Podcasts about chesterton's fence

In the late 1920s, British writer G.K Chesterton published a book that had a now famous thought experiment in it called "Chesterton's Fence". The value of it in the cautionary tale it represents is something that we should all take very seriously before we start making large scale changes within something as delicately balanced as human culture. ----- Tell me what you thought of the show! Text me at: (587)206-7006 Get you copy of "Consciousness Reality & Purpose" on Amazon.com TODAY: https://www.amazon.com/dp/B0BS5FWLBK Subscribe to the Social Disorder Substack: https://thesocialdisorder.substack.com/ This episode is made possible by: BioPro+: https://bioproteintech.com/product/biopro-plus Higher Healths: https://www.higherhealths.com/ and DrewJitsu Online academy Sign up to get 2 week FREE to a library of over 550+ Brazilian Jiu-Jitsu Technique videos taught by your host - Drew Weatherhead! Hit the link below to get started today! https://drewjitsuonline.com/orders/customer_info?o=43849

Welcome to The Nonlinear Library, where we use Text-to-Speech software to convert the best writing from the Rationalist and EA communities into audio. This is: Using Points to Rate Different Kinds of Evidence, published by Ozzie Gooen on August 26, 2023 on The Effective Altruism Forum. Epistemic Status: Briefly written. The specific equation here captures my quick intuition - this is meant primarily as a demonstration. There's a lot of discussion on the EA Forum and LessWrong about epistemics, evidence, and updating. I don't know of many attempts at formalizing our thinking here into concrete tables or equations. Here is one (very rough and simplistic) attempt. I'd be excited to see much better versions. Equation Initial Points Scientific Evidence 20 - A simple math proof proves X 8 - A published scientific study in Economics supporting X 6 - A published scientific study in Psychology supporting X Market Prediction 14 - Popular stock markets strongly suggest X 11 - Prediction markets claim X, with 20 equivalent hours of research 10 - A poll shows that 90% of LessWrong believe X 6 - Prediction markets claim X, with one equivalent hour of research Expert Opinion 8 - An esteemed academic believes X, where it's directly in their line of work 6 - The author has strong emotions about X Reasoning 6 - There's a (20-100 node) numeric model that shows X 5 - A reasonable analogy between X and something clearly good/bad 4 - A long-standing proverb Personal Accounts 5 - The author claims a long personal history that demonstrates X 3 - Someone in the world has strong emotions about X 2 - A clever remark, meme, or tweet 2.3 - An insanely clever, meme, or tweet 0 - Believing X is claimed to be personally beneficial Tradition / Use 12 - Top businesses act as if X 8 - A long-standing social tradition about X 5 - A single statistic about X Point Modifiers Is this similar to existing evidence?Subtract the similarity from the extra amount of evidence. This likely will remove most of the evidence value. Is it convenient for the source to believe or say X?-10% to -90% Is there a lot of money or effort put behind spreading this evidence? For example, as an advertising campaign? +5% to +40% How credible is the author or source?-100% to +30% Do we suspect the source is goodharting on this scale?-20% Points, In Practice Evidence Points, as outlined, are not trying to mimic mathematical bits of information or another clean existing unit. I attempted to find a compromise between accuracy and ease of use. Meta Using an Equations for Discussion The equation above is rough, but at least it's (somewhat) precise and upfront. This represents much information, and any part can easily be argued against. I think such explicitness could help with epistemic conversations. Compare: "Smart people should generally use their inside view, instead of the outside view" vs. "My recommended points scores for inside-view style evidence, and my point scores for outside-view style evidence, are all listed below." "Using many arguments is better than one big argument" vs. "I've adjusted my point table function to produce higher values when multiple types of evidence are provided. You can see it returns values 30% higher than what others have provided for certain scenarios." "It's really important to respect top [intellectuals|scientists|EAs]" vs. "My score for respected [intellectuals|scientists|EAs] is 2 points higher than the current accepted average." "Chesterton's Fence is something to pay a lot of attention to" vs. "See my score table the points from various kinds of traditional practices." In a better world, different academic schools of thought could have their own neatly listed tables/functions. In an even better world, all of these functions would be forecasts of future evaluators. Presumptions This sort of point system makes some presumptions that might be worth flagging. Primarily, it claims that even really poor evidence is evidence. I often see people throwing ou...

Transcript: https://www.patheos.com/blogs/dispatchesendofworld/2023/07/chestertons-fence-and-technology/ G. K. Chesterton noted that one shouldn't remove a fence until you understand why it was there in the first place. This is a great analogy for the concept of the traditions which have been passed down to us by religion. Technology allows us to remove a lot of fences, but are we sure we understand why they were there to begin with?

Link to original articleWelcome to The Nonlinear Library, where we use Text-to-Speech software to convert the best writing from the Rationalist and EA communities into audio. This is: Accidentally Load Bearing, published by jefftk on July 13, 2023 on LessWrong. Sometimes people will talk about Chesterton's Fence, the idea that if you want to change something - removing an apparently useless fence - you should first determine why it was set up that way: The gate or fence did not grow there. It was not set up by somnambulists who built it in their sleep. It is highly improbable that it was put there by escaped lunatics who were for some reason loose in the street. Some person had some reason for thinking it would be a good thing for somebody. And until we know what the reason was, we really cannot judge whether the reason was reasonable. It is extremely probable that we have overlooked some whole aspect of the question, if something set up by human beings like ourselves seems to be entirely meaningless and mysterious. - G. K. Chesterton, The Drift From Domesticity Figuring out something's designed purpose can be helpful in evaluating changes, but a risk is that it puts you in a frame of mind where what matters is the role the original builders intended. A few years ago I was rebuilding a bathroom in our house, and there was a vertical stud that was in the way. I could easily tell why it was there: it was part of a partition for a closet. And since I knew its designed purpose and no longer needed it for that anymore, the Chesterton's Fence framing would suggest that it was fine to remove it. Except that over time it had become accidentally load bearing: through other (ill conceived) changes to the structure this stud was now helping hold up the second floor of the house. In addition to considering why something was created, you also need to consider what additional purposes it may have since come to serve. This is a concept I've run into a lot when making changes to complex computer systems. It's useful to look back through the change history, read original design documents, and understand why a component was built the way it was. But you also need to look closely at how the component integrates into the system today, where it can easily have taken on additional roles. Thanks for listening. To help us out with The Nonlinear Library or to learn more, please visit nonlinear.org.

Welcome to The Nonlinear Library, where we use Text-to-Speech software to convert the best writing from the Rationalist and EA communities into audio. This is: Accidentally Load Bearing, published by jefftk on July 13, 2023 on LessWrong. Sometimes people will talk about Chesterton's Fence, the idea that if you want to change something - removing an apparently useless fence - you should first determine why it was set up that way: The gate or fence did not grow there. It was not set up by somnambulists who built it in their sleep. It is highly improbable that it was put there by escaped lunatics who were for some reason loose in the street. Some person had some reason for thinking it would be a good thing for somebody. And until we know what the reason was, we really cannot judge whether the reason was reasonable. It is extremely probable that we have overlooked some whole aspect of the question, if something set up by human beings like ourselves seems to be entirely meaningless and mysterious. - G. K. Chesterton, The Drift From Domesticity Figuring out something's designed purpose can be helpful in evaluating changes, but a risk is that it puts you in a frame of mind where what matters is the role the original builders intended. A few years ago I was rebuilding a bathroom in our house, and there was a vertical stud that was in the way. I could easily tell why it was there: it was part of a partition for a closet. And since I knew its designed purpose and no longer needed it for that anymore, the Chesterton's Fence framing would suggest that it was fine to remove it. Except that over time it had become accidentally load bearing: through other (ill conceived) changes to the structure this stud was now helping hold up the second floor of the house. In addition to considering why something was created, you also need to consider what additional purposes it may have since come to serve. This is a concept I've run into a lot when making changes to complex computer systems. It's useful to look back through the change history, read original design documents, and understand why a component was built the way it was. But you also need to look closely at how the component integrates into the system today, where it can easily have taken on additional roles. Thanks for listening. To help us out with The Nonlinear Library or to learn more, please visit nonlinear.org.

Ned and Meg discuss the invention of the Asterbang, not to be confused with the Interrobang, which we have discussed at length in other episodes. Today we want to introduce a new concept in grammar and punctuation to you but first we talk about how much we hate advertising, and how bad our parents are at the internet. We round out with a revisit of Chesterton's Fence and Meg's comparison to colonial discourse. Plus, we publish a book, and, Balloonacy. Thanks for listening, wash your hands, don't be a dick*!

Episode SummaryIs more really more? When it comes to problem-solving, the answer is not so obvious. More often than we might realize, adding things is actually a worse strategy for solving problems than simply taking things away. This episode discusses additive bias and the human tendency to think more is more. Especially, the episode covers why we have this tendency, how it is negatively impacting our problem-solving skills, and importantly, what we might do to overcome it. Link to get Sunsama for free: https://try.sunsama.com/anthonySome of the main points—The Vital Few (TVF) Timestamps:What is additive bias, problem solving and how additive bias hampers creative problem solving (5:04)Legos and why we have additive bias (17:02)Smart subtractions and Chesterton's Fence (07:05)Wondering why we tend to think more is more? Evolution, status quo bias and how organizations are rigged against you (24:23)The cost of thinking and acting like more is always more (30:06)Level up your problem-solving—how to beat additive bias and all it's problems (41:20)Notes and ReferencesMain paper: People Systematically Overlook Subtractive Changes (https://www.nature.com/articles/s41586-021-03380-y ) Virtuous Laziness 80/20 Productivity Episode: https://anthonysanni.com/podcast/ep-009-zipfs-law-of-least-and-why-laziness-is-good Status Quo Bias Research: https://scholar.harvard.edu/files/rzeckhauser/files/status_quo_bias_in_decision_making.pdf Anthony's Book: The Law of The Vital Few

Is there a place for Stack Ranking? Squirrel and Jeffrey concur that Stack Racking can be problematic, but Jeffrey has some ideas about where this sub-par practice comes from, which underline the importance of difficult conversations about performance no matter how you create them (even with a stack rank) Links: - Vitality Curve (Stack Ranking):https://en.wikipedia.org/wiki/Vitality_curve - Poppendiecks on compensation: http://www.poppendieck.com/pdfs/Compensation.pdf - Chesterton's Fence: https://wiki.lesswrong.com/wiki/Chesterton%27s_Fence Our book, Agile Conversations, is out now! Go to agileconversations.com to order your copy. Plus, get access to a free mini training video about the technique of Coherence Building when you join our mailing list. We'd love to hear any thoughts, ideas, or feedback you have about the show. Email us at info@agileconversations.com

The English theologian, G.K.Chesterton, once famously said that if we come upon a fence that we don't understand the need for, we must first identify its purpose before we uproot the fence. It turns out that this simple thought-experiment has incredible value for the state of affairs in our culture today. In this episode Prashanth unpacks exactly how that applies in our society and how 'Progressivism' as an ideology can actually learn some valuable lessons from the late great Chesterton. --- Support this podcast: https://podcasters.spotify.com/pod/show/prashanth-daniel/support

Second-order effects matter, especially if we are trying to change something. ------------------- The Stories Mean Business podcast with Nick Warren. One Idea A Day, Every Day. Get deeper into business storytelling: https://storiesmeanbusiness.com/storybusiness/ https://storiesmeanbusiness.com/podcast

Due to an oversight by the ancient Greeks, there is no Muse of blogging. Denied the ability to begin with a proper Invocation To The Muse, I will compensate with some relatively boring introductions. The name of this blog is Slate Star Codex. It is almost an anagram of my own name, Scott S Alexander. It is unfortunately missing an “n”, because anagramming is hard. I have placed an extra “n” in the header image, to restore cosmic balance. This blog does not have a subject, but it has an ethos. That ethos might be summed up as: charity over absurdity. Absurdity is the natural human tendency to dismiss anything you disagree with as so stupid it doesn't even deserve consideration. In fact, you are virtuous for not considering it, maybe even heroic! You're refusing to dignify the evil peddlers of bunkum by acknowledging them as legitimate debate partners. Charity is the ability to override that response. To assume that if you don't understand how someone could possibly believe something as stupid as they do, that this is more likely a failure of understanding on your part than a failure of reason on theirs. There are many things charity is not. Charity is not a fuzzy-headed caricature-pomo attempt to say no one can ever be sure they're right or wrong about anything. Once you understand the reasons a belief is attractive to someone, you can go ahead and reject it as soundly as you want. Nor is it an obligation to spend time researching every crazy belief that might come your way. Time is valuable, and the less of it you waste on intellectual wild goose chases, the better. It's more like Chesterton's Fence. G.K. Chesterton gave the example of a fence in the middle of nowhere. A traveller comes across it, thinks “I can't think of any reason to have a fence out here, it sure was dumb to build one” and so takes it down. She is then gored by an angry bull who was being kept on the other side of the fence. Chesterton's point is that “I can't think of any reason to have a fence out here” is the worst reason to remove a fence. Someone had a reason to put a fence up here, and if you can't even imagine what it was, it probably means there's something you're missing about the situation and that you're meddling in things you don't understand. None of this precludes the traveller who knows that this was historically a cattle farming area but is now abandoned – ie the traveller who understands what's going on – from taking down the fence. As with fences, so with arguments. If you have no clue how someone could believe something, and so you decide it's stupid, you are much like Chesterton's traveler dismissing the fence (and philosophers, like travelers, are at high risk of stumbling across bull.) I would go further and say that even when charity is uncalled-for, it is advantageous. The most effective way to learn any subject is to try to figure out exactly why a wrong position is wrong. And sometimes even a complete disaster of a theory will have a few salvageable pearls of wisdom that can't be found anywhere else. The rationalist forum Less Wrong teaches the idea of steelmanning, rebuilding a stupid position into the nearest intelligent position and then seeing what you can learn from it. So this is the ethos of this blog, and we proceed, as Abraham Lincoln put it, “with malice toward none, with charity for all, with firmness in the right as God gives us to see the right.”

Value: After Hours is a podcast about value investing, Fintwit, and all things finance and investment by investors Tobias Carlisle, Bill Brewster and Jake Taylor. See our latest episodes at https://acquirersmultiple.com/ About Jake: Jake is a partner at Farnam Street. Jake's website: http://farnam-street.com/vah Jake's podcast: https://twitter.com/5_GQs Jake's Twitter: https://twitter.com/farnamjake1 Jake's book: The Rebel Allocator https://amzn.to/2sgip3l About Bill: Bill runs Sullimar Capital Group, a family investment firm. Bill's website: https://sullimarcapital.group/ Bill's Twitter: @BillBrewsterSCG ABOUT THE PODCAST Hi, I'm Tobias Carlisle. I launched The Acquirers Podcast to discuss the process of finding undervalued stocks, deep value investing, hedge funds, activism, buyouts, and special situations. We uncover the tactics and strategies for finding good investments, managing risk, dealing with bad luck, and maximizing success. SEE LATEST EPISODES https://acquirersmultiple.com/podcast/ SEE OUR FREE DEEP VALUE STOCK SCREENER https://acquirersmultiple.com/screener/ FOLLOW TOBIAS Website: https://acquirersmultiple.com/ Firm: https://acquirersfunds.com/ Twitter: https://twitter.com/Greenbackd LinkedIn: https://www.linkedin.com/in/tobycarlisle Facebook: https://www.facebook.com/tobiascarlisle Instagram: https://www.instagram.com/tobias_carlisle ABOUT TOBIAS CARLISLE Tobias Carlisle is the founder of The Acquirer's Multiple®, and Acquirers Funds®. He is best known as the author of the #1 new release in Amazon's Business and Finance The Acquirer's Multiple: How the Billionaire Contrarians of Deep Value Beat the Market, the Amazon best-sellers Deep Value: Why Activists Investors and Other Contrarians Battle for Control of Losing Corporations (2014) (https://amzn.to/2VwvAGF), Quantitative Value: A Practitioner's Guide to Automating Intelligent Investment and Eliminating Behavioral Errors (2012) (https://amzn.to/2SDDxrN), and Concentrated Investing: Strategies of the World's Greatest Concentrated Value Investors (2016) (https://amzn.to/2SEEjVn). He has extensive experience in investment management, business valuation, public company corporate governance, and corporate law. Prior to founding the forerunner to Acquirers Funds in 2010, Tobias was an analyst at an activist hedge fund, general counsel of a company listed on the Australian Stock Exchange, and a corporate advisory lawyer. As a lawyer specializing in mergers and acquisitions he has advised on transactions across a variety of industries in the United States, the United Kingdom, China, Australia, Singapore, Bermuda, Papua New Guinea, New Zealand, and Guam.

Who's Chesterton and why are we talking about his fence? In this episode, we discuss the benefits of "Second Order Thinking", a concept outlined in an article we came across recently. Listen in and find out what those benefits are, and what they possibly have to do with a fence.

- - Description - - I spend about 40 minutes with Jason, talking through our experiences learning games, playing games, and then converting the resources of those games into others. Then - I announce the first periodic Clerics Wear Ringmail call-in charity contest! Listen through to find out more! Thoughts? Observations? Give me a call! https://anchor.fm/clerics-wear-ringmail ! Theme music by Michael Ramir C, courtesy of Mixkit.co (https://mixkit.co/). - - Show Notes - - 00:00 - Introduction and Apology! 01:32 - Theme 02:02 - A little ado... 02:34 - On Translating Adventures and Converting Modules 04:29 - Introducing: The Lichway 06:48 - Statting the Susurrus! (Spoilers) 09:30 - Traditional Mechanisms to support Multiple Systems 14:34 - Chesterton's Fence and Creating a Type of Experience 16:51 - An Example from the Lichway (Spoilers) 18:51 - Roleplay prompts work for any system 19:38 - How do you use modules? 21:30 - Taylor Confesses to Spoilage (no spoilers) 21:59 - Learning DCC running Portal Under the Stars (sortof spoilers: taglines, at least) 27:43 - The Importance of Reading Adventures 29:05 - Learning DCC through Play 32:46 - How much (and what kind of) experience should you have before converting? 37:48 - A Tangent on Usage Dice 40:10 - Tying it Back Together 43:01 - Announcement: Clerics Wear Ringmail Summer Contest! 45:37 - Theme and Legal - - Links - - Nerd's Variety RPG Cast: https://anchor.fm/jason376 Cerebrevore Podcast: https://anchor.fm/cerebrevore

The "What is Money?" Show ✓ Claim Podcast Notes Key Takeaways Today, fiat is the root of all evil because it is not being checked. Forced irredeemability is the real issue.“You can't address a market failure with a failing state” – BalajiThe dollar is what is holding the tattered union of the US togetherWe are entering an era of global monetary competitionRead the full notes @ podcastnotes.orgBalaji Srinivasan joins me for a multi-episode series exploring sovereignty in The Digital Age, geopolitical game theory, the future of statism, and how Bitcoin/crypto fits into the picture.Be sure to check out NYDIG, one of the most important companies in Bitcoin: https://nydig.com/GUESTBalaji's Twitter: https://twitter.com/balajisBalaji's Website: https://balajis.com/PODCASTPodcast Website: https://whatismoneypodcast.com/Apple Podcast: https://podcasts.apple.com/us/podcast/the-what-is-money-show/id1541404400Spotify: https://open.spotify.com/show/25LPvm8EewBGyfQQ1abIsE?si=wgVuY16XR0io4NLNo0A11A&nd=1RSS Feed: https://feeds.simplecast.com/MLdpYXYITranscript:OUTLINE00:00:00 “What is Money?” Intro00:00:08 Defining Sovereignty in The Digital Age00:07:00 Property Rights and Individual Sovereignty00:10:41 Examples of Market Failure00:14:29 Externalities: Construction Shadows and Warfare00:17:00 The Non-Aggression Principle vs. The Aggression Principle00:21:19 Tribalism and The Principle of “No Internal First Strike”00:27:25 NYDIG00:28:33 The Importance of Defensive Technologies to Peace00:33:08 The Nation-State is Born from Natality00:38:52 The Homeless Problem is Not a Housing Problem00:42:00 The Future: A Centralized East and Decentralized West?00:47:41 A Transition from “The USA” to “America”00:51:10 Bitcoin: A Force of Supranational Sovereignty00:55:16 Chesterton's Fence and Price Stability00:59:02 Order Books, Price Makers, and Price TakersSOCIALBreedlove Twitter: https://twitter.com/Breedlove22WiM? Twitter: https://twitter.com/WhatisMoneyShowLinkedIn: https://www.linkedin.com/in/breedlove22/Instagram: https://www.instagram.com/breedlove_22/TikTok: https://www.tiktok.com/@breedlove22?lang=enAll My Current Work: https://linktr.ee/breedlove22​WRITTEN WORKMedium: https://breedlove22.medium.com/Substack: https://breedlove22.substack.com/WAYS TO CONTRIBUTEBitcoin: 3D1gfxKZKMtfWaD1bkwiR6JsDzu6e9bZQ7Sats via Strike: https://strike.me/breedlove22Sats via Tippin.me: https://tippin.me/@Breedlove22Dollars via Paypal: https://www.paypal.com/paypalme/RBreedloveDollars via Venmo: https://venmo.com/code?user_id=1784359925317632528The "What is Money?" Show Patreon Page: https://www.patreon.com/user?u=32843101&fan_landing=trueRECOMMENDED BUSINESSESWorldclass Bitcoin Financial Services: https://nydig.com/Join Me At Bitcoin 2022 (10% off if paying with fiat, or discount code BREEDLOVE for Bitcoin): https://www.tixr.com/groups/bitcoinconference/events/bitcoin-2022-26217Automatic Recurring Bitcoin Buying: https://www.swanbitcoin.com/breedlove/Buy Bitcoin in a Tax-Advantaged Account: https://www.daim.io/robert-breedlove/Home Delivered Organic Grass-Fed Beef (Spend $159+ for 4 lbs. free): https://truorganicbeef.com/discount/BREEDLOVE22Buy Your Dream Home without Selling Your Bitcoin with Ledn: https://ledn.io/en/?utm_source=breedlove&utm_medium=email+&utm_campaign=substack

Balaji Srinivasan joins me for a multi-episode series exploring sovereignty in The Digital Age, geopolitical game theory, the future of statism, and how Bitcoin/crypto fits into the picture.Be sure to check out NYDIG, one of the most important companies in Bitcoin: https://nydig.com/GUESTBalaji's Twitter: https://twitter.com/balajisBalaji's Website: https://balajis.com/PODCASTPodcast Website: https://whatismoneypodcast.com/Apple Podcast: https://podcasts.apple.com/us/podcast/the-what-is-money-show/id1541404400Spotify: https://open.spotify.com/show/25LPvm8EewBGyfQQ1abIsE?si=wgVuY16XR0io4NLNo0A11A&nd=1RSS Feed: https://feeds.simplecast.com/MLdpYXYITranscript:OUTLINE00:00:00 “What is Money?” Intro00:00:08 Defining Sovereignty in The Digital Age00:07:00 Property Rights and Individual Sovereignty00:10:41 Examples of Market Failure00:14:29 Externalities: Construction Shadows and Warfare00:17:00 The Non-Aggression Principle vs. The Aggression Principle00:21:19 Tribalism and The Principle of “No Internal First Strike”00:27:25 NYDIG00:28:33 The Importance of Defensive Technologies to Peace00:33:08 The Nation-State is Born from Natality00:38:52 The Homeless Problem is Not a Housing Problem00:42:00 The Future: A Centralized East and Decentralized West?00:47:41 A Transition from “The USA” to “America”00:51:10 Bitcoin: A Force of Supranational Sovereignty00:55:16 Chesterton's Fence and Price Stability00:59:02 Order Books, Price Makers, and Price TakersSOCIALBreedlove Twitter: https://twitter.com/Breedlove22WiM? Twitter: https://twitter.com/WhatisMoneyShowLinkedIn: https://www.linkedin.com/in/breedlove22/Instagram: https://www.instagram.com/breedlove_22/TikTok: https://www.tiktok.com/@breedlove22?lang=enAll My Current Work: https://linktr.ee/breedlove22​WRITTEN WORKMedium: https://breedlove22.medium.com/Substack: https://breedlove22.substack.com/WAYS TO CONTRIBUTEBitcoin: 3D1gfxKZKMtfWaD1bkwiR6JsDzu6e9bZQ7Sats via Strike: https://strike.me/breedlove22Sats via Tippin.me: https://tippin.me/@Breedlove22Dollars via Paypal: https://www.paypal.com/paypalme/RBreedloveDollars via Venmo: https://venmo.com/code?user_id=1784359925317632528The "What is Money?" Show Patreon Page: https://www.patreon.com/user?u=32843101&fan_landing=trueRECOMMENDED BUSINESSESWorldclass Bitcoin Financial Services: https://nydig.com/Join Me At Bitcoin 2022 (10% off if paying with fiat, or discount code BREEDLOVE for Bitcoin): https://www.tixr.com/groups/bitcoinconference/events/bitcoin-2022-26217Automatic Recurring Bitcoin Buying: https://www.swanbitcoin.com/breedlove/Buy Bitcoin in a Tax-Advantaged Account: https://www.daim.io/robert-breedlove/Home Delivered Organic Grass-Fed Beef (Spend $159+ for 4 lbs. free): https://truorganicbeef.com/discount/BREEDLOVE22Buy Your Dream Home without Selling Your Bitcoin with Ledn: https://ledn.io/en/?utm_source=breedlove&utm_medium=email+&utm_campaign=substack

Miriam Hoffman is a former national FFA officer and a member of the Articulate Ventures Network. Miriam completed her year as a national officer with a bang, concluding her term with a speech at the national convention that talked about preserving tradition while pursuing the future. Vance and Miriam talk about this experience of serving the FFA, how the organization has changed and what it is like to be a young woman in agriculture. Subscribe to Miriam's newsletter: https://miriamrosah.substack.com/Follow Miriam on Twitter: https://twitter.com/miriamrosahWatch Miriam's FFA Farewell Address: https://www.youtube.com/watch?v=s1ahZ6Cu8usJoin Miriam and other interesting characters inside the Articulate Ventures Network: https://network.articulate.venturesPODCAST LINKS —Vance Crowe Podcast Website: https://www.vancecrowe.com/podcastApple Podcasts: https://podcasts.apple.com/us/podcast/the-vance-crowe-podcast/id1463771076Spotify: https://open.spotify.com/show/08nGGRJCjVw2frkbtNrfLw?si=WUCu-FoyRRu9U_i-1gJZfgRSS: https://feeds.transistor.fm/the-vance-crowe-podcastYouTube Full Episodes: https://www.youtube.com/channel/UCigB7W5bX_gCinJxev9WB8w/YouTube Clips: https://www.youtube.com/channel/UCJKKb66A5_4ZcsE-rKI24ygBuy a sweatshirt, T-shirt or mugs from the podcast! Check out the Articulate Ventures Merch Store: https://teespring.com/stores/thevancecrowepodcastSubscribe to the podcast for email notifications on new episodes, invites to events and other exclusive content — http://eepurl.com/gSTfk5ABOUT THE VANCE CROWE PODCAST — Vance Crowe interviews people with an expertise that you would want to know about, but might not think to ask. He prompts his guests to think about their work in novel ways, discusses how it applies to regular people and has fun sharing stories and experiences.SUPPORT THE PODCAST —Rate the Podcast |  https://ratethispodcast.com/vcpContact Vance for a Talk | https://www.vancecrowe.com/ —Vance delivers speeches that reveal important aspects of human communication.  Audiences are entertained, engaged, and leave feeling empowered to change something about the way they are communicating.  Vance tells stories about his own experiences, discusses theories in ways that make them relatable and highlights interesting people, books, and media that the audience can learn even more from. 

Michael Malice (“YOUR WELCOME ”) invites comic book writer, and Babylon Bee creative director, Ethan Nicolle on to discuss his newly released book Chesterton's Gateway . How has GK Chesterton remained a relevant author after all this time? What is the true meaning behind Chesterton's Fence? Who was the greatest Nintendo player in the Nicolle household? It's all here in this latest episode of YOUR WELCOME. Happy Holidays! https://www.ethannicolle.com/ https://twitter.com/AXECOP Order CHESTERTON'S GATEWAY: https://www.amazon .com/Chestertons-Gateway-Essays-Hooked-Chesterton/dp/B09JPC75VQ/ Order THE ANARCHIST HANDBOOK: https://www.amzn.com/B095DVF8FJ Order THE NEW RIGHT: https://amzn.to/2IFFCCu Order DEAR READER: https://t.co/vZfTVkK6qf?amp=1 https://twitter.com/michaelmalice https://instagram.com/michaelmalice https://malice.locals.com https://youtube.com/michaelmaliceofficial Intro song: "Out of Reach" by Legenda ry House Cats https://thelegendaryhousecats.bandcamp.com/ The newest episode of "YOUR WELCOME" releases on iTunes and YouTube every Thursday! Please subscribe and leave a review. This week's sponsors: Air Med Care Network: airmedcarenetwork.com/malice, promo code: MALICE FUM: b reathefum.com/malice, promo code: MALICE or MALICE10 IP Vanish: ipvanish.com/malice, promo code: MALICE Sheath Underwear: sheathunderwea r.com, promo code: MALICE

Other people's jobs are harder than you think. Saying “low-hanging fruit” reveals that you think everyone who came before you was stupid. That's a big, egotistical assumption. This week we look at that, Chesterton's Fence, the Streisand affect, and other ways of thinking to help you make better decisions for the long term. Read about Chesterton's Fence and second-order thinking here https://fs.blog/chestertons-fence/ Written version of this story here: https://ianwhitworth.net/low-hanging-fruit-the-helicopter-view-people-are-not-idiots/

This week our guests are evolutionary biologists, Bret Weinstein and Heather Heying, who many of you might recognize from their frequent appearances on the Joe Rogan Podcast, or from their very own show, the Darkhorse Podcast, where they explore current affairs through an evolutionary lens. They've recently released a brand new book, A Hunter-Gatherer's Guide to the 21st Century: Evolution and the Challenges of Modern Life, where they combine their decades of expertise into a comprehensive overview of the many lessons evolution can teach us, including concepts like the precautionary principle, Sucker's Folly, Chesterton's Fence, and more. This was a wonderfully expansive conversation exploring many of the ways in which technology and capitalism is being driven by our ancient genetic wiring. This includes exploring the impacts of social media, of technological infrastructure, of capitalism and its incentives, the biological influences of complacency due to technological comfort, and far much more than I can even begin to summarize here. ** Host: Steven Parton - LinkedIn / Twitter Music by: Amine el Filali

Riddle me this? What happens if Ned and Meg and Lauren record a podcast episode where we make up garbage philosophy and pass it off as wisdom? Find out. We also bring up Chesterton's Fence and Sim City 4: Rush Hour Edition. Chicago's civil engineering gets a shout, and then we round things off with a chat about STIs. Don't miss it. Wash your hands, wear a mask, don't be a dick MINNEAPOLIS I'M LOOKING AT YOU AND YOU MESSED THIS UP SO BAD.

In this episode, Robert speaks with leadership coach Tripp Lanier to look at the quagmire of self-development -- particularly in leadership and “men's work.” Between the space of forfeiting a sense of identity and needs and desires lies a balance where men get to be vulnerable and still sovereign. Can men walk this line with the proper intentions and a will to enjoy life at every turn? We explore all the challenges and blessings of self development. (Warning: this episode has some vulgar language) Some of the topics we explore: - Our most common excuses to avoid taking risks - Laughing at our fears and shortcomings - How to have the courage to share appreciation or constructive feedback - What would you do if you could do whatever you wanted without consequences? - Our inevitable mortality Show Notes: 1:06 - Introducing Tripp 2:15 - The New Man Podcast 3:13 - Not only chasing spiritual development, looking for lasting change 5:25 - Anything can be turned into an escape 7:04 - Is fear good? Is fear used as an excuse for escape? 8:13 - Do I have to believe every fear I have? 8:36 - We're trying hard to avoid our human experience 9:31 - Discernment around fear 11:08 - Chesterton's Fence— do we jump over or respect the fence? 14:15 - The destructive impulse of the postmodern age 15:16 - The nuance of relationship 17:42 - Nice Guy Syndrome 18:35 - Posturing and collapsing 20:20 - Leading vs. waiting 21:11 - The fear of death 21:32 - When fear becomes noise 23:25 - These phantoms in our minds are gargoyles on the threshold 25:10 - Relief vs. peace of mind 27:17 - Saying “no” to one thing is really saying “yes” to what's more in alignment 28:28 - Adding things vs. removing things 30:17 - Emotions as a doorway to information 30:57 - Freedom, aliveness, love, and peace 34:24 - The exoneration mindset 37:50 - Story from Invisibilia on oil rig workers 38:54 - The identity piece 43:07 - Moving the fear dial as a form of strength 49:00 - Fun as currency 51:05 - The antidote to fear is being bold

A Reply to the Texas District Paper on Internet Communion Here is the video of the recent three-martini Texas District convention. Someone shared this with me as a chance to respond to the “Bible Study” that begins at roughly 1:09 and ends at 2:04. The official title is “The Church in a Post-Covid World,” but that's not really what it is about. It is, in fact, an advocacy and apologia for “internet communion.” The presenter is the Rev. Zach McIntosh of Concordia Lutheran Church in San Antonio. He seems like a nice, bright guy. And I have to say that I like the fact that he's a McIntosh. His Highlander ancestors probably fought with mine in the wars of Scottish independence with a confederation known as the Clan of Cats. I have to give him props for that, especially as we Celts are dreadfully outnumbered by Germans in our synod. Having said that, the cuisine in Texas and Louisiana beat anything cooked up by Scots or Germans. That said, I have to give him a demerit for lecturing about Holy Communion (part of his argument for internet communion is the profound importance of the Holy Sacrament) given that his congregation only celebrates it on the first Sunday of the month. I cannot even grasp it. Not counting holidays, that's twelve times a year. That sounds like starvation rations to me. My little congregation offers the Holy Sacrament more than a hundred times a year. Perhaps Pastor McIntosh can give a presentation to his own congregation on Article 24 and the importance of the Holy Eucharist and its frequent reception. I notice that other advocates of home-internet communion tend to be pastors of churches that practice infrequent communion. I have no explanation for this. All that said, Pastor McIntosh is open and honest that this is indeed a position paper more than a Bible Study. He presents it based on four “theses.” A thesis is part of an argument. And during the course of his talk, he openly admits that the real question behind the paper, that is the real thesis statement is: “Is it possible for a local church to rightly participate together in a livestreamed Word and Sacrament service while remaining in their individual homes?” And he is open about his answer: Yes, he is “sympathetic” to the idea of a livestreamed “Word and Sacrament” service. He also admits that the service of the Word is not really problematic, but the service of the Sacrament is the actual controversial issue. And that it is. His four theses are: The Church is Invisible. The Church is Confessional. The Church is Inter-Spatial. The Church is Fraternal.   The Church is Invisible This is really nothing more than the assertion that faith is invisible. He cites Eph 5:33, AC 7&8, he quotes Luther using the term “invisible,” and cites 1 Cor 6:19 and 1 Pet 2:5. The Church is Confessional He explains the development of the ecumenical creeds and the Lutheran confessions. He argues that although the Bible, Creeds, and Confessions never address remote electronic worship, we can use these resources to discern whether we should or should not make use of such technology. One statement that he makes is “There was no Mass when the New Testament was written.” This is simply untrue. Jesus established the Lord's Supper “on the night when He was betrayed.” St. Paul, in 1 Cor 11, explains that the Words of Institution were already a tradition that was handed over to him when he was writing the letter in about 55 AD. Indeed, the Sacrament of the Altar was being celebrated by the apostles on a weekly basis very early on, according to Acts 2:42, when none of the New Testament had even yet been written. Pastor McIntosh refers to this very verse later on. This thesis that “The Church is Confessional” is really just a premise to use the confessions to make arguments regarding administration of the Sacrament. For some reason, he omitted the longest treatment of the Divine Service and Holy Communion in the Book of Concord: Article 24 in the Augsburg Confession and the Apology. The Church is Inter-Spatial This is where the rubber meets the road, as they used to say in Akron, Ohio. This word “inter-spatial” is a neologism coined by the presenter just to make the obvious point that the Church is both universal and local. He addresses the universality of the Church by appealing to the Una Sancta of the Nicene Creed. More accurately, the Church is “catholic.” The word “Universal” is a weak translation of καθολικός, which comes from two words: κατά (kata - according to) and ὅλος (holos - the whole). Catholicity not only means that the Church is more than simply the local congregation, it means that the Church is una owing to a wholesomeness and fullness of doctrine. And it is ironic that he should appeal to the Church's catholicity to argue for communion celebrated by either laymen speaking the verba, or the remote words of a pastor who is not present for the consecration. This is as un-catholic as you can get. It is sectarian, as no historic communion that confesses the Real Presence ever had, or has, practiced this, or confessed a doctrine that allows it. Pastor McIntosh points out the both/and nature of the universality and the locality of the Church by comparing it to an interstate highway that is both within states, and crosses state lines. I think this illustration betrays him, as we are talking about roads that actually exist in space and time. You cannot be on Interstate-10 and not exist somewhere physically. If I'm in a Zoom session in Iowa, then I'm not on I-10. Roads are incarnational. The fact that the road is in California doesn't negate the fact that when I'm driving to Baton Rouge, I'm in Louisiana. He uses the term “ecclesiis sanctorum” from Jerome's Latin of 1 Cor 14:33. He translates this as “multiple churches with many holy ones.” “Sanctorum” is a genitive plural. It is better translated as “churches of the saints,” as does the ESV. Of course, there are multiple churches in the sense of local congregations, even as there is one holy catholic and apostolic Church (una sancta). This reality has nothing to do with internet communion. He tries to argue for internet communion based on Acts 4:42, 46-47 - “breaking bread in their homes.” Of course, prior to Constantine, nearly all Christian worship was conducted in homes. There is no indication that these services were lay-led, or that the pastors somehow conducted services from afar, perhaps by epistle or messenger or carrier pigeon. And local churches meet in homes to this very day, including parishes of our sister church body, the Siberian Evangelical Lutheran Church. I visited one such congregation in 2015, with a Divine Service held in a parishioner's apartment. But the Mass was officiated by ordained clergymen who drove a long way to lead the service. It would be unthinkable to our sister church body to conduct a Divine Service over Zoom, or to just have the laity speak the verba over bread and wine themselves - in spite of the reality that it takes a lot of time and money to physically travel. And it was the same way in the LCMS's frontier days. Pastor McIntosh cites Luther giving assent to meeting “alone in a house somewhere… to baptize and to receive the sacrament” (AE:53:63-64). But the larger context is not lay-led communion or allowing pastors to somehow consecrate from afar. This quotation comes from The German Mass and Order of Service (1526). In it, Luther identifies three types of “divine service or mass.” The first is the Evangelical Latin Mass, to be used in a parochial setting where the people speak Latin. The second is the German Mass, which is to be used for “untrained lay folk” who do not speak Latin. And then there is the “third kind of service,” which: should be a truly evangelical order and should not be held in a public place for all sorts of people. But those who want to be Christians in earnest and who profess the gospel with hand and mouth should sign their names and meet alone in a house somewhere to pray, to read, to baptize, to receive the sacrament, and to do other Christian works. According to this order, those who do not lead Christian lives should be known, reproved, corrected, cast out, or excommunicated, according to the rule of Christ, Matthew 18. Here one could also solicit benevolent gifts to be willingly given and distributed to the poor, according to St. Paul's example, II Corinthians 9. Here would be no need for much and elaborate singing. Here one could set up a brief and neat order for baptism and the sacrament and center everything on the Word, prayer, and love. Here one would need a good short catechism on the Creed, the Ten Commandments, and the Our Father. Nowhere does Luther advocate lay-led or remotely-led clerical ministry of Sacraments. He is describing a house-church - obviously where there is no Evangelical parish church to attend. This was certainly the case in many places during the Reformation. Luther is describing what we would call today, a “church plant,” and avers that “the rules and regulations would soon be ready.” In fact, Luther goes on to say that church planting is not his particular thing, but “if I should be requested to do it, and could not refuse with a good conscience, I should gladly do my part and help as best I can.” He adds, “In the meanwhile, the two above-mentioned orders of service [i.e. the Latin and German parochial Masses] must suffice.” He also warns of the risks of such a church, that care should be taken lest it “turn into a sect.” Pastor McIntosh does finally admit the real crux of the problem: “There's not a pastor there.” So how does a pastor give care and oversight when he's not in the same room? He acknowledges the limits of pastoral care even in the same room, such as the pastor's inability to know about all people who should be excluded from the Christian congregation because of wickedness. He points to St. Paul's giving pastoral care remotely. And here, I think Pastor McIntosh sinks his own boat. Giving remote pastoral care is nothing new. But let's consider how technology has or has not been used. We have audio and video livestreaming today, but we have had the ability to send remote visual and audio images over the air since the 1940s. The LCMS was actually a pioneer in television programming. But no one in decades past, in the Golden Age of television, ever encouraged people at home in the viewing audience to put bread and wine on a TV tray while a televised pastor “teleconsecrated” the elements. There were services for shut-ins, but no suggestion of some kind of “private Mass” with “home communion” over the airwaves. And before TV, we had radio, the technology of which predates the 20th century. And yet not even during World War I and the 1918 Spanish Flu pandemic was anyone suggesting the use of the pastor's transmitted radio voice to “teleconsecrate” remote elements. Before radio was the telephone. And even before the telephone, dating back to 1844, Samuel Morse found a way to encode words over telegraph lines. And again, not even in remote frontier locations did anyone even dream of having a pastor send a consecratory telegram or phone in the Words of Institution. And long before electronic communication, we had pen and ink technology and mail delivery. And this is where Pastor McIntosh defeats his own argument. St. Paul indeed provided pastoral care remotely by means of epistles. But not even in 1 Cor 11 does the apostle ask that the verba be read by a layman over bread and wine outside of the pastor's sight and control. Rather, Paul preaches the Word and gives catechetical instruction in writing. Baptisms and Eucharists were conducted by “elders” (presbyters) who were appointed for pastoral service in the local churches. The Church is Fraternal Pastor McIntosh's last thesis has nothing to do with the argument other than to try to prevent argument. He uses AC 26:44 “Diversity does not violate the unity of the Church” to argue that whether one uses internet communion or not, this doesn't affect our unity. He said, “False doctrine, yeah, that's a problem… but not every diverse practice is evidence of doctrinal disagreement.” And that is true. But it is equally true that not every expression of diversity is evidence of correct doctrine. He should not assume that internet communion is as indifferent as the color of the walls in the parish hall. We are dealing with the consecration of the elements. That is not a matter of “anything goes.” Contextually, Article 26 is dealing with diversity in fasting practices, not with consecrating the elements. This is a very different matter. In his conclusion, Pastor McIntosh says, “It's so important to continue to offer, whether it's in a cathedral or in a condo, the gifts of God to the people of God” [including] “the reception of the sacraments.” Yes, this is true. And parish pastors typically celebrate Masses in church buildings on Sundays, and often during the week at hospital beds for patients and at kitchen or living room tables for shut-ins. Yes, we do this both “in the cathedral and in the condo,” so to speak. But the point is that we pastors celebrate and consecrate, we preach, baptize, and absolve as circumstances dictate. We don't just tell the shut-ins to commune themselves. We don't just facetime them and say “magic words” while they hold the phone over bread and wine. That would be to treat the consecration as ex opere operato. Pastor McIntosh's presentation overlooks and omits all of the potential problems of remote consecration - assuming that it is even valid. But let's say that it is valid for the sake of argument. There are unintended consequences. For example, if I'm consecrating at the altar, and I misspeak a word, or get tongue-tied, I can simply repeat the verba. This is what celebrants are instructed to do based on the fact that we have been doing this for nearly two millennia, and stuff happens. But what happens if, unbeknownst to the remote celebrant, the Zoom transmission gets garbled, and the pastor's voice begins to sound like ET on Quaaludes? That happens all the time. So what then? What happens if only part of the verba are heard and the connection drops? What do we tell the viewing audience at home to do with the bread and wine? Are they, or are they not, the body and blood of Christ? It matters. It really does! And how can the pastor be a “steward of the mysteries” while he isn't there? The steward was an ancient office dedicated to table service. The steward could water down a diner's wine if he were getting inebriated, or even cut him off. That's because he is able to watch and listen and make changes based on feedback. Pastors do something similar when they officiate. They may need to consecrate more hosts, or break some in half. They may need to get stingy with the Lord's blood at the last table, or they may need to consecrate more. A theoretical remote communion separates the pastor from his vocation of stewardship. He cannot say what is being consecrated and what is not. In my practice, I count out how many hosts I need and only consecrate those in the paten on the corporal. The rest in the ciborium remain unconsecrated. I consecrate only the wine in the chalice, not every drop in the cruet. So I know what is the Lord's body and blood, and what is not. If I were not in the room, how would I do this? Is the wine in the glasses on the table the only ones consecrated? What about the bottle on the table? If there is a leftover piece of toast from breakfast on the table, is that now consecrated? These are not inconsequential questions. The Eucharist is not do-it-yourself project. Jesus established an office of steward. And how is the reliquiae taken care of afterwards? And if an accidental desecration happens, why should we put the burden on laymen, perhaps miles away, when we pastors are the stewards? And all of the above problems grant the assumption that remote consecration is possible, that this is a valid consecration. One glaring problem is that the pastor's voice never actually comes into contact with the elements. What comes out of a speaker is a simulation of the pastor's voice that fools your brain into thinking that it is his voice - not unlike the RCA Victor dog. In the same way, a Zoom image or a photograph is not actually the person, but is rather a simulation of that person that gives an appearance of that person's presence. Da Vinci's Last Supper is only a painting. It is not really Jesus and the apostles. I argue that because of this reality, it is physically impossible to consecrate the elements remotely. And even if it were possible, it would still open up a Pandora's Box of problems. And this is why we don't tear down Chesterton's Fence. This is why we don't do sectarian things. This is why catholicity is more than just “universality” in the sense that local manifestations of Church are to be found hither and yon. In times past, there have been wars, plagues, tyrannical rulers, and natural disasters that have impeded the ability of pastors to preach and administer Sacraments. We do what we can with our human limitations, and we accept those limitations as part of our humanity - the same humanity that our Lord Jesus Christ took on at His incarnation. Unlike the technocratic Klaus Schwabs of the world, we don't look to transcend those human limitations by means of turning ourselves into transhumanistic cyborgs. The Church is indeed invisible in the sense that faith is not seen by the naked eye. But the Church is also visible, as she gathers around a visible preacher even as faith comes by hearing, heard from someone preaching, one who has been sent (Romans 10). The Church is visible as the administration of the Sacraments is visible, as real, physical bread and wine and water occupy space and time, and we experience them with our bodies by means of our senses. Pastor McIntosh only spoke of the invisible Church, not the visible Church. We must consider both halves of the paradox to get the full picture. The Church is indeed confessional, and our confessions address the question of who is charged with consecrating the elements (AC 14) and how that is to be done (AC 24, Ap 24). The Church is both local and trans-local - as evidenced by the fact that instead of a single temple, we have altars all over the world with the miraculous presence of God resting on them. And Holy Communion is not called “the Sacrament of the Altar” by our confessions for nothing. The elements are consecrated by the Word by means of one authorized to proclaim that Word - not just any person, and not by a simulacrum of a pastor's voice. And indeed, the Church is fraternal. It is an act of fratricide to introduce a divisive, sectarian, ahistorical practice in the Church that leaves people in doubt and scandalized, not to mention leaving behind a host of other chaotic consequences in its wake. At the conclusion of Pastor McIntosh's “Bible Study,” President Newman pointed out that there just so happened to be resolutions pertaining to internet communion yet to be voted on by the body, and that the CTCR and seminary faculties have already weighed in. And to my knowledge, none of them agree with Pastor McIntosh and President Newman that this practice should be done in our churches. Hopefully, this whole uproar about internet communion will be nothing more than an eyebrow-raising little episode in LCMS history that future generations will find quaint when they read about the synod's 21st century history. And in the short term, I hope that our synod will find some way, even with our convoluted polity, to enforce biblical, confessional, and catholic doctrine and practice, and facilitate the restoration of a genuine Eucharistic piety and of yearning for its frequent reception in our churches, an ethos that would make internet communion - not to mention the practice of churches withholding the Sacrament of the Altar for three weeks out of the month - unthinkable.

About WillWill is recovering System Administrator with a decade's worth of experience in technology and management. He now embraces the never-ending wild and exciting world of Information Security.Links: Color Health: https://www.color.com Twitter: https://twitter.com/willgregorian TranscriptAnnouncer: Hello, and welcome to Screaming in the Cloud with your host, Chief Cloud Economist at the Duckbill Group, Corey Quinn. This weekly show features conversations with people doing interesting work in the world of cloud, thoughtful commentary on the state of the technical world, and ridiculous titles for which Corey refuses to apologize. This is Screaming in the Cloud.Corey: This episode is sponsored in part by CircleCI. CircleCI is the leading platform for software innovation at scale. With intelligent automation and delivery tools, more than 25,000 engineering organizations worldwide—including most of the ones that you've heard of—are using CircleCI to radically reduce the time from idea to execution to—if you were Google—deprecating the entire product. Check out CircleCI and stop trying to build these things yourself from scratch, when people are solving this problem better than you are internally. I promise. To learn more, visit circleci.com.Corey: Up next we've got the latest hits from Veem. Its climbing charts everywhere and soon its going to climb right into your heart. Here it is!Corey: Welcome to Screaming in the Cloud. I'm Corey Quinn. Sometimes I like to talk about my previous job being in a large regulated finance company. It's true. I was employee number 41 at a small startup that got acquired by BlackRock. I was not exactly a culture fit, as you probably can imagine by basically every word that comes out of my mouth and then imagining that juxtaposed but they're a highly regulated finance company.Today, my guest is someone who knows me from those days because we worked together back in that era. Will Gregorian is the head of Information Security at Color Health, and is entirely too used to my nonsense, to the point where he becomes sick of it, and somehow came back around. Will, thanks for joining me.Will: Hello. How are you?Corey: It's been a while, and so far, things are better now. It turns out that I don't have—well, I was going to say I don't have the same level of scrutiny around my social media usage that you do at large regulated finance companies anymore, but it turns out that when you basically spend your entire day shitposting about a $1.8 trillion company in the form of Amazon, oh, it turns out your tweets get an awful lot of scrutiny. Just, you know, not by the company that pays you.Will: That's very true. And you knew how to actually capitalize on that.Corey: No, I sort of basically figured that one out by getting it wrong as I went from step to step to step. No, it was a wild and whirlwind time because I joined the company as employee 41. I was the first non-developer ops hire, which happens at startups a fair bit, and developers try to interview you and ask you a bunch of algorithm questions you don't do very well at. And they say, “Well, I have no further questions. Do you?”And of course, there's nothing that says bad job interview like short job interview. “Yeah, just one. What are you actually working on in an ops context?” And we talked about, I think, migrating from EC2 Classic to VPC back in those days, and I started sketching on the whiteboard, “Let me guess it breaks here, here, and here.” And suddenly, there are three more people in the room watching me do the thing on the whiteboard.Long story short, I get hired and things sort of progressed from there. The acquisition comes down and then how, uh, we suddenly, it turns out, had this real pressing need for someone to do InfoSec on a full-time slash rigorous basis. Which is where you came in.Will: That's exactly where I came in. I came in a month after the acquisition, if I remember correctly. That was fun. I actually interviewed with you, didn't I?Corey: You did. You passed, clearly.Will: I did pass. That's pretty hard to pass.Corey: It was fun, to be perfectly blunt. This is the whole problem with startup FinTech in some ways, where you're dealing in regulated industries, but at what point do you start bringing security in, as someone—where that becomes its own function? And how do you build that out? You can get surprisingly far without it until right afterwards then you really can't. But for a startup in the finance space, your first breach can very much be something of a death knell for the company.Will: That's very true. And there's no really good calculation on when you bring those security people in, which is probably the reason why—brace yourself—we're talking about DevSecOps.Corey: Oh, good. Let's put more words into DevOps because goes well.Will: Yeah. It does. It really does. I love it. You should look at my Twitter feed; I do make fun of it. But the thing is, it's mostly about risk. And founders ought to know what that risk is, so maybe that's the reason why they hired me because they felt like there's existential risk around brand and reputation, which is the reason why I joined. But yeah, [sigh] fundamentally, the problem with that is that if you hire a security practitioner, especially the first one, it's kind of like dating, in a way—Corey: Oh, yes.Will: If you don't set them up correctly, then they're doomed to be failed, and there are plenty of complexities as a result. Imagine you're a scrappy FinTech startup, you have a bunch of developers, they want to start writing code, they want to do big and great things, and all of a sudden security comes in and says, “Thou shalt not do the following things.” That's where it fails. So, I think it's part culture, part awareness from a founder perspective, part DevOps because let's face it, most of the stuff happens in infra side. And that's not to slam on anybody. And delicious goes on.Corey: Yeah. Something that I developed a keen appreciation for when I went into business for myself after that and started the Duckbill Group, is that when you talk to attorneys, that was really the best way to I found to frame it because they've been doing this for 2000 years. It turns out InfoSec isn't quite that old, although occasionally it feels like some of the practices are. Like, you know, password rotation every 30 days. I digress.And lawyers will never tell you what to do, or at least anyone who's been doing this for more than six months. Instead, the answer to everything is, “It depends. Here are the risk factors to consider; here are the trade-offs.” My wife is a corporate attorney and I learned early on not to let her have any crack at my proposal documents in those days because it's fundamentally a sales document, but her point was, “Well, this exposes you to this risk, and this risk, and this risk, and this risk.” And it's, “Yes, I'm aware of all of that. If I don't know how to do what I do, effectively, I'm not going to be able to fulfill this. It's not the contract; it is the proposal and worst case I'll give them their money back with an apology and life goes on.”Because at that point, I was basically a tiny one-man band, and there was no real downside risk. Worst case, the entity gets sued into oblivion; I have to go get a real job again. Maybe Amazon's hiring, I don't know. And it's sort of progressed from there. Left to their logical conclusion and letting them decide how it's going to work, it becomes untenable, and it feels like InfoSec is something of the same story where the InfoSec practitioners I've known would not be happy and satisfied until every computer was turned off, sunken into concrete, and then dropped into Challenger Deep out in the Pacific.Will: Yep. And that's part of the issue is that InfoSec, generally speaking, hasn't kept up with the modern practices, technologies, and advancements around even methodologies and culture. They're still very much [unintelligible 00:06:32] approaching the information security conversation, militaristically speaking; everything is very much based on DOD standards. Therein lies the problem. And funny enough, you mentioned password rotation. I vividly remember we had that conversation. Do you remember that?Corey: It does sound familiar. I've picked that fight so many times in so many different places. Yeah. My current thing that drives me up a wall is, in AWS's IAM console, you get alerts for any IAM credential parents older than 90 days and it's not configurable. And it's, yes, if I get a hold of someone's IAM credentials, I'm going to be exploiting it within seconds.And there are studies; you can prove this empirically. Turns out it's super economical to mine Bitcoin in someone else's Cloud account. But the 90-day idea is just—all that does—the only good part of that to me is it enforces that you don't have those credentials stashed somewhere that they become load-bearing and you don't understand what's going on in your infrastructure. But that's not really the best-practice hill, I would expect AWS to wind up staking out.Will: Precisely. And there lies the problem is that you have basically industry standards that really haven't adopted the cloud mentality and methodologies. The 90-day rotation comes from the world of PCI as well as a few other frameworks out there. Yeah, I agree. It only takes a few seconds, and if somebody is account—for example, in this case, IAM account—has programmatic access, game over.Yeah, they're going to basically spin up a whole bunch of EC2 instances and start mining. And that's the issue is that you're basically trying to bolt on a very passe and archaic standard to this fast-moving world of cloud. It just doesn't work. So, things have gotten considerably better. I feel like our last conversation was, what, circa 2015, '16?Corey: Yeah. That was the year I left: 2016. And then it was all right, maybe this cloud thing has legs? Let's find out.Will: It does. It does. It actually really does. But it has gotten better and it has matured in dramatic ways, even on the cybersecurity side of the house. So, we're no longer having to really argue our way through, “Why do we have to rotate passwords every 90 days?”And I've been part of a few of these conversations with maybe the larger institutions to say, look, we have compensating controls—and I speak their language: ‘compensating controls'—you want to basically frame it that way and you want to basically try to rationalize why, technically speaking, that policy doesn't make sense. And if it does, well, there is a better way to do it.Corey: I feel very similarly about the idea of data being encrypted at rest in a cloud context. Yeah in an old data center story this has happened, where people will drive a pickup truck through the wall of the data center, grab a rack into the bed and peel out of there, that's not really a risk factor in a time of cloud, especially with things like S3 where it is pretty clear that your data does not all live in easily accessible format in one facility. You'd have to grab multiple drives from different places and assemble it all together however it is they're doing it—I presume—and great. I don't actually need to do any encryption at rest story there. However, every compliance regime out there winds up demanding it and it's easier for me to just check the box and get the thing encrypted—which is super easy, and no noticeable performance impact these days—than it is for me to sit here and have this argument with the auditor.It's one of the things I've learned that would arguably make me a way better employee than I was when we worked together is I've learned to pick my battles. Which fights do I really need to fight and which are, fine, whatever, click the ridiculous box. Life goes on.Will: Ah, the love of learning from mistakes. The basic model of learning.Corey: Someday I aspire to learn from mistakes of others instead of my own. But, you know, baby steps.Will: Exactly. And you know, what's funny about it is that I just tweeted about this. EA had a data breach and apparently, their data breach was caused by a Slack conversation. Now, here's my rebuttal. Why doesn't the information security community come together and actually talk about those anti-patterns to learn from one another?We all keep it in a very in a confidential mode. We locked it away, throw the keys away, and we never talk about why this thing happened. That's one problem. But, yeah, going back to what you were talking about, yeah, it's interesting. Choose your battles carefully, frankly, speaking.And I feel like there's a lesson to be learned there—and I do experience this from time to time—is that, look, our hands are tied. We are basically in the world of relevance and we still have to make money. Some of these things don't make sense. I wholeheartedly agree with my engineering counterparts where these things don't make sense. For example, the encryption at rest.Yeah, if you encrypt the EBS volume, does really get you a whole lot? No. You have to encrypt the payload in order to be able to secure and keep the data that you want confidential and that's a massive lift. But we don't ever talk about that. What we talk about and how we basically optimize our conversations, at least in the current form, is let's harp on that compliance framework that doesn't make sense.But that compliance frameworks makes us the money. We have to generate revenue in order to remain employed and we have to make sure that—let's face it, we work in startups—at least I do—and we have to basically demonstrate at least some form of efficacy. This is the only thing that we have at our disposal right now. I wish that we would get to the world where we can in fact practice the true security practices that make a fundamental difference.Corey: Absolutely. There's a bunch of companies that would more or less look all the same on the floor of the RSA Expo—Will: Yep.Corey: —and you walk up and down and they're selling what seems to be the same product, just different logos and different marketing taglines. Okay. And then AWS got into the game where they offered a bunch of native tools that help around these things, like CloudTrail logs, et cetera, and then you had GuardDuty to wind up analyzing this, and Macie to analyze this, but that's still [unintelligible 00:12:12], and they have Detective on top of that, and Security Hub that ties it all together, and a few more. And then, because I'm a cloud economist, I wind up sitting here and doing the math out on this and yes, it does turn out the data breach would be cheaper. So, at what point do you stop hurling money into the InfoSec basket on some level?Because it's similar to DR; it's a bit of a white elephant you can throw any amount of money at and still get it wrong, as well as at some point you have now gone so far toward the security side of things that you have impaired usability for folks who are building things. Obviously, you need your data to be secure, but you also need that data to be useful.Will: Yep. The short answer to that is, I would like to find anybody who can give you the straight answer for that one. There is no [unintelligible 00:13:00] to any of this. You cannot basically say, “This is a point of stop.” If you will, from an expenditure perspective.The fundamental difference right now is we're trying to basically cross that chasm. Security has traditionally been in a silo. It hasn't worked out really well. I think that security really needs to buck up and collaborate. It cannot basically remain in a control function, which is where we are right now.A lot of security practitioners have the belief that they are the master of everything and no one is right. That fundamentally needs to stop. Then we can have conversations around when we can basically stop spending the expenditure on security. I think that's where we are right now. Right now, it still feels very much disparate in a not-so-good way.It has gotten better, I think; the companies in the Valley are really trying to basically figure out how to do this correctly. I would say the larger organizations are still not there. And I want to really, sort of, sit from the sideline and watch the digital transformation thing happen. One of the larger institutions just announced that they're going to go with AWS Cloud, I think you know who I'm talking about.Corey: I do indeed.Will: Yeah. [laugh]. So, I'm waiting to see what's going to happen out of that. I think that a lot of their security practitioners are up for a moment of wake-up. [laugh].Corey: They really are. And moving to cloud has been a fascinating case study in this. Back in 2012, when I was working in FinTech, we were doing a fair bit of work on AWS, so we did a deal with a large financial partner. And their response was, “So okay, what data centers are you using?” “Oh, yeah, we're hosting in AWS.”And their response was, “No, you're not. Where are you hosting?” “Okay, then.” I checked recently and sure enough, that financial partner now is all-in on Cloud. Great. So, I said—when one of these deals was announced—that large finance companies are one of the bellwether institutions, that when they wind up publicly admitting that they can go all-in on cloud or use a cloud provider, that is a signal to a lot of companies that are no longer even finance-adjacent, but folks who look at that and say, “Okay, cloud is probably safe.”Because when someone says, “Oh, our data is too sensitive to live on the cloud.” “Really? Because your government uses it, your tax authority uses it, your bank uses it, your insurance underwriter uses it, and your auditor uses it. So, what makes your data so much more special than that?” And there aren't usually a lot of great answers other than just curmudgeonly stubbornness, which, hey, I'm as guilty of as anyone else.Will: Well, I mean, there's a bunch of risk people sitting there and trying to quantify what the risk is. That's part of the issue is that you have your business people who may actually be embracing it, but then you—and your technologists, frankly speaking. But then you have the entire risk arm, who is potentially reading some white paper that they read, and they're concluding that the cloud is insecure. I always challenge that.Corey: Yeah, it's who funded this paper, what are they trying to sell? Because no one says that without a vested interest.Will: Well, I mean, there's a bunch of server manufacturers that are going to be left out of the conversation.Corey: A recurring pattern is that a big company will acquire a startup of some sort, and say, “Okay, so you're on the cloud.” And they'll view that through a lens of, “Well, obviously of course you're on the cloud. You're a startup; you can't afford to do a data center build-out, but don't worry. We're here now. We can now finance the CapEx build-out.”And they're surprised to see pushback because the thing that they miss is, it was not an economic decision that drove companies to cloud. If it started off that way, it very quickly stopped being that way. It's a capability story, it's if I need to suddenly scale up an entire clone of the production environment to run a few tests and then shut it down, it doesn't take me eight weeks and a whole bunch of arguing with procurement to get that. It takes me changing an argument to, ideally a command line or doing some pull request or something like that does this all programmatically, waiting a few minutes and then testing it there. And—this is the part everyone forgets—McLeod economic side—and then turning it back off again so you don't pay for it in perpetuity.It really does offer a tremendous boost in terms of infrastructure, in terms of productivity, in terms of capability stories. So, we're going to move back to a data center now that you've been acquired has never been a really viable strategy in many respects. For starters, a bunch of you engineers are not going to be super happy with that, and are going to take their extremely hard-to-find skill set elsewhere as soon as that becomes a threat to what they're doing.Will: Precisely. I have seen that pattern. And the second part to that pattern, [laugh] which is very interesting is trying to figure out the compromise between cloud and on-prem. Meaning that you're going to try to bolt-on your on-prem solutions into the cloud solution, which equally doesn't work if not it makes it even worse. So, you end up with this quasi-hybrid model of sorts, and that doesn't work. So, it's all-in or nothing. Like I said, we've gotten to the point where the realization is cloud is the way to do it.Corey: This episode is sponsored by our friends at Oracle HeatWave is a new high-performance accelerator for the Oracle MySQL Database Service. Although I insist on calling it “my squirrel.” While MySQL has long been the worlds most popular open source database, shifting from transacting to analytics required way too much overhead and, ya know, work. With HeatWave you can run your OLTP and OLAP, don't ask me to ever say those acronyms again, workloads directly from your MySQL database and eliminate the time consuming data movement and integration work, while also performing 1100X faster than Amazon Aurora, and 2.5X faster than Amazon Redshift, at a third of the cost. My thanks again to Oracle Cloud for sponsoring this ridiculous nonsense. Corey: For the most part, yes. There are occasional use cases where not being in cloud or not being in a particular cloud absolutely makes sense. And when companies come to me and talk to me that this is their perspective and that's why they do it, my default response is, “You're probably right.” When I talk about these things, I'm speaking about the general case. But companies have put actual strategic thought into things, usually.There's some merit behind that and some contexts and constraints that I'm missing. It's the old Chesterton's Fence story, where it's a logic tool to say, okay, if you come to a fence in the middle of nowhere, the naive person, “Oh, I'm going to remove this fence because it's useless.” The smarter approach is, “Why is there a fence here? I should probably understand that before I take it down.” It's one of those trying to make sure that you understand the constraints and the various strategic objectives that lend themselves to doing things in certain ways.I think that nuance gets lost, particularly in mass media, where people want these nuanced observations somehow distilled down into something that fits in a tweet. And that's hard to do.Will: Yep. How many characters are we talking about now? 280.Corey: 280 now, but you can also say a lot with gifs. So, that helps.Will: Exactly, yeah. A hundred percent.Corey: So, in your career, you've been in a lot of different places. Before you came over and did a lot of the financial-regulated stuff. You were at Omada Health where you were focusing on healthcare-regulated side of things. These days, you're in a bit of a different direction, but what have you noticed that, I guess, keeps dragging you into various forms of regulated entities? Are those generally the companies that admit that they, while still in startup stage, actually need someone to focus on security? Or is there more to it that draws you in?Will: Yeah, I know. There's probably several different personas to every company that's out there. You have your engineering-oriented companies who are wildly unregulated, and I'm talking about maybe your autonomous vehicle companies who have no regulations to follow, they have to figure it out on their own. Then you have your companies that are in highly regulated industries like healthcare and financial industry, et cetera. I have found that my particular experience is more applicable to the latter, not the former.I think when you basically end up in companies that are trying to figure it out, it's more about engineering, less about regulations or frameworks, et cetera. So, for me, it's been a blend between compliance and security and engineering. And that's where I strive. That doesn't mean that I don't know what I'm doing, it just means that I'm probably more effective in healthcare and FinTech. But I will say—you know, this is an interesting part—what used to take months to implement now is considerably shorter from an implementation timeline perspective.And that's the good news. So, you have more opportunities in healthcare and FinTech. You can do it nimbly, you can do things that you generally had to basically spend massive amounts of money and capital to implement. And it has gotten better. I find myself that, you know, I struggle less now, even in the AWS stack trying to basically implement something that gets us close to what is required, at least from a bare minimum perspective.And by the way, the bare minimum is compliance.Corey: Yes.Will: That's where it starts, but it doesn't end there.Corey: A lot of security folks start off thinking that, “Oh, it's all about red team and pentesting and the rest, and no, no, an awful lot of InfoSec is in fact compliance.” It's not just, do the right thing, but how do you demonstrate you're doing the right thing? And that is not for everyone.Will: I would caution anybody who wants to get into security to first consider how many different colors there are to the rainbow in the security side of the house, and then figure out what they really want to do. But there is a misconception around when you call security often, to your point, people kind of default to, “Oh, it's red teaming.” Or, “It's basically trying to break or zero-days.” Those happens seldom, although seems they're happening far more often than they should.Corey: They just have better marketing now.Will: Yeah. [laugh].Corey: They get names and websites and a marketing campaign. And who knows, probably a Google Ad buy somewhere.Will: Yep, exactly. So, you have to start with compliance. I also would caution my DevOps and my engineering counterparts and colleagues to, maybe, rethink the approach. When you approach a practitioner from a security side, it's not all about compliance, and if you ask them, “Well, you only do compliance,” they're going to may laugh at you. Think of it as it's all-inclusive.It is compliance mixed with security, but in order for us to be able to demonstrate success, we have to start somewhere, and that's where compliance is—that's the starting point. That becomes sort of your northern light in a referential perspective. Then you figure out, okay, how do we up our game? How do we refine this thing that we just implemented? So, it becomes evolving; it becomes a living entity within the company. That's how I usually approach it.Corey: I think that's the only sensible way to go about these things. Starting from a company of one to, at the time is recording, I believe we're nine people but don't quote me on that. I don't want to count noses. One of the watershed moments for us when we started hiring people who—gasp, shock—did not have backgrounds as engineers themselves—it turns out that you can't generally run most companies with only people who have been spending the last 15 years staring at computers. Who knew?—and it's a different mindset; it's a different approach to these things.And because again, it's that same tension, you don't want to be the Department of No. You don't want to make it difficult for people to do their jobs. There's some low bar stuff such as you don't want people using a password of ‘kitty' everywhere and then having it on a post-it note on the back of their laptop in an airport lounge, but you also don't want them to have to sit there and go through years of InfoSec training to make this stuff makes sense. So, building up processes like we have here, like security awareness training, about half of it is garbage; I got to be perfectly honest. It doesn't apply to how any of us do business. It has a whole bunch of stuff that presupposes that we have an office. We don't. We're full remote with no plans to change that. And it's a lot of frankly, terrible advice, like, “Never click a link in email.” It's yeah, in theory, that makes sense from a security perspective, but have you met humans?Will: Yeah, exactly.Corey: It's this understanding of what you want to be doing idealistically versus what you can do with people trying to get jobs done because they are hired to serve a purpose for the company that is not security. “Security is everyone's job,” is a great slogan and I understand where it's going, but it's not realistic.Will: Nope, it's not. It's funny it's you mentioned that. I'm going through a similar experience from a security awareness training perspective and I have been cycling through several vendors—one prominent one that has a Chief Hacking Officer of sorts—and amazingly enough, their content is so very badly written and so very badly optimized on the fact that we're still in this world of going to a office or doing things that don't make sense. “Don't click the link?” You're right. Who doesn't click the link? [laugh].Corey: Right. Oh, yeah. It's a constant ongoing thing where you continually keep running into folks who just don't get it, on some level. We all have that security practitioner friend who only ever sends you email that is GPG encrypted. And what do they say in those emails?I don't know. Who has the time to sit there and decrypt it? I'm not running anything that requires disclosure. I just don't understand the mindset behind some of these things. The folks living off the grid as best they can, they don't participate in society, they never have a smartphone, et cetera, et cetera. Having seen some things I've seen, I get it, but at some point, it's one of those you… you don't have to like it, but accepting that we live in a society sort of becomes non-optional.Will: Exactly. There lies the issue with security is that you have your wonks who are overly paranoid, they're effectively like the your talented engineer types: they know what they're talking about and obviously, they use open-source projects like GPG, et cetera. And that's all great, but they don't necessarily fit into the contemporary context of the business world and they're seen as outliers who are basically relied on to do things that aren't part of the normal day-to-day business operations. Then you have your folks who are just getting into it and they're reading your CISSP guides, and they're saying, “This is the way we do things.” And then you have people who are basically trying to cross that chasm in between. [laugh].And that's where the security is right now. And it's a cornucopia of different personalities, et cetera. It is getting better, but what we all have to collectively realize is that it is not perfect. To your point, there is no one true way of practicing security. It's all based on how the business perceived security and what their needs are, first and foremost, and then trying to map the generalities of security into the business context.Corey: That's always the hardest part is so many engineering-focused solutions don't take business context into account. I feel very aligned with this from the cost perspective. The reason I picked cost instead of something like security—because frankly, me doing basically what I'm doing now with a different position of, “Oh, I will come in and absolutely clear up the mistakes you have made in your IAM policies.” And, “Oh, we haven't made any mistakes in our IAM policies.” You ever met someone for who not only is that true, but also is confident enough to say that? Because, “Great. We'll do an audit. You want to bet? If we don't find anything, we'll give you a refund.” [laugh]. And it's fun, but are people going to call you with that in the middle of the night and wake you up? The cloud economics thing, it is strictly a business hours problem.Will: Yeah, yeah. It's funny that you mention that. So, somebody makes a mistake in that IAM cloud policy. They say, “Everybody gets admin.” Next thing you know, yes, that ends up causing an auth event, you have a bunch of EC2 instances that were basically spun up by some bad actor, and now you have a $1 million bill that you have to pay.Corey: Right. And you can get adjustments to your bill by talking to AWS support and bending the knee. And you're going to have to get yelled at, and they will make you clean up your security policies, which you really shut it down anyway, and that's the end of it. For the most part.Will: I remember I spun up a Macie when it had just came out.Corey: Oh, no.Will: Oh, yeah.Corey: That was $5 per gigabyte of data ingested, which is right around the breakeven point of hire a bunch of college interns to do it instead, by hand.Will: Yeah, I remember the experience. It ended up costing $24,000 in a span of 24 hours.Corey: Yep.Will: [laugh].Corey: And it was one of the most blindsidingly obvious things, to the point where they wound up releasing something like a 90% pay cut with the second generation of billing. And the billing's still not great on something like that. I was working with a client when that came out, and their account manager immediately starts pushing it to them and they turn to me almost in unison, and, “Should we do it?”—good. We have them trained well, and I, “Hang on,”—envelope math—“Great. Running this on the data you have an S3 right now would cost for the first month, $76 million, so I vote we go with Option B, which is literally anything that isn't that, up to and including we fund our own startup that will do this ourselves, have them go through your data, then declare failure on Medium with a slash success post of our incredible journey has come to an end; here's what's next. And then you pocket the difference and use it for something good.”And then—this is at the table with the AWS account manager. Their response, “So, you're saying we have a pricing problem with Macie?” It's like well, “Whether it's a problem or not really depends on what side of that transaction [laugh] you're on, but I will say I'll never use the thing.” And only four short years later, they fixed the pricing model.Will: Finally. And that was the problem is that you want to do good; you end up doing bad as a result. And that was my learning experience. And then I had to obviously talk to them and beg, borrow, and steal and try to explain to them why I made that mistake. [laugh]. And then finally, you know [crosstalk 00:29:52]—Corey: Oh, yeah. It's rare that you can make an honest, well-intentioned mistake and not get that taken care of. But that is not broadly well known. And they of course can't make guarantees around it because as soon as you do that you're going to open the door for all kinds of bad actors. But it's something where, this is the whole problem with their billing model is they have made it feel dangerous to experiment with it. “Oh, you just released a new service. I'm not going to play with that yet.”Not because you don't trust the service and not because you don't trust the results you're going to get from it, but because there's this haunting fear of a bill surprise. And after you've gone through that once or twice, the scars stick with you.Will: Yep. PTSD. I actually learned from that mistake, and let's face it, it was a mistake and you learn from that. And I feel like I sort of honed in on the fact that I need to pay attention to your Twitter feed because you talk about this stuff. And that was really, like, the first and last mistake that I made with a AWS service stack.Corey: Following on my Twitter feed? Yeah, first and last mistake a lot of people make.Will: Oh, I mean, it was—that's too, but you know, that's a good mistake to make. [laugh]. But yeah, it was really enlightening in a good way. And I actually—you know, what's funny about it is if you start with a AWS service that has just basically been released, be cautious and be very calculated around what you're implementing and how you're implementing it. And I'll give you one example: AWS Shield, for example.Corey: Oh, yeah. The free version or the $3,000 per month with a one-year commitment?Will: [unintelligible 00:31:15] version. Yeah, you start there, and then you quickly realize the web application firewall rules, et cetera, they're just not there yet. And that needs to be refined. But would I pay $3,000 for AWS Shield Advanced or something else? I probably will go with something else.There lies the issue is that AWS is very quick to release new features and to corner that market, but they just aren't fast enough to, like, at least in the current form—you know, from a security perspective, when you look at those services, they're just not fast enough to refine. And there is, maybe, an issue with that, at least from my experience perspective. I would want them to pay a little bit more attention to, not so much your developers, but your security practitioners because they know what they're looking for. But AWS is nowhere to be found on that side of the house.Corey: Yeah. It's a hard problem. And I'm not entirely sure the best way to solve for it, yet.Will: Yeah, yeah. And there lies a comment where I said that we're crossing that chasm right now…. We're just not there yet.Corey: Yeah. One of these days. If people want to hear more about what you're up to and how you view these things, where can they find you?Will: Twitter.Corey: Always a good decision. What's your username? And we will, of course, throw a link to it in the [show notes 00:32:33].Will: Yeah, @willgregorian. Don't go to LinkedIn. [laugh].Corey: No. No one likes—LinkedIn is trying to be a social network, but not anywhere near getting there. Thank you so much for taking the time to basically reminisce with me if nothing else.Will: This was awesome.Corey: Really was. Will Gregorian, head of information security at Color Health. I'm Cloud Economist Corey Quinn and this is Screaming in the Cloud. If you've enjoyed this podcast, please leave a five-star review on your podcast platform of choice, whereas if you've hated this podcast, please leave a five-star review on your podcast platform of choice along with an ignorant comment telling me why I'm wrong about rotating passwords every 60 days.Corey: If your AWS bill keeps rising and your blood pressure is doing the same, then you need the Duckbill Group. We help companies fix their AWS bill by making it smaller and less horrifying. The Duckbill Group works for you, not AWS. We tailor recommendations to your business and we get to the point. Visit duckbillgroup.com to get started.Announcer: This has been a HumblePod production. Stay humble.

Show Notes  Josh settles on this year's Halloween costume just in the nick of time, Ben has a blowout summer vacation in Utah and Idaho, and they both rant about media bias, the future of humanity, Chesterton's Fence, and dishonesty in the military.  Intro (0-33:38)  Trial of the Chicago 7 on Netflix  Josh after passing the … Continue reading "Episode 49 – Chuffed about Lying in the Military"

Merry Christmas! By Larry Beane   Merry Christmas, dear readers, brothers and sisters in Christ! At last, this festival day has once more come, and we reflect upon the mystery of the Incarnation of our Lord, and we connect His manger with His cross, and we celebrate Christ's Mass as He continues to come to us in His Word and Sacrament: the Gottesdienst. Of course, nothing gets everyone riled up quite like the coming of the Prince of Peace. Every year, we Christians - and especially we cranky Lutherans - wage the annual Advent war over “Blue vs. Purple,” or sometimes “Purple vs. Violet” and “Rose vs. Pink.” We have the annual donnybrooks over whether or not to put the tree up before December 24th, singing only Advent hymns until that date, and scolding people for attending Christmas parties during a penitential season. Then there is the conflict over whether XMas is appropriate: does it “cross out” Christ from Christmas, or does it signify the letter Chi: the first letter in the Greek word for “Christ”? Of course, the big scuffle involves the world and its insistence on “Happy Holidays” as a politically correct and inclusive alternative to “Merry Christmas.” In addition, there is the annual bruhaha of whether or not Christmas is actually a Pagan festival of Sol Invictus and the Solstice, or whether it actually is the birthday of our Lord - only to be appropriated and aped afterwards by Pagans. Regardless of where anyone stands on these issues, let us remember the true meaning of, well, adiaphora. There is neither command nor prohibition from Scripture to celebrate Christmas, or to say one greeting or another, or regarding seasonal colors and music. We are free in such matters, but of course, this is not to say that such matters are unimportant. I believe it is a sad thing when churches use their freedom to celebrate a Massless Christmas, whether opting for a Mass without the Mass, or calling the whole thing off for the sake of “family time” or to accommodate the schedule of the Feast of Our Lord and Savior Football. And as far as making changes to longstanding practice, perhaps Chesterton's Fence and the Book of Concord's repeated suspicion of novelty and change in the way we practice our faith make for a good rule of thumb. A lesser fight involves the English word “merry” as opposed to “happy” in conjunction with our Christmas wishes. This one is particularly interesting. While some claim “Merry Christmas” dates back to the sixteenth century, I can't find any real proof of this. It is certainly at very least Victorian, as any reader of Dickens will attest. The British royal family has, in recent years, taken to saying “Happy Christmas” instead of “Merry Christmas.” I've read a few people make the case that “Merry Christmas” has connotations of drinking and debauchery - which reminds me how the Babe of Bethlehem will thirty years hence be called “a glutton and a drunkard” by the very people He was born to save, and for whom He will die. The etymologies of “happy” and “merry” are interesting. “Happy” is a Germanic word related to the older English word “hap” which means “chance” or “fortune.” This makes sense when we consider the words “happen” and “happenstance.” Happiness is therefore a kind of good fortune or good luck. When we wish someone “Happy Birthday” or “Happy New Year,” there is the connotation of a desire for material prosperity and good fortune in the turning of this page of life. “Merry” likewise traces its origin to the Germanic part of the English language family tree. It has more of the connotation of celebration, of “making merry,” of feasting and laughing with others. It is related to the word “mirth.” It actually seems to come from the older Germanic form of a word, “murg,” meaning “short” (as in time). Linguists speculate this is because when one is celebrating, time seems short. Of course, these original nuances embedded in the words have largely become lost in the sands of passing time. We say “Merry Christmas” largely because it is simply traditional. But having considered the etymology of the word, it is fitting that we use the word “merry” - for it is the stuff of celebration. Christmas is a feast of the church. The pastor leading the feast is known as the “celebrant.” And feasts involve food and drink. And the Christ's Mass involves feasting upon His body and blood. And in spite of the world's loathing of Christ and the Church, and in spite of our own sinful flesh that results in bitter infighting within the Church - on this day, we make merry and feast on account of Christ's birth, for “the Word became flesh and dwelt among us.” And yes, He will confound the self-righteous Pharisees and the scolding Pietists by insisting on eating and drinking with us poor, miserable sinners: the very people He was born to save, and for whom He will die. And so it is fitting that we make merry and greet one another with a hearty “Merry Christmas!” For as the hymnist Johann Allendorf (1693-1773) taught us to sing: “Jesus has come and brings pleasure eternal, Alpha, Omega, Beginning and End; Godhead, humanity, union supernal, O great Redeemer, You come as our friend! Heaven and earth, now proclaim this great wonder: Jesus has come and brings pleasure eternal!” — "JESUS HAS COME AND BRINGS PLEASURE" (LSB 533)

This week I have a segment on Body Terrorism, a segment on Libertarian Bashing and segment on Chesterton's Fence and a larger number of small items than usual.

In this episode with David Colarusso, we talk about Suffolk University Law School's Legal Innovation and Technology Lab, what it is and what it hopes to achieve, as well as a concept known as “Chesterton's fence” and how you can better use risk assessment tools in your firm.

We return to the podcast to explore the connection between three videos we made: playing the Royal Game of Ur, visiting Rob's 3d printing lab, and Chesterton's Fence. Amazingly, there is a connection--all three have to do with how to approach the problem of incomplete information. You can also check out our project videos at youtube.com/goodandbasic. --- Support this podcast: https://anchor.fm/goodandbasic/support

Michael—er, Rachel Maddow—cries on MSNBC. We'll analyze the contrived immigration issue that has the GOP losing another fake Republican strategist! Then, Derek Hunter will join fittingly to discuss his new book, “Outrage Inc.: How the Liberal Mob Ruined Science, Journalism, and Hollywood.” Learn more about your ad choices. Visit podcastchoices.com/adchoices

Jason Staples gets philosophical, discussing Chesterton's Fence and how it relates to criticizing football coaches before discussing Jimbo Fisher's offensive philosophy. Unconquered 3.38 – Offensive Philosophy and Playcalling The post Unconquered 3.38 – Offensive Philosophy and Playcalling appeared first on Unconquered Podcast.