person to this Home Assistant, for instance, which I use to automate things at my house. I had problems with it and I just shared those problems in my video, and that video has, you know, hundreds of thousands of views. Whereas these other people who know way more than I could ever know about Home Assistant, they're pulling in fewer views because they just get into a tutorial and don't have that perspective of a beginner or somebody that runs into an issue and how do you solve that issue.So, like I said, I mean, I just always share that stuff. Every time that I have an issue with anything technological, I put it on GitHub somewhere. And then eventually, if it's something that I can really formulate into an outline of what I did, I put a blog post up on my blog. I still, even though I write I don't know how many words per week that goes into my YouTube videos or into my books or anything, I still write two or three blog posts a week that are often pretty heavy into technical detail.Corey: One of the challenges I've always had is figuring out who exactly I'm storytelling for when I'm putting something out there. Because there's a plethora, at least in cloud, of beginner content of, here's how to think about cloud, here's what the service does, here's why you should use it et cetera, et cetera. And that's all well and good, but often the things that I'm focusing on presuppose a certain baseline level of knowledge that you should have going into this. If you're trying to figure out the best way to get some service configured, I probably shouldn't have to spend the first half of the article talking about what AWS is, as a for instance. And I think that inherently limits the size of the potential audience that would be interested in the content, but it's also the kind of stuff that I wish was out there.Jeff: Yeah. There's two sides to that, too. One is, you can make content that appeals to anybody, even if they have no clue what you're talking about, or you can make content that appeals to the narrow audience that knows the base level of understanding you need. So, a lot of times with—especially on my YouTube channel, I'll put things in that is just irrelevant to 99% of the population, but I get so many comments, like, “I have no clue what you said or what you're doing, but this looks really cool.” Like, “This is fun or interesting.” Just because, again, it's bringing that story into it.Because really, I think on a base level, a lot of programmers especially don't understand—and infrastructure engineers are off the deep end on this—they don't understand the interpersonal nature of what makes something good or not, what makes something relatable. And trying to bring that into technical documentation a lot of times is what differentiates a project. So, one of the products I love and use and recommend everywhere and have a book on—a best-selling book—is Ansible. And one of the things that brought me into it and has brought so many people is the documentation started—it's gotten a little bit more complex over the years—but it started out as, “Here's some problems. Here's how you solve them.”Here's, you know, things that we all run into, like how do you connect to 12 servers at the same time? How do you have groups of servers? Like, it showed you all these little examples. And then if you wanted to go deeper, there was more documentation linked out of that. But it was giving you real-world scenarios and doing it in a simple way. And it used some little easter eggs and fun things that made it more interesting, but I think that that's missing from a lot of technical discussion and a lot of technical documentation out there is that playfulness, that human side, the get from Point A to Point B and here's why and here's how, but here's a little interesting way to do it instead of just here's how it's done.Corey: In that same era, I was one of the very early developers behind SaltStack, and I think one of the reasons that Ansible won in the market was that when you started looking into SaltStack, it got wrapped around its own axle talking about how it uses ZeroMQ for a full mesh between all of the systems there, as long—sorry [unintelligible 00:07:39] mesh network that all routes—not really a mesh network at all—it talks through a single controller that then talks to all of its subordinate nodes. Great. That's awesome. How do I use this to install a web server, is the question that people had. And it was so in love with its own cleverness in some ways. Ansible was always much more approachable in that respect and I can't understate just how valuable that was for someone who just wants to get the problem solved.Jeff: Yeah. I also looked at something like NixOS. It's kind of like the arch of distributions of—Corey: You must be at least this smart to use it in some respects—Jeff: Yeah, it's—Corey: —has been the every documentation I've had with that.Jeff: [laugh]. There's, like, this level of pride in what it does, that doesn't get to ‘and it solves this problem.' You can get there, but you have to work through the barrier of, like, we're so much better, or—I don't know what—it's not that. Like, it's just it doesn't feel like, “You're new to this and here's how you can solve a problem today, right now.” It's more like, “We have this golden architecture and we want you to come up to it.” And it's like, well, but I'm not ready for that. I'm just this random developer trying to solve the problem.Corey: Right. Like, they should have someone hanging out in their IRC channel and just watch for a week of who comes in and what questions do they have when they're just getting started and address those. Oh, you want to wind up just building a Nix box EC2 for development? Great, here's how you do that, and here's how to think about your workflow as you go. Instead, I found that I had to piece it together from a bunch of different blog posts and the rest and each one supposed that I had different knowledge coming into it than the others. And I felt like I was getting tangled up very easily.Jeff: Yeah, and I think it's telling that a lot of people pick up new technology through blog posts and Substack and Medium and whatever [Tedium 00:09:19], all these different platforms because it's somebody that's solving a problem and relating that problem, and then you have the same problem. A lot of times in the documentation, they don't take that approach. They're more like, here's all our features and here's how to use each feature, but they don't take a problem-based approach. And again, I'm harping on Ansible here with how good the documentation was, but it took that approach is you have a bunch of servers, you want to manage them, you want to install stuff on them, and all the examples flowed from that. And then you could get deeper into the direct documentation of how things worked.As a polar opposite of that, in a community that I'm very much involved in still—well, not as much as I used to be—is Drupal. Their documentation was great for developers but not so great for beginners and that was always—it still is a difficulty in that community. And I think it's a difficulty in many, especially open-source communities where you're trying to build the community, get more people interested because that's where the great stuff comes from. It doesn't come from one corporation that controls it, it comes from the community of users who are passionate about it. And it's also tough because for something like Drupal, it gets more complex over time and the complexity kind of kills off the initial ability to think, like, wow, this is a great little thing and I can get into it and start using it.And a similar thing is happening with Ansible, I think. We were at when I got started, there were a couple hundred modules. Now there's, like, 4000 modules, or I don't know how many modules, and there's all these collections, and there's namespaces now, all these things that feel like Java overhead type things leaking into it. And that diminishes that ability for me to see, like, oh, this is my simple tool that solving these problems.Corey: I think that that is a lost art in the storytelling side of even cloud marketing, where they're so wrapped around how they do what they do that they forget, customers don't care. Customers care very much about their problem that they're trying to solve. If you have an answer for solving that problem, they're very interested. Otherwise, they do not care. That seems to be a missing gap.Jeff: I think, like, especially for AWS, Google, Azure cloud platforms, when they build their new services, sometimes you're, like, “And that's for who?” For some things, it's so specialized, like, Snowmobile from Amazon, like, there's only a couple customers on the planet in a given year that needs something like that. But it's a cool story, so it's great to put that into your presentation. But some other things, like, especially nowadays with AI, seems like everybody's throwing tons of AI stuff—spaghetti—at the wall, seeing what will stick and then that's how they're doing it. But that really muddies up everything.If you have a clear vision, like with Apple, they just had their presentation on the new iPhone and the new neural engine and stuff, they talk about, “We see your heart patterns and we tell you when your heart is having problems.” They don't talk about their AI features or anything. I think that leading with that story and saying, like, here's how we use this, here's how customers can build off of it, those stories are the ones that are impactful and make people remember, like, oh Apple is the company that saves people's lives by making watches that track their heart. People don't think that about Google, even though they might have the same feature. Google says we have all these 75 sensors in our thing and we have this great platform and Android and all that. But they don't lead with the story.And that's something where I think corporate Apple is better than some of the other organizations, no matter what the technology is. But I get that feeling a lot when I'm watching launches from Amazon and Google and all their big presentations. It seems like they're tech-heavy and they're driven by, like, “What could we do with this? What could you do with this new platform that we're building,” but not, “And this is what we did with this other platform,” kind of building up through that route.Corey: Something I've been meaning to ask someone who knows for a while, and you are very clearly one of those people, I spend a lot of time focusing on controlling cloud costs and I used to think that Managed NAT Gateways were very expensive. And then I saw the current going rates for Raspberries Pi. And that has been a whole new level of wild. I mean, you mentioned a few minutes ago that you use Home Assistant. I do too.But I was contrasting the price between a late model, Raspberry Pi 4—late model; it's three years old if this point of memory serves, maybe four—versus a used small form factor PC from HP, and the second was less expensive and far more capable. Yeah it drags a bit more power and it's a little bit larger on the shelf, but it was basically no contest. What has been going on in that space?Jeff: I think one of the big things is we're at a generational improvement with those small form-factor little, like, tiny-size almost [nook-sized 00:13:59] PCs that were used all over the place in corporate environments. I still—like every doctor's office you go to, every hospital, they have, like, a thousand of these things. So, every two or three or four years, however long it is on their contract, they just pop all those out the door and then you get an E-waste company that picks up a thousand of these boxes and they got to offload them. So, the nice thing is that it seems like a year or two ago, that really started accelerating to the point where the price was driven down below 100 bucks for a fully built-out little x86 Mini PC. Sure, it's, you know, like you said, a few generations old and it pulls a little bit more power, usually six to eight watts at least, versus a Raspberry Pi at two to three watts, but especially for those of us in the US, electricity is not that expensive so adding two or three watts to your budget for a home lab computer is not that bad.The other part of that is, for the past two-and-a-half years because of the global chip shortages and because of the decisions that Raspberry Pi made, there were so few Raspberry Pis available that their prices shot up through the roof if you wanted to get one in any timely fashion. So, that finally is clearing up, although I went to the Micro Center near me yesterday, and they said that they have not had stock of Raspberry Pi 4s for, like, two months now. So, they're coming, but they're not distributed evenly everywhere. And still, the best answer, especially if you're going to run a lot of things on it, is probably to buy one of those little mini PCs if you're starting out a home lab.Or there's some other content creators who build little Kubernetes clusters with multiple mini PCs. Three of those stack up pretty nicely and they're still super quiet. I think they're great for home labs. I have two of them over on my shelf that I'm using for testing and one of them is actually in my rack. And I have another one on my desk here that I'm trying to set up for a five gigabit home router since I finally got fiber internet after years with cable and I'm still stuck on my old gigabit router.Corey: Yeah, I wound up switching to a Protectli, I think is what it's called for—it's one of those things I've installed pfSense on. Which, I'm an old FreeBSD hand and I haven't kept up with it, but that's okay. It feels like going back in time ten years, in some respects—Jeff: [laugh].Corey: —so all right. And I have a few others here and there for various things that I want locally. But invariably, I've had the WiFi controller; I've migrated that off. That lives on an EC2 box in Ohio now. And I do wind up embracing cloud services when I don't want it to go down and be consistently available, but for small stuff locally, I mean, I have an antenna on the roof doing an ADS-B receiver dance that's plugged into a Pi Zero.I have some backlogged stuff on this, but they've gotten expensive as alternatives have dropped in price significantly. But what I'm finding as I'm getting more into 3D printing and a lot of hobbyist maker tools out there, everything is built with the Raspberry Pi in mind; it has the mindshare. And yeah, I can get something with similar specs that are equivalent, but then I've got to do a whole bunch of other stuff as soon as it gets into controlling hardware via GPIO pins or whatnot. And I have to think about it very differently.Jeff: Yeah, and that's the tough thing. And that's the reason why Raspberry Pis, even though they're three years old, even though they're hard to get, they still are fetching—on the used market—way more than the original MSRP. It's just crazy. But the reason for that is the Raspberry Pi organization. And there's two: there's the Raspberry Pi Foundation that's goals are to increase educational computing and accessibility for computers for kids and learning and all that, then there's the Raspberry Pi trading company that makes the Raspberry Pis.The Trading Company has engineers who sit there 24/7 working on the software, working on the kernel drivers, working on hardware bugs, listening to people on the forums and in GitHub and everywhere, and they're all English-speaking people there—they're over in the UK—and they manufacture their own boards. So, there's a lot of things on top of that, even though they're using some silicons of Broadcom chips that are a little bit locked down and not completely open-source like some other chips might be, they're a phone number you could call if you need the support or there's a forum that has activity that you can get help in and their software that's supported. And there's a newer Linux kernel and the kernel is updated all the time. So, all those advantages mean you get a little package that will work, it'll sip two watts of power, sitting 24/7. It's reliable hardware.There's so many people that use it that it's so well tested that almost any problem you could ever run into, someone else has and there's a blog post or a forum post talking about it. And even though the hardware is not super powerful—it's three years old—you can add on a Coral TPU and do face recognition and object recognition. And throw in Frigate for Home Assistant to get notifications on your phone when your mom walks up to the door. There's so many things you can do with them and they're so flexible that they're still so valuable. I think that they really knocked it out of the park with that model, the Raspberry Pi 4, and the compute module 4, which is still impossible to get. I have not been able to buy one for two years now. Luckily, I bought 12 two-and-a-half years ago [laugh] otherwise I would be running out for all my projects that I do.Corey: Yeah. I got two at the moment and two empty slots in the Turing Pi 2, which I'll care more about if I can actually get the thing up and booted. But it presupposes you have a Windows computer or otherwise, ehh, watch this space; more coming. Great. Like, do I build a virtual machine on top of something else? It leads down the path super quickly of places I thought I'd escaped from.Jeff: Yeah, you know, outside of the Pi realm, that's the state of the communities. It's a lot of, like, figuring out your own things. I did a project—I don't know if you've heard of Mr. Beast—but we did a project for him that involves a hundred single-board computers. We couldn't find Raspberry Pi's so we had to use a different single-board computer that was available.And so, I bought an older one thinking, oh, this is, like, three or four years old—it's older than the Pi 4—and there must be enough support now. But still, there's, like, little rough edges everywhere I went and we ended up making them work, but it took us probably an extra 30 to 40 hours of development work to get those things running the same way as a Raspberry Pi. And that's just the way of things. There's so much opportunity.If one of these Chinese manufacturers that makes most of these things, if one of them decided, you know what? We're going to throw tons of money into building support for these things, get some English-speaking members of these forums to build up the community, all that stuff, I think that they could have a shot at Raspberry Pi's giant portion of the market. But so far, I haven't really seen that happen. So far, they're spamming hardware. And it's like, the hardware is awesome. These chips are great if you know how to deal with them and how to get the software running and how to deal with Linux issues, but if you don't, then they're not great because you might not even get the thing to boot.Corey: I want to harken back to something you said a minute ago, where there's value in having a community around something, where you can see everyone else has already encountered a problem like this. I think that folks who weren't around for the rise of cloud have no real insight into how difficult it used to be just getting servers into racks and everything up, and okay, they're identical, and seven of them are working, but that eighth one isn't for some strange reason. And you spend four hours troubleshooting what turns out to be a bad cable or something not seated properly and it's awful. Cloud got away from a lot of that nonsense. But it's important—at least to me—to not be Captain Edgecase, where if you pick some new cloud provider and Google for how to set up a load balancer and no one's done it before you, that's not great. Whereas if I'm googling now in the AWS realm and no one has done, the thing I'm trying to do, that should be something of a cautionary flag of maybe this isn't how most people go about approaching production. Really think twice about this.Jeff: Yep. Yeah, we ran into that on a project I was working on was using Magento—which I don't know if anybody listening uses Magento, but it's not fun—and we ran into some things where it's like, “We're doing this, and it says that they do this on their official supported platform, but I don't know how they are because the code just doesn't exist here.” So, we ran into some weird edge cases on AWS with some massive infrastructure for the databases, and I ran into scaling issues. But even there, there were forum posts in AWS here and there that had little nuggets that helped us to figure out a way to get around it. And like you say, that is a massive advantage for AWS.And we ran into an issue with, we were one of the first customers trying out the new Lambda functions for RDS—or I don't remember exactly what it was called initially—but we ended up not using that. But we ran into some of these issues and figured out we were the first customer running into this weird scaling thing when we had a certain size of database trying to use it with these Lambda calls. And eventually, they got those things solved, but with AWS, they've seen so many things and some other cloud providers haven't seen these things. So, when you have certain types of applications that need to scale in certain ways, that is so valuable and the community of users, the ability to pull from that community when you need to hire somebody in an emergency, like, we need somebody to help us get this project done and we're having this issue, you can find somebody that is, like, okay, I know how to get you from Point A to Point B and get this project out the door. You can't do that on certain platforms.And open-source projects, too. We've always had that problem in Drupal. The amount of developers who are deep into Drupal to help with the hard problems is not vast, so the ones who can do that stuff, they're all hired off and paid a handsome sum. And if you have those kinds of problems you realize, I either going to need to pay a ton of money or we're just going to have to not do that thing that we wanted to do. And that's tough.Corey: What I've found, sort of across the board, has been that there's a lot of, I guess, open-source community ethos that has bled into a lot of this space and I wanted to make sure that we have time to talk about this because I was incensed a while back when Red Hat decided, “Oh, you know that whole ten-year commitment on CentOS? That project that we acquired and are now basically stabbing in the face?”—disclosure. I used to be part of the CentOS project years ago when I was on network staff for the Freenode IRC network—then it was, “Oh yeah, we're just going to basically undermine our commitments to you and now you can pay us if you want to get that support there.” And that really set me off. Was nice to see you were right there as well in almost lockstep with me, pointing out that this is terrible, just as far as breaking promises you've made to customers. Has your anger cooled any? Because mine hasn't.Jeff: It has not. My temper has cooled. My anger has not. I don't think that they get it. After all the backlash that they got after that, I don't think that the VP-level folks at Red Hat understand that this is already impacting them and will impact them much more in the future because people like me and you, people who help other people build infrastructure and people who recommend operating systems and people who recommend patterns and things, we're just going to drop off using CentOS because it doesn't exist. It does exist and some other people are saying, “Oh, it's actually better to use this new CentOS, you know, Stream. Stream is amazing.” It's not. It's not the same thing. It's different. And—Corey: I used to work at a bank. That was not an option. I mean, granted at the bank for the production systems it was always [REL 00:25:18], but being able to spin up a pre-production environment without having to pay license fees on every VM. Yeah.Jeff: Yeah. And not only that, they did this announcement and framed it a certain way, and the community immediately saw. You know, I think that they're just angry about something, and whether it was a NASA contract with Rocky Linux, or whether it was something Oracle did, who knows, but it seems petty in retrospect, especially in comparison to the amount of backlash that came out of it. And I really don't think that they understand the thing that they had with that Red Hat Enterprise Linux is not a massive growth opportunity for Red Hat. It's, in some ways, a dying product in terms of compared to using cloud stuff, it doesn't matter.You could use CoreOS, you could use NixOS, and you could use anything, it doesn't really matter. For people like you and me, we just want to deploy our software. And if it's containers, it really doesn't matter. It's just the people in government or in certain organizations that have these roles that you have to use whatever FIPS and all that kind of stuff. So, it's not like it's a hyper-growth opportunity for them.CentOS was, like, the only reason why all the software, especially on the open-source side, was compatible with Red Hat because we could use CentOS and it was easy and simple. They took that—well, they tried to take that away and everybody's like, “That's—what are you doing?” Like, I posted my blog post and I think that sparked off quite a bit of consternation, to the point where there was a lot of personal stuff going on. I basically said, “I'm not supporting Red Hat Enterprise Linux for any of my work anymore.” Like, “From this point forward, it's not supported.”I'll support OpenELA, I'll support Rocky Linux or Oracle Linux or whatever because I can get free versions that I don't have to sign into a portal and get a license and download the license and integrate it with my CI work. I'm an open-source developer. I'm not going to pay for stuff or use 16 free licenses. Or I was reached out to and they said, “We'll give you more licenses. We'll give you extra.” And it's like, that's not how this works. Like, I don't have to call Debian and Ubuntu and [laugh] I don't even have to call Oracle to get licenses. I can just download their software and run it.So, you know, I don't think they understood the fact that they had that. And the bigger problem for me was the two-layer approach to destroying all the trust that the community had. First was in, I think it was 2019 when they said—we're in the middle of CentOS 8's release cycle—they said, “We're dropping CentOS 8. It's going to be Stream now.” And everybody was up in arms.And then Rocky Linux and [unintelligible 00:27:52] climbed in and gave us what we wanted: basically, CentOS. So, we're all happy and we had a status quo, and Rocky Linux 9 and [unintelligible 00:28:00] Linux nine came out after Red Hat 9, and the world was a happy place. And then they just dumped this thing on us and it's like, two major release cycles in a row, they did it again. Like, I don't know what this guy's thinking, but in one of the interviews, one of the Red Hat representatives said, “Well, we wanted to do this early in Red Hat 9's release cycle because people haven't started migrating.” It's like, well, I already did all my automation upgrades for CI to get all my stuff working in Rocky Linux 9 which was compatible with Red Hat Enterprise Linux 9. Am I not one of the people that's important to you?Like, who's important to you? Is it only the people who pay you money or is it also the people that empower your operating system to be a premier Enterprise Linux operating system? So, I don't know. You can tell. My anger has not died down. The amount of temper that I have about it has definitely diminished because I realize I'm talking at a wall a lot of times, when I'm having conversations on Twitter, private conversations and email, things like that.Corey: People come to argue; they don't come to actually have a discussion.Jeff: Yeah. I think that they just, they don't see the community aspect of it. They just see the business aspect. And the business aspect, if they want to figure out ways that they can get more people to pay them for their software, then maybe they should provide more value and not just cut off value streams. It doesn't make sense to me from a long-term business perspective.From a short term, maybe there were some clients who said, “Oh, shoot. We need this thing stable. We're going to pay for some more licenses.” But the engineers that those places are going to start making plans of, like, how do we make this not happen again. And the way to not make that happen, again is to use, maybe Ubuntu or maybe [unintelligible 00:29:38] or something. Who knows? But it's not going to be increasing our spend with Red Hat.Corey: That's what I think a lot of companies are missing when it comes to community as well, where it's not just a place to go to get support for whatever it is you're doing and it's not a place [where 00:29:57] these companies view prospective customers. There's more to it than that. There has to be a social undercurrent on this. I look at the communities I spend time in and in some of them dating back long enough, I've made lifelong significant friendships out of those places, just through talking about our lives, in addition to whatever the community is built around. You have to make space for that, and companies don't seem to fully understand that.Jeff: Yeah, I think that there's this thing that a community has to provide value and monetizable value, but I don't think that you get open-source if you think that that's what it is. I think some people in corporate open-source think that corporate open-source is a value stream opportunity. It's a funnel, it's something that is going to bring you more customers—like you say—but they don't realize that it's a community. It's like a group of people. It's friends, it's people who want to make the world a better place, it's people who want to support your company by wearing your t-shirt to conferences, people want to put on your red fedora because it's cool. Like, it's all of that. And when you lose some of that, you lose what makes your product differentiated from all the other ones on the market.Corey: That's what gets missed. I think that there's a goodwill aspect of it. People who have used the technology and understand its pitfalls are likelier to adopt it. I mean, if you tell me to get a website up and running, I am going to build an architecture that resembles what I've run before on providers that I've run on before because I know what the failure modes look like; I know how to get things up and running. If I'm in a hurry, trying to get something out the door, I'm going to choose the devil that I know, on some level.Don't piss me off as a community member and incentivize me to change that estimation the next time I've got something to build. Well, that doesn't show up on this quarter's numbers. Well, we have so little visibility into how decisions get made many companies that you'll never know that you have a detractor who's still salty about something you did five years ago and that's the reason the bank decided not to because that person called in their political favors to torpedo that deal and have a sweetheart offer from your competitor, et cetera and so on and so forth. It's hard to calculate the actual cost of alienating goodwill. But—Jeff: Yeah.Corey: I wish companies had a longer memory for these things.Jeff: Yeah. I mean, and thinking about that, like, there was also the HashiCorp incident where they kind of torpedoed all developer goodwill with their Terraform and other—Terraform especially, but also other products. Like, I probably, through my book and through my blog posts and my GitHub examples have brought in a lot of people into the HashiCorp ecosystem through Vagrant use, and through Packer and things like that. At this point, because of the way that they treated the open-source community with the license change, a guy like me is not going to be enthusiastic about it anymore and I'm going to—I already had started looking at alternatives for Vagrant because it doesn't mesh with modern infrastructure practices for local development as much, but now it's like that enthusiasm is completely gone. Like I had that goodwill, like you said earlier, and now I don't have that goodwill and I'm not going to spread that, I'm not going to advocate for them, I'm not going to wear their t-shirt [laugh], you know when I go out and about because it just doesn't feel as clean and cool and awesome to me as it did a month ago.And I don't know what the deal is. It's partly the economy, money's drying up, things like that, but I don't understand how the people at the top can't see these things. Maybe it's just their organization isn't set up to show the benefits from the engineers underneath, who I know some of these engineers are, like, “Yeah, I'm sorry. This was dumb. I still work here because I get a paycheck, but you know, I can't say anything on social media, but thank you for saying what you did on Twitter.” Or X.Corey: Yeah. It's nice being independent where you don't really have to fear the, well if I say this thing online, people might get mad at me and stop doing business with me or fire me. It's well, yeah, I mean, I would have to say something pretty controversial to drive away every client and every sponsor I've got at this point. And I don't generally have that type of failure mode when I get it wrong. I really want to thank you for taking the time to talk with me. If people want to learn more, where's the best place for them to find you?Jeff: Old school, my personal website, jeffgeerling.com. I link to everything from there, I have an About page with a link to every profile I've ever had, so check that out. It links to my books, my YouTube, all that kind of stuff.Corey: There's something to be said for picking a place to contact you that will last the rest of your career as opposed to, back in the olden days, my first email address was the one that my ISP gave me 25 years ago. I don't use that one anymore.Jeff: Yep.Corey: And having to tell everyone I corresponded with that it was changing was a pain in the butt. We'll definitely put a link to that one in the [show notes 00:34:44]. Thank you so much for taking the time to speak with me. I appreciate it.Jeff: Yeah, thanks. Thanks so much for having me.Corey: Jeff Geerling, YouTuber, author, content creator, and oh so very much more. I'm Cloud Economist Corey Quinn and this is Screaming in the Cloud. If you've enjoyed this podcast, please leave a five-star review on your podcast platform of choice, whereas if you've hated this podcast, please leave a five-star review on your podcast platform of choice along with an angry comment that we will, of course, read [in action 00:35:13], just as soon as your payment of compute modules for Raspberries Pi show up in a small unmarked bag.Corey: If your AWS bill keeps rising and your blood pressure is doing the same, then you need The Duckbill Group. We help companies fix their AWS bill by making it smaller and less horrifying. The Duckbill Group works for you, not AWS. We tailor recommendations to your business and we get to the point. Visit duckbillgroup.com to get started.

Terraform is no longer open source. This is the news we got last month (August 2023), when HashiCorp announced its decision to relicense its open source tools, including Terraform, Vault, Packer, Consul, Vagrant and others, into Business Source License 1.1. The community, led by active Terraform-based vendors, gathered up to create a fork of Terraform to keep it open. The result is OpenTofu (originally called OpenTF), whose manifesto already has tens of thousands of stars on GitHub, less than a month out. Only a month old, engineers are hard at work to establish the first release of OpenTofu, as well as its foundational backbone. In this month's episode I covered these significant events that shake our industry and the DevOps world. I was joined by Omry Hay, co-founder and CTO of env0. env0 provides an automation solution based on Terraform, and is one of the creators of OpenTofu and a member of the project's steering committee. Omry also shared OpenTofu's mission and current status, as well as exciting updates, hot off Open Source Summit Europe conference taking place these days, in which OpenTofu has officially joined The Linux Foundation. Omry has been a software engineer and engineering manager for the last 16 years, working at companies like eToro, Fiverr and Proofpoint. As CTO of env0, he leads the R&D and Product departments. The episode was live-streamed on 18 September 2023 and the video is available at https://www.youtube.com/watch?v=5QdUs9VKq5g OpenObservability Talks episodes are released monthly, on the last Thursday of each month and are available for listening on your favorite podcast app and on YouTube. We live-stream the episodes on Twitch and YouTube Live - tune in to see us live, and chime in with your comments and questions on the live chat. ⁠https://www.youtube.com/@openobservabilitytalks⁠   https://www.twitch.tv/openobservability Show Notes: 00:00 - show intro 00:56 - episode and guest intro 02:45 - HashiCorp's relicensing announcement 04:58 - what the relicensing means for users 14:50 - implications on the Terraform ecosystem 24:55 - HCL language for IaC 28:36 - what does the new license mean? 32:13 - Terms of service changed for Terraform Registry 36:08 - forking Terraform and starting OpenTF/OpenTofu 41:08 - how many engineers work on OpenTofu 42:18 - joining the Linux Foundation and renaming OpenTofu 48.50 - OpenTofu release and Terraform compatibility 56:54 - roadmap for OpenTofu 59:00 - how to get touch with the community and Omry 64.30 - The OSI Approved Licenses database is available 65:28 - Red Hat changed the CentOS release process Resources: HashiCorp relicensing announcement: https://www.hashicorp.com/blog/hashicorp-adopts-business-source-licenseOpenTofu project: https://opentofu.org/ The Linux Foundation announces OpenTofu: https://www.linuxfoundation.org/press/announcing-opentofu Red Hat changed the CentOS release process: https://www.redhat.com/en/blog/furthering-evolution-centos-streamCNCF's guidelines for using source-available dependencies in its OSS projects: https://github.com/cncf/foundation/blob/main/source-available-recommendations.md#recommendations checklist for safely using and choosing open source tools: https://medium.com/@horovits/when-your-open-source-turns-to-the-dark-side-331d83f182c Socials: Twitter:⁠ https://twitter.com/OpenObserv⁠ YouTube: ⁠https://www.youtube.com/@openobservabilitytalks⁠ Dotan Horovits ============ Twitter: @horovits LinkedIn: in/horovits Mastodon: @horovits@fosstodon Omry Hay ======== Twitter: https://twitter.com/omryhay LinkedIn: https://www.linkedin.com/in/omryhay/

Coming up in this episode * The prying eyes wanna know

Open source has always moved fast. Today, it moves faster than ever, driven by both community demand and corporate interest. On this episode, Perforce's Javier Perez and OSI's Stefano Maffulli discuss the impact of recent license changes and the historical push-and-pull between consumers and providers in the world of open source.Highlights:Reflecting on 25 years of OSI and its widening scopeThe historical changes that set the stage for open sourceWhat's shaping Linux distributions today (CentOS, RHEL restrictions, HashiCorp's switch to BSL, and more)The “social contract” between companies and communitiesThe pros and cons of single companies driving open-source communitiesThe commercialized future of open sourceSpeakers:Javier Perez, Chief Open Source Evangelist and Senior Director of Product Management at PerforceStefano Maffulli, Executive Director at the Open Source Initiative (OSI)Links:Learn about Puppet's commitment to open source projects like Bolt and Open Source Puppet (OSP): https://www.puppet.com/community/open-sourceFind Stefano at https://www.maffulli.net/Follow Javier on Twitter at https://twitter.com/jperezp_bosOSI's programs (including a new Advocacy and Outreach program) https://opensource.org/programs/“Defining an open source AI for the greater good”: How OSI is approaching AI https://opensource.com/article/22/10/defining-open-source-ai“Friend or Foe? ChatGPT's Impact on Open Source Software” by Javier Perez for DevOps.com https://devops.com/friend-or-foe-chatgpts-impact-on-open-source-software/Read the episode transcriptFind Us Online:puppet.comPulling the Strings on Apple PodcastsTwitterLinkedIn

Josh and Kurt talk about the difference between what we think of as traditional open source, and enterprise software projects that have an open source license. They are both technically open source, but how the projects work is very very different. Show Notes CentOS Stream PR The Most Prolific Packager For Alpine Linux Is Stepping Away

Coming up in this episode * The Catchup Episode (We've missed so much!) * The Red Hat Recap * Browser Watch...ing! * Some feedback, and a focus The Video Podcast (https://youtu.be/ZKm9vgJzAO8) https://youtu.be/ZKm9vgJzAO8 401 Audio Timestamps 0:00 Cold Open 2:16 The Gentoo Checkin 11:33 We Have a Lemmy! 19:24 Red Hat Recap 46:09 Browser Watch 1:05:21 Feedback 1:23:05 Community Focus: Linux Matters 1:27:03 App Focus: Jerboa & Memmy 1:34:48 Next Time: Debian 1:37:09 Stinger Banter Gentoo check in - Use the Handbook! (https://wiki.gentoo.org/wiki/Handbook:Main_Page) The wiki (https://wiki.gentoo.org/wiki/Main_Page) is just great in general. Lemmy (https://join-lemmy.org/) The Linux User Space Lemmy instance (https://lemmy.linuxuserspace.show/) feddit's community browser (https://browse.feddit.de/) Another Lemmy explorer (https://lemmyverse.net/communities) Announcements

This week we discuss the launch of Threads, the battle for Enterprise Linux and Coté tries HEY again. Plus, plenty of thoughts on packing for a long weekend. Watch the YouTube Live Recording of Episode (https://www.youtube.com/watch?v=7aW-9Zv1maQ) 423 (https://www.youtube.com/watch?v=7aW-9Zv1maQ) Runner-up Titles Capitalizing on Competitors Bring the Go Bag There are no backpacks in Gucci ads No bad vibes Rundown Threads Threads, Instagram's ‘Twitter Killer,' Has Arrived (https://www.nytimes.com/2023/07/05/technology/threads-app-meta-twitter-killer.html) Special Episode: Meta's Twitter Rival Arrives, with Adam Mosseri (https://www.nytimes.com/2023/07/06/podcasts/special-episode-metas-twitter-rival-arrives-with-adam-mosseri.html) Facebook's Threads is so depressing (https://jogblog.substack.com/p/facebooks-threads-is-so-depressing) Twitter, Threads, and the Great Social Implosion (https://staysaasy.com/product/2023/07/07/twitter-threads-social-implosion.html) Instagram's Threads app reaches 100 million users within just five days (https://techcrunch.com/2023/07/10/instagrams-threads-app-reaches-100-million-users-in-just-five-days/) How Threads' privacy policy compares to Twitter's (and its rivals') (https://arstechnica.com/security/2023/07/how-threads-privacy-policy-compares-to-twitters-and-its-rivals/) Instagram's Twitter rival is the latest in Meta's parade of copycat apps (https://www.axios.com/2023/07/06/metas-copycat-machine-threads?utm_source=newsletter&utm_medium=email&utm_campaign=newsletter_axiosmediatrends&stream=top) Linux Red Hat's open source rot began when IBM walked (https://www.theregister.com/2023/07/07/red_hat_open_source/) Keep Linux Open and Free—We Can't Afford Not To (https://www.oracle.com/news/announcement/blog/keep-linux-open-and-free-2023-07-10/) SUSE Preserves Choice in Enterprise Linux by Forking RHEL with a $10+ Million Investment (https://www.suse.com/news/SUSE-Preserves-Choice-in-Enterprise-Linux/) History Never Repeats. But Sometimes It Rhymes. (https://ciq.com/blog/history-never-repeats-but-sometimes-it-rhymes/) Oracle slams IBM's Red Hat over RHEL paywall (https://www.theregister.com/2023/07/10/oracle_ibm_rhel_code/?td=rt-3a) Automation at Scale: Migrating 200K Machines from CentOS 7 to RHEL 9 (https://engineering.salesforce.com/automation-at-scale-migrating-200000-machines-from-centos-7-to-rhel-9/) Shifting "Shift Left (and leave)" versus "Shift Left (and stay)" (https://newsletter.cote.io/p/shift-left-and-leave-versus-shift?utm_source=post-email-title&publication_id=50&post_id=134452721&isFreemail=true&utm_medium=email) Richard Seroter on shifting down vs. shifting left (https://cloud.google.com/blog/products/application-development/richard-seroter-on-shifting-down-vs-shifting-left) Matt's packing list (https://drive.google.com/file/d/1VTSZKJ9FQsW70spJtSHwN7TkuFqQdEux/view?usp=share_link) Gmail brings in Calendly-style availability sharing from Google Calendar (https://techcrunch.com/2023/07/12/gmail-brings-in-calendly-style-availability-sharing-from-google-calendar/) Relevant to your Interests DigitalOcean acquires cloud computing startup Paperspace for $111M in cash (https://techcrunch.com/2023/07/06/digitalocean-acquires-cloud-computing-startup-paperspace-for-111m-in-cash/) Snowflake vs. Databricks (https://open.substack.com/pub/aspiringforintelligence/p/snowflake-vs-databricks?r=2l9&utm_campaign=post&utm_medium=web) WebAssembly runtimes will replace container-based runtimes by 2030 (https://changelog.com/posts/webassembly-runtimes-will-replace-container-runtimes-by-2030) Jordan Schneider is at SEMICON JULY 11-12 on Twitter (https://twitter.com/jordanschnyc/status/1678128857763950593?s=46&t=-2GRjYw3L96Jh3hL9tDPcg) Court filing shows Microsoft Azure generated lower-than-expected $34B in revenue in 2022 (https://siliconangle.com/2023/06/29/court-filing-shows-microsoft-azure-generated-lower-expected-34b-revenue-2022/?ck_subscriber_id=512840665) Smart guy from Google decides not to compete with Apple Vision (https://twitter.com/marklucovsky/status/1678465552988381185) 87% Missing: the Disappearance of Classic Video Games | Video Game History Foundation (https://gamehistory.org/87percent/) IBM watsonx (https://www.ibm.com/watsonx) ChatGPT's explosive growth shows first decline in traffic since launch (https://www.reuters.com/technology/booming-traffic-openais-chatgpt-posts-first-ever-monthly-dip-june-similarweb-2023-07-05/) Cloud Native Computing Foundation Reaffirms #Istio Maturity with Project (https://twitter.com/CloudNativeFdn/status/1679143862256951297?s=20) Early Google exec Urs Holzle to step down from executive management role amid cloud shakeup (https://www.cnbc.com/2023/07/12/google-cloud-shakeup-urs-holzle-to-step-down-from-executive-management.html) Being acquired from a smallish start-up into VMware (https://apps-cloudmgmt.techzone.vmware.com/blog/being-acquired-smallish-start-vmware) Gartner Says Worldwide PC Shipments Declined 16.6% in Second Quarter of 2023 (https://www.gartner.com/en/newsroom/press-releases/2023-07-11-gartner-says-worldwide--pc-shipments-declined-16-percent-in-second-quarter-of-2023) Microsoft's Cloud Server Business in 2022 Was Less Than Half of AWS, New Document Reveals (https://www.theinformation.com/articles/microsofts-cloud-server-business-in-2022-was-less-than-half-of-aws-new-document-reveals) Microsoft confirms more job cuts on top of 10,000 layoffs announced in January (https://www.cnbc.com/2023/07/10/microsoft-confirms-more-job-cuts-on-top-of-10000-layoffs-in-january.html) Shopify deleted 12,000 meetings this year. (https://twitter.com/petergyang/status/1679130177819881475?s=20) Nonsense If you don't buy Jony Ive's $60,000 turntable, are you really a music fan? (https://techcrunch.com/2023/07/07/if-you-dont-buy-jony-ives-60000-turntable-are-you-really-a-music-fan/?guccounter=1&guce_referrer=aHR0cHM6Ly9uZXdzLmdvb2dsZS5jb20v&guce_referrer_sig=AQAAAJAa2W94DiGgNgW_6JYJlL5YfxUkrkPKqhok-JRQ7R9oVhR7RfppOcMzOmGT0a9ZAz5-Azv2dqgLtpchPjtcXX3gaH4jAqpgDPgaiAqQDjl2tqZwK5VnxICubA-JYISytIETZIZAiYbkVvkABjxuyQirthfmyE46rL3XWXEk94rv) Conferences August 8th Kubernetes Community Day Australia (https://community.cncf.io/events/details/cncf-kcd-australia-presents-kubernetes-community-day-australia-2023/) in Sydney, Matt attending. August 21st to 24th SpringOne (https://springone.io/) & VMware Explore US (https://www.vmware.com/explore/us.html), in Las Vegas. Explore EU CFP is open. Sep 6th to 7th DevOpsDays Des Moines (https://devopsdays.org/events/2023-des-moines/welcome/), Coté speaking. Sep 18th to 19th SHIFT (https://shift.infobip.com/) in Zadar, Coté speaking. October 6, 2023, KCD Texas 2023 (https://community.cncf.io/events/details/cncf-kcd-texas-presents-kcd-texas-2023/), CFP Closes: August 30, 2023 Jan 29, 2024 to Feb 1, 2024 That Conference Texas CFP Open 6/1 - 8/21 (https://that.us/call-for-counselors/tx/2024/) If you want your conference mentioned, let's talk media sponsorships. SDT news & hype Join us in Slack (http://www.softwaredefinedtalk.com/slack). Get a SDT Sticker! Send your postal address to stickers@softwaredefinedtalk.com (mailto:stickers@softwaredefinedtalk.com) and we will send you free laptop stickers! Follow us: Twitch (https://www.twitch.tv/sdtpodcast), Twitter (https://twitter.com/softwaredeftalk), Instagram (https://www.instagram.com/softwaredefinedtalk/), Mastodon (https://hachyderm.io/@softwaredefinedtalk), BlueSky (https://bsky.app/profile/softwaredefinedtalk.com), LinkedIn (https://www.linkedin.com/company/software-defined-talk/), TikTok (https://www.tiktok.com/@softwaredefinedtalk), Threads (https://www.threads.net/@softwaredefinedtalk) and YouTube (https://www.youtube.com/channel/UCi3OJPV6h9tp-hbsGBLGsDQ/featured). Use the code SDT to get $20 off Coté's book, Digital WTF (https://leanpub.com/digitalwtf/c/sdt), so $5 total. Become a sponsor of Software Defined Talk (https://www.softwaredefinedtalk.com/ads)! Recommendations Brandon: Hijack (https://tv.apple.com/us/show/hijack/umc.cmc.1dg08zn0g3zx52hs8npoj5qe3) Matt: Murderbot Diaries (https://www.goodreads.com/series/191900-the-murderbot-diaries) Coté: Fantastical (https://flexibits.com/fantastical), read-out of second HEY try. Photo Credits Header (https://paper.dropbox.com/doc/Is-the-enemy-of-my-enemy-my-friend--B78kG9125I6L26iQ7ANBrxDaAg-AymUiXqVRaytqe3gqMPDv) Artwork (https://labs.openai.com/e/MlTLNTDx8VvoCaCEiMc16oDi/oFNRSDbXIEng8pevJZCfCYnE)

openAI's window to build their moat is closing, but they have a powerful friend stepping up to help seal the deal. Plus, our reaction to Oracle's very spicy response to Red Hat.

Can Ubuntu make a great immutable desktop? We're trying the brand-new "Everything is a Snap" Ubuntu Core Desktop.

On this episode of the Futurum Tech Webcast – Interview Series, I'm joined by Gunnar Hellekson, GM and VP of Red Hat Enterprise Linux for a candid and transparent conversation about CentOS Stream and the future of public RHEL-related source code releases. Our discussion covers: We get an overview of some of the recent announcements from Red Hat surrounding CentOS Stream A look at how Red Hat is approaching the future of public RHEL-related source code releases We discuss some of the community reaction to the changes in source code releases, and Red Hat's commitment to their upstream-first policy Gunnar shares how Red Hat is prioritizing the ease of transition into Red Hat Enterprise Linux, and what that looks like for users Finally, I ask Gunnar to share three key takeaways that he'd like community, enterprise customers, and non-enterprise developers to consider from our discussion

Red Hat wants to limit redistribution of RHEL source code. We discuss their history with CentOS and the likely knock-on effects of taking direct aim at its customers' GPL rights. Plus browsers doing port scans, and OpenWrt vs OPNsense.   News Red Hat's new source code policy and the intense pushback, explained Brave aims to […]

Josh and Kurt talk about Red Hat closing up the RHEL source code. Kurt and Josh both worked at Red Hat in the past. This isn't a show that bashes Red Hat, and it's not a show praising them. We take an honest look at the past, present, and future of Linux. There's a lot to talk about in this one. TL;DR, Red Hat was the chosen on, and we all feel betrayed. Show Notes Red Hat's first blog post Red Hat's honest post DeWitt clause

TSMC confirms data breach after LockBit cyberattack on third-party supplier Red Hat Says "Bye Bye CentOS" Cybercriminals Hijacking Vulnerable SSH Servers in New Proxyjacking Campaign ChatGPT's Still a Baby and It's Already Getting Sued Minimizing Dark Data Risk Ranga Bodla, Vice President of Field Engagement and Marketing at Oracle NetSuite talks about simplifying tech stacks to minimize costs, and advantages to using advanced ERP systems. Host: Louis Maresca Co-Host: Oliver Rist Guest: Ranga Bodla Download or subscribe to this show at https://twit.tv/shows/this-week-in-enterprise-tech. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit Sponsors: kolide.com/twiet lookout.com ZipRecruiter.com/twiet

TSMC confirms data breach after LockBit cyberattack on third-party supplier Red Hat Says "Bye Bye CentOS" Cybercriminals Hijacking Vulnerable SSH Servers in New Proxyjacking Campaign ChatGPT's Still a Baby and It's Already Getting Sued Minimizing Dark Data Risk Ranga Bodla, Vice President of Field Engagement and Marketing of Oracle talks about simplifying tech stacks to minimize costs, and advantages to using advanced ERP systems. Host: Louis Maresca Co-Host: Oliver Rist Guest: Ranga Bodla Download or subscribe to this show at https://twit.tv/shows/this-week-in-enterprise-tech. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit Sponsors: kolide.com/twiet lookout.com ZipRecruiter.com/twiet

TSMC confirms data breach after LockBit cyberattack on third-party supplier Red Hat Says "Bye Bye CentOS" Cybercriminals Hijacking Vulnerable SSH Servers in New Proxyjacking Campaign ChatGPT's Still a Baby and It's Already Getting Sued Minimizing Dark Data Risk Ranga Bodla, Vice President of Field Engagement and Marketing of Oracle talks about simplifying tech stacks to minimize costs, and advantages to using advanced ERP systems. Host: Louis Maresca Co-Host: Oliver Rist Guest: Ranga Bodla Download or subscribe to this show at https://twit.tv/shows/this-week-in-enterprise-tech. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit Sponsors: kolide.com/twiet lookout.com ZipRecruiter.com/twiet

TSMC confirms data breach after LockBit cyberattack on third-party supplier Red Hat Says "Bye Bye CentOS" Cybercriminals Hijacking Vulnerable SSH Servers in New Proxyjacking Campaign ChatGPT's Still a Baby and It's Already Getting Sued Minimizing Dark Data Risk Ranga Bodla, Vice President of Field Engagement and Marketing at Oracle NetSuite talks about simplifying tech stacks to minimize costs, and advantages to using advanced ERP systems. Host: Louis Maresca Co-Host: Oliver Rist Guest: Ranga Bodla Download or subscribe to this show at https://twit.tv/shows/this-week-in-enterprise-tech. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit Sponsors: kolide.com/twiet lookout.com ZipRecruiter.com/twiet

Training 3.0 benchmark results show performance gains of up to 1.54x compared to six months ago and 33-49x improvement over the first round, driving innovation and energy efficiency in the industry. Intel's Habana Gaudi2 ML training engine competes with Nvidia's offerings, boasting better performance than A100 and lower pricing than H100. Nvidia, on the other hand, unveils their NeMo model with half a trillion parameters and expands the MLPerf Training suite to include GPT-3 and a new Recommendation engine. Their collaboration with CoreWeave showcases the superior performance of the H100, providing a 3.6x speed increase for GPT-3 compared to Intel Xeon and Gaudi2. Nvidia is also developing foundation models for their DGX cloud, collaborating with major players in the industry, and Intel is widely rumored to be developing its own Gaudi2-as-a-Service offering. Then there's the Tiny 1.1 inferencing benchmark, which saw over 150 results and performance improvements up to 1000x. Time Stamps: 0:00 - Welcome to the Rundown 0:48 - What Red Hat is doing with CentOS 3:36 - Moving Windows to the cloud for consumers 6:31 - IBM acquires Apptio 8:51 - Cisco set to acquire SamKnows 12:04 - Databricks Acquires MosaicML 15:37 - Cato Networks introduces AI tracker for malware command and control 18:39 - MLPerf 3 Upsets the AI Apple Cart 32:10 - The Weeks Ahead 33:40 - Thanks for Watching Follow our Hosts on Social Media Tom Hollingsworth: https://www.twitter.com/NetworkingNerd Stephen Foskett: https://www.twitter.com/SFoskett Tim Bertino: https://www.twitter.com/TimBertino Follow Gestalt IT Website: https://www.GestaltIT.com/ Twitter: https://www.twitter.com/GestaltIT LinkedIn: https://www.linkedin.com/company/Gestalt-IT #Rundown, #MLPerf, #CentOS, #RHEL, @RedHat, #Cloud, @Microsoft, @Windows, @IBM, @Apptio, #NetworkMonitoring, @Cisco, @SamKnows, @Databricks, @MosaicML, @CatoNetworks, #AI, @MLCommons, #MLPerf3,

FULL SHOW NOTES ►► https://tuxdigital.com/podcasts/destination-linux/dl-329/

FULL SHOW NOTES ►► https://tuxdigital.com/podcasts/destination-linux/dl-329/

Another week, another podcast! This week we talk about Fedora 38, Solus Linux's resurrection, and Microsoft wanting some Windows on our beloved Steam Decks. Video version - https://youtube.com/live/cVj9_8VwsLk ==== Special Thanks to Our Patrons! ==== https://thelinuxcast.org/patrons/ ===== Follow us

Hymns from the Morningland Being Translations, Centos and Suggestions from the Service Books of the Holy Eastern Church

What we're liking about GNOME 44, how Microsoft's Linux distro is trying to attract more users, and we bust a CentOS myth.

What we're liking about GNOME 44, how Microsoft's Linux distro is trying to attract more users, and we bust a CentOS myth.

Catch up on the cybersecurity and tech news of the week with Don, Dan, and Sophie as they cover the latest. This week in tech, Microsoft began previewing an updated version of Teams with a new client, Microsoft announced it will be improving the way default apps are selected, and Google discloses CentOS Linux Kernel vulnerabilities after CentOS failed to fix them. In security news, journalists at several Ecuadorian news outlets were targeted by explosives designed to look like USB drives. For our “Doh!” segment, GitHub had to re-publish SSH keys after accidentally publishing private keys. Finally, in this week’s “Who Got Pwned?” segment, Windows, Ubuntu, and VMWare Workstation were all hacked on the last day of Pwn2Own, a hacking contest offering hundreds of thousands of dollars in prize money to the winners.

Catch up on the cybersecurity and tech news of the week with Don, Dan, and Sophie as they cover the latest. This week in tech, Microsoft began previewing an updated version of Teams with a new client, Microsoft announced it will be improving the way default apps are selected, and Google discloses CentOS Linux Kernel vulnerabilities after CentOS failed to fix them. In security news, journalists at several Ecuadorian news outlets were targeted by explosives designed to look like USB drives. For our “Doh!” segment, GitHub had to re-publish SSH keys after accidentally publishing private keys. Finally, in this week’s “Who Got Pwned?” segment, Windows, Ubuntu, and VMWare Workstation were all hacked on the last day of Pwn2Own, a hacking contest offering hundreds of thousands of dollars in prize money to the winners.

Coming up in this episode 1. CentOS 2. ... 3. ... 4. Just CentOS 316 Audio Timestamps 0:00 Cold Open 1:48 With a Little Help From Our Friends 9:42 CentOS History, 90's - 1996 11:46 96 - 2000 14:01 2000 - 2003 20:29 The Clone Wars 24:47 2004 - 2014 30:25 2014 - 2022 36:41 Our CentOS Experience 1:11:00 Next Time: Topics! 1:14:31 Stinger Watch this episode on Youtube (https://www.youtube.com/watch?v=52MnZVvVumc) https://www.youtube.com/watch?v=52MnZVvVumc Banter Leo's font issue (https://mastodon.social/@leochavez/109809074194178438) The bug (https://bugzilla.redhat.com/show_bug.cgi?id=2144433#c6) HUGE Thanks to Carl George for technical help with this episode. Announcements Give us a sub on YouTube (https://linuxuserspace.show/youtube) You can watch us live on Twitch (https://linuxuserspace.show/twitch) the day after an episode drops. If you like what we're doing here, make sure to send us a buck over at https://patreon.com/linuxuserspace CentOS Linux the History July 1994 The "preview" release for Red Hat Linux is released internally (https://fedoraproject.org/wiki/History_of_Red_Hat_Linux) October 31 codenamed "Halloween" 0.9 is released. May 1995 "Mother's Day" 1.0 is released and introduces some iconic branding. March 1996 "Picasso" 3.0.3 is released. Version numbers might really matter, check out our Slackware episode (https://www.linuxuserspace.show/219) to find out how Patrick Volkerding felt about them. TL;DW (http://www.slackware.com/faq/do_faq.php?faq=general#0) September 2000 Red Hat Linux 7.0 has releases with their renamed gcc version (features.slashdot.org/article.pl?sid=00/10/12/163218&mode=thread) May 2002 Enter Red Hat Enterprise Linux (https://access.redhat.com/articles/3078) with version 2.1. Sometime within 2002, Warren Togami starts the Fedora Linux Project (https://fedoraproject.org/wiki/User:Wtogami?rd=WarrenTogami). It aimed to bring together (https://web.archive.org/web/20031008123733/http://www.fedora.us/index-main.html) additional packages for Red Hat Linux. It wasn't a distribution on its own (https://web.archive.org/web/20030219051938/http://www.fedora.us/fedora.html). It was Extras for the existing Red Hat Linuxes. March 2003 Red Hat Linux 9.0, named Shrike, is released. July 2003 Severn, the beta for what would be Red Hat Linux 10, changes to a more open and community focused development process (https://lwn.net/Articles/40201/). September 2003, Red Hat Linux and the Fedora Linux Project, [merge into The Fedora Project].(https://web.archive.org/web/20031001204515/http://www.fedora.us/). Mailing list announcement (https://listman.redhat.com/archives/fedora-devel-list/2003-September/msg00137.html) Transition info (https://www.linuxjournal.com/article/7169) Also in September, enter cAos (https://web.archive.org/web/20120507000526/http://www.caoslinux.org/about.html). cAos1-base and cAos1-enhanced couldn't really exist without each other (https://web.archive.org/web/20050207043816/https://www.linuxtimes.net/modules.php?name=News&file=article&sid=406). November 2003 Red Hat signals that it's getting out of the Boxed Linux business (https://lwn.net/Articles/56947/). What was to be Red Hat Linux 10 instead released as Fedora Core 1 with (https://web.archive.org/web/20031107044428/http://download.fedora.redhat.com/pub/fedora/linux/core/1/i386/os/RELEASE-NOTES.html) Extras. December 2003 the first alpha (https://web.archive.org/web/20040128013252/http://caosity.org:80/) of cAos. Three weeks later, CentOS 3 (https://web.archive.org/web/20040202083913/http://caosity.org/index.php?option=news&task=viewarticle&sid=10). Another week later, CentOS 2 beta (https://web.archive.org/web/20040202084601/http://caosity.org/index.php?option=news&task=viewarticle&sid=11). Whitebox Linux first release candidate (http://www.whiteboxlinux.org/news.html). David Parsley registered taolinux.org, and in December, started getting the site together (https://web.archive.org/web/20040111131901/http://taolinux.org:80/). Why Tao Linux? (https://web.archive.org/web/20040704030839/http://taolinux.org/?q=node/view/5) June 2006, David had to switch jobs (https://web.archive.org/web/20061013083339/http://taolinux.org/?q=node/view/8). Scientific Linux (https://scientificlinux.org) Feburary 2004 the final release cAos-1, the proof of concept,made it to mirrors (https://web.archive.org/web/20040402100908/http://caosity.org/index.php?option=news&task=viewarticle&sid=22). March 2004 CentOS 3.1 is released (https://web.archive.org/web/20040325064219/http://caosity.org:80/). Karanbir Singh, or KB, noted that 3.3 was the first proper release (https://www.youtube.com/watch?v=PTX5yguTxA4&t=352s). February 2005 CentOS receieved a Cease and Desist letter from the lawyers over at Red Hat in regards to using the Red Hat Logos and name on the centos.org website. CentOS's response (https://web.archive.org/web/20050222184509/http://www.centos.org/modules/news/article.php?storyid=66). March 2005 CentOS 4 was released two weeks after its upstream RHEL 4. Coverage was picking up (https://web.archive.org/web/20050507081709/www.linuxplanet.com/linuxplanet/reviews/5823/1/). Lance Davis announces (https://lists.centos.org/pipermail/centos/2005-March/537696.html) that CentOS is separating itself from the cAos project. May 2005 cAos 2 is announced (https://web.archive.org/web/20040522050643/http://caosity.org:80/), also based on RHEL 3. 2008 A new distribution, also called Caos (https://web.archive.org/web/20081203074352/http://lists.caosity.org/pipermail/caos/2008-November/002537.html). July 2009 Lance Davis, one of the Founders and lead of the CentOS 2 release, had been missing for many months (https://www.zdnet.com/article/centos-getting-their-st-together-is-a-top-priority/). From the mailing list (https://lists.centos.org/pipermail/centos/2009-July/079767.html) From the Register (https://www.theregister.com/2009/07/30/centos_open_letter/) October 14 2009 Caos Linux 1.0.25 is released and is the last release of Caos, ever. January of 2014, Red Hat acquires (https://www.redhat.com/en/about/press-releases/red-hat-and-centos-join-forces). July 2014 CentOS 7.0 is released (https://lists.centos.org/pipermail/centos-announce/2014-July/020393.html). 2019 Red Hat leaves Shadowman behind (https://www.redhat.com/en/about/brand/new-brand#). September 2019 Red Hat announces (https://www.redhat.com/en/blog/transforming-development-experience-within-centos) CentOS Stream. Also in in September 2019, CentOS Linux 8 and CentOS Stream are released (https://lists.centos.org/pipermail/centos-announce/2019-September/023449.html). January 2021; Red Hat changes the way their dev subscriptions work (https://www.theregister.com/2021/01/20/red_hat_amends_developer_license/). December 2021 CentOS 9 Stream is released (https://blog.centos.org/2021/12/introducing-centos-stream-9/). CentOS links Main Web Page (https://centos.org) About (https://www.centos.org/about/) Blog (https://blog.centos.org/) Wiki (https://wiki.centos.org/) Forums (https://www.centos.org/forums/) Mailing Lists (https://wiki.centos.org/GettingHelp/ListInfo) Git Repositories (https://git.centos.org) Bug reporting (https://wiki.centos.org/ReportBugs) IRC (https://wiki.centos.org/irc) Planet (http://planet.centos.org/) List of CentOS releases (http://mirror.centos.org/centos/) Other Links AlmaLinux (https://almalinux.org) Rocky Linux (https://rockylinux.org) Red Hat Linux family tree (https://upload.wikimedia.org/wikipedia/commons/a/a3/Redhat_family_tree_11-06.png) More Announcements Want to have a topic covered or have some feedback? - send us an email, contact@linuxuserspace.show Housekeeping Catch all the great topics as they unfold on our Subreddit or our News channel on Discord. * Linux User Space subreddit (https://linuxuserspace.show/reddit) * Linux User Space Discord Server (https://linuxuserspace.show/discord) * Linux User Space Telegram (https://linuxuserspace.show/telegram) * Linux User Space Matrix (https://linuxuserspace.show/matrix) * Linux User Space Twitch (https://linuxuserspace.show/twitch) * Linux User Space Mastodon (https://linuxuserspace.show/mastodon) * Linux User Space Twitter (https://linuxuserspace.show/twitter) * Linux User Space TILVids (https://linuxuserspace.show/tilvids) Next Time We will discuss a couple of topics and some feedback. Our next distro is Endless OS (https://endlessos.com/home/) Come back in two weeks for more Linux User Space Stay tuned and interact with us on Twitter, Mastodon, Telegram, Matrix, Discord whatever. Give us your suggestions on our subreddit r/LinuxUserSpace Join the conversation. Talk to us, and give us more ideas. All the links in the show notes and on linuxuserspace.show. We would like to acknowledge our top patrons. Thank you for your support! Producer Bruno John Dave Johnny Co-Producer Tim Super User Advait Bjørnar CubicleNate Eduardo S. Jill and Steve Larry LiNuXsys666 Livet Musical Coder Nicholas Paul sleepyeyesvince

About JackJack is Uptycs' outspoken technology evangelist. Jack is a lifelong information security executive with over 25 years of professional experience. He started his career managing security and operations at the world's first Internet data privacy company. He has since led unified Security and DevOps organizations as Global CSO for large conglomerates. This role involved individually servicing dozens of industry-diverse, mid-market portfolio companies.Jack's breadth of experience has given him a unique insight into leadership and mentorship. Most importantly, it fostered professional creativity, which he believes is direly needed in the security industry. Jack focuses his extra time mentoring, advising, and investing. He is an active leader in the ISLF, a partner in the SVCI, and an outspoken privacy activist. Links Referenced: UptycsSecretMenu.com: https://www.uptycssecretmenu.com Jack's email: jroehrig@uptycs.com TranscriptAnnouncer: Hello, and welcome to Screaming in the Cloud with your host, Chief Cloud Economist at The Duckbill Group, Corey Quinn. This weekly show features conversations with people doing interesting work in the world of cloud, thoughtful commentary on the state of the technical world, and ridiculous titles for which Corey refuses to apologize. This is Screaming in the Cloud.Corey: If you asked me to rank which cloud provider has the best developer experience, I'd be hard-pressed to choose a platform that isn't Google Cloud. Their developer experience is unparalleled and, in the early stages of building something great, that translates directly into velocity. Try it yourself with the Google for Startups Cloud Program over at cloud.google.com/startup. It'll give you up to $100k a year for each of the first two years in Google Cloud credits for companies that range from bootstrapped all the way on up to Series A. Go build something, and then tell me about it. My thanks to Google Cloud for sponsoring this ridiculous podcast.Corey: This episode is brought to us by our friends at Pinecone. They believe that all anyone really wants is to be understood, and that includes your users. AI models combined with the Pinecone vector database let your applications understand and act on what your users want… without making them spell it out. Make your search application find results by meaning instead of just keywords, your personalization system make picks based on relevance instead of just tags, and your security applications match threats by resemblance instead of just regular expressions. Pinecone provides the cloud infrastructure that makes this easy, fast, and scalable. Thanks to my friends at Pinecone for sponsoring this episode. Visit Pinecone.io to understand more.Corey: Welcome to Screaming in the Cloud. I'm Corey Quinn. This promoted guest episode is brought to us by our friends at Uptycs. And they have sent me their Technology Evangelist, Jack Charles Roehrig. Jack, thanks for joining me.Jack: Absolutely. Happy to spread the good news.Corey: So, I have to start. When you call yourself a technology evangelist, I feel—just based upon my own position in this ecosystem—the need to ask, I guess, the obvious question of, do you actually work there, or have you done what I do with AWS and basically inflicted yourself upon a company. Like, well, “I speak for you now.” The running gag that becomes more true every year is that I'm AWS's chief marketing officer.Jack: So, that is a great question. I take it seriously. When I say technology evangelist, you're speaking to Jack Roehrig. I'm a weird guy. So, I quit my job as CISO. I left a CISO career. For, like, ten years, I was a CISO. Before that, 17 years doing stuff. Started my own thing, secondaries, investments, whatever.Elias Terman, he hits me up and he says, “Hey, do you want this job?” It was an executive job, and I said, “I'm not working for anybody.” And he says, “What about a technology evangelist?” And I was like, “That's weird.” “Check out the software.”So, I'm going to check out the software. I went online, I looked at it. I had been very passionate about the space, and I was like, “How does this company exist in doing this?” So, I called him right back up, and I said, “I think I am.” He said, “You think you are?” I said, “Yeah, I think I'm your evangelist. Like, I think I have to do this.” I mean, it really was like that.Corey: Yeah. It's like, “Well, we have an interview process and the rest.” You're like, “Yeah, I have a goldfish. Now that we're done talking about stuff that doesn't matter, I'll start Monday.” Yeah, I like the approach.Jack: Yeah. It was more like I had found my calling. It was bizarre. I negotiated a contract with him that said, “Look, I can't just work for Uptycs and be your evangelist. That doesn't make any sense.” So, I advise companies, I'm part of the SVCI, I do secondaries, investment, I mentor, I'm a steering committee member of the ISLF. We mentor security leaders.And I said, “I'm going to continue doing all of these things because you don't want an evangelist who's just an Uptycs evangelist.” I have to know the space. I have to have my ear to the ground. And I said, “And here's the other thing, Elias. I will only be your evangelist while I'm your evangelist. I can't be your evangelist when I lose passion. I don't think I'm going to.”Corey: The way I see it, authenticity matters in this space. You can sell out exactly once, so make it count because you're never going to be trusted again to do it a second time. It keeps people honest, at least the ones you actually want to be doing work with. So, you've been in the space a long time, 20 years give or take, and you've seen an awful lot. So, I'm curious, given that I tend to see about, you know, six or seven different companies in the RSA Sponsor Hall every year selling things because you know, sure hundreds of booths, bunch of different marketing logos and products, but it all distills down to the same five or six things.What did you see about Uptycs that made you say, “This is different?” Because to be very direct, looking at the website, it's, “Oh, what do you sell?” “Acronyms. A whole bunch of acronyms that, because I don't eat, sleep, and breathe security for a living, I don't know what most of them mean, but I'm sure they're very impressive and important.” What does it actually do, for those of us who are practitioners, but not swimming in the security vendor stream?Jack: So, I've been obsessed with this space and I've seen the acronyms change over and over and over again. I'm always the first one to say, “What does that mean?” As the senior guy in the room a lot of time. So, acronyms. What does Uptycs do? What drew me into them? They did HIDS, Host Intrusion Detection System. I don't know if you remember that. Turned into—Corey: Oh, yeah. OSSEC was the one I always wound up using, the open-source version. OSSEC [kids 00:04:10]. It's like, oh, instead of paying a vendor, you can contribute it yourself because your time is free, right? Free as in puppy, or these days free as in tier when it comes to cloud.Jack: Oh, I like that. So, yeah, I became obsessed with this HIDS stuff. I think it was evident I was doing it, that it was threat [unintelligible 00:04:27]. And these companies, great companies. I started this new job in an education technology company and I needed a lot of work, so I started to play around with more sophisticated HIDS systems, and I fell in love with it. I absolutely fell in love with it.But there are all these limitations. I couldn't find this company that would build it right. And Uptycs has this reputation as being not very sexy, you know? People telling me, “Uptycs? You're going to Uptycs?” Yeah—I'm like, “Yeah. They're doing really cool stuff.”So, Uptycs has, like, this brand name and I had referred Uptycs before without even knowing what it was. So, here I am, like, one of the biggest XDR, I hope to say, activists in the industry, and I didn't know about Uptycs. I felt humiliated. When I heard about what they were doing, I felt like I wasted my career.Corey: Well, that's a strong statement. Let's begin with XDR. To my understanding, that some form of audio cable standard that I use to plug into my microphone. Some would say it, “X-L-R.” I would say sounds like the same thing. What is XDR?Jack: What is it, right? So, [audio break 00:05:27] implement it, but you install an agent, typically on a system, and that agent collects data on the system: what processes are running, right? Well, maybe it's system calls, maybe it's [unintelligible 00:05:37] as regular system calls. Some of them use the extended Berkeley Packet Filter daemon to get stuff, but one of the problems is that we are obtaining low-level data on an operating system, it's got to be highly specific. So, you collect all this data, who's logging in, which passwords are changing, all the stuff that a hacker would do as you're typing on the computer. You're maybe monitoring vulnerabilities, it's a ton of data that you're monitoring.Well, one of the problems that these companies face is they try to monitor too much. Then some came around and they tried to monitor too little, so they weren't as real-time.Corey: Sounds like a little pig story here.Jack: Yeah [laugh], exactly. Another company came along with a fantastic team, but you know, I think they came in a little late in the game, and it looks like they're folding now. They were wonderful company, but the one of the biggest problems I saw was the agent, the compatibility. You know, it was difficult to deploy. I ran DevOps and security and my DevOps team uninstalled the agent because they thought there was a problem with it, we proved there wasn't and four months later, they hadn't completely reinstall it.So, a CISO who manages the DevOps org couldn't get his own DevOps guy to install this agent. For good reason, right? So, this is kind of where I'm going with all of this XDR stuff. What is XDR? It's an agent on a machine that produces a ton of data.I—it's like omniscience. Yes, I started to turn it in, I would ping developers, I was like, “Why did you just run sudo on that machine?” Right. I mean, I knew everything was going on in the space, I had a good intro to all the assets, they technically run on the on-premise data center and the quote-unquote, “Cloud.” I like to just say the production estate. But it's omniscience. It's insights, you can create rules, it's one of the most powerful security tools that exists.Corey: I think there's a definite gap as far as—let's narrow this down to cloud for just a second before we expand this into the joy that has data centers—where you can instrument a whole bunch of different security services in any cloud provider—I'm going to pick on AWS because they're the 800-pound gorilla in the room, and frankly, they could use taking down a peg or two by and large—and you wind up configuring all the different security services that in some cases seem totally unaware of each other, but that's the AWS product portfolio for you. And you do the math out and realize that it theoretically would cost you—to enable all these things—about three times as much as the actual data breach you're ideally trying to prevent against. So, on some level, it feels like, “Heads, I win; tails, you lose,” style scenario.And the answer that people have started reaching out to third-party vendors to wind up tying all of this together into some form of cohesive narrative that a human being has a hope in hell of understanding. But everything I've tried to this point still feels like it is relatively siloed, focused on the whole fear, uncertainty, and doubt that is so inherent to so much of the security world's marketing. And it's almost like cost control where you can spend almost limitless amount of time, energy, money, et cetera, trying to fix these things, but it doesn't advance your company to the next milestone. It's like buying fire insurance on your building. You can spend all the money on fire insurance. Great, it doesn't get you to the next milestone that propels your company forward. It's all reactive instead of proactive. So, it feels like it is never the exciting, number-one priority for companies until right after it should have been higher in the list than it was.Jack: So, when I worked at Turnitin, we had saturated the market. And we worked in education, technology space globally. Compliance everywhere. So, I just worked on the Australian Data Infrastructure Act of 2020. I'm very familiar with the 27 data privacy regulations that are [laugh] in scope for schools. I'm a FERPA expert, right? I know that there's only one P in HIPAA [laugh].So, all of these compliance regulations drove schools and universities, consortiums, government agencies to say, “You need to be secure.” So, security at Turnitin was the number one—number one—key performance indicator of the company for one-and-a-half years. And these cloud security initiatives didn't just make things more secure. They also allowed me to implement a reasonable control framework to get various compliance certifications. So, I'm directly driving sales by deploying these security tools.And the reason why that worked out so great is, by getting the certifications and by building a sensible control framework layer, I was taking these compliance requirements and translating them into real mitigations of business risk. So, the customers are driving security as they should. I'm implementing sane security controls by acting as the chief security officer, company becomes more secure, I save money by using the correct toolset, and we increased our business by, like, 40% in a year. This is a multibillion-dollar company.Corey: That is definitely a story that resonates, especially with organizations that are—or they should be—compliance-forward and having to care about the nature of what it is that they're doing. But I have a somewhat storied history in working in FinTech and large-scale financial services. One of the nice things about that job, which is sort of a weird thing to say there if you don't want to get ejected from the room, has been, “Yeah well, it's only money,” in the final analysis. Because yeah, no one dies if you wind up screwing that up. People's kids don't get exposed.It's just okay, people have to fill out a bunch of forms and you get sued into oblivion and you're not there anymore because the first role of a CISO is to be ablative and get burned away whenever there's a problem. But it still doesn't feel like it does more for a number of clients than, on some level, checking a box that they feel needs to be checked. Not that it shouldn't be, necessarily, but I have a hard time finding people that get passionately excited about security capabilities. Where are they hiding?Jack: So, one of the biggest problems that you're going to face is there are a lot of security people that have moved up in the ranks through technology and not through compliance and technology. These people will implement control frameworks based on audit requirements that are not bespoke to their company. They're doing it wrong. So, we're not ticking boxes; I'm creating boxes that need to be ticked to secure the infrastructure. And at Turnitin, Turnitin was a company that people were forced to use to submit their works in the school.So, imagine that you have to submit a sensitive essay, right? And that sensitive essay goes to this large database. We have the Taiwanese government submitting confidential data there. I had the chief scientist at NASA submitting in pre-publication data there. We've got corporate trade secrets that are popped in there. We have all kinds of FDA pre-approval stuff. This is a plagiarism detection software being used by large companies, governments, and 12-year-old girls, right, who don't want their data leaked.So, if you look at it, like, this is an ethical thing that is required for us to do, our customers drive that, but truly, I think it's ethics that drive it. So, when we implemented a control framework, I didn't do the minimum, I didn't run an [unintelligible 00:12:15] scan that nobody ran. I looked for tools that satisfied many boxes. And one of the things about the telemetry at scale, [unintelligible 00:12:22], XDR, whatever want to call it, right? But the agent-based systems that monitor for all of us this run-state data, is they can take a lot of your technical SOC controls.Furthermore, you can use these tools to improve your processes like incident response, right? You can use them to log things. You can eliminate your SIEM by using this for your DLP. The problem of companies in the past is they wouldn't deploy on the entire infrastructure. So, you'd get one company, it would just be on-prem, or one company that would just run on CentOS.One of the reasons why I really liked this Uptycs company is because they built it on an osquery. Now, if you mention osquery, a lot of people glaze over, myself included before I worked at Uptycs. But apparently what it is, is it's this platform to collect a ton of data on the run state of a machine in real-time, pop it into a normalized SQL database, and it runs on a ton of stuff: Mac OS, Windows, like, tons of version of Linux because it's open-source, so people are porting it to their infrastructure. And that was one of these unique differentiators is, what is the cloud? I mean, AWS is a place where you can rapidly prototype, there's tons of automation, you can go in and you build something quickly and then it scales.But I view the cloud as just a simple abstraction to refer to all of my assets, be them POPS, on-premise data machines, you know, the corporate environment, laptops, desktops, the stuff that we buy in the public clouds, right? These things are all part of the greater cloud. So, when I think cloud security, I want something that does it all. That's very difficult because if you had one tool run on your cloud, one tool to run on your corporate environment, and one tool to run for your production environment, those tools are difficult to manage. And the data needs to be ETL, you know? It needs to be normalized. And that's very difficult to do.Our company is doing [unintelligible 00:14:07] security right now as a company that's taking all these data signals, and they're normalizing them, right, so that you can have one dashboard. That's a big trend in security right now. Because we're buying too many tools. So, I guess the answer that really is, I don't see the cloud is just AWS. I think AWS is not just data—they shouldn't call themselves the cloud. They call themselves the cloud with everything. You can come in, you can rapidly prototype your software, and you know what? You want to run to the largest scale possible? You can do that too. It's just the governance problem that we run into.Corey: Oh, yes. The AWS product strategy is pretty clearly, in a word, “Yes,” written on a Post-it note somewhere. That's the easiest job in the world is running their strategy. The challenge, too, is that we don't live in a world where monocultures are a thing anymore because regardless—if you use AWS for the underlying infrastructure, great, that makes a lot of sense. Use it for a lot of the higher-up the stack, SaaS-y type things that you don't want to have to build yourself from—by going to Home Depot and picking up components, you're doing something relatively foolish in most cases.They're a plumbing company not a porcelain company, in many respects. And regardless of what your intention is around multiple clouds, people wind up using different things. In most cases, you're going to be storing your source code in GitHub, not in AWS CodeCommit because CodeCommit doesn't really have any customers, for reasons that become blindingly apparent the first time you try to use it for something. So, you always wind up with these cross-cloud, cross-infrastructure stories. For any company that had the temerity to be founded before 2010, they probably have an on-premises data center as well—or six or more—and you're starting to try to wind up having a whole bunch of different abstractions viewed through the same lenses in terms of either observability or control plane or governance, or—dare I say it—security. And it feels like there are multiple approaches, all of which have their drawbacks, which of course means, it's complicated. What's your take on it?Jack: So, I think it was two years ago we started to see tools to do signal consumption. They would aggregate those signals and they would try and produce meaningful results that were actionable rather than you having to go and look at all this granular data. And I think that's phenomenal. I think a lot of companies are going to start to do that more and more. One of the other trends people do is they eliminated data and they went machine-learning and anomaly detection. And that didn't work.It missed a lot of things, right, or generated a lot of false positive. I think that one of the next big technologies—and I know it's been done for two years—but I think we're the next things we're going to see is the axonius of the consumption of events, the categorization into alerts-based synthetic data classification policies, and we're going to look at the severity classifications of those, they're going to be actionable in a priority queue, and we're going to eliminate the need for people that don't like their jobs and sit at a SOC all day and analyze a SIEM. I don't ever run a SIEM, but I think that this diversity can be a good thing. So, sometimes it's turned out to be a bad thing, right? We wanted to diversity, we don't want all the data to be homogenous. We don't need data standards because that limits things. But we do want competition. But I would ask you this, Corey, why do you think AWS? We remember 2007, right?Corey: I do. Oh, I've been around at least that long.Jack: Yeah, you remember when S3 came up. Was that 2007?Corey: I want to say 2004, 2005 in beta, and then relaunched as the first general available service. The first beta service was SQS, so there's always some question about which one was first. I don't get in the middle of those fights because all I'm going to do is upset people.Jack: But S3 was awesome. It still is awesome, right?Corey: Oh yes.Jack: And you know what I saw? I worked for a very older company with very strict governance. You know with SOX compliance, which is a joke, but we also had SOC compliance. I did HIPAA compliance for them. Tons of compliance to this.I'm not a compliance off, too, by trade. So, I started seeing [x cards 00:17:54], you know, these company personal cards, and people would go out and [unintelligible 00:17:57] platform because if they worked with my teams internally, if they wanted to get a small app deployed, it was like a two, three-month process. That process was long because of CFO overhead, approvals, vendor data security vetting, racking machines. It wasn't a problem that was inherent to the technology. I actually built a self-service cloud in that company. The problem was governance. It was financial approvals, it was product justification.So, I think AWS is really what made the internet inflect and scale and innovate amazingly. But I think that one of the things that it sacrificed was governance. So, if you tie a lot of what we're saying back together, by using some sort of tool that you can pop into a cloud environment and they can access a hundred percent of the infrastructure and look for risks, what you're doing is you're kind of X-Ray visioning into all these nodes that were deployed rapidly and kept around because they were crown jewels, and you're determining the risks that lie on them. So, let's say that 10 or 15% of your estate is prototype things that grew at a scale and we can't pull back into our governance infrastructure. A lot of times people think that those types of team machines are probably pretty locked down and they're probably low risk.If you throw a company on the side scanner or something like that, you'll see they have 90% of the risk, 80% of the risk. They're unpatched and they're old. So, I remember at one point in my career, right, I'm thinking Amazon's great. I'm—[unintelligible 00:19:20] on Amazon because they've made the internet go, they influxed. I mean, they've scaled us up like crazy.Corey: Oh, the capability store is phenomenal. No argument there.Jack: Yeah. The governance problem, though, you know, the government, there's a lot of hacks because of people using AWS poorly.Corey: And to be clear, that's everyone. We all are. I take a look at some of the horrible technical decisions I made even a couple of years ago, based upon what I know now, it's difficult to back out and wind up doing things the proper way. I wrote an article a while back, “17 Ways to Run Containers on AWS,” and listed all the services. And I think it was a little on the nose, but then I wrote 17, “More Ways to Run Containers on AWS,” but different services. And I'm about three-quarters of the way through the third in the sequel. I just need a couple more releases and we're good to go.Jack: The more and more complexity you add, the more security risk exists. And I've heard horror stories. Dictionary.com lost a lot of business once because a couple of former contractors deleted some instances in AWS. Before that, they had a secret machine they turned into a pixel [unintelligible 00:20:18] and had take down their iPhone app.I've seen some stuff. But one of the interesting things about deploying one of these tools in AWS, they can just, you know, look X-Ray vision on into all your compute, all your storage and say, “You have PIIs stored here, you have personal data stored here, you have this vulnerability, that vulnerability, this machine has already been compromised,” is you can take that to your CEO as a CISO and say, “Look, we were wrong, there's a lot of risk here.” And then what I've done in the past is I've used that to deploy HIDS—XDR, telemetry at scale, whatever you want to call it—these agent-based solutions, I've used that to justification for them. Now, the problem with this solutions that use agentless is almost all of them are just in the cloud. So, just a portion of your infrastructure.So, if your hybrid environment, you have data centers, you're ignoring the data centers. So, it's interesting because I've seen these companies position themselves as competitors when really, they're in complementary spaces, but one of them justified the other for me. So, I mean, what do you think about that awkward competition? Why was this competition exists between these people if they do completely different things?Corey: I'll take it a step further. I'm a big believer that security for the cloud providers should not be a revenue generator in any meaningful sense because at that point, they wind up with an inherent conflict of interest, where when they start charging, especially trying to do value-based pricing as they move up the stack, what they're inherently saying is, great, you can get our version of our services that is less secure, so that they're what they're doing is they're making security on their platform an inherent investment decision. And I've never been a big believer in that approach.Jack: The SSO tax.Corey: Oh, yes. And many others.Jack: Yeah. So, I was one of the first SSO tax contributors. That started it.Corey: You want data plane audit logging? Great, that'll cost you. But they finally gave in a couple of years back and made the first management trail for CloudTrail audit logging free for everyone. And people still advertently built second ones and then wonder why they're paying through the nose. Like, “Oh, that's 40 grand a month. That should be zero.” Great. Send that to your SIEM and then have that pass it out to where it needs to go. But so much of it is just these weird configuration taxes that people aren't fully aware exist.Jack: It's the market, right? The market is—so look at Amazon's IAM. It is amazing, right? It's totally robust, who is using it correctly? I know a lot of people are. I've been the CISO for over 100 companies and IAM is was one of those things that people don't know how to use, and I think the reason is because people aren't paying for it, so AWS can continue to innovate on it.So, we find ourselves with this huge influx of IAM tools in the startup scene. We all know Uptycs does some CIAM and some identity management stuff. But that's a great example of what you're talking about, right? These cloud companies are not making the things inherently secure, but they are giving some optionality. The products don't grow because they're not being consumed.And AWS doesn't tend to advertise them as much as the folks in the security industry. It's been one complaint of mine, right? And I absolutely agree with you. Most of the breaches are coming out of AWS. That's not AWS's fault. AWS's infrastructure isn't getting breached.It's the way that the customers are configuring the infrastructure. That's going to change a lot soon. We're starting to see a lot of change. But the fundamental issue here is that security needs to be invested in for short-term initiatives, not just for long-term initiatives. Customers need to care about security, not compliance. Customers need to see proof of security. A customer should be demanding that they're using a secure company. If you've ever been on the vendor approval side, you'll see it's very hard to push back on an insecure company going through the vendor process.Corey: This episode is sponsored in part by our friends at Uptycs, because they believe that many of you are looking to bolster your security posture with CNAPP and XDR solutions. They offer both cloud and endpoint security in a single UI and data model. Listeners can get Uptycs for up to 1,000 assets through the end of 2023 (that is next year) for $1. But this offer is only available for a limited time on UptycsSecretMenu.com. That's U-P-T-Y-C-S Secret Menu dot com.Corey: Oh, yes. I wound up giving probably about 100 companies now S3 Bucket Negligence Awards for being public about failing to secure their data and put that out into the world. I had one physical bucket made, the S3 Bucket Responsibility Award and presented it to their then director of security over at the Pokémon Company because there was a Wall Street Journal article talking about how their security review—given the fact that they are a gaming company that has children as their primary customer—they take it very seriously. And they cited the reason they're not to do business with one unnamed vendor was in part due to the lackadaisical approach around S3 bucket control. So, that was the one time I've seen in public a reference where, “Yeah, we were going to use a vendor and their security story was terrible, and we decided not to.”It's, why is that news? That should be a much more common story, but these days, it feels like procurement is rubber-stamping it and, like, “Okay, great. Fill out the form.” And, “Okay, you gave some wrong answers on the form. Try it again and tell the story differently until it gets shoved through.” It feels like it's a rubber stamp rather than a meaningful control.Jack: It's not a rubber stamp for me when I worked in it. And I'm a big guy, so they come to me, you know, like—that's how being, like, career law, it's just being big and intimidating. Because that's—I mean security kind of is that way. But, you know, I've got a story for you. This one's a little more bleak.I don't know if there's a company called Ask.fm—and I'll mention them by name—right, because, well, I worked for a company that did, like, a hostile takeover this company. And that's when I started working with [unintelligible 00:25:23]. [unintelligible 00:25:24]. I speak Russian and I learned it for work. I'm not Russian, but I learned the language so that I could do my job.And I was working for a company with a similar name. And we were in board meetings and we were crying, literally shedding tears in the boardroom because this other company was being mistaken for us. And the reason why we were shedding tears is because young women—you know, 11 to 13—were committing suicide because of online bullying. They had no health and safety department, no security department. We were furious.So, the company was hosted in Latvia, and we went over there and we installed one I lived in Latvia for quite a bit, working as the CISO to install a security program along with the health and safety person to install the moderation team. This is what we need to do in the industry, especially when it comes to children, right? Well, regulation solve it? I don't know.But what you're talking about the Pokémon video game, I remember that right? We can't have that kind of data being leaked. These are children. We need to protect them with information security. And in education technology, I'll tell you, it's just not a budget priority.So, the parents need to demand the security, we need to demand these audit certifications, and we need to demand that our audit firms are audited better. Our audit firms need to be explaining to security leaders that the control frameworks are something that they're responsible for creating bespoke. I did a presentation with Al Kingsley recently about security compliance, comparing FERPA and COPPA to the GDPR. And it was very interesting because FERPA has very little teeth, it's very long code and GDPR is relatively brilliant. GDPR made some changes. FERPA was so ambiguous and vague, it made a lot of changes, but they were kind of like, in any direction ever because nobody knows FERPA is. So, I don't know, what's the answer to that? What do we do?Corey: Yeah. The challenge is, you can see a lot of companies in specific areas doing the right thing, when they're intentionally going out on day one to, for example, service kids as a primary user base demographic. The challenge that you see with this is that, that's great, but then you have things that are not starting off with that point of view. And they started running into population limits and realize, okay, we've got to start expanding our user base somewhere, and then they went a bolting on those things is almost as an afterthought, where, “Oh, well, we've been basically misusing people's data for our entire existence, but now—now—we're suddenly magically going to do the right thing where kids are concerned.” I wish, but unfortunate that philosophy assumes a better take of humanity than is readily apparent.Jack: I wonder why they do that though, right? Something's got to, you know, news happened or something and that's why they're doing it. And that's not okay. But I have seen companies, one of the founders of Scantron—do you know what a Scantron is?Corey: Oh, yes. I'm much older than I look.Jack: Yeah, I'm much older than I look, too. I like to think that. But for those that don't know, a scantron, use a number two pencil and you filled in these little dots. And it was for taking tests. So, the guy who started Scantron, created a small two-person company.And AWS did something magnificent. They recognized that it was an education technology company, and they gave them, for free, security consultation services, security implementation services. And when we bought this company—I'm heavily involved in M&A, right—I'm sitting down with the two founders of the company, and my jaw is on the desk. They were more secure than a lot of the companies that I've worked with that had robust security departments. And I said, “How did you do this?”They said, “AWS provided us with this free service because we're education technology.” I teared up. My heart was—you know, that's amazing. So, there are companies that are doing this right, but then again, look at Grammarly. I hate to pick on Grammarly. LanguageTool is an open-source I believe, privacy-centric Grammarly competitor, but Grammarly, invest in your security a little more, man. Y'all were breached. They store a lot of data, they [unintelligible 00:29:10] lot of the data.Corey: Oh, and it scared the living hell out of companies realizing that they had business users using Grammarly as an extension to work on internal documents and just sending proprietary data to some third-party service that they clicked through the terms on and I don't know that it was ever shown the Grammarly was misusing any of that, but the potential for that is massive.Jack: Do you know what they were doing with it?Corey: Well, using AI to learn these things. Yeah, but it's the supervision story always involves humans reading it.Jack: They were building a—and I think—nobody knows the rumor, but I've worked in the industry, right, pretty heavily. They're doing something great for the world. I believe they're building a database of works submitted to do various things with them. One of those things is plagiarism detection. So, in order to do that they got to store, like, all of the data that they're processing.Well, if you have all the data that you've done for your company that's sitting in this Grammarly database and they get hacked—luckily, that's a lot of data. Maybe you'll be overlooked. But I've data breach database sitting here on my desk. Do you know how many rows it's got? [pause]. Yes, breach database.Corey: Oh, I wouldn't even begin to guess. I know the data volumes that Troy Hunt's Have I Been Pwned? Site winds up dealing with and it is… significant.Jack: How many billions of rows do you think it is?Corey: Ah, I'd say 20 as an argument?Jack: 34.Corey: Okay. Yeah, directionally right. Fermi estimation saves us yet again.Jack: [laugh]. The reason I build this breach database is because I thought Covid would slow down and I wanted it to do executive protection. Companies in the education space also suffer from [active 00:30:42] shooters and that sort of thing. So, that's another thing about security, too, is it transcends all these interesting areas, right? Like here, I'm doing executive risk protection by looking at open-source data.Protect the executives, show the executives that security is a concern, these executives that'll realize security's real. Then these past that security down in the list of priorities, and next thing you know, the 50 million active students that are using Turnitin are getting better security. Because an executive realized, “Hey, wait a minute, this is a real thing.” So, there's a lot of ways around this, but I don't know, it's a big space, there's a lot of competition. There's a lot of companies that are coming in and flashing out of the pan.A lot of companies are coming in and building snake oil. How do people know how to determine the right things to use? How do people don't want to implement? How do people understand that when they deploy a program that only applies to their cloud environment it doesn't touch there on-prem where a lot of data might be a risk? And how do we work together? How do we get teams like DevOps, IT, SecOps, to not fight each other for installing an agent for doing this?Now, when I looked at Uptycs, I said, “Well, it does the EDR for corp stuff, it does the host intrusion detection, you know, the agent-based stuff, I think, for the well because it uses a buzzword I don't like to use, osquery. It's got a bunch of cloud security configuration on it, which is pretty commoditized. It does agentless cloud scanning.” And it—really, I spent a lot of my career just struggling to find these tools. I've written some myself.And when I saw Uptycs, I was—I felt stupid. I couldn't believe that I hadn't used this tool, I think maybe they've increased substantially their capabilities, but it was kind of amazing to me that I had spent so much of my time and energy and hadn't found them. Luckily, I decided to joi—actually I didn't decide to join; they kind of decided for me—and they started giving it away for free. But I found that Uptycs needs a, you know, they need a brand refresh. People need to come and take a look and say, “Hey, this isn't the old Uptycs. Take a look.”And maybe I'm wrong, but I'm here as a technology evangelist, and I'll tell you right now, the minute I no longer am evangelists for this technology, the minute I'm no longer passionate about it, I can't do my job. I'm going to go do something else. So, I'm the one guy who will put it to your brass tacks. I want this thing to be the thing I've been passionate about for a long time. I want people to use it.Contact me directly. Tell me what's wrong with it. Tell me I'm wrong. Tell me I'm right. I really just want to wrap my head around this from the industry perspective, and say, “Hey, I think that these guys are willing to make the best thing ever.” And I'm the craziest person in security. Now, Corey, who's the craziest person security?Corey: That is a difficult question with many wrong answers.Jack: No, I'm not talking about McAfee, all right. I'm not that level of crazy. But I'm talking about, I was obsessed with this XDR, CDR, all the acronyms. You know, we call it HIDS, I was obsessed with it for years. I worked for all these companies.I quit doing, you know, a lot of very good entrepreneurial work to come work at this company. So, I really do think that they can fix a lot of this stuff. I've got my fingers crossed, but I'm still staying involved in other things to make these technologies better. And the software's security space is going all over the place. Sometimes it's going bad direction, sometimes it's going to good directions. But I agree with you about Amazon producing tools. I think it's just all market-based. People aren't going to use the complex tools of Amazon when there's all this other flashy stuff being advertised.Corey: It all comes down to marketing budget, and AWS has always struggled with telling a story. I really want to thank you for being so generous with your time. If people want to learn more, where should they go?Jack: Oh, gosh, everywhere. But if you want to learn more about Uptycs, why don't you just email me?Corey: We will, of course, put your email address into the show notes.Jack: Yeah, we'll do it.Corey: Don't offer if you're not serious. There's also uptycssecretmenu.com, which is apparently not much of a secret, given the large banner all over Uptycs' website.Jack: Have you seen this? Let me just tell you about this. This is not a catch. I was blown away by this; it's one of the reasons I joined. For a buck, if you have between 100 and 1000 nodes, right, you get our agentless system and our agent-based system, right?I think it's only on AWS. But that's, like, what, $150, $180,000 value? You get it for a full year. You don't have to sign a contract to renew or anything. Like, you just get it for a buck. If anybody who doesn't go on to the secret menu website and pay $1 and check out this agentless solution that deploys in two minutes, come on, man.I challenge everybody, go on there, do that, and tell me what's wrong with it. Go on there, do that, and give me the feedback. And I promise you I'll do everything in my best efforts to make it the best. I saw the engineering team in this company, they care. Ganesh, the CEO, he is not your average CEO.This guy is in tinkerers. He's on there, hands on keyboard. He responds to me in the middle of night. He's a geek just like me. But we need users to give us feedback. So, you got this dollar menu, you sign up before the 31st, right? You get the product for buck. Deploy the thing in two minutes.Then if you want to do the XDR, this agent-based system, you can deploy that at your leisure across whichever areas you want. Maybe you want a corporate network on laptops and desktops, your production infrastructure, your compute in the cloud, deploy it, take a look at it, tell me what's wrong with it, tell me what's right with it. Let's go in there and look at it together. This is my job. I want this company to work, not because they're Uptycs but because I think that they can do it.And this is my personal passion. So, if people hit me up directly, let's chat. We can build a Slack, Uptycs skunkworks. Let's get this stuff perfect. And we're also going to try and get some advisory boards together, like, maybe a CISO advisory board, and just to get more feedback from folks because I think the Uptycs brand has made a huge shift in a really positive direction.And if you look at the great thing here, they're unifying this whole agentless and agent-based stuff. And a lot of companies are saying that they're competing with that, those two things need to be run together, right? They need to be run together. So, I think the next steps here, check out that dollar menu. It's unbelievable. I can't believe that they're doing it.I think people think it's too good to be true. Y'all got nothing to lose. It's a buck. But if you sign up for it right now, before the December 31st, you can just wait and act on it any month later. So, just if you sign up for it, you're just locked into the pricing. And then you want to hit me up and talk about it. Is it three in the morning? You got me. It's it eight in the morning? You got me.Corey: You're more generous than I am. It's why I work on AWS bills. It's strictly a business-hours problem.Jack: This is not something that they pay me for. This is just part of my personal passion. I have struggled to get this thing built correctly because I truly believe not only is it really cool—and I'm not talking about Uptycs, I mean all the companies that are out there—but I think that this could be the most powerful tool in security that makes the world more secure. Like, in a way that keeps up with the security risks increasing.We just need to get customers, we need to get critics, and if you're somebody who wants to come in and prove me wrong, I need help. I need people to take a look at it for me. So, it's free. And if you're in the San Francisco Bay Area and you give me some good feedback and all that, I'll take you out to dinner, I'll introduce you to startup companies that I think, you know, you might want to advise. I'll help out your career.Corey: So, it truly is dollar menu then.Jack: Well, I'm paying for the dinner out my personal thing.Corey: Exactly. Well, again, you're also paying for the infrastructure required to provide the service, so, you know, one way or another, it's all the best—it's just like Cloud, there is no cloud. It's just someone else's cost center. I like that.Jack: Well, yeah, we're paying for a ton of data hosting. This is a huge loss leader. Uptycs has a lot of money in the bank, I think, so they're able to do this. Uptycs just needs to get a little more bold in their marketing because I think they've spent so much time building an awesome product, it's time that we get people to see it. That's why I did this.My career was going phenomenally. I was traveling the world, traveling the country promoting things, just getting deals left and right and then Elias—my buddy over at Orca; Elias, one of the best marketing guys I've ever met—I've never done marketing before. I love this. It's not just marketing. It's like I get to take feedback from people and make the product better and this is what I've been trying to do.So, you're talking to a crazy person in security. I will go well above and beyond. Sign up for that dollar menu. I'm telling you, it is no commitment, maybe you'll get some spam email or something like that. Email me directly, I'll kill the spam email.You can do it anytime before the end of 2023. But it's only for 2023. So, you got a full year of the services for free. For free, right? And one of them takes two minutes to deploy, so start with that one. Let me know what you think. These guys ideate and they pivot very quickly. I would love to work on this. This is why I came here.So, I haven't had a lot of opportunity to work with the practitioners. I'm there for you. I'll create a Slack, we can all work together. I'll invite you to my Slack if you want to get involved in secondaries investing and startup advisory. I'm a mentor and a leader in this space, so for me to be able to stay active, this is like a quid pro quo with me working for this company.Uptycs is the company that I've chosen now because I think that they're the ones that are doing this. But I'm doing this because I think I found the opportunity to get it done right, and I think it's going to be the one thing in security that when it is perfected, has the biggest impact.Corey: We'll see how it goes out over the coming year, I'm sure. Thank you so much for being so generous with your time. I appreciate it.Jack: I like you. I like you, Corey.Corey: I like me too.Jack: Yeah? All right. Okay. I'm telling [unintelligible 00:39:51] something. You and I are very weird.Corey: It works out.Jack: Yeah.Corey: Jack Charles Roehrig, Technology Evangelist at Uptycs. I'm Cloud Economist Corey Quinn and this is Screaming in the Cloud. If you've enjoyed this podcast, please leave a five-star review on your podcast platform of choice, whereas if you've hated this podcast, please leave a five-star review on your podcast platform of choice along with an insulting comment that we're going to be able to pull the exact details of where you left it from because your podcast platform of choice clearly just treated security as a box check.Jack: [laugh].Corey: If your AWS bill keeps rising and your blood pressure is doing the same, then you need The Duckbill Group. We help companies fix their AWS bill by making it smaller and less horrifying. The Duckbill Group works for you, not AWS. We tailor recommendations to your business and we get to the point. Visit duckbillgroup.com to get started.Announcer: This has been a HumblePod production. Stay humble.

Why the next kernel will be "the merge window from hell," a holiday gift for Wayland users, and how the open source community could do more to take on YouTube.