Podcasts about CLI

Your first app interface should be a CLI! Carl and Richard talk to Kathleen Dollard about her experiences creating the .NET CLI - and how CLIs are only getting more important in the era of AI. Kathleen talks about working within the POSIX CLI standard for consistency's sake and to recognize that there will be many more CLIs in your life, so they should be as similar as possible. While CLIs may have started as configuration-as-code and DevOps practices, LLMs work well with them as long as consistency is maintained. There are several projects out there today to help you build a great CLI - check the links!

Jack Hirsch, vice president of product at Okta The rise of AI in the workplace is creating a new kind of risk for organizations: shadow AI. Employees can now spin up AI agents that connect directly to emails, files, and business systems—often without IT oversight. These agents can access sensitive data, and without proper controls, they become prime targets for cyberattacks. In this episode of the podcast, we're joined by Jack Hirsch, vice president of product at Okta, to explore what shadow AI is, why it matters for Canadian organizations, and how IT partners can help their customers manage it. Jack discusses Okta's latest tools, which provide real-time visibility into AI agents and their permissions. These capabilities make it easier for security teams to discover unmanaged agents, understand their access, and quickly bring them under identity-based controls. We also touch on regulatory implications, including Canada's proposed Bill C-8, which heightens expectations around cyber risk accountability, access controls, and transparency. As legislation moves forward, organizations will need to prove they understand not just who has access to sensitive systems—but which AI agents do as well. For MSPs and IT resellers, this emerging landscape represents both a challenge and an opportunity. Jack shares insights into how partners can position themselves as trusted advisors for clients navigating AI risk, turning a potentially complex problem into a service opportunity. Tune in to hear why identity management is becoming central to securing the agentic enterprise—and what your customers will need to stay ahead of shadow AI risks. Read Full Transcript Hello and welcome to the ChannelBuzz.ca podcast, bringing news and information to the Canadian IT channel for the last 16 years. I’m Robert Dutt, editor of ChannelBuzz.ca, and as always, your host for the show. Okta has announced a new set of capabilities designed to help organizations uncover and manage a fast-growing risk: shadow AI. As AI tools become easier to use, employees are increasingly creating their own AI agents, connecting them to emails, files, SaaS apps, and internal systems to get work done faster. The problem is that many of these agents are created without security oversight, governance, or clear ownership. Once they’re connected to sensitive systems, they can quietly gain broad access to data, making them attractive targets for attackers and a potential liability for organizations. Okta’s new solution is designed to address that gap. It gives security teams real-time visibility into AI agents across the enterprise, showing which agents exist, what they can access, and what permissions they’ve been granted. Just as importantly, it allows organizations to quickly bring unmanaged or risky agents under identity controls, treating them more like digital employees than anonymous tools. That visibility matters even more in Canada, where proposed legislation like Bill C-8 is raising expectations around cyber risk accountability, access controls, and transparency. As AI becomes embedded into everyday workflows, organizations will be expected to know not just who has access to what sensitive data, but what machines and agents do as well. To unpack what shadow AI really means, why identity has become central to managing AI risk, and what all this creates in terms of opportunity for Canadian IT partners, I’m joined today by Jack Hirsch, Vice President of Product at Okta. Let’s dive in. Robert Dutt: Jack, thanks for taking the time. I appreciate it. Jack Hirsch: My pleasure. Thank you for having me. Robert Dutt: It feels like this is a topic that a lot of folks in the channel have been through with different flavors in the past. When you say “shadow X,” it certainly brings up memories of transitions past, but just to level set and set the parameters here, can you give me a quick definition on shadow AI? I almost said shadow IT. Can you give me a quick definition on shadow AI, and why it’s becoming both a security and governance issue? Jack Hirsch: Sure. Well, look, it’s no secret now that AI is changing the shape of how work gets done in the modern era. You have these non-deterministic entities running around, and fundamentally, they’re exciting, they’re interesting on their own, but where they really light up in value, where you start to see efficiency and effectiveness gains from your carbon-based workforces, is when you start connecting them to tools. They need resource access to be truly productive. So AI agents need resource access, and that’s when it can start to get scary, and that’s when shadow AI starts to create a ton of risk for modern organizations. We know that the point of authentication is now much stronger with phishing-resistant auth. However, post-auth security is the primary breach vector for the vast majority of cybersecurity incidents now, meaning the session token’s been cut. There’s access out in the ecosystem, and that’s why shadow AI is terrifying. Unfortunately, the options available to the ecosystem to secure AI and to build it quickly have been not good enough, to put it bluntly. This leaves security leaders with this very, very difficult challenge of moving fast and potentially breaking things and giving away the keys to the kingdom to OpenClaw, or whatever it is that you want to do, or potentially stifling innovation. That’s a really, really difficult spot for security leaders to be in. So yeah, shadow AI is everywhere. The challenges are greater. The stakes have never been higher. Robert Dutt: Yeah, so that’s sort of the problem space. So when employees spin up AI agents and connect them to emails, to files, to internal data, to systems, whatever it may be, I presume most of the problems emerge from unintended consequences, as is so often the case in technology. But what are some of the common ways that sensitive data ends up exposed without anyone really necessarily realizing it, or is that the nature of the problem? Jack Hirsch: Well, look, I think there’s sort of the naive answer, and not to say that it’s easy or trivial. I don’t want to trivialize this, but the naive answer is, “Oh, prompt injection, data leakage, data poisoning. Oh yeah, who knows what the LLM will spit out?” But the actual scarier risk is around inadvertent access and the standing credentials that need to be given to AI agents for them to be productive. If Rob, you and I work at Acme Corp, and we’re working on a project together and we want to spin up an AI agent, whose permissions do we give it? Most of the time now, a security leader is not going to be able to jump in front of every single moving train and slow them. They’ll just say, “Oh yeah, give it a set of static credentials. Give it an API key, but don’t give it Rob’s access. Don’t give it Jack’s access. Give it super user access, and we’ll trust it to do the right thing.” And so you’re giving this untrained, very influenceable, non-deterministic entity the keys to the kingdom. And that’s really the primary risk vector here. And so it’s all an identity and access management problem. Fundamentally, these are identities that need to be discovered. They need to be controlled. They need to be governed. And their access needs to be managed in the same way that their carbon-based peers, us as humans, need to be governed as well. Robert Dutt: So with that framing, it sounds like maybe identity is more important than traditional network or endpoint controls in terms of security in this world, where there are all these agents running around and doing whatever it is, hopefully, we want them to do and potentially what we don’t want them to do. Jack Hirsch: I think this is where the traditional model of endpoint or network or identity-based detection and response falls flat. You can’t keep up with the incredible volume of AI agent activity out in the ecosystem to detect it all. Every single, even approved platforms are now starting to put AI sprinkles throughout their products. And so it’s sort of fighting an uphill battle there. And so the reason this is truly an identity-centric problem is because, again, all those agents need access to resources inside of organizations. And the way that AI grew, and we saw this with how OpenAI and Anthropic and even Google with Gemini, their sort of growth paths were primarily consumer driven. And in a consumer world, it’s really easy. I’m spinning up, I’m literally sitting next to a machine that has a Claude bot spun up in a fully isolated environment, but I’m an individual user in that scenario. And so if I want to give it access, I can just OAuth myself. It’s super easy. And so the authorization mechanism wasn’t really thought about in an enterprise context. And then when you get into an enterprise context, you have individuals that want to do exactly the same thing and access corporate resources. So it really is a new type of identity. We can talk about some of the differences between human and AI agent, but it’s fundamentally an identity and access management problem. These are digital identities, non-human identities that need access to resources within an organization. And you actually see this being recognized by broader standards bodies. So for example, Cross App Access was something that we’ve been working on. It’s a new standard, it’s an extension of the OAuth protocol. And it’s something that we’ve been working on for years, two, three years now at this point. And we reintroduced it to the ecosystem this past summer, summer of 2025. And we introduced it first to ISVs and the people that were sort of around the Okta ecosystem had heard about it before. But then the rest of the ecosystem, the adoption was wild because MCP had become a thing and people were trying to deploy MCP servers and AI agents into their enterprises. And no one, not at the time Anthropic or OpenAI or any of the big model providers, had taken on the challenge of enterprise authorization for AI agents. And so this standard that had been sort of latent and sitting somewhere in an IETF draft for a while got picked up and started gaining a ton of steam. And just in November, right before Anthropic split off MCP and gave it away to the open ecosystem, it got merged into the MCP repo as the new default enterprise authorization mechanism for MCP. And so this isn’t something that’s Okta owned, it’s just a standard that we developed because we are independent. And as such, we are the sort of standard-bearer for the open security ecosystem. We believe that we need to be the rising tide that lifts all ships. And that’s why we develop open standards like Cross App Access. So now, really excited, we’ve taken our own engineers and pushed this authorization code out into the open ecosystem so that many applications start picking up this capability, this new OAuth extension. Robert Dutt: So at a high level, when you talk about the products that you guys are bringing to market, the solutions to address this, at a high level, what kind of new visibility or new insights are you giving organizations that are using these tools that they simply didn’t have before when it comes to discovering AI agents, the privileges they have, and what they’re up to? Jack Hirsch: Yeah. So, I mean, maybe if I can even blow it up further and say, let’s talk about maybe three steps: discovery, then control, and governance. So on the discovery side, there are many ways to discover, let’s date ourselves, shadow IT. There are many ways to discover, right? You can have a browser extension, you can have some sort of endpoint monitoring, you can have network monitoring. You can also check the resources themselves for access. And so we took a, initially, we’re taking a multi-pronged approach to doing the discovery, but we’re doing what we do best, which is integrating into over 8,000 ISVs and checking for resource access. And so who’s accessing these resources? Are they carbon-based? Are they digital-based? And so the first phase of discovery with our ISPM product is being able to see who’s accessing these resources and why. And so that extended very, very nicely to AI agents. And it doesn’t really matter where the AI agents exist, right? It doesn’t matter if they’re part of a larger platform with something like Salesforce and Agentforce, or whether they’re homegrown, built off in some skunkworks team off to the side. Ultimately, when they get access to the resource, we see it. And then you get into the control plane. So that’s just the discovery. Within the control plane, we want to meet our customers where they are. And we know that the vast majority of these things are going to be granted access via static credentials, just the god-mode tokens. And for those, we can harden them. We can effectively bring them under management. We can bring those credentials under management. We can observe them. We can rotate them. We can observe for anomalous behavior, et cetera. And so that’s like what you would consider a traditional PAM use case or maybe a modern IGA use case. But then also with control, we give Cross App Access, which is a new mechanism that extends the amazing innovation that was OAuth and OAuth scopes, basically extending that to say, instead of checking with the end user for access to this resource, we can set policy. Now the IDP can set policy to control access to those resources. And then to close the loop, there’s governance. And so standard governance flow, and actually I don’t even want to say standard governance flow because governance historically has this GRC compliance lens, but it’s very much a security-forward technology here. When you get to the state where you need to govern these identities and their access, we can run access certs in the exact same way based on whether or not they’re human or non-human. And so every one of those agentic identities gets pulled into Okta’s Universal Directory. All of their access is controlled. All of it is governed. We still gather the same risk signal and risk pattern behavior from the Identity Threat Protection product. And that’s, I wish I could say that 10 years ago, we knew we were building an identity security fabric, this new category of product that’s going to cover every identity use case, every resource type, and every user type. However, that was the strategy, not knowing that AI agents were going to be born in the 2020s. And it just makes it so that we are really well positioned to capitalize on this opportunity. And it gives us a very novel approach to how we secure AI in a way that, it’s because we have this unified identity security fabric. A basket of tools that don’t talk to each other, if you have a disparate IAM and IGA and PAM set of tools, in theory, you could stitch it all together, but you end up with higher costs and worse security outcomes. And so we actually took a much harder approach to market. And this is many years ago. Again, this predates the rise of AI agents, but we decided that we were not going to take an acquisitive strategy where we just bolt on a bunch of things and call them a “platform” in air quotes. And your order form would look like a drugstore receipt. And so you’re not buying a list of products that happen to be on the same order form because we want to satisfy a CFO. We’re taking an approach that we want to drive end-to-end identity security outcomes for CISOs and IT leaders. So we’re doing the hard work deeply integrating these products across the fabric so that we can truly secure every identity, every use case, and every resource type. Robert Dutt: Close to home here in Canada, we have a proposed Bill C-8 on the table. It’s raising expectations around visibility, around access control, accountability, risk, all of these things. I know there are similar ideas out there in terms of government around the world. How does legislation along these lines change the conversation for IT leaders, especially around the topic of shadow AI? Jack Hirsch: So look, I am such a fan of this type of regulation because it pushes… When we enter highly regulated markets, regardless of where they are, and we can talk about C-8, I think it really does align with our identity security fabric narrative and what we’re angling for. But fundamentally, what we’re talking about is trust. If I’m not mistaken, C-8 talks about resilience and reliability. Okta has industry leading availability and resilience. We proudly espouse our four nines of availability, but in reality, it’s much higher. And we target much higher. With the launch of our cell in Canada, and we can talk about the nature of that launch, but with the launch of our cell in Canada, we not only get multi-region disaster recovery, but we get Enhanced Disaster Recovery, which is a product that I really wanted to call Instant DR, because it’s a DNS flip, but the lawyers didn’t like that. So it’s Enhanced Disaster Recovery. And so when you’re talking about resilience and reliability and running critical infrastructure, fundamentally, identity is critical infrastructure. We support governments, financial services, militaries, supply chain logistics with organizations like FedEx, healthcare. And so maybe bringing it back to C-8, data residency, check, highly invested, especially with de-globalization pressures around the world. Supply chain governance, super, super important for us to maintain our independent posture here and to say, look, it doesn’t matter whether you’re buying from a monolithic platform or an independent provider of identity security. We are invested in making sure that your entire enterprise is secure. And so just the same way FedRAMP was a standard-bearer and STIGs in the US were standard-bearers, or IRAP was pushing us in the right direction in Australia, or ISMAP in Japan, I think C-8 is a very, very welcome change. I think it highlights the need for robust identity security and it should put identity at the foundation of every security leader’s agenda this year. Robert Dutt: Well, these pieces of legislation are still in the process and we can look forward. This is likely to see the light of day in some shape or another, but there’s still that sort of sense of maybe we should wait and see. I guess what I’m getting at is what’s the danger or the risk involved in waiting until regulations are finalized, on the books and in place, before starting to take action? Jack Hirsch: So let’s just say at a personal level, I am not into promoting scare tactics. I know that it is very common in the security space for colors to be red. Our colors are blue. That’s not our vibe at Okta. And so look, every organization has their own risk barometer. What I can say is the vast majority of breaches stem from some form of attack on identity. The vast majority of breaches, the implications of having a data breach, oftentimes they go, I think the average time to detection for a data breach is somewhere just shy of 300 days. And so you’re talking about millions of dollars in damages, huge reputational hit. And there are scenarios, and I will not point to any recent security incidents that might have impacted large swaths of the industry, but not Okta. But I’ll just say the reason is because we believe strongly that having a lower risk profile should be easier, should be more elegant. People come to Okta not because of the, “Oh, you get it all done by the CLI.” Yeah, you can, but it’s elegant. It’s intuitive. It’s easier to use. It de-complexifies the world of identity security. I’m sitting in front of my notepad here to take notes, and one of our product principles is productizing best practices. And so we want to make it easier for organizations to reduce their risk profile and make the end user experience elegant and memorable when it needs to be, and disappear into the background when it shouldn’t be memorable. And so with that, look, I would advise everyone go down the rabbit hole. Just look at recent breaches. Look at how widely pervasive these breaches are. Look how easy it is to go after a phish, to buy a phishing kit on the dark web, and see the types of organizations that get hit by these and it’s everyone. And so whether you’re waiting for legislation to be imposed to drive the standards or you are just looking to have an appropriate barometer of risk for your organization, you shouldn’t have to choose between ease of use and cost and lower risk and greater security. And so I would just say everyone’s going to be on their own journey. I’m not a salesperson. I’m on the product team. But I fundamentally think that identity is one of the pillars of Zero Trust. I believe that it should be. It’s foundational. It is the foundation. If I had nothing else to do, if I were starting my own company today and I wanted to build a security practice for my company to manage our organizational risk, it would start with identity, 110%. Robert Dutt: We’ve taken sort of a general market-wide view of the technology problem and now of the regulatory side of things. This is a podcast for IT solution providers. So sort of going with that “if I were starting a business today” line that you just started there, for MSPs and resellers, where do you see the biggest opportunity to help customers get ahead of shadow AI, both in terms of reducing customer risk and in terms of new services, new types of services that they can bring to market? Jack Hirsch: I’ll take it in two parts. One is just you can’t control what you don’t see. And so for VARs and MSPs and sort of operators in the technology ecosystem, I would say look at Okta’s ISPM product. It is amazing what you learn by wiring it. And it’s not just for Okta as an IDP. It’ll wire into any IDP. It will wire into multiple IDPs. It’ll wire into over 300 SCIM-based apps because it’s wired into the Okta Integration Network, and there’s a large set of SCIM apps that work natively with ISPM. And just see what you can find. I optimized my life, my product world for hugs and high fives. And I’ll never forget, I’m sure this person knows exactly who they are. It was a security leader in Australia, ran out of their office after trying ISPM during a merger and they used it to reduce risk during the merger as they were establishing a trust relationship between their organizations. And it basically made this person look like a superstar in front of their C-suite and board because it was like the entire risk burndown chart for their entire M&A transaction to establish the technical risk barometer. So I would just say ISPM is an incredible starting point. A+, highly recommend. You can’t control what you can’t see. And then I think on the second part, of course ISPM will discover AI as well. And then the second part is just, I wouldn’t lose sight of the experience. And so making sure that you’re creating an elegant experience by your choice of products, not only for the admins that you might work directly with or the leadership that might be engaging with you, but also for the end users. And knowing when tools should be elegant, easy to use, easy to configure, and when they should just sort of fade into the background. That’s ultimately what we work on at Okta. It’s our strong conviction from a product standpoint, that it needs to be an absolutely elegant, unmatched user experience for partners, for admins, for end users, and for customers. Robert Dutt: I think we’ve gone over a lot of the territory that I wanted to go over, but just to kind of bring things home, looking ahead over the balance of 2026 or into the first half of next year, what do you think are going to be the biggest mistakes that organizations might make when it comes to agents and identity? And what can solution providers be doing now to make sure their customers don’t make those mistakes? Jack Hirsch: This is an easy one. I think there’s sort of two categories of mistakes. One is getting worried because everything is moving so fast, getting that sort of analysis paralysis to say, “I’m going to see where it shakes out. How important is this AI thing?” Or even if you’re an AI bull, waiting to see who the winners and losers are before you establish any sort of program around it. That’s, I think, one big category of things not to do. I would say, go after it immediately. The capabilities you need are already out there. They might be newer. They might feel a little bit less familiar. But again, ultimately, these are identities that need access to your corporate resources. So I think that is one big category. The other big category is, I would not look at point solutions for this. Anyone that is saying, “We’re going to secure your AI.” That’s great. But what is an AI? It’s an identity. It can be a resource in some scenarios, right? With agent-to-agent, agents acting as resources, but ultimately they’re just identities. That’s for the identity nerds. Sorry. Just as a caveat for the identity nerds out there like myself. But fundamentally, you need a unified platform that gives you that unified view of core access management, core governance, core privileged access, brings all of those identities, whether it be human or non-human, into a single directory and can discover them, can control them, can govern them. And it shouldn’t matter whether they were built by your users, by third parties, by partners, by your supply chain contractors. That unified identity security fabric will deliver comprehensive security and it should be deeply orchestrated into any technology stack. And those products already exist, and it just so happens that Okta is building a reference implementation. Robert Dutt: Works out well for you then, doesn’t it? Jack Hirsch: It does. Robert Dutt: I appreciate your taking the time, Jack. It’s been an interesting conversation and it’s a fascinating and ever-evolving area. Jack Hirsch: Thank you very much. All right. Thanks, Rob. And thanks everyone. Appreciate the time. There you have it, a look at shadow AI through an identity lens with Jack Hirsch from Okta. I’d like to thank Jack for joining us for the show and thank you for listening today. The podcast will be back in your feed tomorrow as we take a look at the launch of Lexful, an AI-first documentation tool for MSPs that boasts, if you can believe it, a robotic channel chief. We’ll find out all about that tomorrow. You’ll want to be sure to catch that, so please subscribe to or follow the podcast in your podcast app of choice. And if it allows you to do so, please consider leaving a rating or review of the show. Until tomorrow, I’m Robert Dutt for ChannelBuzz.ca and I’ll see you in the channel.

Episode 56 of The Nextflow Podcast (March 2026) focuses on pipeline chaining and meta pipelines in Nextflow, with guests Ben Sherman and Edmund Miller. The episode was split into two parts: this first part surveys current solutions, while part two will cover future Nextflow language changes. The discussion defines meta pipelines as importing pipelines (e.g., nf-core/rnaseq) as subworkflows to form one DAG with parallelization and full resume, versus pipeline chaining using external orchestration to run Pipeline A then feed outputs to Pipeline B. They cover obstacles to meta pipelines in nf-core, including tooling, parameter/config clashes, and tight coupling of pipeline code and configuration. Current chaining approaches include bash/Makefiles, Python, Seqera Platform APIs, nf-cascade (running Nextflow inside Nextflow), wrapping Nextflow with Snakemake, and automation/orchestration tools like Node-RED, n8n, Dagster, and Temporal, including event-driven patterns on AWS.00:00 Nextflow Podcast, Episode 5600:08 Welcome01:42 Introduction to meta pipelines and pipeline chaining05:01 What makes importing pipelines difficult?06:55 CLI tooling to import pipelines09:13 Overlapping config scopes10:53 Subworkflows or pipelines?12:38 Pipeline chaining13:36 nf-cascade16:42 Nextflow in Snakemake22:26 Automating Nextflow runs24:10 Event-driven bioinformatics26:32 Node-RED + Seqera30:40 Node-RED flexibility33:45 Glue code35:31 Other automation frameworks37:02 Bioinformatics pipelines vs. ETL workflows38:56 Tangent: What makes Nextflow special44:11 Dagster automation demo47:29 Temporal automation demo51:13 Wrap up

Bryan Cantrill is the co-founder and CTO of Oxide Computer Company. We discuss why the biggest cloud providers don't use off the shelf hardware, how scaling data centers at samsung's scale exposed problems with hard drive firmware, how the values of NodeJS are in conflict with robust systems, choosing Rust, and the benefits of Oxide Computer's rack scale approach. This is an extended version of an interview posted on Software Engineering Radio. Related links Oxide Computer Oxide and Friends Illumos Platform as a Reflection of Values RFD 26 bhyve CockroachDB Heterogeneous Computing with Raja Koduri Transcript You can help correct transcripts on GitHub. Intro [00:00:00] Jeremy: Today I am talking to Bryan Cantrill. He's the co-founder and CTO of Oxide computer company, and he was previously the CTO of Joyent and he also co-authored the DTrace Tracing framework while he was at Sun Microsystems. [00:00:14] Jeremy: Bryan, welcome to Software Engineering radio. [00:00:17] Bryan: Uh, awesome. Thanks for having me. It's great to be here. [00:00:20] Jeremy: You're the CTO of a company that makes computers. But I think before we get into that, a lot of people who built software, now that the actual computer is abstracted away, they're using AWS or they're using some kind of cloud service. So I thought we could start by talking about, data centers. [00:00:41] Jeremy: 'cause you were. Previously working at Joyent, and I believe you got bought by Samsung and you've previously talked about how you had to figure out, how do I run things at Samsung's scale. So how, how, how was your experience with that? What, what were the challenges there? Samsung scale and migrating off the cloud [00:01:01] Bryan: Yeah, I mean, so at Joyent, and so Joyent was a cloud computing pioneer. Uh, we competed with the likes of AWS and then later GCP and Azure. Uh, and we, I mean, we were operating at a scale, right? We had a bunch of machines, a bunch of dcs, but ultimately we know we were a VC backed company and, you know, a small company by the standards of, certainly by Samsung standards. [00:01:25] Bryan: And so when, when Samsung bought the company, I mean, the reason by the way that Samsung bought Joyent is Samsung's. Cloud Bill was, uh, let's just say it was extremely large. They were spending an enormous amount of money every year on, on the public cloud. And they realized that in order to secure their fate economically, they had to be running on their own infrastructure. [00:01:51] Bryan: It did not make sense. And there's not, was not really a product that Samsung could go buy that would give them that on-prem cloud. Uh, I mean in that, in that regard, like the state of the market was really no different. And so they went looking for a company, uh, and bought, bought Joyent. And when we were on the inside of Samsung. [00:02:11] Bryan: That we learned about Samsung scale. And Samsung loves to talk about Samsung scale. And I gotta tell you, it is more than just chest thumping. Like Samsung Scale really is, I mean, just the, the sheer, the number of devices, the number of customers, just this absolute size. they really wanted to take us out to, to levels of scale, certainly that we had not seen. [00:02:31] Bryan: The reason for buying Joyent was to be able to stand up on their own infrastructure so that we were gonna go buy, we did go buy a bunch of hardware. Problems with server hardware at scale [00:02:40] Bryan: And I remember just thinking, God, I hope Dell is somehow magically better. I hope the problems that we have seen in the small, we just. You know, I just remember hoping and hope is hope. It was of course, a terrible strategy and it was a terrible strategy here too. Uh, and the we that the problems that we saw at the large were, and when you scale out the problems that you see kind of once or twice, you now see all the time and they become absolutely debilitating. [00:03:12] Bryan: And we saw a whole series of really debilitating problems. I mean, many ways, like comically debilitating, uh, in terms of, of showing just how bad the state-of-the-art. Yes. And we had, I mean, it should be said, we had great software and great software expertise, um, and we were controlling our own system software. [00:03:35] Bryan: But even controlling your own system software, your own host OS, your own control plane, which is what we had at Joyent, ultimately, you're pretty limited. You go, I mean, you got the problems that you can obviously solve, the ones that are in your own software, but the problems that are beneath you, the, the problems that are in the hardware platform, the problems that are in the componentry beneath you become the problems that are in the firmware. IO latency due to hard drive firmware [00:04:00] Bryan: Those problems become unresolvable and they are deeply, deeply frustrating. Um, and we just saw a bunch of 'em again, they were. Comical in retrospect, and I'll give you like a, a couple of concrete examples just to give, give you an idea of what kinda what you're looking at. one of the, our data centers had really pathological IO latency. [00:04:23] Bryan: we had a very, uh, database heavy workload. And this was kind of right at the period where you were still deploying on rotating media on hard drives. So this is like, so. An all flash buy did not make economic sense when we did this in, in 2016. This probably, it'd be interesting to know like when was the, the kind of the last time that that actual hard drives made sense? [00:04:50] Bryan: 'cause I feel this was close to it. So we had a, a bunch of, of a pathological IO problems, but we had one data center in which the outliers were actually quite a bit worse and there was so much going on in that system. It took us a long time to figure out like why. And because when, when you, when you're io when you're seeing worse io I mean you're naturally, you wanna understand like what's the workload doing? [00:05:14] Bryan: You're trying to take a first principles approach. What's the workload doing? So this is a very intensive database workload to support the, the object storage system that we had built called Manta. And that the, the metadata tier was stored and uh, was we were using Postgres for that. And that was just getting absolutely slaughtered. [00:05:34] Bryan: Um, and ultimately very IO bound with these kind of pathological IO latencies. Uh, and as we, you know, trying to like peel away the layers to figure out what was going on. And I finally had this thing. So it's like, okay, we are seeing at the, at the device layer, at the at, at the disc layer, we are seeing pathological outliers in this data center that we're not seeing anywhere else. [00:06:00] Bryan: And that does not make any sense. And the thought occurred to me. I'm like, well, maybe we are. Do we have like different. Different rev of firmware on our HGST drives, HGST. Now part of WD Western Digital were the drives that we had everywhere. And, um, so maybe we had a different, maybe I had a firmware bug. [00:06:20] Bryan: I, this would not be the first time in my life at all that I would have a drive firmware issue. Uh, and I went to go pull the firmware, rev, and I'm like, Toshiba makes hard drives? So we had, I mean. I had no idea that Toshiba even made hard drives, let alone that they were our, they were in our data center. [00:06:38] Bryan: I'm like, what is this? And as it turns out, and this is, you know, part of the, the challenge when you don't have an integrated system, which not to pick on them, but Dell doesn't, and what Dell would routinely put just sub make substitutes, and they make substitutes that they, you know, it's kind of like you're going to like, I don't know, Instacart or whatever, and they're out of the thing that you want. [00:07:03] Bryan: So, you know, you're, someone makes a substitute and like sometimes that's okay, but it's really not okay in a data center. And you really want to develop and validate a, an end-to-end integrated system. And in this case, like Toshiba doesn't, I mean, Toshiba does make hard drives, but they are a, or the data they did, uh, they basically were, uh, not competitive and they were not competitive in part for the reasons that we were discovering. [00:07:29] Bryan: They had really serious firmware issues. So the, these were drives that would just simply stop a, a stop acknowledging any reads from the order of 2,700 milliseconds. Long time, 2.7 seconds. Um. And that was a, it was a drive firmware issue, but it was highlighted like a much deeper issue, which was the simple lack of control that we had over our own destiny. [00:07:53] Bryan: Um, and it's an, it's, it's an example among many where Dell is making a decision. That lowers the cost of what they are providing you marginally, but it is then giving you a system that they shouldn't have any confidence in because it's not one that they've actually designed and they leave it to the customer, the end user, to make these discoveries. [00:08:18] Bryan: And these things happen up and down the stack. And for every, for whether it's, and, and not just to pick on Dell because it's, it's true for HPE, it's true for super micro, uh, it's true for your switch vendors. It's, it's true for storage vendors where the, the, the, the one that is left actually integrating these things and trying to make the the whole thing work is the end user sitting in their data center. AWS / Google are not buying off the shelf hardware but you can't use it [00:08:42] Bryan: There's not a product that they can buy that gives them elastic infrastructure, a cloud in their own DC The, the product that you buy is the public cloud. Like when you go in the public cloud, you don't worry about the stuff because that it's, it's AWS's issue or it's GCP's issue. And they are the ones that get this to ground. [00:09:02] Bryan: And they, and this was kind of, you know, the eye-opening moment. Not a surprise. Uh, they are not Dell customers. They're not HPE customers. They're not super micro customers. They have designed their own machines. And to varying degrees, depending on which one you're looking at. But they've taken the clean sheet of paper and the frustration that we had kind of at Joyent and beginning to wonder and then Samsung and kind of wondering what was next, uh, is that, that what they built was not available for purchase in the data center. [00:09:35] Bryan: You could only rent it in the public cloud. And our big belief is that public cloud computing is a really important revolution in infrastructure. Doesn't feel like a different, a deep thought, but cloud computing is a really important revolution. It shouldn't only be available to rent. You should be able to actually buy it. [00:09:53] Bryan: And there are a bunch of reasons for doing that. Uh, one in the one we we saw at Samsung is economics, which I think is still the dominant reason where it just does not make sense to rent all of your compute in perpetuity. But there are other reasons too. There's security, there's risk management, there's latency. [00:10:07] Bryan: There are a bunch of reasons why one might wanna to own one's own infrastructure. But, uh, that was very much the, the, so the, the genesis for oxide was coming out of this very painful experience and a painful experience that, because, I mean, a long answer to your question about like what was it like to be at Samsung scale? [00:10:27] Bryan: Those are the kinds of things that we, I mean, in our other data centers, we didn't have Toshiba drives. We only had the HDSC drives, but it's only when you get to this larger scale that you begin to see some of these pathologies. But these pathologies then are really debilitating in terms of those who are trying to develop a service on top of them. [00:10:45] Bryan: So it was, it was very educational in, in that regard. And you're very grateful for the experience at Samsung in terms of opening our eyes to the challenge of running at that kind of scale. [00:10:57] Jeremy: Yeah, because I, I think as software engineers, a lot of times we, we treat the hardware as a, as a given where, [00:11:08] Bryan: Yeah. [00:11:08] Bryan: Yeah. There's software in chard drives [00:11:09] Jeremy: It sounds like in, in this case, I mean, maybe the issue is not so much that. Dell or HP as a company doesn't own every single piece that they're providing you, but rather the fact that they're swapping pieces in and out without advertising them, and then when it becomes a problem, they're not necessarily willing to, to deal with the, the consequences of that. [00:11:34] Bryan: They just don't know. I mean, I think they just genuinely don't know. I mean, I think that they, it's not like they're making a deliberate decision to kind of ship garbage. It's just that they are making, I mean, I think it's exactly what you said about like, not thinking about the hardware. It's like, what's a hard drive? [00:11:47] Bryan: Like what's it, I mean, it's a hard drive. It's got the same specs as this other hard drive and Intel. You know, it's a little bit cheaper, so why not? It's like, well, like there's some reasons why not, and one of the reasons why not is like, uh, even a hard drive, whether it's rotating media or, or flash, like that's not just hardware. [00:12:05] Bryan: There's software in there. And that the software's like not the same. I mean, there are components where it's like, there's actually, whether, you know, if, if you're looking at like a resistor or a capacitor or something like this Yeah. If you've got two, two parts that are within the same tolerance. Yeah. [00:12:19] Bryan: Like sure. Maybe, although even the EEs I think would be, would be, uh, objecting that a little bit. But the, the, the more complicated you get, and certainly once you get to the, the, the, the kind of the hardware that we think of like a, a, a microprocessor, a a network interface card, a a, a hard driver, an NVME drive. [00:12:38] Bryan: Those things are super complicated and there's a whole bunch of software inside of those things, the firmware, and that's the stuff that, that you can't, I mean, you say that software engineers don't think about that. It's like you, no one can really think about that because it's proprietary that's kinda welded shut and you've got this abstraction into it. [00:12:55] Bryan: But the, the way that thing operates is very core to how the thing in aggregate will behave. And I think that you, the, the kind of, the, the fundamental difference between Oxide's approach and the approach that you get at a Dell HP Supermicro, wherever, is really thinking holistically in terms of hardware and software together in a system that, that ultimately delivers cloud computing to a user. [00:13:22] Bryan: And there's a lot of software at many, many, many, many different layers. And it's very important to think about, about that software and that hardware holistically as a single system. [00:13:34] Jeremy: And during that time at Joyent, when you experienced some of these issues, was it more of a case of you didn't have enough servers experiencing this? So if it would happen, you might say like, well, this one's not working, so maybe we'll just replace the hardware. What, what was the thought process when you were working at that smaller scale and, and how did these issues affect you? UEFI / Baseboard Management Controller [00:13:58] Bryan: Yeah, at the smaller scale, you, uh, you see fewer of them, right? You just see it's like, okay, we, you know, what you might see is like, that's weird. We kinda saw this in one machine versus seeing it in a hundred or a thousand or 10,000. Um, so you just, you just see them, uh, less frequently as a result, they are less debilitating. [00:14:16] Bryan: Um, I, I think that it's, when you go to that larger scale, those things that become, that were unusual now become routine and they become debilitating. Um, so it, it really is in many regards a function of scale. Uh, and then I think it was also, you know, it was a little bit dispiriting that kind of the substrate we were building on really had not improved. [00:14:39] Bryan: Um, and if you look at, you know, the, if you buy a computer server, buy an x86 server. There is a very low layer of firmware, the BIOS, the basic input output system, the UEFI BIOS, and this is like an abstraction layer that has, has existed since the eighties and hasn't really meaningfully improved. Um, the, the kind of the transition to UEFI happened with, I mean, I, I ironically with Itanium, um, you know, two decades ago. [00:15:08] Bryan: but beyond that, like this low layer, this lowest layer of platform enablement software is really only impeding the operability of the system. Um, you look at the baseboard management controller, which is the kind of the computer within the computer, there is a, uh, there is an element in the machine that needs to handle environmentals, that needs to handle, uh, operate the fans and so on. [00:15:31] Bryan: Uh, and that traditionally has this, the space board management controller, and that architecturally just hasn't improved in the last two decades. And, you know, that's, it's a proprietary piece of silicon. Generally from a company that no one's ever heard of called a Speed, uh, which has to be, is written all on caps, so I guess it needs to be screamed. [00:15:50] Bryan: Um, a speed has a proprietary part that has a, there is a root password infamously there, is there, the root password is encoded effectively in silicon. So, uh, which is just, and for, um, anyone who kind of goes deep into these things, like, oh my God, are you kidding me? Um, when we first started oxide, the wifi password was a fraction of the a speed root password for the bmc. [00:16:16] Bryan: It's kinda like a little, little BMC humor. Um, but those things, it was just dispiriting that, that the, the state-of-the-art was still basically personal computers running in the data center. Um, and that's part of what, what was the motivation for doing something new? [00:16:32] Jeremy: And for the people using these systems, whether it's the baseboard management controller or it's the The BIOS or UF UEFI component, what are the actual problems that people are seeing seen? Security vulnerabilities and poor practices in the BMC [00:16:51] Bryan: Oh man, I, the, you are going to have like some fraction of your listeners, maybe a big fraction where like, yeah, like what are the problems? That's a good question. And then you're gonna have the people that actually deal with these things who are, did like their heads already hit the desk being like, what are the problems? [00:17:06] Bryan: Like what are the non problems? Like what, what works? Actually, that's like a shorter answer. Um, I mean, there are so many problems and a lot of it is just like, I mean, there are problems just architecturally these things are just so, I mean, and you could, they're the problems spread to the horizon, so you can kind of start wherever you want. [00:17:24] Bryan: But I mean, as like, as a really concrete example. Okay, so the, the BMCs that, that the computer within the computer that needs to be on its own network. So you now have like not one network, you got two networks that, and that network, by the way, it, that's the network that you're gonna log into to like reset the machine when it's otherwise unresponsive. [00:17:44] Bryan: So that going into the BMC, you can are, you're able to control the entire machine. Well it's like, alright, so now I've got a second net network that I need to manage. What is running on the BMC? Well, it's running some. Ancient, ancient version of Linux it that you got. It's like, well how do I, how do I patch that? [00:18:02] Bryan: How do I like manage the vulnerabilities with that? Because if someone is able to root your BMC, they control the system. So it's like, this is not you've, and now you've gotta go deal with all of the operational hair around that. How do you upgrade that system updating the BMC? I mean, it's like you've got this like second shadow bad infrastructure that you have to go manage. [00:18:23] Bryan: Generally not open source. There's something called open BMC, um, which, um, you people use to varying degrees, but you're generally stuck with the proprietary BMC, so you're generally stuck with, with iLO from HPE or iDRAC from Dell or, or, uh, the, uh, su super micros, BMC, that H-P-B-M-C, and you are, uh, it is just excruciating pain. [00:18:49] Bryan: Um, and that this is assuming that by the way, that everything is behaving correctly. The, the problem is that these things often don't behave correctly, and then the consequence of them not behaving correctly. It's really dire because it's at that lowest layer of the system. So, I mean, I'll give you a concrete example. [00:19:07] Bryan: a customer of theirs reported to me, so I won't disclose the vendor, but let's just say that a well-known vendor had an issue with their, their temperature sensors were broken. Um, and the thing would always read basically the wrong value. So it was the BMC that had to like, invent its own ki a different kind of thermal control loop. [00:19:28] Bryan: And it would index on the, on the, the, the, the actual inrush current. It would, they would look at that at the current that's going into the CPU to adjust the fan speed. That's a great example of something like that's a, that's an interesting idea. That doesn't work. 'cause that's actually not the temperature. [00:19:45] Bryan: So like that software would crank the fans whenever you had an inrush of current and this customer had a workload that would spike the current and by it, when it would spike the current, the, the, the fans would kick up and then they would slowly degrade over time. Well, this workload was spiking the current faster than the fans would degrade, but not fast enough to actually heat up the part. [00:20:08] Bryan: And ultimately over a very long time, in a very painful investigation, it's customer determined that like my fans are cranked in my data center for no reason. We're blowing cold air. And it's like that, this is on the order of like a hundred watts, a server of, of energy that you shouldn't be spending and like that ultimately what that go comes down to this kind of broken software hardware interface at the lowest layer that has real meaningful consequence, uh, in terms of hundreds of kilowatts, um, across a data center. So this stuff has, has very, very, very real consequence and it's such a shadowy world. Part of the reason that, that your listeners that have dealt with this, that our heads will hit the desk is because it is really aggravating to deal with problems with this layer. [00:21:01] Bryan: You, you feel powerless. You don't control or really see the software that's on them. It's generally proprietary. You are relying on your vendor. Your vendor is telling you that like, boy, I don't know. You're the only customer seeing this. I mean, the number of times I have heard that for, and I, I have pledged that we're, we're not gonna say that at oxide because it's such an unaskable thing to say like, you're the only customer saying this. [00:21:25] Bryan: It's like, it feels like, are you blaming me for my problem? Feels like you're blaming me for my problem? Um, and what you begin to realize is that to a degree, these folks are speaking their own truth because the, the folks that are running at real scale at Hyperscale, those folks aren't Dell, HP super micro customers. [00:21:46] Bryan: They're actually, they've done their own thing. So it's like, yeah, Dell's not seeing that problem, um, because they're not running at the same scale. Um, but when you do run, you only have to run at modest scale before these things just become. Overwhelming in terms of the, the headwind that they present to people that wanna deploy infrastructure. The problem is felt with just a few racks [00:22:05] Jeremy: Yeah, so maybe to help people get some perspective at, at what point do you think that people start noticing or start feeling these problems? Because I imagine that if you're just have a few racks or [00:22:22] Bryan: do you have a couple racks or the, or do you wonder or just wondering because No, no, no. I would think, I think anyone who deploys any number of servers, especially now, especially if your experience is only in the cloud, you're gonna be like, what the hell is this? I mean, just again, just to get this thing working at all. [00:22:39] Bryan: It is so it, it's so hairy and so congealed, right? It's not designed. Um, and it, it, it, it's accreted it and it's so obviously accreted that you are, I mean, nobody who is setting up a rack of servers is gonna think to themselves like, yes, this is the right way to go do it. This all makes sense because it's, it's just not, it, I, it feels like the kit, I mean, kit car's almost too generous because it implies that there's like a set of plans to work to in the end. [00:23:08] Bryan: Uh, I mean, it, it, it's a bag of bolts. It's a bunch of parts that you're putting together. And so even at the smallest scales, that stuff is painful. Just architecturally, it's painful at the small scale then, but at least you can get it working. I think the stuff that then becomes debilitating at larger scale are the things that are, are worse than just like, I can't, like this thing is a mess to get working. [00:23:31] Bryan: It's like the, the, the fan issue that, um, where you are now seeing this over, you know, hundreds of machines or thousands of machines. Um, so I, it is painful at more or less all levels of scale. There's, there is no level at which the, the, the pc, which is really what this is, this is a, the, the personal computer architecture from the 1980s and there is really no level of scale where that's the right unit. Running elastic infrastructure is the hardware but also, hypervisor, distributed database, api, etc [00:23:57] Bryan: I mean, where that's the right thing to go deploy, especially if what you are trying to run. Is elastic infrastructure, a cloud. Because the other thing is like we, we've kinda been talking a lot about that hardware layer. Like hardware is, is just the start. Like you actually gotta go put software on that and actually run that as elastic infrastructure. [00:24:16] Bryan: So you need a hypervisor. Yes. But you need a lot more than that. You, you need to actually, you, you need a distributed database, you need web endpoints. You need, you need a CLI, you need all the stuff that you need to actually go run an actual service of compute or networking or storage. I mean, and for, for compute, even for compute, there's a ton of work to be done. [00:24:39] Bryan: And compute is by far, I would say the simplest of the, of the three. When you look at like networks, network services, storage services, there's a whole bunch of stuff that you need to go build in terms of distributed systems to actually offer that as a cloud. So it, I mean, it is painful at more or less every LE level if you are trying to deploy cloud computing on. What's a control plane? [00:25:00] Jeremy: And for someone who doesn't have experience building or working with this type of infrastructure, when you talk about a control plane, what, what does that do in the context of this system? [00:25:16] Bryan: So control plane is the thing that is, that is everything between your API request and that infrastructure actually being acted upon. So you go say, Hey, I, I want a provision, a vm. Okay, great. We've got a whole bunch of things we're gonna provision with that. We're gonna provision a vm, we're gonna get some storage that's gonna go along with that, that's got a network storage service that's gonna come out of, uh, we've got a virtual network that we're gonna either create or attach to. [00:25:39] Bryan: We've got a, a whole bunch of things we need to go do for that. For all of these things, there are metadata components that need, we need to keep track of this thing that, beyond the actual infrastructure that we create. And then we need to go actually, like act on the actual compute elements, the hostos, what have you, the switches, what have you, and actually go. [00:25:56] Bryan: Create these underlying things and then connect them. And there's of course, the challenge of just getting that working is a big challenge. Um, but getting that working robustly, getting that working is, you know, when you go to provision of vm, um, the, all the, the, the steps that need to happen and what happens if one of those steps fails along the way? [00:26:17] Bryan: What happens if, you know, one thing we're very mindful of is these kind of, you get these long tails of like, why, you know, generally our VM provisioning happened within this time, but we get these long tails where it takes much longer. What's going on? What, where in this process are we, are we actually spending time? [00:26:33] Bryan: Uh, and there's a whole lot of complexity that you need to go deal with that. There's a lot of complexity that you need to go deal with this effectively, this workflow that's gonna go create these things and manage them. Um, we use a, a pattern that we call, that are called sagas, actually is a, is a database pattern from the eighties. [00:26:51] Bryan: Uh, Katie McCaffrey is a, is a database reCrcher who, who, uh, I, I think, uh, reintroduce the idea of, of sagas, um, in the last kind of decade. Um, and this is something that we picked up, um, and I've done a lot of really interesting things with, um, to allow for, to this kind of, these workflows to be, to be managed and done so robustly in a way that you can restart them and so on. [00:27:16] Bryan: Uh, and then you guys, you get this whole distributed system that can do all this. That whole distributed system, that itself needs to be reliable and available. So if you, you know, you need to be able to, what happens if you, if you pull a sled or if a sled fails, how does the system deal with that? [00:27:33] Bryan: How does the system deal with getting an another sled added to the system? Like how do you actually grow this distributed system? And then how do you update it? How do you actually go from one version to the next? And all of that has to happen across an air gap where this is gonna run as part of the computer. [00:27:49] Bryan: So there are, it, it is fractally complicated. There, there is a lot of complexity here in, in software, in the software system and all of that. We kind of, we call the control plane. Um, and it, this is the what exists at AWS at GCP, at Azure. When you are hitting an endpoint that's provisioning an EC2 instance for you. [00:28:10] Bryan: There is an AWS control plane that is, is doing all of this and has, uh, some of these similar aspects and certainly some of these similar challenges. Are vSphere / Proxmox / Hyper-V in the same category? [00:28:20] Jeremy: And for people who have run their own servers with something like say VMware or Hyper V or Proxmox, are those in the same category? [00:28:32] Bryan: Yeah, I mean a little bit. I mean, it kind of like vSphere Yes. Via VMware. No. So it's like you, uh, VMware ESX is, is kind of a key building block upon which you can build something that is a more meaningful distributed system. When it's just like a machine that you're provisioning VMs on, it's like, okay, well that's actually, you as the human might be the control plane. [00:28:52] Bryan: Like, that's, that, that's, that's a much easier problem. Um, but when you've got, you know, tens, hundreds, thousands of machines, you need to do it robustly. You need something to coordinate that activity and you know, you need to pick which sled you land on. You need to be able to move these things. You need to be able to update that whole system. [00:29:06] Bryan: That's when you're getting into a control plane. So, you know, some of these things have kind of edged into a control plane, certainly VMware. Um, now Broadcom, um, has delivered something that's kind of cloudish. Um, I think that for folks that are truly born on the cloud, it, it still feels somewhat, uh, like you're going backwards in time when you, when you look at these kind of on-prem offerings. [00:29:29] Bryan: Um, but, but it, it, it's got these aspects to it for sure. Um, and I think that we're, um, some of these other things when you're just looking at KVM or just looks looking at Proxmox you kind of need to, to connect it to other broader things to turn it into something that really looks like manageable infrastructure. [00:29:47] Bryan: And then many of those projects are really, they're either proprietary projects, uh, proprietary products like vSphere, um, or you are really dealing with open source projects that are. Not necessarily aimed at the same level of scale. Um, you know, you look at a, again, Proxmox or, uh, um, you'll get an OpenStack. [00:30:05] Bryan: Um, and you know, OpenStack is just a lot of things, right? I mean, OpenStack has got so many, the OpenStack was kind of a, a free for all, for every infrastructure vendor. Um, and I, you know, there was a time people were like, don't you, aren't you worried about all these companies together that, you know, are coming together for OpenStack? [00:30:24] Bryan: I'm like, haven't you ever worked for like a company? Like, companies don't get along. By the way, it's like having multiple companies work together on a thing that's bad news, not good news. And I think, you know, one of the things that OpenStack has definitely struggled with, kind of with what, actually the, the, there's so many different kind of vendor elements in there that it's, it's very much not a product, it's a project that you're trying to run. [00:30:47] Bryan: But that's, but that very much is in, I mean, that's, that's similar certainly in spirit. [00:30:53] Jeremy: And so I think this is kind of like you're alluding to earlier, the piece that allows you to allocate, compute, storage, manage networking, gives you that experience of I can go to a web console or I can use an API and I can spin up machines, get them all connected. At the end of the day, the control plane. Is allowing you to do that in hopefully a user-friendly way. [00:31:21] Bryan: That's right. Yep. And in the, I mean, in order to do that in a modern way, it's not just like a user-friendly way. You really need to have a CLI and a web UI and an API. Those all need to be drawn from the same kind of single ground truth. Like you don't wanna have any of those be an afterthought for the other. [00:31:39] Bryan: You wanna have the same way of generating all of those different endpoints and, and entries into the system. Building a control plane now has better tools (Rust, CockroachDB) [00:31:46] Jeremy: And if you take your time at Joyent as an example. What kind of tools existed for that versus how much did you have to build in-house for as far as the hypervisor and managing the compute and all that? [00:32:02] Bryan: Yeah, so we built more or less everything in house. I mean, what you have is, um, and I think, you know, over time we've gotten slightly better tools. Um, I think, and, and maybe it's a little bit easier to talk about the, kind of the tools we started at Oxide because we kind of started with a, with a clean sheet of paper at oxide. [00:32:16] Bryan: We wanted to, knew we wanted to go build a control plane, but we were able to kind of go revisit some of the components. So actually, and maybe I'll, I'll talk about some of those changes. So when we, at, For example, at Joyent, when we were building a cloud at Joyent, there wasn't really a good distributed database. [00:32:34] Bryan: Um, so we were using Postgres as our database for metadata and there were a lot of challenges. And Postgres is not a distributed database. It's running. With a primary secondary architecture, and there's a bunch of issues there, many of which we discovered the hard way. Um, when we were coming to oxide, you have much better options to pick from in terms of distributed databases. [00:32:57] Bryan: You know, we, there was a period that now seems maybe potentially brief in hindsight, but of a really high quality open source distributed databases. So there were really some good ones to, to pick from. Um, we, we built on CockroachDB on CRDB. Um, so that was a really important component. That we had at oxide that we didn't have at Joyent. [00:33:19] Bryan: Um, so we were, I wouldn't say we were rolling our own distributed database, we were just using Postgres and uh, and, and dealing with an enormous amount of pain there in terms of the surround. Um, on top of that, and, and, you know, a, a control plane is much more than a database, obviously. Uh, and you've gotta deal with, uh, there's a whole bunch of software that you need to go, right. [00:33:40] Bryan: Um, to be able to, to transform these kind of API requests into something that is reliable infrastructure, right? And there, there's a lot to that. Uh, especially when networking gets in the mix, when storage gets in the mix, uh, there are a whole bunch of like complicated steps that need to be done, um, at Joyent. [00:33:59] Bryan: Um, we, in part because of the history of the company and like, look. This, this just is not gonna sound good, but it just is what it is and I'm just gonna own it. We did it all in Node, um, at Joyent, which I, I, I know it sounds really right now, just sounds like, well, you, you built it with Tinker Toys. You Okay. [00:34:18] Bryan: Uh, did, did you think it was, you built the skyscraper with Tinker Toys? Uh, it's like, well, okay. We actually, we had greater aspirations for the Tinker Toys once upon a time, and it was better than, you know, than Twisted Python and Event Machine from Ruby, and we weren't gonna do it in Java. All right. [00:34:32] Bryan: So, but let's just say that that experiment, uh, that experiment did ultimately end in a predictable fashion. Um, and, uh, we, we decided that maybe Node was not gonna be the best decision long term. Um, Joyent was the company behind node js. Uh, back in the day, Ryan Dahl worked for Joyent. Uh, and then, uh, then we, we, we. [00:34:53] Bryan: Uh, landed that in a foundation in about, uh, what, 2015, something like that. Um, and began to consider our world beyond, uh, beyond Node. Rust at Oxide [00:35:04] Bryan: A big tool that we had in the arsenal when we started Oxide is Rust. Um, and so indeed the name of the company is, is a tip of the hat to the language that we were pretty sure we were gonna be building a lot of stuff in. [00:35:16] Bryan: Namely Rust. And, uh, rust is, uh, has been huge for us, a very important revolution in programming languages. you know, there, there, there have been different people kind of coming in at different times and I kinda came to Rust in what I, I think is like this big kind of second expansion of rust in 2018 when a lot of technologists were think, uh, sick of Node and also sick of Go. [00:35:43] Bryan: And, uh, also sick of C++. And wondering is there gonna be something that gives me the, the, the performance, of that I get outta C. The, the robustness that I can get out of a C program but is is often difficult to achieve. but can I get that with kind of some, some of the velocity of development, although I hate that term, some of the speed of development that you get out of a more interpreted language. [00:36:08] Bryan: Um, and then by the way, can I actually have types, I think types would be a good idea? Uh, and rust obviously hits the sweet spot of all of that. Um, it has been absolutely huge for us. I mean, we knew when we started the company again, oxide, uh, we were gonna be using rust in, in quite a, quite a. Few places, but we weren't doing it by fiat. [00:36:27] Bryan: Um, we wanted to actually make sure we're making the right decision, um, at, at every different, at every layer. Uh, I think what has been surprising is the sheer number of layers at which we use rust in terms of, we've done our own embedded firmware in rust. We've done, um, in, in the host operating system, which is still largely in C, but very big components are in rust. [00:36:47] Bryan: The hypervisor Propolis is all in rust. Uh, and then of course the control plane, that distributed system on that is all in rust. So that was a very important thing that we very much did not need to build ourselves. We were able to really leverage, uh, a terrific community. Um. We were able to use, uh, and we've done this at Joyent as well, but at Oxide, we've used Illumos as a hostos component, which, uh, our variant is called Helios. [00:37:11] Bryan: Um, we've used, uh, bhyve um, as a, as as that kind of internal hypervisor component. we've made use of a bunch of different open source components to build this thing, um, which has been really, really important for us. Uh, and open source components that didn't exist even like five years prior. [00:37:28] Bryan: That's part of why we felt that 2019 was the right time to start the company. And so we started Oxide. The problems building a control plane in Node [00:37:34] Jeremy: You had mentioned that at Joyent, you had tried to build this in, in Node. What were the, what were the, the issues or the, the challenges that you had doing that? [00:37:46] Bryan: Oh boy. Yeah. again, we, I kind of had higher hopes in 2010, I would say. When we, we set on this, um, the, the, the problem that we had just writ large, um. JavaScript is really designed to allow as many people on earth to write a program as possible, which is good. I mean, I, I, that's a, that's a laudable goal. [00:38:09] Bryan: That is the goal ultimately of such as it is of JavaScript. It's actually hard to know what the goal of JavaScript is, unfortunately, because Brendan Ike never actually wrote a book. so that there is not a canonical, you've got kind of Doug Crockford and other people who've written things on JavaScript, but it's hard to know kind of what the original intent of JavaScript is. [00:38:27] Bryan: The name doesn't even express original intent, right? It was called Live Script, and it was kind of renamed to JavaScript during the Java Frenzy of the late nineties. A name that makes no sense. There is no Java in JavaScript. that is kind of, I think, revealing to kind of the, uh, the unprincipled mess that is JavaScript. [00:38:47] Bryan: It, it, it's very pragmatic at some level, um, and allows anyone to, it makes it very easy to write software. The problem is it's much more difficult to write really rigorous software. So, uh, and this is what I should differentiate JavaScript from TypeScript. This is really what TypeScript is trying to solve. [00:39:07] Bryan: TypeScript is like. How can, I think TypeScript is a, is a great step forward because TypeScript is like, how can we bring some rigor to this? Like, yes, it's great that it's easy to write JavaScript, but that's not, we, we don't wanna do that for Absolutely. I mean that, that's not the only problem we solve. [00:39:23] Bryan: We actually wanna be able to write rigorous software and it's actually okay if it's a little harder to write rigorous software that's actually okay if it gets leads to, to more rigorous artifacts. Um, but in JavaScript, I mean, just a concrete example. You know, there's nothing to prevent you from referencing a property that doesn't actually exist in JavaScript. [00:39:43] Bryan: So if you fat finger a property name, you are relying on something to tell you. By the way, I think you've misspelled this because there is no type definition for this thing. And I don't know that you've got one that's spelled correctly, one that's spelled incorrectly, that's often undefined. And then the, when you actually go, you say you've got this typo that is lurking in your what you want to be rigorous software. [00:40:07] Bryan: And if you don't execute that code, like you won't know that's there. And then you do execute that code. And now you've got a, you've got an undefined object. And now that's either gonna be an exception or it can, again, depends on how that's handled. It can be really difficult to determine the origin of that, of, of that error, of that programming. [00:40:26] Bryan: And that is a programmer error. And one of the big challenges that we had with Node is that programmer errors and operational errors, like, you know, I'm out of disk space as an operational error. Those get conflated and it becomes really hard. And in fact, I think the, the language wanted to make it easier to just kind of, uh, drive on in the event of all errors. [00:40:53] Bryan: And it's like, actually not what you wanna do if you're trying to build a reliable, robust system. So we had. No end of issues. [00:41:01] Bryan: We've got a lot of experience developing rigorous systems, um, again coming out of operating systems development and so on. And we want, we brought some of that rigor, if strangely, to JavaScript. So one of the things that we did is we brought a lot of postmortem, diagnos ability and observability to node. [00:41:18] Bryan: And so if, if one of our node processes. Died in production, we would actually get a core dump from that process, a core dump that we could actually meaningfully process. So we did a bunch of kind of wild stuff. I mean, actually wild stuff where we could actually make sense of the JavaScript objects in a binary core dump. JavaScript values ease of getting started over robustness [00:41:41] Bryan: Um, and things that we thought were really important, and this is the, the rest of the world just looks at this being like, what the hell is this? I mean, it's so out of step with it. The problem is that we were trying to bridge two disconnected cultures of one developing really. Rigorous software and really designing it for production, diagnosability and the other, really designing it to software to run in the browser and for anyone to be able to like, you know, kind of liven up a webpage, right? [00:42:10] Bryan: Is kinda the origin of, of live script and then JavaScript. And we were kind of the only ones sitting at the intersection of that. And you begin when you are the only ones sitting at that kind of intersection. You just are, you're, you're kind of fighting a community all the time. And we just realized that we are, there were so many things that the community wanted to do that we felt are like, no, no, this is gonna make software less diagnosable. It's gonna make it less robust. The NodeJS split and why people left [00:42:36] Bryan: And then you realize like, I'm, we're the only voice in the room because we have got, we have got desires for this language that it doesn't have for itself. And this is when you realize you're in a bad relationship with software. It's time to actually move on. And in fact, actually several years after, we'd already kind of broken up with node. [00:42:55] Bryan: Um, and it was like, it was a bit of an acrimonious breakup. there was a, uh, famous slash infamous fork of node called IoJS Um, and this was viewed because people, the community, thought that Joyent was being what was not being an appropriate steward of node js and was, uh, not allowing more things to come into to, to node. [00:43:19] Bryan: And of course, the reason that we of course, felt that we were being a careful steward and we were actively resisting those things that would cut against its fitness for a production system. But it's some way the community saw it and they, and forked, um, and, and I think the, we knew before the fork that's like, this is not working and we need to get this thing out of our hands. Platform is a reflection of values node summit talk [00:43:43] Bryan: And we're are the wrong hands for this? This needs to be in a foundation. Uh, and so we kind of gone through that breakup, uh, and maybe it was two years after that. That, uh, friend of mine who was um, was running the, uh, the node summit was actually, it's unfortunately now passed away. Charles er, um, but Charles' venture capitalist great guy, and Charles was running Node Summit and came to me in 2017. [00:44:07] Bryan: He is like, I really want you to keynote Node Summit. And I'm like, Charles, I'm not gonna do that. I've got nothing nice to say. Like, this is the, the, you don't want, I'm the last person you wanna keynote. He's like, oh, if you have nothing nice to say, you should definitely keynote. You're like, oh God, okay, here we go. [00:44:22] Bryan: He's like, no, I really want you to talk about, like, you should talk about the Joyent breakup with NodeJS. I'm like, oh man. [00:44:29] Bryan: And that led to a talk that I'm really happy that I gave, 'cause it was a very important talk for me personally. Uh, called Platform is a reflection of values and really looking at the values that we had for Node and the values that Node had for itself. And they didn't line up. [00:44:49] Bryan: And the problem is that the values that Node had for itself and the values that we had for Node are all kind of positives, right? Like there's nobody in the node community who's like, I don't want rigor, I hate rigor. It's just that if they had the choose between rigor and making the language approachable. [00:45:09] Bryan: They would choose approachability every single time. They would never choose rigor. And, you know, that was a, that was a big eye-opener. I do, I would say, if you watch this talk. [00:45:20] Bryan: because I knew that there's, like, the audience was gonna be filled with, with people who, had been a part of the fork in 2014, I think was the, the, the, the fork, the IOJS fork. And I knew that there, there were, there were some, you know, some people that were, um, had been there for the fork and. [00:45:41] Bryan: I said a little bit of a trap for the audience. But the, and the trap, I said, you know what, I, I kind of talked about the values that we had and the aspirations we had for Node, the aspirations that Node had for itself and how they were different. [00:45:53] Bryan: And, you know, and I'm like, look in, in, in hindsight, like a fracture was inevitable. And in 2014 there was finally a fracture. And do people know what happened in 2014? And if you, if you, you could listen to that talk, everyone almost says in unison, like IOJS. I'm like, oh right. IOJS. Right. That's actually not what I was thinking of. [00:46:19] Bryan: And I go to the next slide and is a tweet from a guy named TJ Holloway, Chuck, who was the most prolific contributor to Node. And it was his tweet also in 2014 before the fork, before the IOJS fork explaining that he was leaving Node and that he was going to go. And you, if you turn the volume all the way up, you can hear the audience gasp. [00:46:41] Bryan: And it's just delicious because the community had never really come, had never really confronted why TJ left. Um, there. And I went through a couple folks, Felix, bunch of other folks, early Node folks. That were there in 2010, were leaving in 2014, and they were going to go primarily, and they were going to go because they were sick of the same things that we were sick of. [00:47:09] Bryan: They, they, they had hit the same things that we had hit and they were frustrated. I I really do believe this, that platforms do reflect their own values. And when you are making a software decision, you are selecting value. [00:47:26] Bryan: You should select values that align with the values that you have for that software. That is, those are, that's way more important than other things that people look at. I think people look at, for example, quote unquote community size way too frequently, community size is like. Eh, maybe it can be fine. [00:47:44] Bryan: I've been in very large communities, node. I've been in super small open source communities like AUMs and RAs, a bunch of others. there are strengths and weaknesses to both approaches just as like there's a strength to being in a big city versus a small town. Me personally, I'll take the small community more or less every time because the small community is almost always self-selecting based on values and just for the same reason that I like working at small companies or small teams. [00:48:11] Bryan: There's a lot of value to be had in a small community. It's not to say that large communities are valueless, but again, long answer to your question of kind of where did things go south with Joyent and node. They went south because the, the values that we had and the values the community had didn't line up and that was a very educational experience, as you might imagine. [00:48:33] Jeremy: Yeah. And, and given that you mentioned how, because of those values, some people moved from Node to go, and in the end for much of what oxide is building. You ended up using rust. What, what would you say are the, the values of go and and rust, and how did you end up choosing Rust given that. Go's decisions regarding generics, versioning, compilation speed priority [00:48:56] Bryan: Yeah, I mean, well, so the value for, yeah. And so go, I mean, I understand why people move from Node to Go, go to me was kind of a lateral move. Um, there were a bunch of things that I, uh, go was still garbage collected, um, which I didn't like. Um, go also is very strange in terms of there are these kind of like. [00:49:17] Bryan: These autocratic kind of decisions that are very bizarre. Um, there, I mean, generics is kind of a famous one, right? Where go kind of as a point of principle didn't have generics, even though go itself actually the innards of go did have generics. It's just that you a go user weren't allowed to have them. [00:49:35] Bryan: And you know, it's kind of, there was, there was an old cartoon years and years ago about like when a, when a technologist is telling you that something is technically impossible, that actually means I don't feel like it. Uh, and there was a certain degree of like, generics are technically impossible and go, it's like, Hey, actually there are. [00:49:51] Bryan: And so there was, and I just think that the arguments against generics were kind of disingenuous. Um, and indeed, like they ended up adopting generics and then there's like some super weird stuff around like, they're very anti-assertion, which is like, what, how are you? Why are you, how is someone against assertions, it doesn't even make any sense, but it's like, oh, nope. [00:50:10] Bryan: Okay. There's a whole scree on it. Nope, we're against assertions and the, you know, against versioning. There was another thing like, you know, the Rob Pike has kind of famously been like, you should always just run on the way to commit. And you're like, does that, is that, does that make sense? I mean this, we actually built it. [00:50:26] Bryan: And so there are a bunch of things like that. You're just like, okay, this is just exhausting and. I mean, there's some things about Go that are great and, uh, plenty of other things that I just, I'm not a fan of. Um, I think that the, in the end, like Go cares a lot about like compile time. It's super important for Go Right? [00:50:44] Bryan: Is very quick, compile time. I'm like, okay. But that's like compile time is not like, it's not unimportant, it's doesn't have zero importance. But I've got other things that are like lots more important than that. Um, what I really care about is I want a high performing artifact. I wanted garbage collection outta my life. Don't think garbage collection has good trade offs [00:51:00] Bryan: I, I gotta tell you, I, I like garbage collection to me is an embodiment of this like, larger problem of where do you put cognitive load in the software development process. And what garbage collection is saying to me it is right for plenty of other people and the software that they wanna develop. [00:51:21] Bryan: But for me and the software that I wanna develop, infrastructure software, I don't want garbage collection because I can solve the memory allocation problem. I know when I'm like, done with something or not. I mean, it's like I, whether that's in, in C with, I mean it's actually like, it's really not that hard to not leak memory in, in a C base system. [00:51:44] Bryan: And you can. give yourself a lot of tooling that allows you to diagnose where memory leaks are coming from. So it's like that is a solvable problem. There are other challenges with that, but like, when you are developing a really sophisticated system that has garbage collection is using garbage collection. [00:51:59] Bryan: You spend as much time trying to dork with the garbage collector to convince it to collect the thing that you know is garbage. You are like, I've got this thing. I know it's garbage. Now I need to use these like tips and tricks to get the garbage collector. I mean, it's like, it feels like every Java performance issue goes to like minus xx call and use the other garbage collector, whatever one you're using, use a different one and using a different, a different approach. [00:52:23] Bryan: It's like, so you're, you're in this, to me, it's like you're in the worst of all worlds where. the reason that garbage collection is helpful is because the programmer doesn't have to think at all about this problem. But now you're actually dealing with these long pauses in production. [00:52:38] Bryan: You're dealing with all these other issues where actually you need to think a lot about it. And it's kind of, it, it it's witchcraft. It, it, it's this black box that you can't see into. So it's like, what problem have we solved exactly? And I mean, so the fact that go had garbage collection, it's like, eh, no, I, I do not want, like, and then you get all the other like weird fatwahs and you know, everything else. [00:52:57] Bryan: I'm like, no, thank you. Go is a no thank you for me, I, I get it why people like it or use it, but it's, it's just, that was not gonna be it. Choosing Rust [00:53:04] Bryan: I'm like, I want C. but I, there are things I didn't like about C too. I was looking for something that was gonna give me the deterministic kind of artifact that I got outta C. But I wanted library support and C is tough because there's, it's all convention. you know, there's just a bunch of other things that are just thorny. And I remember thinking vividly in 2018, I'm like, well, it's rust or bust. Ownership model, algebraic types, error handling [00:53:28] Bryan: I'm gonna go into rust. And, uh, I hope I like it because if it's not this, it's gonna like, I'm gonna go back to C I'm like literally trying to figure out what the language is for the back half of my career. Um, and when I, you know, did what a lot of people were doing at that time and people have been doing since of, you know, really getting into rust and really learning it, appreciating the difference in the, the model for sure, the ownership model people talk about. [00:53:54] Bryan: That's also obviously very important. It was the error handling that blew me away. And the idea of like algebraic types, I never really had algebraic types. Um, and the ability to, to have. And for error handling is one of these really, uh, you, you really appreciate these things where it's like, how do you deal with a, with a function that can either succeed and return something or it can fail, and the way c deals with that is bad with these kind of sentinels for errors. [00:54:27] Bryan: And, you know, does negative one mean success? Does negative one mean failure? Does zero mean failure? Some C functions, zero means failure. Traditionally in Unix, zero means success. And like, what if you wanna return a file descriptor, you know, it's like, oh. And then it's like, okay, then it'll be like zero through positive N will be a valid result. [00:54:44] Bryan: Negative numbers will be, and like, was it negative one and I said airo, or is it a negative number that did not, I mean, it's like, and that's all convention, right? People do all, all those different things and it's all convention and it's easy to get wrong, easy to have bugs, can't be statically checked and so on. Um, and then what Go says is like, well, you're gonna have like two return values and then you're gonna have to like, just like constantly check all of these all the time. Um, which is also kind of gross. Um, JavaScript is like, Hey, let's toss an exception. If, if we don't like something, if we see an error, we'll, we'll throw an exception. [00:55:15] Bryan: There are a bunch of reasons I don't like that. Um, and you look, you'll get what Rust does, where it's like, no, no, no. We're gonna have these algebra types, which is to say this thing can be a this thing or that thing, but it, but it has to be one of these. And by the way, you don't get to process this thing until you conditionally match on one of these things. [00:55:35] Bryan: You're gonna have to have a, a pattern match on this thing to determine if it's a this or a that, and if it in, in the result type that you, the result is a generic where it's like, it's gonna be either the thing that you wanna return. It's gonna be an okay that contains the thing you wanna return, or it's gonna be an error that contains your error and it forces your code to deal with that. [00:55:57] Bryan: And what that does is it shifts the cognitive load from the person that is operating this thing in production to the, the actual developer that is in development. And I think that that, that to me is like, I, I love that shift. Um, and that shift to me is really important. Um, and that's what I was missing, that that's what Rust gives you. [00:56:23] Bryan: Rust forces you to think about your code as you write it, but as a result, you have an artifact that is much more supportable, much more sustainable, and much faster. Prefer to frontload cognitive load during development instead of at runtime [00:56:34] Jeremy: Yeah, it sounds like you would rather take the time during the development to think about these issues because whether it's garbage collection or it's error handling at runtime when you're trying to solve a problem, then it's much more difficult than having dealt with it to start with. [00:56:57] Bryan: Yeah, absolutely. I, and I just think that like, why also, like if it's software, if it's, again, if it's infrastructure software, I mean the kinda the question that you, you should have when you're writing software is how long is this software gonna live? How many people are gonna use this software? Uh, and if you are writing an operating system, the answer for this thing that you're gonna write, it's gonna live for a long time. [00:57:18] Bryan: Like, if we just look at plenty of aspects of the system that have been around for a, for decades, it's gonna live for a long time and many, many, many people are gonna use it. Why would we not expect people writing that software to have more cognitive load when they're writing it to give us something that's gonna be a better artifact? [00:57:38] Bryan: Now conversely, you're like, Hey, I kind of don't care about this. And like, I don't know, I'm just like, I wanna see if this whole thing works. I've got, I like, I'm just stringing this together. I don't like, no, the software like will be lucky if it survives until tonight, but then like, who cares? Yeah. Yeah. [00:57:52] Bryan: Gar garbage clock. You know, if you're prototyping something, whatever. And this is why you really do get like, you know, different choices, different technology choices, depending on the way that you wanna solve the problem at hand. And for the software that I wanna write, I do like that cognitive load that is upfront. With LLMs maybe you can get the benefit of the robust artifact with less cognitive load [00:58:10] Bryan: Um, and although I think, I think the thing that is really wild that is the twist that I don't think anyone really saw coming is that in a, in an LLM age. That like the cognitive load upfront almost needs an asterisk on it because so much of that can be assisted by an LLM. And now, I mean, I would like to believe, and maybe this is me being optimistic, that the the, in the LLM age, we will see, I mean, rust is a great fit for the LLMH because the LLM itself can get a lot of feedback about whether the software that's written is correct or not. [00:58:44] Bryan: Much more so than you can for other environments. [00:58:48] Jeremy: Yeah, that is a interesting point in that I think when people first started trying out the LLMs to code, it was really good at these maybe looser languages like Python or JavaScript, and initially wasn't so good at something like Rust. But it sounds like as that improves, if. It can write it then because of the rigor or the memory management or the error handling that the language is forcing you to do, it might actually end up being a better choice for people using LLMs. [00:59:27] Bryan: absolutely. I, it, it gives you more certainty in the artifact that you've delivered. I mean, you know a lot about a Rust program that compiles correctly. I mean, th there are certain classes of errors that you don't have, um, that you actually don't know on a C program or a GO program or a, a JavaScript program. [00:59:46] Bryan: I think that's gonna be really important. I think we are on the cusp. Maybe we've already seen it, this kind of great bifurcation in the software that we writ

OpenZFS monitoring, hellosystems 0.8, GhostBSD and XLibre, Bhyve Exporters and 30 year old LibC issues. NOTES This episode of BSDNow is brought to you by Tarsnap and the BSDNow Patreon Headlines OpenZFS Monitoring and Observability: What to Track and Why It Matters helloSystem 0.8 Released FreeBSD Based OS Inspired by macOS. https://itsfoss.gitlab.io/post/hellosystem-08-released-freebsd-based-os-inspired-by-macos/ News Roundup [Default GhostBSD to XLibre](https://github.com/ghostbsd/ghostbsd-build/pull/259] Addressing XLibre Change and GhostBSD Future Bhyve Prometheus Exporter for Sylve on FreeBSD. Linux GNU C Library Fixes Security Issue Present Since 1996 Beastie Bits NetBSD 11.0 RC1 available! The Book of PF, 4th Edition is now available December 2025 Finance Report LLDB improvements on FreeBSD Any desire for OnmiOS/Illumos Support : Now's your chance to convince me Tarsnap This weeks episode of BSDNow was sponsored by our friends at Tarsnap, the only secure online backup you can trust your data to. Even paranoids need backups. Feedback/Questions Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv Join us and other BSD Fans in our BSD Now Telegram channel

Eric sits down with David Henderson, Principal Architect for NetDevOps at Presidio, to discuss the practical journey for network engineers transitioning from manual CLI operations to scalable NetDevOps and automation. They discuss how traditional networking knowledge and certifications are foundational, and suggest essential tools and habits for beginning your automation journey. David also shares a... Read more »

Eric sits down with David Henderson, Principal Architect for NetDevOps at Presidio, to discuss the practical journey for network engineers transitioning from manual CLI operations to scalable NetDevOps and automation. They discuss how traditional networking knowledge and certifications are foundational, and suggest essential tools and habits for beginning your automation journey. David also shares a... Read more »

Pour l'épisode de cette semaine, je reçois Gilles Barbier, entrepreneur récidiviste et fondateur de TinyStaff.Gilles évolue dans l'écosystème tech depuis plus de 20 ans : créateur de startups, ancien CTO de The Family, contributeur open source… Il suit aujourd'hui de très près la révolution en cours autour des agents IA et des nouveaux outils de développement.Au cours de cet épisode, nous avons parlé d'OpenClaw, le projet open source qui a explosé en quelques semaines (plus de 200 000 stars sur GitHub), et de ce qu'il change concrètement dans la façon de travailler.Nous avons abordé :Ce qu'est réellement OpenClaw et pourquoi il a suscité un tel engouementLa différence entre une IA “chat” classique et une IA agentique proactiveComment Gilles a construit TinyStaff au-dessus d'OpenClaw pour proposer des “virtual employees” prêts à l'emploiL'impact des outils comme Claude Code, Codex ou Cursor sur la productivité des développeursLe coût réel des tokens et la question des abonnements vs APIL'avenir des SaaS face aux agents : disparition, transformation ou adaptation ?Pourquoi les éditeurs devront rendre leurs produits “agent-compatible” (API, CLI, MCP…)Ce que cette révolution va changer, au-delà des développeurs, pour tous les métiersUn épisode un peu différent, plus “actu chaude” que d'habitude, mais passionnant pour comprendre la vague en cours et anticiper ses conséquences sur l'écosystème SaaS.Vous pouvez suivre Gilles sur LinkedIn.Bonne écoute !Pour soutenir SaaS Connection en 1 minute⏱ (et 2 secondes) :Abonnez-vous à SaaS Connection sur votre plateforme préférée pour ne rater aucun épisode

Big thanks to ‪@Cisco‬ for sponsoring this video and sponsoring my trip to Cisco Live Amsterdam. Will AI replace network engineers in 2026? In this video, I sit down with Joe Vaccaro (VP/GM of Cisco ThousandEyes) to reveal the truth about "Agentic Ops" and how it differs from traditional AIOps. We dive deep into the new "Digital Teammate" concept within ThousandEyes and demo exactly how AI agents can autonomously troubleshoot complex network outages (like DHCP and DNS failures) in seconds. Instead of taking your job, Joe explains how these agents act as a force multiplier for your career—handling the tedious "mean time to innocence" tasks so you can focus on architecture. If you are worried about the future of the CLI or manual troubleshooting, you need to see this demo. Key Topics Covered: • Cisco Agentic Ops Explained: Joe Vaccaro breaks down the shift to autonomous reasoning. • ThousandEyes Demo: Watch an AI agent diagnose a DHCP failure and suggest the exact fix (subnet expansion). • Views Explainability: How to troubleshoot "unknown paths" and ISP outages (like AWS/Azure) automatically. • Career Survival Guide: Why Cisco believes AI will train the next generation of CCIE-level engineers, not replace them. //Joe Vaccaro's SOCIAL // Cisco Blogs: https://blogs.cisco.com/author/vaccaroj LinkedIn: / joevaccaro X: https://x.com/joevaccaro X: https://x.com/thousandeyes Website: https://www.thousandeyes.com/ // David's SOCIAL // Discord: discord.com/invite/usKSyzb Twitter: www.twitter.com/davidbombal Instagram: www.instagram.com/davidbombal LinkedIn: www.linkedin.com/in/davidbombal Facebook: www.facebook.com/davidbombal.co TikTok: tiktok.com/@davidbombal YouTube: / @davidbombal Spotify: open.spotify.com/show/3f6k6gE... SoundCloud: / davidbombal Apple Podcast: podcasts.apple.com/us/podcast... // MY STUFF // https://www.amazon.com/shop/davidbombal // SPONSORS // Interested in sponsoring my videos? Reach out to my team here: sponsors@davidbombal.com // MENU // 0:00 - Coming up 0:42 - Troubleshooting 02:00 - ThousandEyes Updates 03:52 - Demo 1 06:50 - Agentic Steps on a network 07:26 - Demo 2 10:50 - ThousandEyes Outages Page 11:34 - Agents in ThousandEyes 13:49 - New Demands by AI 14:14 - Will AI Replace Network Engineers ? 15:15 - Will The Agents Need a Human in the loop? 16:10 - Will This become More Autonomous ? 16:48 - Conclusion & Outro Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel! Disclaimer: This video is for educational purposes only. #cisco #ciscolive #ciscoemea

Alla shownotes finns på https://www.enlitenpoddomit.se , skulle det se konstigt ut i din poddspelare så titta gärna där efter alla länkar kring det vi pratar om   Avsnitt 559 spelades in den 17 februari och därför så handlar dagens avsnitt om: INTRO: David har åkt skridskor och chillat. Johan har lagat sushi och sprungit på löpband. FEEDBACK AND BACKLOG: - Claude Cowork for Windows   https://support.claude.com/en/articles/13345190-getting-started-with-cowork  ALLMÄNT NYTT - OpenAI pensionerar 4o   https://www.engadget.com/ai/openai-has-officially-retired-the-controversial-gpt-4o-model-181553067.html  - Apple Shortcuts   BONUSLÖNK: https://apps.apple.com/se/app/shortcuts/id915249334?l=en-GB  - Ny Amiga på gång?   https://www.thurrott.com/classic-technology/332751/i-pre-ordered-an-amiga-1200  - David kan köra Vivaldi på alla sina enheter https://www.thurrott.com/cloud/web-browsers/332398/vivaldi-7-8-is-here-for-android-iphone-and-ipad  DISKUSSION - Johan har testat OnePlus 15   https://blog.johanpersson.nu/2026/01/31/oneplus-15-review-massive-battery-meets-premium-design/  MICROSOFT - Nya Secure Boot-certifikat https://www.windowslatest.com/2026/02/13/how-to-check-if-windows-11-has-applied-the-new-secure-boot-2023-certificates-replaces-secure-boot-2011/  - Windows-uppdateringar https://www.neowin.net/news/microsoft-released-kb5077180-kb5077374-kb5076124-windows-11-setup--recovery-updates/  - Är CLI det nya svarta https://www.thurrott.com/windows/windows-11/332599/windows-11-has-a-microsoft-store-cli-now  - En liten MS Authenticator Rant APPLE - Laddningsbegränsning i macOS   https://9to5mac.com/2026/02/16/macos-26-4-brings-battery-charge-limit-to-the-mac-and-shortcuts/  - Apple Podcast får live video   https://www.thurrott.com/apple/332762/apple-podcasts-is-adding-live-video-streams  - Apple börjar testa RCS kryptering   https://www.androidauthority.com/apple-testing-rcs-encryption-on-iphones-3641540/  GOOGLE - Now Playing-app   https://9to5google.com/2026/02/14/pixel-now-playing-app/  - Android 17   https://9to5google.com/2026/02/14/android-17-schedule/  - Hackare försöker klona Gemini   https://www.cnet.com/tech/services-and-software/hackers-are-trying-to-copy-gemini-via-thousands-of-ai-prompts-says-google/   https://www.androidauthority.com/google-gemini-clone-attempts-3640480/  - Android Quick Share blir av med en feature och det kanske är bra   https://www.androidauthority.com/android-quick-share-removing-everyone-3640832/  - Chrome kommer att autostarta maximerat på Windows   https://swedroid.se/google-kommer-lata-windows-anvandare-starta-datorn-rakt-in-i-chrome/  ANDRA NYHETER - Spotify börjar sälja fysiska (?) böcker https://www.androidauthority.com/spotify-page-match-launch-3638316/  PRYLLISTA - David: Apple SmartFolio lila, https://www.apple.com/se/shop/product/mwk83zm/a/smart-folio-till-ipad-air-11-tum-m3-ljusviolett  - Johan: Magneter, gängor och filament EGNA LÄNKAR - En Liten Podd Om IT på webben,      http://enlitenpoddomit.se/  - En Liten Podd Om IT på Facebook,      https://www.facebook.com/EnLitenPoddOmIt/  - En Liten Podd Om IT på Youtube,      https://www.youtube.com/enlitenpoddomit  - Ge oss gärna en recension    - https://podcasts.apple.com/se/podcast/en-liten-podd-om-it/id946204577?mt=2#see-all/reviews      - https://www.podchaser.com/podcasts/en-liten-podd-om-it-158069  LÄNKAR TILL VART MAN HITTAR PODDEN FÖR ATT LYSSNA: - Apple Podcaster (iTunes), https://itunes.apple.com/se/podcast/en-liten-podd-om-it/id946204577  - Overcast, https://overcast.fm/itunes946204577/en-liten-podd-om-it  - Acast, https://www.acast.com/enlitenpoddomit  - Spotify, https://open.spotify.com/show/2e8wX1O4FbD6M2ocJdXBW7?si=HFFErR8YRlKrELsUD--Ujg%20  - Stitcher, https://www.stitcher.com/podcast/the-nerd-herd/en-liten-podd-om-it  - YouTube, https://www.youtube.com/enlitenpoddomit  LÄNK TILL DISCORD DÄR MAN HITTAR LIVE STREAM + CHATT - http://discord.enlitenpoddomit.se  (Och glöm inte att maila bjorn@enlitenpoddomit.se  om du vill ha klistermärken, skicka med en postadress bara. :) 

GeoIP PF FreeBSD, ZFs in production, linuxulator feels like magic, XFCE is great, the scariest boot code, and more... NOTES This episode of BSDNow is brought to you by Tarsnap and the BSDNow Patreon Headlines GeoIP-Aware Firewalling with PF on FreeBSD ZFS in Production: Real-World Deployment Patterns and Pitfalls News Roundup Xfce is great Linuxulator on FreeBSD Feels Like Magic The scariest boot loader code OpenBSD-current now runs as guest under Apple Hypervisor Tarsnap This weeks episode of BSDNow was sponsored by our friends at Tarsnap, the only secure online backup you can trust your data to. Even paranoids need backups. Feedback/Questions Matt - Audio Levels Interviews can be troublesome because there's only so much we can do with multiple guests with multiple feeds, and mulitple audio conditions. We can try to normalize but sometimes it's just not easy to do without editing taking an entire day.. Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv Join us and other BSD Fans in our BSD Now Telegram channel

I have a theory that only bad projects get finished — good ones keep finding new things to do. Asciinema is a case in point. What started as a way to share terminal sessions with friends has, over 14 years, grown into a full suite of tools covering recording, hosting, playback, and live streaming — and been rebuilt multiple times along the way. So what does it actually take to record and replay a terminal session faithfully in a browser?Joining us for this conversation is Marcin Kulik, Asciinema's creator. The project's architecture has passed through almost every interesting corner of software engineering: a Python recorder built around pseudo-terminals (PTY), a ClojureScript terminal emulator for the browser that hit performance limits with immutable data structures and garbage collection pressure, a move to Rust compiled to WebAssembly, a Go experiment that didn't last, and a new Rust CLI for concurrent live streaming backed by an Elixir/Phoenix server that calls Rust code via NIFs. The same Rust terminal emulator library now powers all three components — the browser player, the server, and the CLI.If you've ever looked at those terminal animations embedded in a README and wondered what's underneath them, or if you're interested in how a passionate open-source developer navigates 14 years of language changes and rewrites, this conversation has plenty to offer.---Support Developer Voices on Patreon: https://patreon.com/DeveloperVoicesSupport Developer Voices on YouTube: https://www.youtube.com/@DeveloperVoices/joinAsciinema: https://asciinema.orgAsciinema Docs: https://docs.asciinema.orgAsciinema CLI (GitHub): https://github.com/asciinema/asciinemaAsciinema Player (GitHub): https://github.com/asciinema/asciinema-playerAsciinema Server (GitHub): https://github.com/asciinema/asciinema-serverAVT - Rust terminal emulator library: https://github.com/asciinema/avtvt-clj - the original ClojureScript terminal emulator: https://github.com/asciinema/vt-cljPaul Williams' ANSI/VT100 State Machine Parser: https://vt100.net/emu/dec_ansi_parserRust: https://www.rust-lang.orgWebAssembly: https://webassembly.orgSolidJS: https://www.solidjs.comElixir: https://elixir-lang.orgPhoenix Framework: https://www.phoenixframework.orgRustler (Rust NIFs for Elixir/Erlang): https://github.com/rusterlium/rustlerClojure: https://clojure.orgClojureScript: https://clojurescript.orgcmatrix: https://github.com/abishekvashok/cmatrixMarcin Kulik on GitHub: https://github.com/ku1ikMarcin Kulik on Mastodon: https://hachyderm.io/@ku1ikMarcin Kulik on asciinema.org: https://asciinema.org/~ku1ik"They're Made Out of Meat" demo: https://asciinema.org/a/746358Kris on Bluesky: https://bsky.app/profile/krisajenkins.bsky.socialKris on Mastodon: http://mastodon.social/@krisajenkinsKris on LinkedIn: https://www.linkedin.com/in/krisjenkins/---0:00 Intro2:28 What Is Asciinema?4:48 How Asciinema Started9:51 The Problem of Parsing Terminal Output14:07 Building a Cross-Platform Recorder17:01 Rewriting the Parser in ClojureScript22:19 The Hidden Complexity of Terminals29:28 Rendering Terminals in the Browser39:47 When ClojureScript Can't Keep Up45:28 Moving to Rust and WebAssembly52:01 The Go Experiment57:43 Adding Live Terminal Streaming1:07:12 Can You Scrub Back in a Live Stream?1:14:40 Editing Recordings1:25:27 Outro

DR. VN Alexander is a philosopher of science known for her work on Vladimir Nabokov's theory of insect mimicry evolution. She is a member of the Third Way of Evolution research group & currently works in the field of Biosemiotics. She earned her Ph.D. in 2002 in English at the Graduate Center, City University New York & did her dissertation research in teleology, evolutionary theory & self-organization at the Santa Fe Institute. She is a Rockefeller Foundation Residency alum, a former NY Council for the Humanities scholar & a 2020 Fulbright scholar in Russia. Books include The Biologist's Mistress: Rethinking Self-Organization in Art, Literature and Nature & several literary fiction and political science novels.VN ALEXANDER, PhD (aka Tori):Website: https://vnalexander.com/Website: https://directdemocracyus.org/IG: https://www.instagram.com/rednaxelairot/X: https://x.com/torialexander72LinkTree: https://linktr.ee/vnalexanderSubstack: posthumousstyle.substack.comNEW novel The Girlie Playhouse: https://heresy-press.com/product/the-girlie-playhouse-by-v-n-alexander/THE RIPPLE EFFECT PODCAST:WEBSITE: http://TheRippleEffectPodcast.comWebsite Host & Video Distributor: https://ContentSafe.co/SUPPORT:PATREON: https://www.patreon.com/TheRippleEffectPodcastPayPal: https://www.PayPal.com/paypalme/RvTheory6VENMO: https://venmo.com/code?user_id=3625073915201071418&created=1663262894MERCH: Store: http://www.TheRippleEffectPodcastMerch.comTHEORY 6 MUSIC: https://open.spotify.com/artist/1w91xRlB4b2MJYyXXhJcyFSPONSORS:OPUS A.I. Clip Creator: https://www.opus.pro/?via=RickyVarandasScott Horton Academy: https://scotthortonacademy.com/rippleeffectUniversity of Reason-Autonomy: https://www.universityofreason.com/a/2147825829/ouiRXFoLWATCH:OFFICIAL YOUTUBE: https://www.youtube.com/@TheRippleEffectPodcastOFFICIALYOUTUBE CLIPS CHANNEL: https://www.youtube.com/@RickyVarandasLISTEN:SPOTIFY: https://open.spotify.com/show/4lpFhHI6CqdZKW0QDyOicJiTUNES: http://apple.co/1xjWmlFTHE UNION OF THE UNWANTED: https://linktr.ee/TheUnionOfTheUnwanted

I'm joined by Nirmal Mehta of AWS and Viktor Farcic from Upbound, to go through our 2025 year in review. We look into the AI tools that consumed us this year, from CLI agents to terminal emulators, IDEs, AI browsers - what worked, what flopped, what's worth your time and money, and what we think isn't!Check out the video podcast version here: https://youtu.be/mnagfUsh5bc

In this episode, Alex Hillman, co-founder of Philadelphia's legendary coworking space Indy Hall, takes us through his journey building a sophisticated AI executive assistant using Claude Code. What started as a simple terminal experiment in October 2025 has evolved into a full production system that autonomously manages network diagnostics, email workflows, relationship tracking, and newsletter automation. Alex shares the technical architecture, real-world stories of AI-powered problem solving, cost insights, and his thoughtful approach to building trust with AI while maintaining strong ethical guardrails.## Chapters- 00:00 Coming Up...- 02:01 Introductions- 03:57 The Origins of PhillyCocoa and Indie Hall- 06:12 The Evolution of AI and Personal Assistants- 07:35 Building a Personal Assistant with Claude Code- 10:26 The Architecture of the Personal Assistant- 14:04 Creating a Web App Interface for the Assistant- 16:10 Using Tailscale for Secure Access- 19:01 Mitigating Risks with AI Autonomy- 29:24 Backup Protocols and Data Management- 31:23 Emergent Behavior in AI Systems- 34:10 Flow State and Productivity in Programming- 37:56 Understanding AI Behavior and User Education- 39:45 Cost Management in AI Development- 45:37 Building Trust with AI Systems- 53:53 Navigating Trust in Skill Utilization- 55:23 Technical Applications for Non-Developers- 01:00:17 Innovative Personal and Business Management- 01:09:03 Transforming Workflows with AI- 01:12:56 Ethics and Responsibility in AI Usage- 01:18:25 Community Building Through Meetups- 01:21:55 Tag## Highlights**Architecture:** Claude Code headless via CLI with WebSocket communication, Docker on Hetzner VPS, Tailscale networking, hourly snapshots, git hooks for destructive commands, multi-layered security.**Real Use Cases:**- Network monitoring that diagnosed an overheating router fan from a screenshot- Email sorted by "easiest to hardest" instead of chronological- Date night tracking with restaurant and wine pairing suggestions- Organized 51 wine bottles via photos into ASCII grid layout- Newsletter reduced from 4 hours to 30 minutes while preserving human writing**Costs:** $20/month plan lasted 20 minutes. Now at $200/month. One Thanksgiving week hit $1,500 in overages during heavy development.**Philosophy:** "Modest YOLO" approach—autonomous but controlled. AI enhances human work, doesn't replace it. The system can modify itself: type "add a button," refresh, it works.**Open Source:**- **Kuato**: Session search for Claude Code- **Smaug**: Twitter bookmark archiver with AI analysis- **Andy Timeline**: Auto-generated weekly narrative of the AI's evolution## Event**Big Philly Meetup Mashup** - March 15, 2026Hackathon for Philadelphia's tech and creative communities. Theme: "Good Neighbors." Sponsored by Supabase.https://indyhall.org/goodneighbors/## Links**Alex Hillman**YouTube: https://www.youtube.com/@AlexHillman | Website: https://dangerouslyawesome.com | GitHub: https://github.com/alexknowshtml**Open Source Projects**Kuato: https://github.com/alexknowshtml/kuato | Smaug: https://github.com/alexknowshtml/smaug | Andy Timeline: https://github.com/alexknowshtml/andy-timeline**Tools & Resources**Indy Hall: https://indyhall.org | Claude Code: https://claude.com/product/claude-code | OpenClaw: https://openclaw.ai | Brian Casel: https://www.youtube.com/@briancasel | Termius: https://termius.com | Point-Free: https://www.pointfree.co/the-way**PhillyCocoa:** http://phillycocoa.orgIntro music: "When I Hit the Floor", © 2021 Lorne Behrman. Used with permission of the artist.

Emmanuel et Guillaume discutent de divers sujets liés à la programmation, notamment les systèmes de fichiers en Java, le Data Oriented Programming, les défis de JPA avec Kotlin, et les nouvelles fonctionnalités de Quarkus. Ils explorent également des sujets un peu fous comme la création de datacenters dans l'espace. Pas mal d'architecture aussi. Enregistré le 13 février 2026 Téléchargement de l'épisode LesCastCodeurs-Episode-337.mp3 ou en vidéo sur YouTube. News Langages Comment implémenter un file system en Java https://foojay.io/today/bootstrapping-a-java-file-system/ Créer un système de fichiers Java personnalisé avec NIO.2 pour des usages variés (VCS, archives, systèmes distants). Évolution Java: java.io.File (1.0) -> NIO (1.4) -> NIO.2 (1.7) pour personnalisation via FileSystem. Recommander conception préalable; API Java est orientée POSIX. Composants clés à considérer: Conception URI (scheme unique, chemin). Gestion de l'arborescence (BD, métadonnées, efficacité). Stockage binaire (emplacement, chiffrement, versions). Minimum pour démarrer (4 composants): Implémenter Path (représente fichier/répertoire). Étendre FileSystem (instance du système). Étendre FileSystemProvider (moteur, enregistré par scheme). Enregistrer FileSystemProvider via META-INF/services. Étapes suivantes: Couche BD (arborescence), opérations répertoire/fichier de base, stockage, tests. Processus long et exigeant, mais gratifiant.   Un article de brian goetz sur le futur du data oriented programming en Java https://openjdk.org/projects/amber/design-notes/beyond-records Le projet Amber de Java introduit les "carrier classes", une évolution des records qui permet plus de flexibilité tout en gardant les avantages du pattern matching et de la reconstruction Les records imposent des contraintes strictes (immutabilité, représentation exacte de l'état) qui limitent leur usage pour des classes avec état muable ou dérivé Les carrier classes permettent de déclarer une state description complète et canonique sans imposer que la représentation interne corresponde exactement à l'API publique Le modificateur "component" sur les champs permet au compilateur de dériver automatiquement les accesseurs pour les composants alignés avec la state description Les compact constructors sont généralisés aux carrier classes, générant automatiquement l'initialisation des component fields Les carrier classes supportent la déconstruction via pattern matching comme les records, rendant possible leur usage dans les instanceof et switch Les carrier interfaces permettent de définir une state description sur une interface, obligeant les implémentations à fournir les accesseurs correspondants L'extension entre carrier classes est possible, avec dérivation automatique des appels super() quand les composants parent sont subsumés par l'enfant Les records deviennent un cas particulier de carrier classes avec des contraintes supplémentaires (final, extends Record, component fields privés et finaux obligatoires) L'évolution compatible des records est améliorée en permettant l'ajout de composants en fin de liste et la déconstruction partielle par préfixe Comment éviter les pièges courants avec JPA et Kotlin - https://blog.jetbrains.com/idea/2026/01/how-to-avoid-common-pitfalls-with-jpa-and-kotlin/ JPA est une spécification Java pour la persistance objet-relationnel, mais son utilisation avec Kotlin présente des incompatibilités dues aux différences de conception des deux langages Les classes Kotlin sont finales par défaut, ce qui empêche la création de proxies par JPA pour le lazy loading et les opérations transactionnelles Le plugin kotlin-jpa génère automatiquement des constructeurs sans argument et rend les classes open, résolvant les problèmes de compatibilité Les data classes Kotlin ne sont pas adaptées aux entités JPA car elles génèrent equals/hashCode basés sur tous les champs, causant des problèmes avec les relations lazy L'utilisation de lateinit var pour les relations peut provoquer des exceptions si on accède aux propriétés avant leur initialisation par JPA Les types non-nullables Kotlin peuvent entrer en conflit avec le comportement de JPA qui initialise les entités avec des valeurs null temporaires Le backing field direct dans les getters/setters personnalisés peut contourner la logique de JPA et casser le lazy loading IntelliJ IDEA 2024.3 introduit des inspections pour détecter automatiquement ces problèmes et propose des quick-fixes L'IDE détecte les entités finales, les data classes inappropriées, les problèmes de constructeurs et l'usage incorrect de lateinit Ces nouvelles fonctionnalités aident les développeurs à éviter les bugs subtils liés à l'utilisation de JPA avec Kotlin Librairies Guide sur MapStruct @IterableMapping - https://www.baeldung.com/java-mapstruct-iterablemapping MapStruct est une bibliothèque Java pour générer automatiquement des mappers entre beans, l'annotation @IterableMapping permet de configurer finement le mapping de collections L'attribut dateFormat permet de formater automatiquement des dates lors du mapping de listes sans écrire de boucle manuelle L'attribut qualifiedByName permet de spécifier quelle méthode custom appliquer sur chaque élément de la collection à mapper Exemple d'usage : filtrer des données sensibles comme des mots de passe en mappant uniquement certains champs via une méthode dédiée L'attribut nullValueMappingStrategy permet de contrôler le comportement quand la collection source est null (retourner null ou une collection vide) L'annotation fonctionne pour tous types de collections Java (List, Set, etc.) et génère le code de boucle nécessaire Possibilité d'appliquer des formats numériques avec numberFormat pour convertir des nombres en chaînes avec un format spécifique MapStruct génère l'implémentation complète du mapper au moment de la compilation, éliminant le code boilerplate L'annotation peut être combinée avec @Named pour créer des méthodes de mapping réutilisables et nommées Le mapping des collections supporte les conversions de types complexes au-delà des simples conversions de types primitifs Accès aux fichiers Samba depuis Java avec JCIFS - https://www.baeldung.com/java-samba-jcifs JCIFS est une bibliothèque Java permettant d'accéder aux partages Samba/SMB sans monter de lecteur réseau, supportant le protocole SMB3 on pense aux galériens qui doivent se connecter aux systèmes dit legacy La configuration nécessite un contexte CIFS (CIFSContext) et des objets SmbFile pour représenter les ressources distantes L'authentification se fait via NtlmPasswordAuthenticator avec domaine, nom d'utilisateur et mot de passe La bibliothèque permet de lister les fichiers et dossiers avec listFiles() et vérifier leurs propriétés (taille, date de modification) Création de fichiers avec createNewFile() et de dossiers avec mkdir() ou mkdirs() pour créer toute une arborescence Suppression via delete() qui peut parcourir et supprimer récursivement des arborescences entières Copie de fichiers entre partages Samba avec copyTo(), mais impossibilité de copier depuis le système de fichiers local Pour copier depuis le système local, utilisation des streams SmbFileInputStream et SmbFileOutputStream Les opérations peuvent cibler différents serveurs Samba et différents partages (anonymes ou protégés par mot de passe) La bibliothèque s'intègre dans des blocs try-with-resources pour une gestion automatique des ressources Quarkus 3.31 - Support complet Java 25, nouveau packaging Maven et Panache Next - https://quarkus.io/blog/quarkus-3-31-released/ Support complet de Java 25 avec images runtime et native Nouveau packaging Maven de type quarkus avec lifecycle optimisé pour des builds plus rapides voici un article complet pour plus de detail https://quarkus.io/blog/building-large-applications/ Introduction de Panache Next, nouvelle génération avec meilleure expérience développeur et API unifiée ORM/Reactive Mise à jour vers Hibernate ORM 7.2, Reactive 3.2, Search 8.2 Support de Hibernate Spatial pour les données géospatiales Passage à Testcontainers 2 et JUnit 6 Annotations de sécurité supportées sur les repositories Jakarta Data Chiffrement des tokens OIDC pour les implémentations custom TokenStateManager Support OAuth 2.0 Pushed Authorization Requests dans l'extension OIDC Maven 3.9 maintenant requis minimum pour les projets Quarkus A2A Java SDK 1.0.0.Alpha1 - Alignement avec la spécification 1.0 du protocole Agent2Agent - https://quarkus.io/blog/a2a-java-sdk-1-0-0-alpha1/ Le SDK Java A2A implémente le protocole Agent2Agent qui permet la communication standardisée entre agents IA pour découvrir des capacités, déléguer des tâches et collaborer Passage à la version 1.0 de la spécification marque la transition d'expérimental à production-ready avec des changements cassants assumés Modernisation complète du module spec avec des Java records partout remplaçant le mix précédent de classes et records pour plus de cohérence Adoption de Protocol Buffers comme source de vérité avec des mappers MapStruct pour la conversion et Gson pour JSON-RPC Les builders utilisent maintenant des méthodes factory statiques au lieu de constructeurs publics suivant les best practices Java modernes Introduction de trois BOMs Maven pour simplifier la gestion des dépendances du SDK core, des extensions et des implémentations de référence Quarkus AgentCard évolue avec une liste supportedInterfaces remplaçant url et preferredTransport pour plus de flexibilité dans la déclaration des protocoles Support de la pagination ajouté pour ListTasks et les endpoints de configuration des notifications push avec des wrappers Result appropriés Interface A2AHttpClient pluggable permettant des implémentations HTTP personnalisées avec une implémentation Vert.x fournie Travail continu vers la conformité complète avec le TCK 1.0 en cours de développement parallèlement à la finalisation de la spécification Pourquoi Quarkus finit par "cliquer" : les 10 questions que se posent les développeurs Java - https://www.the-main-thread.com/p/quarkus-java-developers-top-questions-2025 un article qui revele et repond aux questions des gens qui ont utilisé Quarkus depuis 4-6 mois, les non noob questions Quarkus est un framework Java moderne optimisé pour le cloud qui propose des temps de démarrage ultra-rapides et une empreinte mémoire réduite Pourquoi Quarkus démarre si vite ? Le framework effectue le travail lourd au moment du build (scanning, indexation, génération de bytecode) plutôt qu'au runtime Quand utiliser le mode réactif plutôt qu'impératif ? Le réactif est pertinent pour les workloads avec haute concurrence et dominance I/O, l'impératif reste plus simple dans les autres cas Quelle est la différence entre Dev Services et Testcontainers ? Dev Services utilise Testcontainers en gérant automatiquement le cycle de vie, les ports et la configuration sans cérémonie Comment la DI de Quarkus diffère de Spring ? CDI est un standard basé sur la sécurité des types et la découverte au build-time, différent de l'approche framework de Spring Comment gérer la configuration entre environnements ? Quarkus permet de scaler depuis le développement local jusqu'à Kubernetes avec des profils, fichiers multiples et configuration externe Comment tester correctement les applications Quarkus ? @QuarkusTest démarre l'application une fois pour toute la suite de tests, changeant le modèle mental par rapport à Spring Boot Que fait vraiment Panache en coulisses ? Panache est du JPA avec des opinions fortes et des défauts propres, enveloppant Hibernate avec un style Active Record Doit-on utiliser les images natives et quand ? Les images natives brillent pour le serverless et l'edge grâce au démarrage rapide et la faible empreinte mémoire, mais tous les apps n'en bénéficient pas Comment Quarkus s'intègre avec Kubernetes ? Le framework génère automatiquement les ressources Kubernetes, gère les health checks et métriques comme s'il était nativement conçu pour cet écosystème Comment intégrer l'IA dans une application Quarkus ? LangChain4j permet d'ajouter embeddings, retrieval, guardrails et observabilité directement en Java sans passer par Python Infrastructure Les alternatives à MinIO https://rmoff.net/2026/01/14/alternatives-to-minio-for-single-node-local-s3/ MinIO a abandonné le support single-node fin 2025 pour des raisons commerciales, cassant de nombreuses démos et pipelines CI/CD qui l'utilisaient pour émuler S3 localement L'auteur cherche un remplacement simple avec image Docker, compatibilité S3, licence open source, déploiement mono-nœud facile et communauté active S3Proxy est très léger et facile à configurer, semble être l'option la plus simple mais repose sur un seul contributeur RustFS est facile à utiliser et inclut une GUI, mais c'est un projet très récent en version alpha avec une faille de sécurité majeure récente SeaweedFS existe depuis 2012 avec support S3 depuis 2018, relativement facile à configurer et dispose d'une interface web basique Zenko CloudServer remplace facilement MinIO mais la documentation et le branding (cloudserver/zenko/scality) peuvent prêter à confusion Garage nécessite une configuration complexe avec fichier TOML et conteneur d'initialisation séparé, pas un simple remplacement drop-in Apache Ozone requiert au minimum quatre nœuds pour fonctionner, beaucoup trop lourd pour un usage local simple L'auteur recommande SeaweedFS et S3Proxy comme remplaçants viables, RustFS en maybe, et élimine Garage et Ozone pour leur complexité Garage a une histoire tres associative, il vient du collectif https://deuxfleurs.fr/ qui offre un cloud distribué sans datacenter C'est certainement pas une bonne idée, les datacenters dans l'espace https://taranis.ie/datacenters-in-space-are-a-terrible-horrible-no-good-idea/ Avis d'expert (ex-NASA/Google, Dr en électronique spatiale) : Centres de données spatiaux, une "terrible" idée. Incompatibilité fondamentale : L'électronique (surtout IA/GPU) est inadaptée à l'environnement spatial. Énergie : Accès limité. Le solaire (type ISS) est insuffisant pour l'échelle de l'IA. Le nucléaire (RTG) est trop faible. Refroidissement : L'espace n'est pas "froid" ; absence de convection. Nécessite des radiateurs gigantesques (ex: 531m² pour 200kW). Radiations : Provoque erreurs (SEU, SEL) et dommages. Les GPU sont très vulnérables. Blindage lourd et inefficace. Les puces "durcies" sont très lentes. Communications : Bande passante très limitée (1Gbps radio vs 100Gbps terrestre). Le laser est tributaire des conditions atmosphériques. Conclusion : Projet extrêmement difficile, coûteux et aux performances médiocres. Data et Intelligence Artificielle Guillaume a développé un serveur MCP pour arXiv (le site de publication de papiers de recherche) en Java avec le framework Quarkus https://glaforge.dev/posts/2026/01/18/implementing-an-arxiv-mcp-server-with-quarkus-in-java/ Implémentation d'un serveur MCP (Model Context Protocol) arXiv en Java avec Quarkus. Objectif : Accéder aux publications arXiv et illustrer les fonctionnalités moins connues du protocole MCP. Mise en œuvre : Utilisation du framework Quarkus (Java) et son support MCP étendu. Assistance par Antigravity (IDE agentique) pour le développement et l'intégration de l'API arXiv. Interaction avec l'API arXiv : requêtes HTTP, format XML Atom pour les résultats, parser XML Jackson. Fonctionnalités MCP exposées : Outils (@Tool) : Recherche de publications (search_papers). Ressources (@Resource, @ResourceTemplate) : Taxonomie des catégories arXiv, métadonnées des articles (via un template d'URI). Prompts (@Prompt) : Exemples pour résumer des articles ou construire des requêtes de recherche. Configuration : Le serveur peut fonctionner en STDIO (local) ou via HTTP Streamable (local ou distant), avec une configuration simple dans des clients comme Gemini CLI. Conclusion : Quarkus simplifie la création de serveurs MCP riches en fonctionnalités, rendant les données et services "prêts pour l'IA" avec l'aide d'outils d'IA comme Antigravity. Anthropic ne mettra pas de pub dans Claude https://www.anthropic.com/news/claude-is-a-space-to-think c'est en reaction au plan non public d'OpenAi de mettre de la pub pour pousser les gens au mode payant OpenAI a besoin de cash et est probablement le plus utilisé pour gratuit au monde Anthropic annonce que Claude restera sans publicité pour préserver son rôle d'assistant conversationnel dédié au travail et à la réflexion approfondie. Les conversations avec Claude sont souvent sensibles, personnelles ou impliquent des tâches complexes d'ingénierie logicielle où les publicités seraient inappropriées. L'analyse des conversations montre qu'une part significative aborde des sujets délicats similaires à ceux évoqués avec un conseiller de confiance. Un modèle publicitaire créerait des incitations contradictoires avec le principe fondamental d'être "genuinely helpful" inscrit dans la Constitution de Claude. Les publicités introduiraient un conflit d'intérêt potentiel où les recommandations pourraient être influencées par des motivations commerciales plutôt que par l'intérêt de l'utilisateur. Le modèle économique d'Anthropic repose sur les contrats entreprise et les abonnements payants, permettant de réinvestir dans l'amélioration de Claude. Anthropic maintient l'accès gratuit avec des modèles de pointe et propose des tarifs réduits pour les ONG et l'éducation dans plus de 60 pays. Le commerce "agentique" sera supporté mais uniquement à l'initiative de l'utilisateur, jamais des annonceurs, pour préserver la confiance. Les intégrations tierces comme Figma, Asana ou Canva continueront d'être développées en gardant l'utilisateur aux commandes. Anthropic compare Claude à un cahier ou un tableau blanc : des espaces de pensée purs, sans publicité. Infinispan 16.1 est sorti https://infinispan.org/blog/2026/02/04/infinispan-16-1 déjà le nom de la release mérite une mention Le memory bounded par cache et par ensemble de cache s est pas facile à faire en Java Une nouvelle api OpenAPI AOT caché dans les images container Un serveur MCP local juste avec un fichier Java ? C'est possible avec LangChain4j et JBang https://glaforge.dev/posts/2026/02/11/zero-boilerplate-java-stdio-mcp-servers-with-langchain4j-and-jbang/ Création rapide de serveurs MCP Java sans boilerplate. MCP (Model Context Protocol): standard pour connecter les LLM à des outils et données. Le tutoriel répond au manque d'options simples pour les développeurs Java, face à une prédominance de Python/TypeScript dans l'écosystème MCP. La solution utilise: LangChain4j: qui intègre un nouveau module serveur MCP pour le protocole STDIO. JBang: permet d'exécuter des fichiers Java comme des scripts, éliminant les fichiers de build (pom.xml, Gradle). Implémentation: se fait via un seul fichier .java. JBang gère automatiquement les dépendances (//DEPS). L'annotation @Tool de LangChain4j expose les méthodes Java aux LLM. StdioMcpServerTransport gère la communication JSON-RPC via l'entrée/sortie standard (STDIO). Point crucial: Les logs doivent impérativement être redirigés vers System.err pour éviter de corrompre System.out, qui est réservé à la communication MCP (messages JSON-RPC). Facilite l'intégration locale avec des outils comme Gemini CLI, Claude Code, etc. Reciprocal Rank Fusion : un algorithme utile et souvent utilisé pour faire de la recherche hybride, pour mélanger du RAG et des recherches par mots-clé https://glaforge.dev/posts/2026/02/10/advanced-rag-understanding-reciprocal-rank-fusion-in-hybrid-search/ RAG : Qualité LLM dépend de la récupération. Recherche Hybride : Combiner vectoriel et mots-clés (BM25) est optimal. Défi : Fusionner des scores d'échelles différentes. Solution : Reciprocal Rank Fusion (RRF). RRF : Algorithme robuste qui fusionne des listes de résultats en se basant uniquement sur le rang des documents, ignorant les scores. Avantages RRF : Pas de normalisation de scores, scalable, excellente première étape de réorganisation. Architecture RAG fréquente : RRF (large sélection) + Cross-Encoder / modèle de reranking (précision fine). RAG-Fusion : Utilise un LLM pour générer plusieurs variantes de requête, puis RRF agrège tous les résultats pour renforcer le consensus et réduire les hallucinations. Implémentation : LangChain4j utilise RRF par défaut pour agréger les résultats de plusieurs retrievers. Les dernières fonctionnalités de Gemini et Nano Banana supportées dans LangChain4j https://glaforge.dev/posts/2026/02/06/latest-gemini-and-nano-banana-enhancements-in-langchain4j/ Nouveaux modèles d'images Nano Banana (Gemini 2.5/3.0) pour génération et édition (jusqu'à 4K). "Grounding" via Google Search (pour images et texte) et Google Maps (localisation, Gemini 2.5). Outil de contexte URL (Gemini 3.0) pour lecture directe de pages web. Agents multimodaux (AiServices) capables de générer des images. Configuration de la réflexion (profondeur Chain-of-Thought) pour Gemini 3.0. Métadonnées enrichies : usage des tokens et détails des sources de "grounding". Comment configurer Gemini CLI comment agent de code dans IntelliJ grâce au protocole ACP https://glaforge.dev/posts/2026/02/01/how-to-integrate-gemini-cli-with-intellij-idea-using-acp/ But : Intégrer Gemini CLI à IntelliJ IDEA via l'Agent Client Protocol (ACP). Prérequis : IntelliJ IDEA 2025.3+, Node.js (v20+), Gemini CLI. Étapes : Installer Gemini CLI (npm install -g @google/gemini-cli). Localiser l'exécutable gemini. Configurer ~/.jetbrains/acp.json (chemin exécutable, --experimental-acp, use_idea_mcp: true). Redémarrer IDEA, sélectionner "Gemini CLI" dans l'Assistant IA. Usage : Gemini interagit avec le code et exécute des commandes (contexte projet). Important : S'assurer du flag --experimental-acp dans la configuration. Outillage PipeNet, une alternative (open source aussi) à LocalTunnel, mais un plus évoluée https://pipenet.dev/ pipenet: Alternative open-source et moderne à localtunnel (client + serveur). Usages: Développement local (partage, webhooks), intégration SDK, auto-hébergement sécurisé. Fonctionnalités: Client (expose ports locaux, sous-domaines), Serveur (déploiement, domaines personnalisés, optimisé cloud mono-port). Avantages vs localtunnel: Déploiement cloud sur un seul port, support multi-domaines, TypeScript/ESM, maintenance active. Protocoles: HTTP/S, WebSocket, SSE, HTTP Streaming. Intégration: CLI ou SDK JavaScript. JSON-IO — une librairie comme Jackson ou GSON, supportant JSON5, TOON, et qui pourrait être utile pour l'utilisation du "structured output" des LLMs quand ils ne produisent pas du JSON parfait https://github.com/jdereg/json-io json-io : Librairie Java pour la sérialisation et désérialisation JSON/TOON. Gère les graphes d'objets complexes, les références cycliques et les types polymorphes. Support complet JSON5 (lecture et écriture), y compris des fonctionnalités non prises en charge par Jackson/Gson. Format TOON : Notation orientée token, optimisée pour les LLM, réduisant l'utilisation de tokens de 40 à 50% par rapport au JSON. Légère : Aucune dépendance externe (sauf java-util), taille de JAR réduite (~330K). Compatible JDK 1.8 à 24, ainsi qu'avec les environnements JPMS et OSGi. Deux modes de conversion : vers des objets Java typés (toJava()) ou vers des Map (toMaps()). Options de configuration étendues via ReadOptionsBuilder et WriteOptionsBuilder. Optimisée pour les déploiements cloud natifs et les architectures de microservices. Utiliser mailpit et testcontainer pour tester vos envois d'emails https://foojay.io/today/testing-emails-with-testcontainers-and-mailpit/ l'article montre via SpringBoot et sans. Et voici l'extension Quarkus https://quarkus.io/extensions/io.quarkiverse.mailpit/quarkus-mailpit/?tab=docs Tester l'envoi d'emails en développement est complexe car on ne peut pas utiliser de vrais serveurs SMTP Mailpit est un serveur SMTP de test qui capture les emails et propose une interface web pour les consulter Testcontainers permet de démarrer Mailpit dans un conteneur Docker pour les tests d'intégration L'article montre comment configurer une application SpringBoot pour envoyer des emails via JavaMail Un module Testcontainers dédié à Mailpit facilite son intégration dans les tests Le conteneur Mailpit expose un port SMTP (1025) et une API HTTP (8025) pour vérifier les emails reçus Les tests peuvent interroger l'API HTTP de Mailpit pour valider le contenu des emails envoyés Cette approche évite d'utiliser des mocks et teste réellement l'envoi d'emails Mailpit peut aussi servir en développement local pour visualiser les emails sans les envoyer réellement La solution fonctionne avec n'importe quel framework Java supportant JavaMail Architecture Comment scaler un système de 0 à 10 millions d'utilisateurs https://blog.algomaster.io/p/scaling-a-system-from-0-to-10-million-users Philosophie : Scalabilité incrémentale, résoudre les goulots d'étranglement sans sur-ingénierie. 0-100 utilisateurs : Serveur unique (app, DB, jobs). 100-1K : Séparer app et DB (services gérés, pooling). 1K-10K : Équilibreur de charge, multi-serveurs d'app (stateless via sessions partagées). 10K-100K : Caching, réplicas de lecture DB, CDN (réduire charge DB). 100K-500K : Auto-scaling, applications stateless (authentification JWT). 500K-10M : Sharding DB, microservices, files de messages (traitement asynchrone). 10M+ : Déploiement multi-régions, CQRS, persistance polyglotte, infra personnalisée. Principes clés : Simplicité, mesure, stateless essentiel, cache/asynchrone, sharding prudent, compromis (CAP), coût de la complexité. Patterns d'Architecture 2026 - Du Hype à la Réalité du Terrain (Part 1/2) - https://blog.ippon.fr/2026/01/30/patterns-darchitecture-2026-part-1/ L'article présente quatre patterns d'architecture logicielle pour répondre aux enjeux de scalabilité, résilience et agilité business dans les systèmes modernes Il présentent leurs raisons et leurs pièges Un bon rappel L'Event-Driven Architecture permet une communication asynchrone entre systèmes via des événements publiés et consommés, évitant le couplage direct Les bénéfices de l'EDA incluent la scalabilité indépendante des composants, la résilience face aux pannes et l'ajout facile de nouveaux cas d'usage Le pattern API-First associé à un API Gateway centralise la sécurité, le routage et l'observabilité des APIs avec un catalogue unifié Le Backend for Frontend crée des APIs spécifiques par canal (mobile, web, partenaires) pour optimiser l'expérience utilisateur CQRS sépare les modèles de lecture et d'écriture avec des bases optimisées distinctes, tandis que l'Event Sourcing stocke tous les événements plutôt que l'état actuel Le Saga Pattern gère les transactions distribuées via orchestration centralisée ou chorégraphie événementielle pour coordonner plusieurs microservices Les pièges courants incluent l'explosion d'événements granulaires, la complexité du debugging distribué, et la mauvaise gestion de la cohérence finale Les technologies phares sont Kafka pour l'event streaming, Kong pour l'API Gateway, EventStoreDB pour l'Event Sourcing et Temporal pour les Sagas Ces patterns nécessitent une maturité technique et ne sont pas adaptés aux applications CRUD simples ou aux équipes junior Patterns d'architecture 2026 : du hype à la réalité terrain part. 2 - https://blog.ippon.fr/2026/02/04/patterns-darchitecture-2026-part-2/ Deuxième partie d'un guide pratique sur les patterns d'architecture logicielle et système éprouvés pour moderniser et structurer les applications en 2026 Strangler Fig permet de migrer progressivement un système legacy en l'enveloppant petit à petit plutôt que de tout réécrire d'un coup (70% d'échec pour les big bang) Anti-Corruption Layer protège votre nouveau domaine métier des modèles externes et legacy en créant une couche de traduction entre les systèmes Service Mesh gère automatiquement la communication inter-services dans les architectures microservices (sécurité mTLS, observabilité, résilience) Architecture Hexagonale sépare le coeur métier des détails techniques via des ports et adaptateurs pour améliorer la testabilité et l'évolutivité Chaque pattern est illustré par un cas client concret avec résultats mesurables et liste des pièges à éviter lors de l'implémentation Les technologies 2026 mentionnées incluent Istio, Linkerd pour service mesh, LaunchDarkly pour feature flags, NGINX et Kong pour API gateway Tableau comparatif final aide à choisir le bon pattern selon la complexité, le scope et le use case spécifique du projet L'article insiste sur une approche pragmatique : ne pas utiliser un pattern juste parce qu'il est moderne mais parce qu'il résout un problème réel Pour les systèmes simples type CRUD ou avec peu de services, ces patterns peuvent introduire une complexité inutile qu'il faut savoir éviter Méthodologies Le rêve récurrent de remplacer voire supprimer les développeurs https://www.caimito.net/en/blog/2025/12/07/the-recurring-dream-of-replacing-developers.html Depuis 1969, chaque décennie voit une tentative de réduire le besoin de développeurs (de COBOL, UML, visual builders… à IA). Motivation : frustration des dirigeants face aux délais et coûts de développement. La complexité logicielle est intrinsèque et intellectuelle, non pas une question d'outils. Chaque vague technologique apporte de la valeur mais ne supprime pas l'expertise humaine. L'IA assiste les développeurs, améliore l'efficacité, mais ne remplace ni le jugement ni la gestion de la complexité. La demande de logiciels excède l'offre car la contrainte majeure est la réflexion nécessaire pour gérer cette complexité. Pour les dirigeants : les outils rendent-ils nos développeurs plus efficaces sur les problèmes complexes et réduisent-ils les tâches répétitives ? Le "rêve" de remplacer les développeurs, irréalisable, est un moteur d'innovation créant des outils précieux. Comment creuser des sujets à l'ère de l'IA générative. Quid du partage et la curation de ces recherches ? https://glaforge.dev/posts/2026/02/04/researching-topics-in-the-age-of-ai-rock-solid-webhooks-case-study/ Recherche initiale de l'auteur sur les webhooks en 2019, processus long et manuel. L'IA (Deep Research, Gemini, NotebookLM) facilite désormais la recherche approfondie, l'exploration de sujets et le partage des résultats. L'IA a identifié et validé des pratiques clés pour des déploiements de webhooks résilients, en grande partie les mêmes que celles trouvées précédemment par l'auteur. Génération d'artefacts par l'IA : rapport détaillé, résumé concis, illustration sketchnote, et même une présentation (slide deck). Guillaume s'interroge sur le partage public de ces rapports de recherche générés par l'IA, tout en souhaitant éviter le "AI Slop". Loi, société et organisation Le logiciel menacé par le vibe coding https://www.techbuzz.ai/articles/we-built-a-monday-com-clone-in-under-an-hour-with-ai Deux journalistes de CNBC sans expérience de code ont créé un clone fonctionnel de Monday.com en moins de 60 minutes pour 5 à 15 dollars. L'expérience valide les craintes des investisseurs qui ont provoqué une baisse de 30% des actions des entreprises SaaS. L'IA a non seulement reproduit les fonctionnalités de base mais a aussi recherché Monday.com de manière autonome pour identifier et recréer ses fonctionnalités clés. Cette technique appelée "vibe-coding" permet aux non-développeurs de construire des applications via des instructions en anglais courant. Les entreprises les plus vulnérables sont celles offrant des outils "qui se posent sur le travail" comme Atlassian, Adobe, HubSpot, Zendesk et Smartsheet. Les entreprises de cybersécurité comme CrowdStrike et Palo Alto sont considérées plus protégées grâce aux effets de réseau et aux barrières réglementaires. Les systèmes d'enregistrement comme Salesforce restent plus difficiles à répliquer en raison de leur profondeur d'intégration et de données d'entreprise. Le coût de 5 à 15 dollars par construction permet aux entreprises de prototyper plusieurs solutions personnalisées pour moins cher qu'une seule licence Monday.com. L'expérience soulève des questions sur la pérennité du marché de 5 milliards de dollars des outils de gestion de projet face à l'IA générative. Conférences En complément de l'agenda des conférences de Aurélie Vache, il y a également le site https://javaconferences.org/ (fait par Brian Vermeer) avec toutes les conférences Java à venir ! La liste des conférences provenant de Developers Conferences Agenda/List par Aurélie Vache et contributeurs : 12-13 février 2026 : Touraine Tech #26 - Tours (France) 12-13 février 2026 : World Artificial Intelligence Cannes Festival - Cannes (France) 19 février 2026 : ObservabilityCON on the Road - Paris (France) 6 mars 2026 : WordCamp Nice 2026 - Nice (France) 18 mars 2026 : Jupyter Workshops: AI in Jupyter: Building Extensible AI Capabilities for Interactive Computing - Saint-Maur-des-Fossés (France) 18-19 mars 2026 : Agile Niort 2026 - Niort (France) 20 mars 2026 : Atlantique Day 2026 - Nantes (France) 26 mars 2026 : Data Days Lille - Lille (France) 26-27 mars 2026 : SymfonyLive Paris 2026 - Paris (France) 26-27 mars 2026 : REACT PARIS - Paris (France) 27-29 mars 2026 : Shift - Nantes (France) 31 mars 2026 : ParisTestConf - Paris (France) 31 mars 2026-1 avril 2026 : FlowCon France 2026 - Paris (France) 1 avril 2026 : AWS Summit Paris - Paris (France) 2 avril 2026 : Pragma Cannes 2026 - Cannes (France) 2-3 avril 2026 : Xen Spring Meetup 2026 - Grenoble (France) 7 avril 2026 : PyTorch Conference Europe - Paris (France) 9-10 avril 2026 : Android Makers by droidcon 2026 - Paris (France) 9-11 avril 2026 : Drupalcamp Grenoble 2026 - Grenoble (France) 16-17 avril 2026 : MiXiT 2026 - Lyon (France) 17-18 avril 2026 : Faiseuses du Web 5 - Dinan (France) 22-24 avril 2026 : Devoxx France 2026 - Paris (France) 23-25 avril 2026 : Devoxx Greece - Athens (Greece) 6-7 mai 2026 : Devoxx UK 2026 - London (UK) 12 mai 2026 : Lead Innovation Day - Leadership Edition - Paris (France) 19 mai 2026 : La Product Conf Paris 2026 - Paris (France) 21-22 mai 2026 : Flupa UX Days 2026 - Paris (France) 22 mai 2026 : AFUP Day 2026 Lille - Lille (France) 22 mai 2026 : AFUP Day 2026 Paris - Paris (France) 22 mai 2026 : AFUP Day 2026 Bordeaux - Bordeaux (France) 22 mai 2026 : AFUP Day 2026 Lyon - Lyon (France) 28 mai 2026 : DevCon 27 : I.A. & Vibe Coding - Paris (France) 28 mai 2026 : Cloud Toulouse 2026 - Toulouse (France) 29 mai 2026 : NG Baguette Conf 2026 - Paris (France) 29 mai 2026 : Agile Tour Strasbourg 2026 - Strasbourg (France) 2-3 juin 2026 : Agile Tour Rennes 2026 - Rennes (France) 2-3 juin 2026 : OW2Con - Paris-Châtillon (France) 3 juin 2026 : IA–NA - La Rochelle (France) 5 juin 2026 : TechReady - Nantes (France) 5 juin 2026 : Fork it! - Rouen - Rouen (France) 6 juin 2026 : Polycloud - Montpellier (France) 9 juin 2026 : JFTL - Montrouge (France) 9 juin 2026 : C: - Caen (France) 11-12 juin 2026 : DevQuest Niort - Niort (France) 11-12 juin 2026 : DevLille 2026 - Lille (France) 12 juin 2026 : Tech F'Est 2026 - Nancy (France) 16 juin 2026 : Mobilis In Mobile 2026 - Nantes (France) 17-19 juin 2026 : Devoxx Poland - Krakow (Poland) 17-20 juin 2026 : VivaTech - Paris (France) 18 juin 2026 : Tech'Work - Lyon (France) 22-26 juin 2026 : Galaxy Community Conference - Clermont-Ferrand (France) 24-25 juin 2026 : Agi'Lille 2026 - Lille (France) 24-26 juin 2026 : BreizhCamp 2026 - Rennes (France) 2 juillet 2026 : Azur Tech Summer 2026 - Valbonne (France) 2-3 juillet 2026 : Sunny Tech - Montpellier (France) 3 juillet 2026 : Agile Lyon 2026 - Lyon (France) 6-8 juillet 2026 : Riviera Dev - Sophia Antipolis (France) 2 août 2026 : 4th Tech Summit on Artificial Intelligence & Robotics - Paris (France) 20-22 août 2026 : 4th Tech Summit on AI & Robotics - Paris (France) & Online 4 septembre 2026 : JUG Summer Camp 2026 - La Rochelle (France) 17-18 septembre 2026 : API Platform Conference 2026 - Lille (France) 24 septembre 2026 : PlatformCon Live Day Paris 2026 - Paris (France) 1 octobre 2026 : WAX 2026 - Marseille (France) 1-2 octobre 2026 : Volcamp - Clermont-Ferrand (France) 5-9 octobre 2026 : Devoxx Belgium - Antwerp (Belgium) Nous contacter Pour réagir à cet épisode, venez discuter sur le groupe Google https://groups.google.com/group/lescastcodeurs Contactez-nous via X/twitter https://twitter.com/lescastcodeurs ou Bluesky https://bsky.app/profile/lescastcodeurs.com Faire un crowdcast ou une crowdquestion Soutenez Les Cast Codeurs sur Patreon https://www.patreon.com/LesCastCodeurs Tous les épisodes et toutes les infos sur https://lescastcodeurs.com/

AT&T's $2000 shell, ZFS Scrubs and Data Integrity, FFS Backups, FreeBSD Home Nas, and more. NOTES This episode of BSDNow is brought to you by Tarsnap and the BSDNow Patreon Headlines One too many words on AT&T's $2,000 Korn shell and other Usenet topics Understanding ZFS Scrubs and Data Integrity News Roundup FFS Backup FreeBSD: Home NAS, part 1 – configuring ZFS mirror (RAID1) 8 more parts! Beastie Bits The BSD Proposal UNIX Magic Poster Haiku OS Pulls In Updated Drivers From FreeBSD 15 FreeBSD 15.0 VNET Jails Call for NetBSD testing Tarsnap This weeks episode of BSDNow was sponsored by our friends at Tarsnap, the only secure online backup you can trust your data to. Even paranoids need backups. Feedback/Questions Gary - Links Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv Join us and other BSD Fans in our BSD Now Telegram channel

In this episode, hosts Lois Houston and Nikita Abraham take you inside how Oracle brings its industry-leading database technology directly to AWS customers.   Senior Principal OCI Instructor Susan Jang unpacks what the OCI child site is, how Exadata hardware is deployed inside AWS data centers, and how the ODB network enables secure, low-latency connections so your mission-critical workloads can run seamlessly alongside AWS services.   Susan also walks through the differences between Exadata Database Service and Autonomous Database, helping teams choose the right level of control and automation for their cloud databases.   Oracle Database@AWS Architect Professional: https://mylearn.oracle.com/ou/course/oracle-databaseaws-architect-professional/155574 Oracle University Learning Community: https://education.oracle.com/ou-community LinkedIn: https://www.linkedin.com/showcase/oracle-university/ X: https://x.com/Oracle_Edu   Special thanks to Arijit Ghosh, Anna Hulkower, Kris-Ann Nansen, Radhika Banka, and the OU Studio Team for helping us create this episode.   -------------------------------------------------------------   Episode Transcript:   00:00 Welcome to the Oracle University Podcast, the first stop on your cloud journey. During this series of informative podcasts, we'll bring you foundational training on the most popular Oracle technologies. Let's get started! 00:26 Nikita: Welcome to the Oracle University Podcast! I'm Nikita Abraham, Team Lead: Editorial Services with Oracle University, and with me is Lois Houston, Director of Communications and Adoption with Customer Success Services.  Lois: Hi there! Last week, we talked about multicloud and the partnerships Oracle has with Microsoft Azure, Google Cloud, and Amazon Web Services. If you missed that episode, do listen to it as it sets the foundation for today's discussion, which is going to be about Oracle Database@AWS.  00:59 Nikita: That's right. And we're joined by Susan Jang, a Senior Principal OCI Instructor. Susan, thanks for being here. To start us off, what is Oracle Database@AWS?  Susan: Oracle Database@AWS is a service that allows Oracle Exadata infrastructure that is managed by Oracle Cloud Infrastructure, or OCI, to run directly inside an AWS data center.   01:25 Lois: Susan, can you go through the key architecture components and networking relationships involved in this?    Susan: The AWS Cloud is the Amazon Web Service. It's a cloud computing platform. The AWS region is a distinct, isolated geographic location with multiple physically separated data center, also known as availability zone. The availability zone is really a physically isolated data center with its own independent power, cooling, and network connectivity.  When we speak of the AWS data center, it's a highly secured, specialized physical facility that houses the computing storage, the compute servers, the storage server, and the networking equipment. The VPC, the Virtual Private Cloud, is a logical, isolated virtual network.  The AWS ODB network is a private user-created network that connects the virtual private cloud network of Amazon resources with an Oracle Cloud Infrastructure Exadata system. This is all within an AWS data center. The AWS-ADB peering is really an established private network connection that's between the Oracle VPC, the Virtual Private Cloud, and the Oracle Database@AWS network. And that would be the ODB.  Within the AWS data center, you have something that you see called the child site. Now, an OCI child site is really a physical data center that is managed by Oracle within the AWS data center. It's a seamless extension of the Oracle Cloud Infrastructure. The site is hosting the Exadata infrastructure that's running the Oracle databases.  The Oracle Database@AWS service brings the power as well as the performance of an Oracle Exadata infrastructure that is managed by Oracle Cloud Infrastructure to run directly in an AWS data center.  03:57 Nikita: So essentially, Oracle Database@AWS lets you to run your mission-critical Oracle data load close to your AWS application, while keeping management simple. Susan, what advantages does Oracle Database@AWS bring to the table?  Susan: Oracle Database@AWS offers a powerful and flexible solution for running Oracle workloads natively within AWS. Oracle Database@AWS streamlines the process of moving your existing Oracle Database to AWS, making migration faster as well as easier.  You get direct, low latency connectivity between your application and Oracle databases, ensuring a high performance for your mission-critical workloads.   Billing, resource management, and operational tasks are unified, allowing you to manage everything through similar tools with reduce complexity. And finally, Oracle Database@AWS is designed to integrate smoothly with your AWS environments' workloads, making it so much easier to build, deploy, and scale your solutions.  05:15 Lois: You mentioned the OCI child site earlier. What part does it play in how Oracle Database@AWS works?   Susan: The OCI child site really gives you the capability to combine the physical proximity and resources of AWS with the logical management and the capability of Oracle Cloud Infrastructure. This integrated approach allows us to enable the ability for you to run and manage your Oracle databases seamlessly in your AWS environment while still leveraging the power of OCI, our Oracle Cloud Infrastructure.  06:03 Did you know that Oracle University offers free courses on Oracle Cloud Infrastructure for subscribers! Whether you're interested in multicloud, databases, networking, security, AI, or machine learning, there's something for everyone. So, what are you waiting for? Pick your topic and get started by visiting mylearn.oracle.com.   06:29 Nikita: Welcome back! Susan, I'm curious about the Exadata infrastructure inside AWS. What does that setup look like?  Susan: The Exadata Infrastructure consists of physical database, as well as storage servers. That is deployed-- the database and the storage servers are interconnected using a high-speed, low-latency network fiber, ensuring optimal performance and reliable data transfer.  Each of the database server runs one or more Virtual Machines, or VMs, as we refer to them, providing flexible compute resources for different workloads. You can create, as well as manage your virtual machine, your VM clusters in this infrastructure using various methods. Your AWS console, Command-Line Interface, CLI, or Application Program Interface, that's your API, giving you various options, several options for automating, as well as integrating your existing tools.  When you're creating your Exadata Infrastructure, there are a few things you need to define and set up. You need to define the total number of your database servers, the total number of your storage server, the model of your Exadata system, as well as the availability zone where all these resources will be deployed.  This architecture delivers a high-performance resiliency and flexible management capability for running your Oracle Database on AWS.  08:18 Lois: Susan, can you explain the network architecture for Oracle Database deployments on AWS?   Susan: The ODB network is an isolated network within the AWS that is designed specifically for Exadata deployments. It includes both the client, as well as the backup subnet, which are essential for securing and efficient database operations.  When you create your Exadata Infrastructure, you need to specify the ODB network as you need the connectivity. This network is mapped directly to the corresponding network in the OCI child site. This will enable seamless communication between AWS, as well as the Oracle Cloud Infrastructure.  The ODB network requires two separate CIDR ranges. And in addition, the client subnet is used for the Exadata VM cluster, providing connectivity for database operations. Well, you do also have another subnet. And that subnet is the backup subnet. And it's used to manage database backups of those VM cluster, ensuring not only data protection, but also data recovery.  Within your AWS region and availability zone, the ODB network contains these dedicated client, as well as backup subnet. It basically isolates the Exadata traffic for both the day-to-day access, and that would be for the client, as well as the backup operations, and that would be for the backup subnet. This network design supports secure, high performance, and connectivity in a reliable backup management of the Oracle Database deployments that is running on AWS.  10:23 Nikita: Since we're on the topic of networking, can you tell us about ODB peering within the Oracle Database architecture?  Susan: The ODB peering establishes a secure private connection between your AWS Virtual Private Cloud, your VPC, then the Oracle Database, the ODB network that contains your Exadata Infrastructure.  This connection makes it possible for application servers that's running in your VPC, such as your Amazon EC2 instances to access your Oracle databases that is being hosted on Exadata within your ODB network. You specify the ODB network when you set up your infrastructure, specifically the Exadata Infrastructure. This network includes dedicated client, as well as backup subnets for an efficient and secure connectivity.  If you wish to enable multiple VPCs to connect to the same ODB network and access the Oracle Database@AWS resources, you can leverage AWS Transit Gateways or even an AWS Cloud WAN for scalable and centralized connectivity.   The virtual private cloud contains your application server, and that's securely paired with the Oracle Database network, creating a seamless, high-performance path to your application to interact with your Oracle Database.  ODB peering simplifies the connectivity between the AWS application environments and the Oracle Exadata Infrastructure, thus supporting a flexible, high performance, and secure database access.  12:23 Lois: Now, before we close, can you compare two key databases that are available with Oracle Database@AWS: Oracle Exadata Database Service and Oracle Autonomous Database Service?  Susan: The Exadata Database Service offers a fully managed and dedicated infrastructure with operational monitoring that is handled by you, the customer. In contrast, the Autonomous Database is fully managed by Oracle, taking care of all the operational monitoring.  Exadata provides very high scalability though resources, such as disk and compute, must be sized manually. Where in the Autonomous Database, it offers high scalability through automatic elastic scaling. When we speak of performance, both service deliver strong results. Exadata offers ultra-low latency and Exadata-level performance, while the Autonomous Database delivers optimal performance with automation.  Both services provide high migration capability. Exadata offers full compatibility and the Autonomous Database includes a robust set of migration tools. When it comes to management, Exadata requires manual management and administration. And that's really in a way to provide you the ability to customize it in the manner you desire, making it meets your very specific business needs, especially your database needs.  In contrast, the Autonomous Database is fully managed by Oracle, including automated administration tasks, optimal self-tuning features to further reduce any management overhead. When we speak of the feature sets, the Exadata delivers a full suite of Oracle features, including the RAC application cluster, or the Real Application Cluster, RAC, whereas the Autonomous offers a complete feature set, but specifically that is designed for optimized Autonomous operations.  Finally, when we speak of integration, integration for both of this service integrates seamlessly with AWS service, such as your EC2, your network, the VPC, your policies, the Identity and Access Management, your IAM, the monitoring with your CloudWatch, and of course, your storage, your SC, ensuring a consistent experience within your AWS ecosystem.  15:21 Nikita: So, you could say that the Exadata Database Service is better for customers who want dedicated infrastructure with granular control, while the Autonomous Database is built for customers who want a fully automated experience. Thank you, Susan, for taking the time to talk to us about Oracle Database@AWS.  Lois: That's all we have for today. If you want to learn more about the topics we discussed, head over to mylearn.oracle.com and search for the Oracle Database@AWS Architect Professional course. In our next episode, we'll find out how to get started with the Oracle Database@AWS service. Until then, this is Lois Houston…  Nikita: And Nikita Abraham, signing off!  16:06 That's all for this episode of the Oracle University Podcast. If you enjoyed listening, please click Subscribe to get all the latest episodes. We'd also love it if you would take a moment to rate and review us on your podcast app. See you again on the next episode of the Oracle University Podcast.

In this episode of the Crazy Wisdom Podcast, host Stewart Alsop explores the complex world of context and knowledge graphs with guest Youssef Tharwat, the founder of NoodlBox who is building dot get for context. Their conversation spans from the philosophical nature of context and its crucial role in AI development, to the technical challenges of creating deterministic tools for software development. Tharwat explains how his product creates portable, versionable knowledge graphs from code repositories, leveraging the semantic relationships already present in programming languages to provide agents with better contextual understanding. They discuss the limitations of large context windows, the advantages of Rust for AI-assisted development, the recent Claude/Bun acquisition, and the broader geopolitical implications of the AI race between big tech companies and open-source alternatives. The conversation also touches on the sustainability of current AI business models and the potential for more efficient, locally-run solutions to challenge the dominance of compute-heavy approaches.For more information about NoodlBox and to join the beta, visit NoodlBox.io.Timestamps00:00 Stewart introduces Youssef Tharwat, founder of NoodlBox, building context management tools for programming05:00 Context as relevant information for reasoning; importance when hitting coding barriers10:00 Knowledge graphs enable semantic traversal through meaning vs keywords/files15:00 Deterministic vs probabilistic systems; why critical applications need 100% reliability20:00 CLI tool makes knowledge graphs portable, versionable artifacts with code repos25:00 Compiler front-ends, syntax trees, and Rust's superior feedback for AI-assisted coding30:00 Claude's Bun acquisition signals potential shift toward runtime compilation and graph-based context35:00 Open source vs proprietary models; user frustration with rate limits and subscription tactics40:00 Singularity path vs distributed sovereignty of developers building alternative architectures45:00 Global economics and why brute force compute isn't sustainable worldwide50:00 Corporate inefficiencies vs independent engineering; changing workplace dynamics55:00 February open beta for NoodlBox.io; vision for new development tool standardsKey Insights1. Context is semantic information that enables proper reasoning, and traditional LLM approaches miss the mark. Youssef defines context as the information you need to reason correctly about something. He argues that larger context windows don't scale because quality degrades with more input, similar to human cognitive limitations. This insight challenges the Silicon Valley approach of throwing more compute at the problem and suggests that semantic separation of information is more optimal than brute force methods.2. Code naturally contains semantic boundaries that can be modeled into knowledge graphs without LLM intervention. Unlike other domains where knowledge graphs require complex labeling, code already has inherent relationships like function calls, imports, and dependencies. Youssef leverages these existing semantic structures to automatically build knowledge graphs, making his approach deterministic rather than probabilistic. This provides the reliability that software development has historically required.3. Knowledge graphs can be made portable, versionable, and shareable as artifacts alongside code repositories. Youssef's vision treats context as a first-class citizen in version control, similar to how Git manages code. Each commit gets a knowledge graph snapshot, allowing developers to see conceptual changes over time and share semantic understanding with collaborators. This transforms context from an ephemeral concept into a concrete, manageable asset.4. The dependency problem in modern development can be solved through pre-indexed knowledge graphs of popular packages. Rather than agents struggling with outdated API documentation, Youssef pre-indexes popular npm packages into knowledge graphs that automatically integrate with developers' projects. This federated approach ensures agents understand exact APIs and current versions, eliminating common frustrations with deprecated methods and unclear documentation.5. Rust provides superior feedback loops for AI-assisted programming due to its explicit compiler constraints. Youssef rebuilt his tool multiple times in different languages, ultimately settling on Rust because its picky compiler provides constant feedback to LLMs about subtle issues. This creates a natural quality control mechanism that helps AI generate more reliable code, making Rust an ideal candidate for AI-assisted development workflows.6. The current AI landscape faces a fundamental tension between expensive centralized models and the need for global accessibility. The conversation reveals growing frustration with rate limiting and subscription costs from major providers like Claude and Google. Youssef believes something must fundamentally change because $200-300 monthly plans only serve a fraction of the world's developers, creating pressure for more efficient architectures and open alternatives.7. Deterministic tooling built on semantic understanding may provide a competitive advantage against probabilistic AI monopolies. While big tech companies pursue brute force scaling with massive data centers, Youssef's approach suggests that clever architecture using existing semantic structures could level the playing field. This represents a broader philosophical divide between the "singularity" path of infinite compute and the "disagreeably autistic engineer" path of elegant solutions that work locally and affordably.

From Palantir and Two Sigma to building Goodfire into the poster-child for actionable mechanistic interpretability, Mark Bissell (Member of Technical Staff) and Myra Deng (Head of Product) are trying to turn “peeking inside the model” into a repeatable production workflow by shipping APIs, landing real enterprise deployments, and now scaling the bet with a recent $150M Series B funding round at a $1.25B valuation.In this episode, we go far beyond the usual “SAEs are cool” take. We talk about Goodfire's core bet: that the AI lifecycle is still fundamentally broken because the only reliable control we have is data and we post-train, RLHF, and fine-tune by “slurping supervision through a straw,” hoping the model picks up the right behaviors while quietly absorbing the wrong ones. Goodfire's answer is to build a bi-directional interface between humans and models: read what's happening inside, edit it surgically, and eventually use interpretability during training so customization isn't just brute-force guesswork.Mark and Myra walk through what that looks like when you stop treating interpretability like a lab demo and start treating it like infrastructure: lightweight probes that add near-zero latency, token-level safety filters that can run at inference time, and interpretability workflows that survive messy constraints (multilingual inputs, synthetic→real transfer, regulated domains, no access to sensitive data). We also get a live window into what “frontier-scale interp” means operationally (i.e. steering a trillion-parameter model in real time by targeting internal features) plus why the same tooling generalizes cleanly from language models to genomics, medical imaging, and “pixel-space” world models.We discuss:* Myra + Mark's path: Palantir (health systems, forward-deployed engineering) → Goodfire early team; Two Sigma → Head of Product, translating frontier interpretability research into a platform and real-world deployments* What “interpretability” actually means in practice: not just post-hoc poking, but a broader “science of deep learning” approach across the full AI lifecycle (data curation → post-training → internal representations → model design)* Why post-training is the first big wedge: “surgical edits” for unintended behaviors likereward hacking, sycophancy, noise learned during customization plus the dream of targeted unlearning and bias removal without wrecking capabilities* SAEs vs probes in the real world: why SAE feature spaces sometimes underperform classifiers trained on raw activations for downstream detection tasks (hallucination, harmful intent, PII), and what that implies about “clean concept spaces”* Rakuten in production: deploying interpretability-based token-level PII detection at inference time to prevent routing private data to downstream providers plus the gnarly constraints: no training on real customer PII, synthetic→real transfer, English + Japanese, and tokenization quirks* Why interp can be operationally cheaper than LLM-judge guardrails: probes are lightweight, low-latency, and don't require hosting a second large model in the loop* Real-time steering at frontier scale: a demo of steering Kimi K2 (~1T params) live and finding features via SAE pipelines, auto-labeling via LLMs, and toggling a “Gen-Z slang” feature across multiple layers without breaking tool use* Hallucinations as an internal signal: the case that models have latent uncertainty / “user-pleasing” circuitry you can detect and potentially mitigate more directly than black-box methods* Steering vs prompting: the emerging view that activation steering and in-context learning are more closely connected than people think, including work mapping between the two (even for jailbreak-style behaviors)* Interpretability for science: using the same tooling across domains (genomics, medical imaging, materials) to debug spurious correlations and extract new knowledge up to and including early biomarker discovery work with major partners* World models + “pixel-space” interpretability: why vision/video models make concepts easier to see, how that accelerates the feedback loop, and why robotics/world-model partners are especially interesting design partners* The north star: moving from “data in, weights out” to intentional model design where experts can impart goals and constraints directly, not just via reward signals and brute-force post-training—Goodfire AI* Website: https://goodfire.ai* LinkedIn: https://www.linkedin.com/company/goodfire-ai/* X: https://x.com/GoodfireAIMyra Deng* Website: https://myradeng.com/* LinkedIn: https://www.linkedin.com/in/myra-deng/* X: https://x.com/myra_dengMark Bissell* LinkedIn: https://www.linkedin.com/in/mark-bissell/* X: https://x.com/MarkMBissellFull Video EpisodeTimestamps00:00:00 Introduction00:00:05 Introduction to the Latent Space Podcast and Guests from Goodfire00:00:29 What is Goodfire? Mission and Focus on Interpretability00:01:01 Goodfire's Practical Approach to Interpretability00:01:37 Goodfire's Series B Fundraise Announcement00:02:04 Backgrounds of Mark and Myra from Goodfire00:02:51 Team Structure and Roles at Goodfire00:05:13 What is Interpretability? Definitions and Techniques00:05:30 Understanding Errors00:07:29 Post-training vs. Pre-training Interpretability Applications00:08:51 Using Interpretability to Remove Unwanted Behaviors00:10:09 Grokking, Double Descent, and Generalization in Models00:10:15 404 Not Found Explained00:12:06 Subliminal Learning and Hidden Biases in Models00:14:07 How Goodfire Chooses Research Directions and Projects00:15:00 Troubleshooting Errors00:16:04 Limitations of SAEs and Probes in Interpretability00:18:14 Rakuten Case Study: Production Deployment of Interpretability00:20:45 Conclusion00:21:12 Efficiency Benefits of Interpretability Techniques00:21:26 Live Demo: Real-Time Steering in a Trillion Parameter Model00:25:15 How Steering Features are Identified and Labeled00:26:51 Detecting and Mitigating Hallucinations Using Interpretability00:31:20 Equivalence of Activation Steering and Prompting00:34:06 Comparing Steering with Fine-Tuning and LoRA Techniques00:36:04 Model Design and the Future of Intentional AI Development00:38:09 Getting Started in Mechinterp: Resources, Programs, and Open Problems00:40:51 Industry Applications and the Rise of Mechinterp in Practice00:41:39 Interpretability for Code Models and Real-World Usage00:43:07 Making Steering Useful for More Than Stylistic Edits00:46:17 Applying Interpretability to Healthcare and Scientific Discovery00:49:15 Why Interpretability is Crucial in High-Stakes Domains like Healthcare00:52:03 Call for Design Partners Across Domains00:54:18 Interest in World Models and Visual Interpretability00:57:22 Sci-Fi Inspiration: Ted Chiang and Interpretability01:00:14 Interpretability, Safety, and Alignment Perspectives01:04:27 Weak-to-Strong Generalization and Future Alignment Challenges01:05:38 Final Thoughts and Hiring/Collaboration Opportunities at GoodfireTranscriptShawn Wang [00:00:05]: So welcome to the Latent Space pod. We're back in the studio with our special MechInterp co-host, Vibhu. Welcome. Mochi, Mochi's special co-host. And Mochi, the mechanistic interpretability doggo. We have with us Mark and Myra from Goodfire. Welcome. Thanks for having us on. Maybe we can sort of introduce Goodfire and then introduce you guys. How do you introduce Goodfire today?Myra Deng [00:00:29]: Yeah, it's a great question. So Goodfire, we like to say, is an AI research lab that focuses on using interpretability to understand, learn from, and design AI models. And we really believe that interpretability will unlock the new generation, next frontier of safe and powerful AI models. That's our description right now, and I'm excited to dive more into the work we're doing to make that happen.Shawn Wang [00:00:55]: Yeah. And there's always like the official description. Is there an understatement? Is there an unofficial one that sort of resonates more with a different audience?Mark Bissell [00:01:01]: Well, being an AI research lab that's focused on interpretability, there's obviously a lot of people have a lot that they think about when they think of interpretability. And I think we have a pretty broad definition of what that means and the types of places that can be applied. And in particular, applying it in production scenarios, in high stakes industries, and really taking it sort of from the research world into the real world. Which, you know. It's a new field, so that hasn't been done all that much. And we're excited about actually seeing that sort of put into practice.Shawn Wang [00:01:37]: Yeah, I would say it wasn't too long ago that Anthopic was like still putting out like toy models or superposition and that kind of stuff. And I wouldn't have pegged it to be this far along. When you and I talked at NeurIPS, you were talking a little bit about your production use cases and your customers. And then not to bury the lead, today we're also announcing the fundraise, your Series B. $150 million. $150 million at a 1.25B valuation. Congrats, Unicorn.Mark Bissell [00:02:02]: Thank you. Yeah, no, things move fast.Shawn Wang [00:02:04]: We were talking to you in December and already some big updates since then. Let's dive, I guess, into a bit of your backgrounds as well. Mark, you were at Palantir working on health stuff, which is really interesting because the Goodfire has some interesting like health use cases. I don't know how related they are in practice.Mark Bissell [00:02:22]: Yeah, not super related, but I don't know. It was helpful context to know what it's like. Just to work. Just to work with health systems and generally in that domain. Yeah.Shawn Wang [00:02:32]: And Mara, you were at Two Sigma, which actually I was also at Two Sigma back in the day. Wow, nice.Myra Deng [00:02:37]: Did we overlap at all?Shawn Wang [00:02:38]: No, this is when I was briefly a software engineer before I became a sort of developer relations person. And now you're head of product. What are your sort of respective roles, just to introduce people to like what all gets done in Goodfire?Mark Bissell [00:02:51]: Yeah, prior to Goodfire, I was at Palantir for about three years as a forward deployed engineer, now a hot term. Wasn't always that way. And as a technical lead on the health care team and at Goodfire, I'm a member of the technical staff. And honestly, that I think is about as specific as like as as I could describe myself because I've worked on a range of things. And, you know, it's it's a fun time to be at a team that's still reasonably small. I think when I joined one of the first like ten employees, now we're above 40, but still, it looks like there's always a mix of research and engineering and product and all of the above. That needs to get done. And I think everyone across the team is, you know, pretty, pretty switch hitter in the roles they do. So I think you've seen some of the stuff that I worked on related to image models, which was sort of like a research demo. More recently, I've been working on our scientific discovery team with some of our life sciences partners, but then also building out our core platform for more of like flexing some of the kind of MLE and developer skills as well.Shawn Wang [00:03:53]: Very generalist. And you also had like a very like a founding engineer type role.Myra Deng [00:03:58]: Yeah, yeah.Shawn Wang [00:03:59]: So I also started as I still am a member of technical staff, did a wide range of things from the very beginning, including like finding our office space and all of this, which is we both we both visited when you had that open house thing. It was really nice.Myra Deng [00:04:13]: Thank you. Thank you. Yeah. Plug to come visit our office.Shawn Wang [00:04:15]: It looked like it was like 200 people. It has room for 200 people. But you guys are like 10.Myra Deng [00:04:22]: For a while, it was very empty. But yeah, like like Mark, I spend. A lot of my time as as head of product, I think product is a bit of a weird role these days, but a lot of it is thinking about how do we take our frontier research and really apply it to the most important real world problems and how does that then translate into a platform that's repeatable or a product and working across, you know, the engineering and research teams to make that happen and also communicating to the world? Like, what is interpretability? What is it used for? What is it good for? Why is it so important? All of these things are part of my day-to-day as well.Shawn Wang [00:05:01]: I love like what is things because that's a very crisp like starting point for people like coming to a field. They all do a fun thing. Vibhu, why don't you want to try tackling what is interpretability and then they can correct us.Vibhu Sapra [00:05:13]: Okay, great. So I think like one, just to kick off, it's a very interesting role to be head of product, right? Because you guys, at least as a lab, you're more of an applied interp lab, right? Which is pretty different than just normal interp, like a lot of background research. But yeah. You guys actually ship an API to try these things. You have Ember, you have products around it, which not many do. Okay. What is interp? So basically you're trying to have an understanding of what's going on in model, like in the model, in the internal. So different approaches to do that. You can do probing, SAEs, transcoders, all this stuff. But basically you have an, you have a hypothesis. You have something that you want to learn about what's happening in a model internals. And then you're trying to solve that from there. You can do stuff like you can, you know, you can do activation mapping. You can try to do steering. There's a lot of stuff that you can do, but the key question is, you know, from input to output, we want to have a better understanding of what's happening and, you know, how can we, how can we adjust what's happening on the model internals? How'd I do?Mark Bissell [00:06:12]: That was really good. I think that was great. I think it's also a, it's kind of a minefield of a, if you ask 50 people who quote unquote work in interp, like what is interpretability, you'll probably get 50 different answers. And. Yeah. To some extent also like where, where good fire sits in the space. I think that we're an AI research company above all else. And interpretability is a, is a set of methods that we think are really useful and worth kind of specializing in, in order to accomplish the goals we want to accomplish. But I think we also sort of see some of the goals as even more broader as, as almost like the science of deep learning and just taking a not black box approach to kind of any part of the like AI development life cycle, whether that. That means using interp for like data curation while you're training your model or for understanding what happened during post-training or for the, you know, understanding activations and sort of internal representations, what is in there semantically. And then a lot of sort of exciting updates that were, you know, are sort of also part of the, the fundraise around bringing interpretability to training, which I don't think has been done all that much before. A lot of this stuff is sort of post-talk poking at models as opposed to. To actually using this to intentionally design them.Shawn Wang [00:07:29]: Is this post-training or pre-training or is that not a useful.Myra Deng [00:07:33]: Currently focused on post-training, but there's no reason the techniques wouldn't also work in pre-training.Shawn Wang [00:07:38]: Yeah. It seems like it would be more active, applicable post-training because basically I'm thinking like rollouts or like, you know, having different variations of a model that you can tweak with the, with your steering. Yeah.Myra Deng [00:07:50]: And I think in a lot of the news that you've seen in, in, on like Twitter or whatever, you've seen a lot of unintended. Side effects come out of post-training processes, you know, overly sycophantic models or models that exhibit strange reward hacking behavior. I think these are like extreme examples. There's also, you know, very, uh, mundane, more mundane, like enterprise use cases where, you know, they try to customize or post-train a model to do something and it learns some noise or it doesn't appropriately learn the target task. And a big question that we've always had is like, how do you use your understanding of what the model knows and what it's doing to actually guide the learning process?Shawn Wang [00:08:26]: Yeah, I mean, uh, you know, just to anchor this for people, uh, one of the biggest controversies of last year was 4.0 GlazeGate. I've never heard of GlazeGate. I didn't know that was what it was called. The other one, they called it that on the blog post and I was like, well, how did OpenAI call it? Like officially use that term. And I'm like, that's funny, but like, yeah, I guess it's the pitch that if they had worked a good fire, they wouldn't have avoided it. Like, you know what I'm saying?Myra Deng [00:08:51]: I think so. Yeah. Yeah.Mark Bissell [00:08:53]: I think that's certainly one of the use cases. I think. Yeah. Yeah. I think the reason why post-training is a place where this makes a lot of sense is a lot of what we're talking about is surgical edits. You know, you want to be able to have expert feedback, very surgically change how your model is doing, whether that is, you know, removing a certain behavior that it has. So, you know, one of the things that we've been looking at or is, is another like common area where you would want to make a somewhat surgical edit is some of the models that have say political bias. Like you look at Quen or, um, R1 and they have sort of like this CCP bias.Shawn Wang [00:09:27]: Is there a CCP vector?Mark Bissell [00:09:29]: Well, there's, there are certainly internal, yeah. Parts of the representation space where you can sort of see where that lives. Yeah. Um, and you want to kind of, you know, extract that piece out.Shawn Wang [00:09:40]: Well, I always say, you know, whenever you find a vector, a fun exercise is just like, make it very negative to see what the opposite of CCP is.Mark Bissell [00:09:47]: The super America, bald eagles flying everywhere. But yeah. So in general, like lots of post-training tasks where you'd want to be able to, to do that. Whether it's unlearning a certain behavior or, you know, some of the other kind of cases where this comes up is, are you familiar with like the, the grokking behavior? I mean, I know the machine learning term of grokking.Shawn Wang [00:10:09]: Yeah.Mark Bissell [00:10:09]: Sort of this like double descent idea of, of having a model that is able to learn a generalizing, a generalizing solution, as opposed to even if memorization of some task would suffice, you want it to learn the more general way of doing a thing. And so, you know, another. A way that you can think about having surgical access to a model's internals would be learn from this data, but learn in the right way. If there are many possible, you know, ways to, to do that. Can make interp solve the double descent problem?Shawn Wang [00:10:41]: Depends, I guess, on how you. Okay. So I, I, I viewed that double descent as a problem because then you're like, well, if the loss curves level out, then you're done, but maybe you're not done. Right. Right. But like, if you actually can interpret what is a generalizing or what you're doing. What is, what is still changing, even though the loss is not changing, then maybe you, you can actually not view it as a double descent problem. And actually you're just sort of translating the space in which you view loss and like, and then you have a smooth curve. Yeah.Mark Bissell [00:11:11]: I think that's certainly like the domain of, of problems that we're, that we're looking to get.Shawn Wang [00:11:15]: Yeah. To me, like double descent is like the biggest thing to like ML research where like, if you believe in scaling, then you don't need, you need to know where to scale. And. But if you believe in double descent, then you don't, you don't believe in anything where like anything levels off, like.Vibhu Sapra [00:11:30]: I mean, also tendentially there's like, okay, when you talk about the China vector, right. There's the subliminal learning work. It was from the anthropic fellows program where basically you can have hidden biases in a model. And as you distill down or, you know, as you train on distilled data, those biases always show up, even if like you explicitly try to not train on them. So, you know, it's just like another use case of. Okay. If we can interpret what's happening in post-training, you know, can we clear some of this? Can we even determine what's there? Because yeah, it's just like some worrying research that's out there that shows, you know, we really don't know what's going on.Mark Bissell [00:12:06]: That is. Yeah. I think that's the biggest sentiment that we're sort of hoping to tackle. Nobody knows what's going on. Right. Like subliminal learning is just an insane concept when you think about it. Right. Train a model on not even the logits, literally the output text of a bunch of random numbers. And now your model loves owls. And you see behaviors like that, that are just, they defy, they defy intuition. And, and there are mathematical explanations that you can get into, but. I mean.Shawn Wang [00:12:34]: It feels so early days. Objectively, there are a sequence of numbers that are more owl-like than others. There, there should be.Mark Bissell [00:12:40]: According to, according to certain models. Right. It's interesting. I think it only applies to models that were initialized from the same starting Z. Usually, yes.Shawn Wang [00:12:49]: But I mean, I think that's a, that's a cheat code because there's not enough compute. But like if you believe in like platonic representation, like probably it will transfer across different models as well. Oh, you think so?Mark Bissell [00:13:00]: I think of it more as a statistical artifact of models initialized from the same seed sort of. There's something that is like path dependent from that seed that might cause certain overlaps in the latent space and then sort of doing this distillation. Yeah. Like it pushes it towards having certain other tendencies.Vibhu Sapra [00:13:24]: Got it. I think there's like a bunch of these open-ended questions, right? Like you can't train in new stuff during the RL phase, right? RL only reorganizes weights and you can only do stuff that's somewhat there in your base model. You're not learning new stuff. You're just reordering chains and stuff. But okay. My broader question is when you guys work at an interp lab, how do you decide what to work on and what's kind of the thought process? Right. Because we can ramble for hours. Okay. I want to know this. I want to know that. But like, how do you concretely like, you know, what's the workflow? Okay. There's like approaches towards solving a problem, right? I can try prompting. I can look at chain of thought. I can train probes, SAEs. But how do you determine, you know, like, okay, is this going anywhere? Like, do we have set stuff? Just, you know, if you can help me with all that. Yeah.Myra Deng [00:14:07]: It's a really good question. I feel like we've always at the very beginning of the company thought about like, let's go and try to learn what isn't working in machine learning today. Whether that's talking to customers or talking to researchers at other labs, trying to understand both where the frontier is going and where things are really not falling apart today. And then developing a perspective on how we can push the frontier using interpretability methods. And so, you know, even our chief scientist, Tom, spends a lot of time talking to customers and trying to understand what real world problems are and then taking that back and trying to apply the current state of the art to those problems and then seeing where they fall down basically. And then using those failures or those shortcomings to understand what hills to climb when it comes to interpretability research. So like on the fundamental side, for instance, when we have done some work applying SAEs and probes, we've encountered, you know, some shortcomings in SAEs that we found a little bit surprising. And so have gone back to the drawing board and done work on that. And then, you know, we've done some work on better foundational interpreter models. And a lot of our team's research is focused on what is the next evolution beyond SAEs, for instance. And then when it comes to like control and design of models, you know, we tried steering with our first API and realized that it still fell short of black box techniques like prompting or fine tuning. And so went back to the drawing board and we're like, how do we make that not the case and how do we improve it beyond that? And one of our researchers, Ekdeep, who just joined is actually Ekdeep and Atticus are like steering experts and have spent a lot of time trying to figure out like, what is the research that enables us to actually do this in a much more powerful, robust way? So yeah, the answer is like, look at real world problems, try to translate that into a research agenda and then like hill climb on both of those at the same time.Shawn Wang [00:16:04]: Yeah. Mark has the steering CLI demo queued up, which we're going to go into in a sec. But I always want to double click on when you drop hints, like we found some problems with SAEs. Okay. What are they? You know, and then we can go into the demo. Yeah.Myra Deng [00:16:19]: I mean, I'm curious if you have more thoughts here as well, because you've done it in the healthcare domain. But I think like, for instance, when we do things like trying to detect behaviors within models that are harmful or like behaviors that a user might not want to have in their model. So hallucinations, for instance, harmful intent, PII, all of these things. We first tried using SAE probes for a lot of these tasks. So taking the feature activation space from SAEs and then training classifiers on top of that, and then seeing how well we can detect the properties that we might want to detect in model behavior. And we've seen in many cases that probes just trained on raw activations seem to perform better than SAE probes, which is a bit surprising if you think that SAEs are actually also capturing the concepts that you would want to capture cleanly and more surgically. And so that is an interesting observation. I don't think that is like, I'm not down on SAEs at all. I think there are many, many things they're useful for, but we have definitely run into cases where I think the concept space described by SAEs is not as clean and accurate as we would expect it to be for actual like real world downstream performance metrics.Mark Bissell [00:17:34]: Fair enough. Yeah. It's the blessing and the curse of unsupervised methods where you get to peek into the AI's mind. But sometimes you wish that you saw other things when you walked inside there. Although in the PII instance, I think weren't an SAE based approach actually did prove to be the most generalizable?Myra Deng [00:17:53]: It did work well in the case that we published with Rakuten. And I think a lot of the reasons it worked well was because we had a noisier data set. And so actually the blessing of unsupervised learning is that we actually got to get more meaningful, generalizable signal from SAEs when the data was noisy. But in other cases where we've had like good data sets, it hasn't been the case.Shawn Wang [00:18:14]: And just because you named Rakuten and I don't know if we'll get it another chance, like what is the overall, like what is Rakuten's usage or production usage? Yeah.Myra Deng [00:18:25]: So they are using us to essentially guardrail and inference time monitor their language model usage and their agent usage to detect things like PII so that they don't route private user information.Myra Deng [00:18:41]: And so that's, you know, going through all of their user queries every day. And that's something that we deployed with them a few months ago. And now we are actually exploring very early partnerships, not just with Rakuten, but with other people around how we can help with potentially training and customization use cases as well. Yeah.Shawn Wang [00:19:03]: And for those who don't know, like it's Rakuten is like, I think number one or number two e-commerce store in Japan. Yes. Yeah.Mark Bissell [00:19:10]: And I think that use case actually highlights a lot of like what it looks like to deploy things in practice that you don't always think about when you're doing sort of research tasks. So when you think about some of the stuff that came up there that's more complex than your idealized version of a problem, they were encountering things like synthetic to real transfer of methods. So they couldn't train probes, classifiers, things like that on actual customer data of PII. So what they had to do is use synthetic data sets. And then hope that that transfer is out of domain to real data sets. And so we can evaluate performance on the real data sets, but not train on customer PII. So that right off the bat is like a big challenge. You have multilingual requirements. So this needed to work for both English and Japanese text. Japanese text has all sorts of quirks, including tokenization behaviors that caused lots of bugs that caused us to be pulling our hair out. And then also a lot of tasks you'll see. You might make simplifying assumptions if you're sort of treating it as like the easiest version of the problem to just sort of get like general results where maybe you say you're classifying a sentence to say, does this contain PII? But the need that Rakuten had was token level classification so that you could precisely scrub out the PII. So as we learned more about the problem, you're sort of speaking about what that looks like in practice. Yeah. A lot of assumptions end up breaking. And that was just one instance where you. A problem that seems simple right off the bat ends up being more complex as you keep diving into it.Vibhu Sapra [00:20:41]: Excellent. One of the things that's also interesting with Interp is a lot of these methods are very efficient, right? So where you're just looking at a model's internals itself compared to a separate like guardrail, LLM as a judge, a separate model. One, you have to host it. Two, there's like a whole latency. So if you use like a big model, you have a second call. Some of the work around like self detection of hallucination, it's also deployed for efficiency, right? So if you have someone like Rakuten doing it in production live, you know, that's just another thing people should consider.Mark Bissell [00:21:12]: Yeah. And something like a probe is super lightweight. Yeah. It's no extra latency really. Excellent.Shawn Wang [00:21:17]: You have the steering demos lined up. So we were just kind of see what you got. I don't, I don't actually know if this is like the latest, latest or like alpha thing.Mark Bissell [00:21:26]: No, this is a pretty hacky demo from from a presentation that someone else on the team recently gave. So this will give a sense for, for technology. So you can see the steering and action. Honestly, I think the biggest thing that this highlights is that as we've been growing as a company and taking on kind of more and more ambitious versions of interpretability related problems, a lot of that comes to scaling up in various different forms. And so here you're going to see steering on a 1 trillion parameter model. This is Kimi K2. And so it's sort of fun that in addition to the research challenges, there are engineering challenges that we're now tackling. Cause for any of this to be sort of useful in production, you need to be thinking about what it looks like when you're using these methods on frontier models as opposed to sort of like toy kind of model organisms. So yeah, this was thrown together hastily, pretty fragile behind the scenes, but I think it's quite a fun demo. So screen sharing is on. So I've got two terminal sessions pulled up here. On the left is a forked version that we have of the Kimi CLI that we've got running to point at our custom hosted Kimi model. And then on the right is a set up that will allow us to steer on certain concepts. So I should be able to chat with Kimi over here. Tell it hello. This is running locally. So the CLI is running locally, but the Kimi server is running back to the office. Well, hopefully should be, um, that's too much to run on that Mac. Yeah. I think it's, uh, it takes a full, like each 100 node. I think it's like, you can. You can run it on eight GPUs, eight 100. So, so yeah, Kimi's running. We can ask it a prompt. It's got a forked version of our, uh, of the SG line code base that we've been working on. So I'm going to tell it, Hey, this SG line code base is slow. I think there's a bug. Can you try to figure it out? There's a big code base, so it'll, it'll spend some time doing this. And then on the right here, I'm going to initialize in real time. Some steering. Let's see here.Mark Bissell [00:23:33]: searching for any. Bugs. Feature ID 43205.Shawn Wang [00:23:38]: Yeah.Mark Bissell [00:23:38]: 20, 30, 40. So let me, uh, this is basically a feature that we found that inside Kimi seems to cause it to speak in Gen Z slang. And so on the left, it's still sort of thinking normally it might take, I don't know, 15 seconds for this to kick in, but then we're going to start hopefully seeing him do this code base is massive for real. So we're going to start. We're going to start seeing Kimi transition as the steering kicks in from normal Kimi to Gen Z Kimi and both in its chain of thought and its actual outputs.Mark Bissell [00:24:19]: And interestingly, you can see, you know, it's still able to call tools, uh, and stuff. It's um, it's purely sort of it's it's demeanor. And there are other features that we found for interesting things like concision. So that's more of a practical one. You can make it more concise. Um, the types of programs, uh, programming languages that uses, but yeah, as we're seeing it come in. Pretty good. Outputs.Shawn Wang [00:24:43]: Scheduler code is actually wild.Vibhu Sapra [00:24:46]: Yo, this code is actually insane, bro.Vibhu Sapra [00:24:53]: What's the process of training in SAE on this, or, you know, how do you label features? I know you guys put out a pretty cool blog post about, um, finding this like autonomous interp. Um, something. Something about how agents for interp is different than like coding agents. I don't know while this is spewing up, but how, how do we find feature 43, two Oh five. Yeah.Mark Bissell [00:25:15]: So in this case, um, we, our platform that we've been building out for a long time now supports all the sort of classic out of the box interp techniques that you might want to have like SAE training, probing things of that kind, I'd say the techniques for like vanilla SAEs are pretty well established now where. You take your model that you're interpreting, run a whole bunch of data through it, gather activations, and then yeah, pretty straightforward pipeline to train an SAE. There are a lot of different varieties. There's top KSAEs, batch top KSAEs, um, normal ReLU SAEs. And then once you have your sparse features to your point, assigning labels to them to actually understand that this is a gen Z feature, that's actually where a lot of the kind of magic happens. Yeah. And the most basic standard technique is look at all of your d input data set examples that cause this feature to fire most highly. And then you can usually pick out a pattern. So for this feature, If I've run a diverse enough data set through my model feature 43, two Oh five. Probably tends to fire on all the tokens that sounds like gen Z slang. You know, that's the, that's the time of year to be like, Oh, I'm in this, I'm in this Um, and, um, so, you know, you could have a human go through all 43,000 concepts andVibhu Sapra [00:26:34]: And I've got to ask the basic question, you know, can we get examples where it hallucinates, pass it through, see what feature activates for hallucinations? Can I just, you know, turn hallucination down?Myra Deng [00:26:51]: Oh, wow. You really predicted a project we're already working on right now, which is detecting hallucinations using interpretability techniques. And this is interesting because hallucinations is something that's very hard to detect. And it's like a kind of a hairy problem and something that black box methods really struggle with. Whereas like Gen Z, you could always train a simple classifier to detect that hallucinations is harder. But we've seen that models internally have some... Awareness of like uncertainty or some sort of like user pleasing behavior that leads to hallucinatory behavior. And so, yeah, we have a project that's trying to detect that accurately. And then also working on mitigating the hallucinatory behavior in the model itself as well.Shawn Wang [00:27:39]: Yeah, I would say most people are still at the level of like, oh, I would just turn temperature to zero and that turns off hallucination. And I'm like, well, that's a fundamental misunderstanding of how this works. Yeah.Mark Bissell [00:27:51]: Although, so part of what I like about that question is you, there are SAE based approaches that might like help you get at that. But oftentimes the beauty of SAEs and like we said, the curse is that they're unsupervised. So when you have a behavior that you deliberately would like to remove, and that's more of like a supervised task, often it is better to use something like probes and specifically target the thing that you're interested in reducing as opposed to sort of like hoping that when you fragment the latent space, one of the vectors that pops out.Vibhu Sapra [00:28:20]: And as much as we're training an autoencoder to be sparse, we're not like for sure certain that, you know, we will get something that just correlates to hallucination. You'll probably split that up into 20 other things and who knows what they'll be.Mark Bissell [00:28:36]: Of course. Right. Yeah. So there's no sort of problems with like feature splitting and feature absorption. And then there's the off target effects, right? Ideally, you would want to be very precise where if you reduce the hallucination feature, suddenly maybe your model can't write. Creatively anymore. And maybe you don't like that, but you want to still stop it from hallucinating facts and figures.Shawn Wang [00:28:55]: Good. So Vibhu has a paper to recommend there that we'll put in the show notes. But yeah, I mean, I guess just because your demo is done, any any other things that you want to highlight or any other interesting features you want to show?Mark Bissell [00:29:07]: I don't think so. Yeah. Like I said, this is a pretty small snippet. I think the main sort of point here that I think is exciting is that there's not a whole lot of inter being applied to models quite at this scale. You know, Anthropic certainly has some some. Research and yeah, other other teams as well. But it's it's nice to see these techniques, you know, being put into practice. I think not that long ago, the idea of real time steering of a trillion parameter model would have sounded.Shawn Wang [00:29:33]: Yeah. The fact that it's real time, like you started the thing and then you edited the steering vector.Vibhu Sapra [00:29:38]: I think it's it's an interesting one TBD of what the actual like production use case would be on that, like the real time editing. It's like that's the fun part of the demo, right? You can kind of see how this could be served behind an API, right? Like, yes, you're you only have so many knobs and you can just tweak it a bit more. And I don't know how it plays in. Like people haven't done that much with like, how does this work with or without prompting? Right. How does this work with fine tuning? Like, there's a whole hype of continual learning, right? So there's just so much to see. Like, is this another parameter? Like, is it like parameter? We just kind of leave it as a default. We don't use it. So I don't know. Maybe someone here wants to put out a guide on like how to use this with prompting when to do what?Mark Bissell [00:30:18]: Oh, well, I have a paper recommendation. I think you would love from Act Deep on our team, who is an amazing researcher, just can't say enough amazing things about Act Deep. But he actually has a paper that as well as some others from the team and elsewhere that go into the essentially equivalence of activation steering and in context learning and how those are from a he thinks of everything in a cognitive neuroscience Bayesian framework, but basically how you can precisely show how. Prompting in context, learning and steering exhibit similar behaviors and even like get quantitative about the like magnitude of steering you would need to do to induce a certain amount of behavior similar to certain prompting, even for things like jailbreaks and stuff. It's a really cool paper. Are you saying steering is less powerful than prompting? More like you can almost write a formula that tells you how to convert between the two of them.Myra Deng [00:31:20]: And so like formally equivalent actually in the in the limit. Right.Mark Bissell [00:31:24]: So like one case study of this is for jailbreaks there. I don't know. Have you seen the stuff where you can do like many shot jailbreaking? You like flood the context with examples of the behavior. And the topic put out that paper.Shawn Wang [00:31:38]: A lot of people were like, yeah, we've been doing this, guys.Mark Bissell [00:31:40]: Like, yeah, what's in this in context learning and activation steering equivalence paper is you can like predict the number. Number of examples that you will need to put in there in order to jailbreak the model. That's cool. By doing steering experiments and using this sort of like equivalence mapping. That's cool. That's really cool. It's very neat. Yeah.Shawn Wang [00:32:02]: I was going to say, like, you know, I can like back rationalize that this makes sense because, you know, what context is, is basically just, you know, it updates the KV cache kind of and like and then every next token inference is still like, you know, the sheer sum of everything all the way. It's plus all the context. It's up to date. And you could, I guess, theoretically steer that with you probably replace that with your steering. The only problem is steering typically is on one layer, maybe three layers like like you did. So it's like not exactly equivalent.Mark Bissell [00:32:33]: Right, right. There's sort of you need to get precise about, yeah, like how you sort of define steering and like what how you're modeling the setup. But yeah, I've got the paper pulled up here. Belief dynamics reveal the dual nature. Yeah. The title is Belief Dynamics Reveal the Dual Nature of Incompetence. And it's an exhibition of the practical context learning and activation steering. So Eric Bigelow, Dan Urgraft on the who are doing fellowships at Goodfire, Ekt Deep's the final author there.Myra Deng [00:32:59]: I think actually to your question of like, what is the production use case of steering? I think maybe if you just think like one level beyond steering as it is today. Like imagine if you could adapt your model to be, you know, an expert legal reasoner. Like in almost real time, like very quickly. efficiently using human feedback or using like your semantic understanding of what the model knows and where it knows that behavior. I think that while it's not clear what the product is at the end of the day, it's clearly very valuable. Thinking about like what's the next interface for model customization and adaptation is a really interesting problem for us. Like we have heard a lot of people actually interested in fine-tuning an RL for open weight models in production. And so people are using things like Tinker or kind of like open source libraries to do that, but it's still very difficult to get models fine-tuned and RL'd for exactly what you want them to do unless you're an expert at model training. And so that's like something we'reShawn Wang [00:34:06]: looking into. Yeah. I never thought so. Tinker from Thinking Machines famously uses rank one LoRa. Is that basically the same as steering? Like, you know, what's the comparison there?Mark Bissell [00:34:19]: Well, so in that case, you are still applying updates to the parameters, right?Shawn Wang [00:34:25]: Yeah. You're not touching a base model. You're touching an adapter. It's kind of, yeah.Mark Bissell [00:34:30]: Right. But I guess it still is like more in parameter space then. I guess it's maybe like, are you modifying the pipes or are you modifying the water flowing through the pipes to get what you're after? Yeah. Just maybe one way.Mark Bissell [00:34:44]: I like that analogy. That's my mental map of it at least, but it gets at this idea of model design and intentional design, which is something that we're, that we're very focused on. And just the fact that like, I hope that we look back at how we're currently training models and post-training models and just think what a primitive way of doing that right now. Like there's no intentionalityShawn Wang [00:35:06]: really in... It's just data, right? The only thing in control is what data we feed in.Mark Bissell [00:35:11]: So, so Dan from Goodfire likes to use this analogy of, you know, he has a couple of young kids and he talks about like, what if I could only teach my kids how to be good people by giving them cookies or like, you know, giving them a slap on the wrist if they do something wrong, like not telling them why it was wrong or like what they should have done differently or something like that. Just figure it out. Right. Exactly. So that's RL. Yeah. Right. And, and, you know, it's sample inefficient. There's, you know, what do they say? It's like slurping feedback. It's like, slurping supervision. Right. And so you'd like to get to the point where you can have experts giving feedback to their models that are, uh, internalized and, and, you know, steering is an inference time way of sort of getting that idea. But ideally you're moving to a world whereVibhu Sapra [00:36:04]: it is much more intentional design in perpetuity for these models. Okay. This is one of the questions we asked Emmanuel from Anthropic on the podcast a few months ago. Basically the question, was you're at a research lab that does model training, foundation models, and you're on an interp team. How does it tie back? Right? Like, does this, do ideas come from the pre-training team? Do they go back? Um, you know, so for those interested, you can, you can watch that. There wasn't too much of a connect there, but it's still something, you know, it's something they want toMark Bissell [00:36:33]: push for down the line. It can be useful for all of the above. Like there are certainly post-hocVibhu Sapra [00:36:39]: use cases where it doesn't need to touch that. I think the other thing a lot of people forget is this stuff isn't too computationally expensive, right? Like I would say, if you're interested in getting into research, MechInterp is one of the most approachable fields, right? A lot of this train an essay, train a probe, this stuff, like the budget for this one, there's already a lot done. There's a lot of open source work. You guys have done some too. Um, you know,Shawn Wang [00:37:04]: There's like notebooks from the Gemini team for Neil Nanda or like, this is how you do it. Just step through the notebook.Vibhu Sapra [00:37:09]: Even if you're like, not even technical with any of this, you can still make like progress. There, you can look at different activations, but, uh, if you do want to get into training, you know, training this stuff, correct me if I'm wrong is like in the thousands of dollars, not even like, it's not that high scale. And then same with like, you know, applying it, doing it for post-training or all this stuff is fairly cheap in scale of, okay. I want to get into like model training. I don't have compute for like, you know, pre-training stuff. So it's, it's a very nice field to get into. And also there's a lot of like open questions, right? Um, some of them have to go with, okay, I want a product. I want to solve this. Like there's also just a lot of open-ended stuff that people could work on. That's interesting. Right. I don't know if you guys have any calls for like, what's open questions, what's open work that you either open collaboration with, or like, you'd just like to see solved or just, you know, for people listening that want to get into McInturk because people always talk about it. What are, what are the things they should check out? Start, of course, you know, join you guys as well. I'm sure you're hiring.Myra Deng [00:38:09]: There's a paper, I think from, was it Lee, uh, Sharky? It's open problems and, uh, it's, it's a bit of interpretability, which I recommend everyone who's interested in the field. Read. I'm just like a really comprehensive overview of what are the things that experts in the field think are the most important problems to be solved. I also think to your point, it's been really, really inspiring to see, I think a lot of young people getting interested in interpretability, actually not just young people also like scientists to have been, you know, experts in physics for many years and in biology or things like this, um, transitioning into interp, because the barrier of, of what's now interp. So it's really cool to see a number to entry is, you know, in some ways low and there's a lot of information out there and ways to get started. There's this anecdote of like professors at universities saying that all of a sudden every incoming PhD student wants to study interpretability, which was not the case a few years ago. So it just goes to show how, I guess, like exciting the field is, how fast it's moving, how quick it is to get started and things like that.Mark Bissell [00:39:10]: And also just a very welcoming community. You know, there's an open source McInturk Slack channel. There are people are always posting questions and just folks in the space are always responsive if you ask things on various forums and stuff. But yeah, the open paper, open problems paper is a really good one.Myra Deng [00:39:28]: For other people who want to get started, I think, you know, MATS is a great program. What's the acronym for? Machine Learning and Alignment Theory Scholars? It's like the...Vibhu Sapra [00:39:40]: Normally summer internship style.Myra Deng [00:39:42]: Yeah, but they've been doing it year round now. And actually a lot of our full-time staff have come through that program or gone through that program. And it's great for anyone who is transitioning into interpretability. There's a couple other fellows programs. We do one as well as Anthropic. And so those are great places to get started if anyone is interested.Mark Bissell [00:40:03]: Also, I think been seen as a research field for a very long time. But I think engineering... I think engineers are sorely wanted for interpretability as well, especially at Goodfire, but elsewhere, as it does scale up.Shawn Wang [00:40:18]: I should mention that Lee actually works with you guys, right? And in the London office and I'm adding our first ever McInturk track at AI Europe because I see this industry applications now emerging. And I'm pretty excited to, you know, help push that along. Yeah, I was looking forward to that. It'll effectively be the first industry McInturk conference. Yeah. I'm so glad you added that. You know, it's still a little bit of a bet. It's not that widespread, but I can definitely see this is the time to really get into it. We want to be early on things.Mark Bissell [00:40:51]: For sure. And I think the field understands this, right? So at ICML, I think the title of the McInturk workshop this year was actionable interpretability. And there was a lot of discussion around bringing it to various domains. Everyone's adding pragmatic, actionable, whatever.Shawn Wang [00:41:10]: It's like, okay, well, we weren't actionable before, I guess. I don't know.Vibhu Sapra [00:41:13]: And I mean, like, just, you know, being in Europe, you see the Interp room. One, like old school conferences, like, I think they had a very tiny room till they got lucky and they got it doubled. But there's definitely a lot of interest, a lot of niche research. So you see a lot of research coming out of universities, students. We covered the paper last week. It's like two unknown authors, not many citations. But, you know, you can make a lot of meaningful work there. Yeah. Yeah. Yeah.Shawn Wang [00:41:39]: Yeah. I think people haven't really mentioned this yet. It's just Interp for code. I think it's like an abnormally important field. We haven't mentioned this yet. The conspiracy theory last two years ago was when the first SAE work came out of Anthropic was they would do like, oh, we just used SAEs to turn the bad code vector down and then turn up the good code. And I think like, isn't that the dream? Like, you know, like, but basically, I guess maybe, why is it funny? Like, it's... If it was realistic, it would not be funny. It would be like, no, actually, we should do this. But it's funny because we know there's like, we feel there's some limitations to what steering can do. And I think a lot of the public image of steering is like the Gen Z stuff. Like, oh, you can make it really love the Golden Gate Bridge, or you can make it speak like Gen Z. To like be a legal reasoner seems like a huge stretch. Yeah. And I don't know if that will get there this way. Yeah.Myra Deng [00:42:36]: I think, um, I will say we are announcing. Something very soon that I will not speak too much about. Um, but I think, yeah, this is like what we've run into again and again is like, we, we don't want to be in the world where steering is only useful for like stylistic things. That's definitely not, not what we're aiming for. But I think the types of interventions that you need to do to get to things like legal reasoning, um, are much more sophisticated and require breakthroughs in, in learning algorithms. And that's, um...Shawn Wang [00:43:07]: And is this an emergent property of scale as well?Myra Deng [00:43:10]: I think so. Yeah. I mean, I think scale definitely helps. I think scale allows you to learn a lot of information and, and reduce noise across, you know, large amounts of data. But I also think we think that there's ways to do things much more effectively, um, even, even at scale. So like actually learning exactly what you want from the data and not learning things that you do that you don't want exhibited in the data. So we're not like anti-scale, but we are also realizing that scale is not going to get us anywhere. It's not going to get us to the type of AI development that we want to be at in, in the future as these models get more powerful and get deployed in all these sorts of like mission critical contexts. Current life cycle of training and deploying and evaluations is, is to us like deeply broken and has opportunities to, to improve. So, um, more to come on that very, very soon.Mark Bissell [00:44:02]: And I think that that's a use basically, or maybe just like a proof point that these concepts do exist. Like if you can manipulate them in the precise best way, you can get the ideal combination of them that you desire. And steering is maybe the most coarse grained sort of peek at what that looks like. But I think it's evocative of what you could do if you had total surgical control over every concept, every parameter. Yeah, exactly.Myra Deng [00:44:30]: There were like bad code features. I've got it pulled up.Vibhu Sapra [00:44:33]: Yeah. Just coincidentally, as you guys are talking.Shawn Wang [00:44:35]: This is like, this is exactly.Vibhu Sapra [00:44:38]: There's like specifically a code error feature that activates and they show, you know, it's not, it's not typo detection. It's like, it's, it's typos in code. It's not typical typos. And, you know, you can, you can see it clearly activates where there's something wrong in code. And they have like malicious code, code error. They have a whole bunch of sub, you know, sub broken down little grain features. Yeah.Shawn Wang [00:45:02]: Yeah. So, so the, the rough intuition for me, the, why I talked about post-training was that, well, you just, you know, have a few different rollouts with all these things turned off and on and whatever. And then, you know, you can, that's, that's synthetic data you can kind of post-train on. Yeah.Vibhu Sapra [00:45:13]: And I think we make it sound easier than it is just saying, you know, they do the real hard work.Myra Deng [00:45:19]: I mean, you guys, you guys have the right idea. Exactly. Yeah. We replicated a lot of these features in, in our Lama models as well. I remember there was like.Vibhu Sapra [00:45:26]: And I think a lot of this stuff is open, right? Like, yeah, you guys opened yours. DeepMind has opened a lot of essays on Gemma. Even Anthropic has opened a lot of this. There's, there's a lot of resources that, you know, we can probably share of people that want to get involved.Shawn Wang [00:45:41]: Yeah. And special shout out to like Neuronpedia as well. Yes. Like, yeah, amazing piece of work to visualize those things.Myra Deng [00:45:49]: Yeah, exactly.Shawn Wang [00:45:50]: I guess I wanted to pivot a little bit on, onto the healthcare side, because I think that's a big use case for you guys. We haven't really talked about it yet. This is a bit of a crossover for me because we are, we are, we do have a separate science pod that we're starting up for AI, for AI for science, just because like, it's such a huge investment category and also I'm like less qualified to do it, but we actually have bio PhDs to cover that, which is great, but I need to just kind of recover, recap your work, maybe on the evil two stuff, but then, and then building forward.Mark Bissell [00:46:17]: Yeah, for sure. And maybe to frame up the conversation, I think another kind of interesting just lens on interpretability in general is a lot of the techniques that were described. are ways to solve the AI human interface problem. And it's sort of like bidirectional communication is the goal there. So what we've been talking about with intentional design of models and, you know, steering, but also more advanced techniques is having humans impart our desires and control into models and over models. And the reverse is also very interesting, especially as you get to superhuman models, whether that's narrow superintelligence, like these scientific models that work on genomics, data, medical imaging, things like that. But down the line, you know, superintelligence of other forms as well. What knowledge can the AIs teach us as sort of that, that the other direction in that? And so some of our life science work to date has been getting at exactly that question, which is, well, some of it does look like debugging these various life sciences models, understanding if they're actually performing well, on tasks, or if they're picking up on spurious correlations, for instance, genomics models, you would like to know whether they are sort of focusing on the biologically relevant things that you care about, or if it's using some simpler correlate, like the ancestry of the person that it's looking at. But then also in the instances where they are superhuman, and maybe they are understanding elements of the human genome that we don't have names for or specific, you know, yeah, discoveries that they've made that that we don't know about, that's, that's a big goal. And so we're already seeing that, right, we are partnered with organizations like Mayo Clinic, leading research health system in the United States, our Institute, as well as a startup called Prima Menta, which focuses on neurodegenerative disease. And in our partnership with them, we've used foundation models, they've been training and applied our interpretability techniques to find novel biomarkers for Alzheimer's disease. So I think this is just the tip of the iceberg. But it's, that's like a flavor of some of the things that we're working on.Shawn Wang [00:48:36]: Yeah, I think that's really fantastic. Obviously, we did the Chad Zuckerberg pod last year as well. And like, there's a plethora of these models coming out, because there's so much potential and research. And it's like, very interesting how it's basically the same as language models, but just with a different underlying data set. But it's like, it's the same exact techniques. Like, there's no change, basically.Mark Bissell [00:48:59]: Yeah. Well, and even in like other domains, right? Like, you know, robotics, I know, like a lot of the companies just use Gemma as like the like backbone, and then they like make it into a VLA that like takes these actions. It's, it's, it's transformers all the way down. So yeah.Vibhu Sapra [00:49:15]: Like we have Med Gemma now, right? Like this week, even there was Med Gemma 1.5. And they're training it on this stuff, like 3d scans, medical domain knowledge, and all that stuff, too. So there's a push from both sides. But I think the thing that, you know, one of the things about McInturpp is like, you're a little bit more cautious in some domains, right? So healthcare, mainly being one, like guardrails, understanding, you know, we're more risk adverse to something going wrong there. So even just from a basic understanding, like, if we're trusting these systems to make claims, we want to know why and what's going on.Myra Deng [00:49:51]: Yeah, I think there's totally a kind of like deployment bottleneck to actually using. foundation models for real patient usage or things like that. Like, say you're using a model for rare disease prediction, you probably want some explanation as to why your model predicted a certain outcome, and an interpretable explanation at that. So that's definitely a use case. But I also think like, being able to extract scientific information that no human knows to accelerate drug discovery and disease treatment and things like that actually is a really, really big unlock for science, like scientific discovery. And you've seen a lot of startups, like say that they're going to accelerate scientific discovery. And I feel like we actually are doing that through our interp techniques. And kind of like, almost by accident, like, I think we got reached out to very, very early on from these healthcare institutions. And none of us had healthcare.Shawn Wang [00:50:49]: How did they even hear of you? A podcast.Myra Deng [00:50:51]: Oh, okay. Yeah, podcast.Vibhu Sapra [00:50:53]: Okay, well, now's that time, you know.Myra Deng [00:50:55]: Everyone can call us.Shawn Wang [00:50:56]: Podcasts are the most important thing. Everyone should listen to podcasts.Myra Deng [00:50:59]: Yeah, they reached out. They were like, you know, we have these really smart models that we've trained, and we want to know what they're doing. And we were like, really early that time, like three months old, and it was a few of us. And we were like, oh, my God, we've never used these models. Let's figure it out. But it's also like, great proof that interp techniques scale pretty well across domains. We didn't really have to learn too much about.Shawn Wang [00:51:21]: Interp is a machine learning technique, machine learning skills everywhere, right? Yeah. And it's obviously, it's just like a general insight. Yeah. Probably to finance too, I think, which would be fun for our history. I don't know if you have anything to say there.Mark Bissell [00:51:34]: Yeah, well, just across the science. Like, we've also done work on material science. Yeah, it really runs the gamut.Vibhu Sapra [00:51:40]: Yeah. Awesome. And, you know, for those that should reach out, like, you're obviously experts in this, but like, is there a call out for people that you're looking to partner with, design partners, people to use your stuff outside of just, you know, the general developer that wants to. Plug and play steering stuff, like on the research side more so, like, are there ideal design partners, customers, stuff like that?Myra Deng [00:52:03]: Yeah, I can talk about maybe non-life sciences, and then I'm curious to hear from you on the life sciences side. But we're looking for design partners across many domains, language, anyone who's customizing language models or trying to push the frontier of code or reasoning models is really interesting to us. And then also interested in the frontier of modeling. There's a lot of models that work in, like, pixel space, as we call it. So if you're doing world models, video models, even robotics, where there's not a very clean natural language interface to interact with, I think we think that Interp can really help and are looking for a few partners in that space.Shawn Wang [00:52:43]: Just because you mentioned the keyword

ZFS Scrubs and Data integrity, Propolice, FreeBSD vs Slackware and more. NOTES This episode of BSDNow is brought to you by Tarsnap and the BSDNow Patreon Headlines Understanding ZFS Scrubs and Data Integrity The story of Propolice Desk reviews describe comment ask questions No reponses, no justications. [Tj's Desk](media/bsdnow649-tjs-desk.jpg) [Ruben's Desk](media/bsdnow649-rubens-desk.jpg) News Roundup FreeBSD vs. Slackware: Which super stable OS is right for you? Prometheus, Let's Encrypt, and making sure all our TLS certificates are monitored Wait, a repairable ThinkPad!? Tarsnap This weeks episode of BSDNow was sponsored by our friends at Tarsnap, the only secure online backup you can trust your data to. Even paranoids need backups. Feedback/Questions Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv Join us and other BSD Fans in our BSD Now Telegram channel

This is a recap of the top 10 posts on Hacker News on January 31, 2026. This podcast was generated by wondercraft.ai (00:30): Euro firms must ditch Uncle Sam's clouds and go EU-nativeOriginal post: https://news.ycombinator.com/item?id=46835336&utm_source=wondercraft_ai(01:59): Finland looks to introduce Australia-style ban on social mediaOriginal post: https://news.ycombinator.com/item?id=46838417&utm_source=wondercraft_ai(03:28): Mobile carriers can get your GPS locationOriginal post: https://news.ycombinator.com/item?id=46838597&utm_source=wondercraft_ai(04:57): Show HN: I trained a 9M speech model to fix my Mandarin tonesOriginal post: https://news.ycombinator.com/item?id=46832074&utm_source=wondercraft_ai(06:26): The $100B megadeal between OpenAI and Nvidia is on iceOriginal post: https://news.ycombinator.com/item?id=46831702&utm_source=wondercraft_ai(07:55): Swift is a more convenient Rust (2023)Original post: https://news.ycombinator.com/item?id=46841374&utm_source=wondercraft_ai(09:24): We have ipinfo at home or how to geolocate IPs in your CLI using latencyOriginal post: https://news.ycombinator.com/item?id=46834953&utm_source=wondercraft_ai(10:53): Automatic ProgrammingOriginal post: https://news.ycombinator.com/item?id=46835208&utm_source=wondercraft_ai(12:22): Court Filings: ICE App Identifies Protesters; Global Entry, PreCheck Get RevokedOriginal post: https://news.ycombinator.com/item?id=46832751&utm_source=wondercraft_ai(13:51): YouTube blocks background video playback on Brave and other browsersOriginal post: https://news.ycombinator.com/item?id=46834441&utm_source=wondercraft_aiThis is a third-party project, independent from HN and YC. Text and audio generated using AI, by wondercraft.ai. Create your own studio quality podcast with text as the only input in seconds at app.wondercraft.ai. Issues or feedback? We'd love to hear from you: team@wondercraft.ai

Join Simtheory: https://simtheory.aiRegister for the STILL RELEVANT tour: https://simulationtheory.ai/16c0d1db-a8d0-4ac9-bae3-d25074589a80---The hype train is 2026 knows only Moltbot (RIP Clawdbot). In this episode, we unpack the viral open-source AI assistant that's taken over the internet what it actually does, why everyone's losing their minds, and whether it's worth the $750/day token bills some users are racking up. We dive deep into why locally-run skills and CLI tools are beating computer-use clicking, how smaller models like GPT-5 Mini are crushing it in agentic workflows, and why the real magic is in targeted context - not massive swarms. Plus: Kimi K2.5 drops as a near-Sonnet-level model at 1/10th the price, we debate whether SaaS is dead, and yes – there are TWO Kimi K2.5 diss tracks. One made by Opus pretending to be Kimi. It might just slap?CHAPTERS:0:00 Intro - Still Relevant Tour Update0:48 What is Moltbot? The Viral AI Assistant Explained3:57 Token Bill Shock: $750/Day and Anthropic Bans5:00 The Dream of Digital Coworkers on Mac Minis6:52 Why CLI Tools & Skills Beat Computer-Use Clicking10:57 Why This Way of Working Is Genuinely Exciting14:47 Smaller Models Crushing It: GPT-5 Mini & Targeted Context17:30 Wild Agentic Behavior: Chrome Tab Hijacking & Auto-Retries20:10 Security Architecture: Locked-Down Machines & Enterprise Use24:01 AI Building Its Own Tools On-The-Fly27:08 The Fear & Overwhelm of Rapid Progress29:10 2026: The Year of Agent Workers31:43 The Challenge of Directing AI Work (Everyone's a Manager Now)37:24 Skills Will Take Over: Why MCPs & Atlassian Can't Stop Us40:38 Real-World Use Cases: Doctors, Lawyers & Accountants46:28 Cost Solutions: Build Workflows Around Cheaper Models52:58 Kimi K2.5: Sonnet-Level Performance at 1/10th the Price1:00:55 The "1,500 Tool Calls" Claim: Marketing vs Reality1:05:23 The Kimi K2.5 Diss Tracks (Opus vs Kimi)1:08:08 Demo: Black Hole Simulator & Self-Trolling CRM1:12:55 Is SaaS Dead?1:14:30 BONUS: Full Kimi K2.5 Diss TracksThanks for listening. Like & Sub. Links below for the Still Relevant Tour signup and Simtheory. The future is open source, apparently. xoxo

Microsoft's Patch Tuesday blunder triggers emergency fixes, surprise layoffs ripple through Amazon, and the crew debates whether rapid AI advances spell the end of traditional apps. Also, password managers do a lot more than manage passwords, so there's one thing everyone needs to get right. Windows 11 Dev splits from Beta, tests what will surely be 26H1 - After last week's show, Microsoft did issue that same Beta build in the Dev channel for some reason Dev and Beta get same fixes in different builds, but no new features 24H2 and 25H2 Release Preview update(s) are a peek at the next Patch Tuesday, lots of changes January Patch Tuesday update was so terrible it required two emergency fixes, the second of which went out late Sunday Earnings/industry Intel falls flat in Q4, full year 2025 despite U.S. "investment" Amazon lays off 16,000 employees Microsoft, Apple, earnings this week, Alphabet, Amazon are next week AI Microsoft announces Maia 200 AI datacenter processor Like Baldric in Black Adder, Apple has a cunning plan for an AI Siri With AI costs soaring, cheaper new AI plans appear somehow OpenAI was last week with big expansion of ChatGPT Go Google does the same this week with AI Plus plan OpenAI, Anthropic (this week), others are adding "apps" to their chatbots Microsoft is exposing app features as AI Actions in Windows 11 Paul opined that this semantic/programmatic capability was the end of apps But we can now essentially vibe-code our own custom apps - this is vaguely reminiscent of the home computer/DIY era, but without the technical knowledge requirements The age of native apps is over, at least on desktop. Will mobile fall next? Dev Microsoft introduces the Windows App Development (winapp) CLI. For some reason Xbox and gaming Microsoft refreshes the Xbox Cloud Gaming web experience — bigger changes coming? Fable is coming to Xbox, PC, PS5 in late 2026 Tips and picks Tip of the week: Choose a single password manager, make your life easier App pick of the week: Proton Pass RunAs Radio this week: Business Process Automation in 2026 with Ian Cooper Brown liquor pick of the week: Tullibardine 18 Hosts: Leo Laporte, Paul Thurrott, and Richard Campbell Download or subscribe to Windows Weekly at https://twit.tv/shows/windows-weekly Check out Paul's blog at thurrott.com The Windows Weekly theme music is courtesy of Carl Franklin. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: trustedtech.team/windowsweeklyCSS joindeleteme.com/twit promo code TWIT bitwarden.com/twit

Microsoft's Patch Tuesday blunder triggers emergency fixes, surprise layoffs ripple through Amazon, and the crew debates whether rapid AI advances spell the end of traditional apps. Also, password managers do a lot more than manage passwords, so there's one thing everyone needs to get right. Windows 11 Dev splits from Beta, tests what will surely be 26H1 - After last week's show, Microsoft did issue that same Beta build in the Dev channel for some reason Dev and Beta get same fixes in different builds, but no new features 24H2 and 25H2 Release Preview update(s) are a peek at the next Patch Tuesday, lots of changes January Patch Tuesday update was so terrible it required two emergency fixes, the second of which went out late Sunday Earnings/industry Intel falls flat in Q4, full year 2025 despite U.S. "investment" Amazon lays off 16,000 employees Microsoft, Apple, earnings this week, Alphabet, Amazon are next week AI Microsoft announces Maia 200 AI datacenter processor Like Baldric in Black Adder, Apple has a cunning plan for an AI Siri With AI costs soaring, cheaper new AI plans appear somehow OpenAI was last week with big expansion of ChatGPT Go Google does the same this week with AI Plus plan OpenAI, Anthropic (this week), others are adding "apps" to their chatbots Microsoft is exposing app features as AI Actions in Windows 11 Paul opined that this semantic/programmatic capability was the end of apps But we can now essentially vibe-code our own custom apps - this is vaguely reminiscent of the home computer/DIY era, but without the technical knowledge requirements The age of native apps is over, at least on desktop. Will mobile fall next? Dev Microsoft introduces the Windows App Development (winapp) CLI. For some reason Xbox and gaming Microsoft refreshes the Xbox Cloud Gaming web experience — bigger changes coming? Fable is coming to Xbox, PC, PS5 in late 2026 Tips and picks Tip of the week: Choose a single password manager, make your life easier App pick of the week: Proton Pass RunAs Radio this week: Business Process Automation in 2026 with Ian Cooper Brown liquor pick of the week: Tullibardine 18 Hosts: Leo Laporte, Paul Thurrott, and Richard Campbell Download or subscribe to Windows Weekly at https://twit.tv/shows/windows-weekly Check out Paul's blog at thurrott.com The Windows Weekly theme music is courtesy of Carl Franklin. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: trustedtech.team/windowsweeklyCSS joindeleteme.com/twit promo code TWIT bitwarden.com/twit

Microsoft's Patch Tuesday blunder triggers emergency fixes, surprise layoffs ripple through Amazon, and the crew debates whether rapid AI advances spell the end of traditional apps. Also, password managers do a lot more than manage passwords, so there's one thing everyone needs to get right. Windows 11 Dev splits from Beta, tests what will surely be 26H1 - After last week's show, Microsoft did issue that same Beta build in the Dev channel for some reason Dev and Beta get same fixes in different builds, but no new features 24H2 and 25H2 Release Preview update(s) are a peek at the next Patch Tuesday, lots of changes January Patch Tuesday update was so terrible it required two emergency fixes, the second of which went out late Sunday Earnings/industry Intel falls flat in Q4, full year 2025 despite U.S. "investment" Amazon lays off 16,000 employees Microsoft, Apple, earnings this week, Alphabet, Amazon are next week AI Microsoft announces Maia 200 AI datacenter processor Like Baldric in Black Adder, Apple has a cunning plan for an AI Siri With AI costs soaring, cheaper new AI plans appear somehow OpenAI was last week with big expansion of ChatGPT Go Google does the same this week with AI Plus plan OpenAI, Anthropic (this week), others are adding "apps" to their chatbots Microsoft is exposing app features as AI Actions in Windows 11 Paul opined that this semantic/programmatic capability was the end of apps But we can now essentially vibe-code our own custom apps - this is vaguely reminiscent of the home computer/DIY era, but without the technical knowledge requirements The age of native apps is over, at least on desktop. Will mobile fall next? Dev Microsoft introduces the Windows App Development (winapp) CLI. For some reason Xbox and gaming Microsoft refreshes the Xbox Cloud Gaming web experience — bigger changes coming? Fable is coming to Xbox, PC, PS5 in late 2026 Tips and picks Tip of the week: Choose a single password manager, make your life easier App pick of the week: Proton Pass RunAs Radio this week: Business Process Automation in 2026 with Ian Cooper Brown liquor pick of the week: Tullibardine 18 Hosts: Leo Laporte, Paul Thurrott, and Richard Campbell Download or subscribe to Windows Weekly at https://twit.tv/shows/windows-weekly Check out Paul's blog at thurrott.com The Windows Weekly theme music is courtesy of Carl Franklin. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: trustedtech.team/windowsweeklyCSS joindeleteme.com/twit promo code TWIT bitwarden.com/twit

FreeBSD's Future, 18 years of greytrapping, PF vs Linux firewalls, and more. NOTES This episode of BSDNow is brought to you by Tarsnap and the BSDNow Patreon Headlines Powering the Future of FreeBSD Eighteen Years of Greytrapping - Is the Weirdness Finally Paying Off? BSDCan Organisating committee Interview News Roundup How I, a non-developer, read the tutorial you, a developer, wrote for me, a beginner BSD PF versus Linux nftables for firewalls for us Tarsnap This weeks episode of BSDNow was sponsored by our friends at Tarsnap, the only secure online backup you can trust your data to. Even paranoids need backups. Feedback/Questions Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv Join us and other BSD Fans in our BSD Now Telegram channel

Microsoft's Patch Tuesday blunder triggers emergency fixes, surprise layoffs ripple through Amazon, and the crew debates whether rapid AI advances spell the end of traditional apps. Also, password managers do a lot more than manage passwords, so there's one thing everyone needs to get right. Windows 11 Dev splits from Beta, tests what will surely be 26H1 - After last week's show, Microsoft did issue that same Beta build in the Dev channel for some reason Dev and Beta get same fixes in different builds, but no new features 24H2 and 25H2 Release Preview update(s) are a peek at the next Patch Tuesday, lots of changes January Patch Tuesday update was so terrible it required two emergency fixes, the second of which went out late Sunday Earnings/industry Intel falls flat in Q4, full year 2025 despite U.S. "investment" Amazon lays off 16,000 employees Microsoft, Apple, earnings this week, Alphabet, Amazon are next week AI Microsoft announces Maia 200 AI datacenter processor Like Baldric in Black Adder, Apple has a cunning plan for an AI Siri With AI costs soaring, cheaper new AI plans appear somehow OpenAI was last week with big expansion of ChatGPT Go Google does the same this week with AI Plus plan OpenAI, Anthropic (this week), others are adding "apps" to their chatbots Microsoft is exposing app features as AI Actions in Windows 11 Paul opined that this semantic/programmatic capability was the end of apps But we can now essentially vibe-code our own custom apps - this is vaguely reminiscent of the home computer/DIY era, but without the technical knowledge requirements The age of native apps is over, at least on desktop. Will mobile fall next? Dev Microsoft introduces the Windows App Development (winapp) CLI. For some reason Xbox and gaming Microsoft refreshes the Xbox Cloud Gaming web experience — bigger changes coming? Fable is coming to Xbox, PC, PS5 in late 2026 Tips and picks Tip of the week: Choose a single password manager, make your life easier App pick of the week: Proton Pass RunAs Radio this week: Business Process Automation in 2026 with Ian Cooper Brown liquor pick of the week: Tullibardine 18 Hosts: Leo Laporte, Paul Thurrott, and Richard Campbell Download or subscribe to Windows Weekly at https://twit.tv/shows/windows-weekly Check out Paul's blog at thurrott.com The Windows Weekly theme music is courtesy of Carl Franklin. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: trustedtech.team/windowsweeklyCSS joindeleteme.com/twit promo code TWIT bitwarden.com/twit

Microsoft's Patch Tuesday blunder triggers emergency fixes, surprise layoffs ripple through Amazon, and the crew debates whether rapid AI advances spell the end of traditional apps. Also, password managers do a lot more than manage passwords, so there's one thing everyone needs to get right. Windows 11 Dev splits from Beta, tests what will surely be 26H1 - After last week's show, Microsoft did issue that same Beta build in the Dev channel for some reason Dev and Beta get same fixes in different builds, but no new features 24H2 and 25H2 Release Preview update(s) are a peek at the next Patch Tuesday, lots of changes January Patch Tuesday update was so terrible it required two emergency fixes, the second of which went out late Sunday Earnings/industry Intel falls flat in Q4, full year 2025 despite U.S. "investment" Amazon lays off 16,000 employees Microsoft, Apple, earnings this week, Alphabet, Amazon are next week AI Microsoft announces Maia 200 AI datacenter processor Like Baldric in Black Adder, Apple has a cunning plan for an AI Siri With AI costs soaring, cheaper new AI plans appear somehow OpenAI was last week with big expansion of ChatGPT Go Google does the same this week with AI Plus plan OpenAI, Anthropic (this week), others are adding "apps" to their chatbots Microsoft is exposing app features as AI Actions in Windows 11 Paul opined that this semantic/programmatic capability was the end of apps But we can now essentially vibe-code our own custom apps - this is vaguely reminiscent of the home computer/DIY era, but without the technical knowledge requirements The age of native apps is over, at least on desktop. Will mobile fall next? Dev Microsoft introduces the Windows App Development (winapp) CLI. For some reason Xbox and gaming Microsoft refreshes the Xbox Cloud Gaming web experience — bigger changes coming? Fable is coming to Xbox, PC, PS5 in late 2026 Tips and picks Tip of the week: Choose a single password manager, make your life easier App pick of the week: Proton Pass RunAs Radio this week: Business Process Automation in 2026 with Ian Cooper Brown liquor pick of the week: Tullibardine 18 Hosts: Leo Laporte, Paul Thurrott, and Richard Campbell Download or subscribe to Windows Weekly at https://twit.tv/shows/windows-weekly Check out Paul's blog at thurrott.com The Windows Weekly theme music is courtesy of Carl Franklin. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: trustedtech.team/windowsweeklyCSS joindeleteme.com/twit promo code TWIT bitwarden.com/twit

Microsoft's Patch Tuesday blunder triggers emergency fixes, surprise layoffs ripple through Amazon, and the crew debates whether rapid AI advances spell the end of traditional apps. Also, password managers do a lot more than manage passwords, so there's one thing everyone needs to get right. Windows 11 Dev splits from Beta, tests what will surely be 26H1 - After last week's show, Microsoft did issue that same Beta build in the Dev channel for some reason Dev and Beta get same fixes in different builds, but no new features 24H2 and 25H2 Release Preview update(s) are a peek at the next Patch Tuesday, lots of changes January Patch Tuesday update was so terrible it required two emergency fixes, the second of which went out late Sunday Earnings/industry Intel falls flat in Q4, full year 2025 despite U.S. "investment" Amazon lays off 16,000 employees Microsoft, Apple, earnings this week, Alphabet, Amazon are next week AI Microsoft announces Maia 200 AI datacenter processor Like Baldric in Black Adder, Apple has a cunning plan for an AI Siri With AI costs soaring, cheaper new AI plans appear somehow OpenAI was last week with big expansion of ChatGPT Go Google does the same this week with AI Plus plan OpenAI, Anthropic (this week), others are adding "apps" to their chatbots Microsoft is exposing app features as AI Actions in Windows 11 Paul opined that this semantic/programmatic capability was the end of apps But we can now essentially vibe-code our own custom apps - this is vaguely reminiscent of the home computer/DIY era, but without the technical knowledge requirements The age of native apps is over, at least on desktop. Will mobile fall next? Dev Microsoft introduces the Windows App Development (winapp) CLI. For some reason Xbox and gaming Microsoft refreshes the Xbox Cloud Gaming web experience — bigger changes coming? Fable is coming to Xbox, PC, PS5 in late 2026 Tips and picks Tip of the week: Choose a single password manager, make your life easier App pick of the week: Proton Pass RunAs Radio this week: Business Process Automation in 2026 with Ian Cooper Brown liquor pick of the week: Tullibardine 18 Hosts: Leo Laporte, Paul Thurrott, and Richard Campbell Download or subscribe to Windows Weekly at https://twit.tv/shows/windows-weekly Check out Paul's blog at thurrott.com The Windows Weekly theme music is courtesy of Carl Franklin. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: trustedtech.team/windowsweeklyCSS joindeleteme.com/twit promo code TWIT bitwarden.com/twit

Join Christina Warren and Brett Terpstra as they navigate the freezing Minnesotan cold without running water, delve into the intersection of tech and political turmoil, and explore the latest in AI agents and multi-agent workflows. Dive into a whirlwind of emotions, tech tips, and political ranting, all while contemplating the ethics of open source funding and AI coding. From brutal weather updates to philosophical debates on modern fascism, this episode pulls no punches. Sponsor Copilot Money can help you take control of your finances. Get a fresh start with your money for 2026 with 2 months free when you visit try.copilot.money/overtired. Show Links Crimethinc: Being “Peaceful” and “Law-Abiding” Will Not Stop Authoritarianism Gas Town Apex OpenCode Backdrop Cindori Sensei Moltbot Chapters 00:00 Introduction and Host Updates 00:21 Brett’s Water Crisis 02:27 Political Climate and Media Suppression 06:32 Police Violence and Public Response 18:31 Social Media and Surveillance 22:15 Sponsor Break: Copilot Money 26:20 Tech Talk: Gas Town and AI Agents 31:58 Crypto Controversies 37:09 Ethics in Journalism and Personal Dilemmas 39:45 The Future of Open Source and Cryptocurrency 45:03 Apex 1.0? 48:25 Challenges and Innovations in Markdown Processing 01:02:16 AI in Coding and Personal Assistants 01:06:36 GrAPPtitude 01:14:40 Conclusion and Upcoming Plans Join the Conversation Merch Come chat on Discord! Twitter/ovrtrd Instagram/ovrtrd Youtube Get the Newsletter Thanks! You’re downloading today’s show from CacheFly’s network BackBeat Media Podcast Network Check out more episodes at overtiredpod.com and subscribe on Apple Podcasts, Spotify, or your favorite podcast app. Find Brett as @ttscoff, Christina as @film_girl, Jeff as @jsguntzel, and follow Overtired at @ovrtrd on Twitter. Transcript AI Agents and Political Chaos Introduction and Host Updates Christina: [00:00:00] Welcome back. You’re listening to Overtired. I’m Christina Warren. Joined as always by Brett Terpstra. Jeff Severns. Guntzel could not be with us this week, um, but uh, but Brett and I are here. So Brett, how are you? How’s the cold? Brett: The cold. Brett’s Water Crisis Brett: So I’m going on day four without running water. Um, I drove to my parents last night to shower and we’re, we’re driving loads of dishes to friends’ house to wash them. We have big buckets of melted snow in our bathtub that we use to flush the Toyland. Um, and we have like big jugs with a spout on them for drinking water. So we’re surviving, but it is highly inconvenient. Um, and we don’t know yet if it’s a frozen pipe. Or if we have [00:01:00] a bad pump on our, well, uh, hopefully we’ll find that out today. But no guarantees because all the plumbers are very busy right now with negative 30 degree weather. They tend to get a lot of calls, lots of stuff happens. Um, so yeah, but I’m, I’m staying warm. I got a fireplace, I got my heat’s working Christina: I mean, that’s the important thing. Brett: and that went out, that went out twice, in, twice already. This winter, our heat has gone out, um, which I’m thankful. We, we finally, we added glycol to our, so our heat pumps water through, like, it’s not radiators, it’s like baseboard heat, but it, it uses water and. Um, and though we were getting like frozen spots, not burst pipes, just enough that the water wouldn’t go through fast enough to heat anything. So we added glycol to that [00:02:00] system to bring the freeze point down to like zero degrees. So it’s not perfect, but we also hardwired the pump so that it always circulates water, um, even when the heat’s not running. So hopefully it’ll never freeze again. That’s the goal. Um, and if we replace the well pump, that should be good for another 20 years. So hopefully after this things will be smoother. Political Climate and Media Suppression Brett: Um, yeah, but that, that’s all in addition to, you know, my state being occupied by federal agents and even in my small town, we’ve got people being like, abducted. Things are escalating quickly at this point, and a lot of it doesn’t get talked about on mainstream media. Um, but yeah, things, I don’t know, man. I think we’re making progress because, um, apparently Binos [00:03:00] getting retired Christina: I was going to say, I, I, I, I heard, I heard that, and I don’t know if that’s good or if that’s bad. Um, I can’t, I can’t tell. Brett: it’s, it’s like, it’s like if Trump died, we wouldn’t know if that was good or bad because JD Vance as president, like maybe things get way worse. Who knows? Uh, none of these, none of these actual figureheads are the solution. Removing them isn’t the solution to removing the kinda maga philosophy behind it. But yeah, and that’s also Jeff is, you know, highly involved and I, I won’t, I won’t talk about that for him. I hope we can get him monsoon to talk about that. Christina: No, me, me, me too. Because I’ve, I’ve been thinking about, about him and about you and about your whole area, your communities, you know, from several thousand miles away. Like all, all we, all we see is either what people post online, which of course now is being suppressed. [00:04:00] Uh, thanks a lot. You know, like, like the, oh, TikTok was gonna be so terrible. Chi the, the Chinese are gonna take over our, uh, our algorithms. Right? No, Larry Ellison is, is actually going to completely, you know, fuck up the algorithms, um, and, and suppress anything. I, yeah. Yeah. They’re, they’re Brett: is TikTok? Well, ’cause Victor was telling me that, they were seeing videos. Uh, you would see one frame of the video and then it would black out. And it all seemed to be videos that were negative towards the administration and we weren’t sure. Is this a glitch? Is this coincidence? Christina: well, they claim it’s a glitch, but I don’t believe it. Brett: Yeah, it seems, it seems Christina: I, I mean, I mean, I mean, the thing is like, maybe it is, maybe it is a glitch and we’re overreacting. I don’t know. Um, all I know is that they’ve given us absolutely zero reason to trust them, and so I don’t, and so, um, uh, apparently the, the state of California, this is, [00:05:00] so we are recording this on Tuesday morning. Apparently the state of California has said that they are going to look into whether things are being, you know, suppressed or not, and if that’s violating California law, um, because now that, that, that TikTok is, is controlled by an American entity, um, even if it is, you know, owned by like a, you know, uh, evil, uh, billionaire, you know, uh, crony sto fuck you, Larry Ellison. Um, uh, I guess that means we won’t be getting an Oracle sponsorship. Sorry. Um, uh, Brett: take it anyway. Christina: I, I know you wouldn’t, I know you wouldn’t. That’s why I felt safe saying that. Um, but, uh, but even if, if, if that were the case, like I, you know, but apparently like now that it is like a, you know, kind of, you know, state based like US thing, like California could step in and potentially make things difficult for them. I mean, I think that’s probably a lot of bluster on Newsom’s part. I don’t think that he could really, honestly achieve any sort of change if they are doing things to the algorithm. Brett: Yeah. Uh, [00:06:00] if, if laws even matter anymore, it would be something that got tied up in court for a long time Christina: Right. Which effectively wouldn’t matter. Right. And, and then that opens up a lot of other interesting, um, things about like, okay, well, you know, should we, like what, what is the role? Like even for algorithmically determined things of the government to even step in or whatever, right now, obviously does, I think, become like more of a speech issue if it’s government speech that’s being suppressed, but regardless, it, it is just, it’s bad. So I’ve been, I’ve been thinking about you, I’ve been thinking about Jeff. Police Violence and Public Response Christina: Um, you know, we all saw what happened over the weekend and, and, you know, people be, people are being murdered in the streets and I mean that, that, that’s what’s happening. And, Brett: white people no less, Christina: Right. Well, I mean, that’s the thing, right? Like, is that like, but, but, but they keep moving the bar. They, they keep moving the goalpost, right? So first it’s a white woman and, oh, she, she was, she was running over. The, the officer [00:07:00] or the ice guy, and it’s like, no, she wasn’t, but, but, but that, that’s immediately where they go and, and she’s, you know, radical whatever and, and, and a terrorist and this and that. Okay. Then you have a literal veterans affair nurse, right? Like somebody who literally, like, you know, has, has worked with, with, with combat veterans and has done those things. Who, um, is stepping in to help someone who’s being pepper sprayed, you know, is, is just observing. And because he happens to have, um, a, a, a, a gun on him legally, which he’s allowed to do, um, they immediately used that as cover to execute him. But if he hadn’t had the gun, they would’ve, they would’ve come up with something else. Oh, we thought he had a gun, and they, you know what I mean? So like, they, they got lucky with that one because they removed the method, the, the, the weapon and then shot him 10 times. You know, they literally executed him in the street. But if he hadn’t had a gun, they still would’ve executed. Brett: Yeah, no, for sure. Um, it’s really frustrating that [00:08:00] they took the gun away. So he was disarmed and, and immobilized and then they shot him. Um, like so that’s just a straight up execution. And then to bring, like, to say that it, he, because he had a gun, he was dangerous, is such a, an affront to America has spent so long fighting against gun control and saying that we had the right to carry fucking assault rifles in the Christina: Kyle Rittenhouse. Kyle Rittenhouse was literally acquitted. Right? Brett: Yeah. And he killed people. Christina: and, and he killed people. He was literally walking around little fucking stogey, you know, little blubbering little bitch, like, you know, crying, you know, he’s like carrying around like Rambo a gun and literally snipe shooting people. That’s okay. Brett: They defended Christina: if you have a. They defended him. Of course they did. Right? Of course they did. Oh, well he has the right to carry and this and that, and Oh, you should be able to be armed in [00:09:00] these places. Oh, no, but, but if you’re, um, somebody that we don’t like Brett: Yeah, Christina: and you have a concealed carry permit, and I don’t even know if he was really concealed. Right. Because I think that if you have it on your holster, I don’t even think that counts as concealed to Brett: was supposedly in Christina: I, I, I don’t, I don’t, I don’t. Brett: like it Christina: Which I don’t think counts as concealed. I think. Brett: No. Christina: Right, right. So, so, so, so, so that, that, that wouldn’t be concealed. Be because you have someone in, in that situation, then all of a sudden, oh, no. Now, now the, the key, the goalpost, okay, well, it’s fine if it’s, you know, uh, police we don’t like, or, or other people. And, and, and if you’re going after protesters, then you can shoot and kill whoever you want, um, because you’ve perceived a threat and you can take actions into your, to your own hands. Um, but now if you are even a white person, um, even, you know, someone who’s, who’s worked in Veterans Affairs, whatever, if, if you have, uh, even if you’re like a, a, a, you know, a, a gun owner and, and have permits, um, now [00:10:00] if we don’t like you and you are anywhere in the vicinity of anybody associated with law enforcement, now they have the right to shoot you dead. Like that’s, that’s, that’s the argument, which is insanity. Brett: so I’m, I’m just gonna point out that as the third right came to power, they disarmed the Jews and they disarmed the anarchists and the socialists and they armed the rest of the population and it became, um, gun control for people they didn’t like. Um, and this is, it’s just straight up the same playbook. There’s no, there’s no differentiation anymore. Christina: No, it, it, it actively makes me angry that, um, I, I could be, because, ’cause what can we do? And, and what they’re counting on is the fact that we’re all tired and we’re all kind of, you know, like just, [00:11:00] you know, from, from what happened, you know, six years ago and, and, and what happened, you know, five years ago. Um, and, and, and various things. I think a lot of people are, are just. It kind of like Brett: Sure. Christina: done with, with, with being able to, to, to, right. But now the actual fascism is here, right? Like, like we, we, we saw a, a, you know, a whiff of this on, on, on January 6th, but now it’s actual fascism and they control every branch of government. Brett: Yeah. Christina: And, um, and, and, and I, and I don’t know what we’re supposed to do, right? Like, I mean it, because I mean, you know, uh, Philadelphia is, is, is begging for, for, for them to come. And I think that would be an interesting kind of standoff. Seattle is this, this is what a friend of mine said was like, you know, you know Philadelphia, Filch Philadelphia is begging them to come. Seattle is like scared. Um, that, that they’re going to come, um, because honestly, like we’re a bunch of little bitch babies and, um, [00:12:00] people think they’re like, oh, you know the WTO. I’m like, yeah, that was, that was 27 years ago. Um, uh, I, I don’t think that Seattle has the juice to hold that sort of line again. Um, but I also don’t wanna find out, right? Like, but, but, but this is, this is the attack thing. It’s like, okay, why are they in Minnesota? Right? They’re what, like 130,000, um, Brett: exactly Christina: um, immigrants in, in Minnesota. There are, there are however many million in Texas, however many million in Florida. We know exactly why, right? This isn’t about. Anything more than Brett: in any way. Christina: and opt. Right, right. It has nothing, it has nothing to do with, with, with immigration anyway. I mean, even, even the Wall Street Journal. The Wall Street Journal who a, you know, ran an op-ed basically saying get out of Minnesota. They also, they also had like a, you know, a news story, which was not from the opinion board, which like broke down the, the, the footage showing, you know, that like the, the video footage doesn’t match the administration’s claims, but they also ran a story. Um, that [00:13:00] basically did the math, I guess, on like the number of, of criminals, um, or people with criminal records who have been deported. And at this point, like in, you know, and, and when things started out, like, I guess when the raid started out, the, the majority of the people that they were kind of going after were people who had criminal records. Now, whether they were really violent, the worst, the worst, I mean that’s, I’m, I’m not gonna get into that, but you could at least say like, they, they could at least say, oh, well these were people who had criminal records, whatever. Now some, some huge percentage, I think it’s close to 80% don’t have anything. And many of the people that do the, the criminal like thing that they would hold would be, you know, some sort of visa violation. Right. So it’s, it’s, it’s Brett: they deported a five-year-old kid after using him as bait to try to get the rest of his family. Christina: as bait. Brett: Yeah. And like it’s, it’s pretty deplorable. But I will say I am proud of Minnesota. Um, they have not backed [00:14:00] down. They have stood up in the face of increasing increasingly escalated attacks, and they have shown up in force thousands of people out in the streets. Like Conti, like last night they had a, um, well, yeah, I mean, it’s been ongoing, but, uh, what’s his name? Preddy Alex. Um, at the place where he was shot, they had a, like continuing kind of memorial protest, I guess, and there’s footage of like a thousand, a thousand mins surrounding about 50, um, ICE agents and. Like basically corralling them to the point where they were all backed into a corner and weren’t moving. And I don’t know what happened after that. Um, but thus far it hasn’t been violent on the part of protesters. It’s been very violent on the part of ice. I [00:15:00] personally, I don’t know where I stand on, like, I feel like the Democrats are urging pacifism because it affects their hold on power. And I don’t necessarily think that peace when they’re murdering us in the street. I don’t know if peace is the right response, but I don’t know. I’m not openly declaring that I support violence at this point, but. At the same time, do I not? I’m not sure. Like I keep going back and forth on is it time for a war or do we try to vote our way out of this? Christina: I mean, well, and the scary thing about voting our way out of this is will we even be able to have free elections, right? Be because they’re using any sort of anything, even the most benign sort of legal [00:16:00] protest, even if violence isn’t involved in all of a sudden, talks of the Insurrection Act come Brett: yeah. And Trump, Trump offered to pull out of Minnesota if Minnesota will turn over its voter database to the federal government. Like that’s just blatant, like that’s obviously the end goal is suppression. Christina: Right, right. And, and so to your point, I don’t know. Right. And I’m, I’m never somebody who would wanna advocate outwardly for violence, but I, I, I, I, I don’t know. I mean, they’re killing citizens in the streets. They’re assassinating people in cold blood. They’re executing people, right. That’s what they’re doing. They’re literally executing people in the streets and then covering it up in real time. Brett: if the argument is, if we are violent, it will cause them to kill us. They’re already killing Christina: already doing it. Right. So at, at this point, I mean, like, you know, I mean, like, w to your point, wars have been started for, for, for less, or for the exact same things. Brett: [00:17:00] Yeah. Christina: So, I don’t know. I don’t know. Um, I know that that’s a depressing way to probably do mental health corner and whatnot, but this is what’s happening in our world right now and in and in your community, and it’s, it’s terrifying. Brett: I’m going to link in the show notes an article from Crime Think that was written by, uh, people in Germany who have studied, um, both historical fascism and the current rise of the A FD, which will soon be the most powerful party in Germany, um, which is straight up a Nazi party. Um, and it, they offered, like their hope right now lies in America stopping fascism. Christina: Yeah. Brett: Like if we can, if we can stop fascism, then they believe the rest of Europe can stop fascism. Um, but like they, it, it’s a good article. It kind of, it kind of broaches the same questions I do about like, is it [00:18:00] time for violence? And they offer, like, we don’t, we’re not advocating for a civil war, but like Civil wars might. If you, if you, if you broach them as revolutions, it’s kind of, they’re kind of the same thing in cases like this. So anyway, I’ll, I’ll link that for anyone who wants to read kinda what’s going on in my head. I’m making a note to dig that up. I, uh, I love Crime Fake Oh and Blue Sky. Social Media and Surveillance Brett: Um, so I have not, up until very recently been an avid Blue Sky user. Um, I think I have like, I think I have maybe like 200 followers there and I follow like 50 people. But I’ve been expanding that and I am getting a ton of my news from Blue Sky and like to get stories from people on the ground, like news as it happens, unfiltered and Blue Sky has been [00:19:00] really good for that. Um, I, it’s. There’s not like an algorithm. I just get my stuff and like Macedon, I have a much larger following and I follow a lot more people, but it’s very tech, Christina: It’s very tech and, Brett: there for. Christina: well, and, and MAs on, um, understandably too is also European, um, in a lot of regards. And so it’s just, it’s not. Gonna have the same amount of, of people who are gonna be able to, at least for instances like this, like be on the ground and doing real-time stuff. It’s not, it doesn’t have like the more normy stuff. So, no, that makes sense. Um, no, that’s great. I think, yeah, blue Sky’s been been really good for, for these sorts of real-time events because again, they don’t have an algorithm. Like you can have one, like for a personalized kind of like for you feed or whatever, but in terms of what you see, you know, you see it naturally. You’re not seeing it being adjusted by anything, which can be good and bad. I, I think is good because nothing’s suppressing things and you see things in real time. It can be bad because sometimes you miss things, but I think on the whole, it’s better. [00:20:00] The only thing I will say, just to anyone listening and, and just to spread onto, you know, people in your communities too, from what I’ve observed from others, like, it does seem like the, the government and other sorts of, you know, uh, uh, the, you know, bodies like that are finally starting to pay more attention to blue sky in terms of monitoring things. And so that’s not to say don’t. You know, use it at all. But the same way, you don’t make threats on Twitter if you don’t want the Feds to show up at your house. Don’t make threats on Blue Sky, because it’s not just a little microcosm where, you know, no one will see it. People are, it, it’s still small, but it’s, it’s getting bigger to the point that like when people look at like where some of the, the, the fire hose, you know, things observable things are there, there seem to be more and more of them located in the Washington DC area, which could just be because data centers are there, who knows? But I’ve also just seen anecdotally, like people who have had, like other instances, it’s like, don’t, don’t think [00:21:00] that like, oh, okay, well, you know, no one’s monitoring this. Um, of course people are so just don’t be dumb, don’t, don’t say things that could potentially get you in trouble. Um. Brett: a political candidate in Florida. Um, had the cops show up at her house and read her one of her Facebook posts. I mean, this was local. This was local cops, but still, yeah, you Christina: right. Well, yeah, that’s the thing, right? No, totally. And, and my, my only point with that is we’ve known that they do that for Facebook and for, for, you know, Twitter and, and, uh, you know, Instagram and things like that, but they, but Blue Sky, like, I don’t know if it’s on background checks yet, but it, uh, like for, uh, for jobs and things like that, I, I, I don’t know if that’s happening, but it definitely is at that point where, um, I know that people are starting to monitor those things. So just, you know, uh, not even saying for you per se, but just for anybody out there, like, it’s awesome and I’m so glad that like, that’s where people can get information out, but don’t be like [00:22:00] lulled into this false sense of security. Like, oh, well they’re not gonna monitor this. They’re not Brett: Nobody’s watching me here. Christina: It is like, no, they are, they are. Um, so especially as it becomes, you know, more prominent. So I’m, I’m glad that that’s. That’s an option there too. Um, okay. Sponsor Break: Copilot Money Christina: This is like the worst possible segue ever, but should we go ahead and segue to our, our, our sponsor break? Brett: Let’s do it. Let’s, let’s talk about capitalism. Christina: All right. This episode is brought to you by copilot money. Copilot money is not just another finance app. It’s your personal finance partner designed to help you feel clear, calm, and in control of your money. Whether it’s tracking your spending, saving for specific goals, or simply getting the handle on your investments. Copilot money has you covered as we enter the new year. Clarity and control over our finances has never been more important with the recent shutdown of Mint and rising financial stress, for many consumers are looking for a modern, trustworthy tool to help navigate their financial journeys. That’s where copilot money comes in. [00:23:00] With this beautifully designed app, you can see all your bank accounts, spending, savings and goals and investments all in one place. Imagine easily tracking everything without the clutter of chaotic spreadsheets or outdated tools. It’s a practical way to start 2026 with a fresh financial outlook. And here’s the exciting part. As of December 15th, copilot money is now available on the web so you can manage your finances on any device that you choose. Plus, it offers a seamless experience that keeps your data secure with a privacy first approach, when you sign up using our link, you’ll get two months for free. So visit, try. Copilot money slash Overtired to get started with features like automatic subscription tracking so you never miss a renewal date and customizable savings goals to help you stay on track. Copilot money empowers you to take charge of your financial life with confidence. So why wait Start 2026 with clarity and purpose. Download copilot money on your devices or visit. Try copilot money slash [00:24:00] overti today to claim you’re two months free and embrace a more organized, stress-free approach to your finances. Try copilot.money/ Overtired. Brett: Awesome that I appreciate this segue. ’cause we, we, we could, we could be talking about other things. Um, like it’s, it feels so weird, like when I go on social media and I just want to post that like my water’s out. It feels out of place right now because there’s everything that’s going on feels so much more important than, Christina: Right. Brett: than anything else. Um, but there’s still a place for living our lives, um, Christina: there are a absolutely. I mean, and, and, and in a certain extent, like not to, I mean, maybe this is a little bit of a cope, but it’s like, if all we do is focus on the things that we can’t control at the expense of everything else, it’s like then they win. You know? Like, which, which isn’t, which, which isn’t even to [00:25:00] say, like, don’t talk about what’s happening. Don’t try to help, don’t try to speak out and, and, um, and do what we can do, but also. Like as individuals, there’s very little we can control about things. And being completely, you know, subsumed by that is, is not necessarily good either. Um, so yeah, there’s, there, there are other things going on and it’s important for us to get out of our heads. It’s important, especially for you, you know, being in the region, I think to be able to, to focus on other things and, and hopefully your water will be back soon. ’cause that sucks like that. I’ve been, I’ve been worried about you. I’m glad that you have heat. I’m glad you have internet. I’m glad you have power, but you know, the pipes being frozen and all that stuff is like, not Brett: it, the, the internet has also been down for up to six hours at a time. I don’t know why. There’s like an amplifier down on our street. Um, and that has sucked because I, out here, I live in a, I’m not gonna call it rural. Uh, we’re like five minutes from town, [00:26:00] but, um, we, we don’t. We have shitty internet. Like I pay for a gigabit and I get 500 megabits and it’s, and it’s up and down all the time and I hate it. But anyway. Tech Talk: Gas Town and AI Agents Brett: Let’s talk about, uh, let’s talk about Gas Town. What can you tell me about Gastown? Christina: Okay. So we’ve talked a lot about like AI agents and, um, kind of like, uh, coding, um, loops and, and things like that. And so Gastown, uh, which is available, um, at, I, it is not Gas Town. Let me find the URL, um, one second. It’s, it’s at a gas town. No, it’s not. Lemme find it. Um. Right. So this is a thing that, that Steve Yy, uh, has created, and [00:27:00] it is a multi-agent workspace manager. And so the idea is basically that you can be running like a lot of instances of, um, of, of Claude Code or, um, I guess you could use Codex. You could use, uh, uh, uh, co-pilot, um, SDK or CLI agent and whatnot. Um, and basically what it’s designed to do is to basically let you coordinate like multiple coding agents at one time so they can all be working on different tasks, but then instead of having, um, like the context get lost when agents restart, it creates like a, a persistent, um, like. Work state, which it uses with, with git on the backend, which is supposed to basically enable more multi-agent workflows. So, um, basically the idea would be like, you get, have multiple agents working at once, kind of talking to one another, handing things off, you know, each doing their own task and then coordinating the work with what the other ones are doing. But then you have like a persistent, um, uh, I guess kind of like, you know, layer in the backend so that if an agent has to restart or whatever, it’s not gonna lose the, [00:28:00] the context, um, that that’s happening. And you don’t have to manually, um, worry about things like, okay, you know, I’ve lost certain things in memory and, and I’ve, you know, don’t know how I’m, I’m managing all these things together. Um, there, there’s another project, uh, called Ralph, which is kind of based on this, this concept of like, what of Ralph Wickham was, you know, coding or, or was doing kind of a loop. And, and it’s, it’s, it’s a, it’s kind of a similar idea. Um, there’s also. Brett: my nose wouldn’t bleed so much if I just kept my finger out of there. Christina: Exactly, exactly. My cat’s breath smells like cat food. Um, and um, and so. Like there are ideas of like Ralph Loops and Gastown. And so these are a couple of like projects, um, that have really started to, uh, take over. So like, uh, Ralph is more of an autonomous AI agent loop that basically like it runs like over and over and over again until, uh, a task is done. Um, and, and a lot of people use, use Gastown and, [00:29:00] and, and Ralph together. Um, but yeah, no Ga gastown is is pretty cool. Um, we’ll we’re gonna talk about it more ’cause it’s my pick of the week. We’ll talk about Molt bot previously known as Claude Bot, which is, uses some, some similar ideas. But it’s really been interesting to see like how, like the, the multi-agent workflow, and by multi-agent, I mean like, people are running like 20 or 30 of them, you know, at a time. So it’s more than that, um, is really starting to become a thing that people can, uh, can do. Um, Brett: gets expensive though. Christina: I was, I was just about to say that’s the one thing, right? Most people who are using things like Gastown. Are using them with the Claude, um, code Max plans, which is $200 a month. And those plans do give you more value than like, what the, what it would be if you spent $200 in API credits, uh, but $200 a month. Like that’s not an expensive, that’s, you know, that, that’s, that, that, like, you know what I mean? Like, like that, that, that, that, that, that’s a lot of money to spend on these sorts of things. Um, but people [00:30:00] are getting good results out of it. It’s pretty cool. Um. There have been some open models, which of course, most people don’t have equipment that would be fast enough for them to, to run, uh, to be able to kind of do what they would want, um, reliably. But the, the AgTech stuff coming to some of the open models is better. And so if these things can continue, of course now we’re in a ram crisis and storage crisis and everything else, so who knows when the hardware will get good enough again, and we can, when we as consumers can even reasonably get things ourselves. But, but in, in theory, you know, if, if these sorts of things continue, I could see like a, a world where like, you know, some of the WAN models and some of the other things, uh, potentially, um, or Quinn models rather, um, could, uh. Be things that you could conceivably, like be running on your own equipment to run these sorts of nonstop ag agentic loops. But yeah, right now, like it’s really freaking cool and I’ve played around with it because I’m fortunate enough to have access to a lot of tokens. [00:31:00] Um, but yeah, I can get expensive real, real fast. Uh, but, but it’s still, it’s still pretty awesome. Brett: I do appreciate that. So, guest Town, the name is a reference to Mad Max and in the kind of, uh, vernacular that they built for things like background agents and I, uh, there’s a whole bunch, there are different levels of, of the interface that they kind of extrapolated on the gas town kind of metaphor for. Uh, I, it was, it, it, there were some interesting naming conventions and then they totally went in other directions with some of the names. It, they didn’t keep the theme very well, but, but still, uh, I appreciate Ralph Wig and Mad Max. That’s. It’s at the very least, it’s interesting. Christina: No, it definitely is. It definitely is. Crypto Controversies Christina: I will say that there’s been like a little bit [00:32:00] of a kerfuffle, uh, involved in both of those, uh, developers because, um, they’re both now promoting shit coins and, uh, and so that’s sort of an interesting thing. Um, basically there’s like this, this, this crypto company called bags that I guess apparently like if people want to, they will create crypto coins for popular open source projects, and then they will designate someone to, I guess get the, the gas fees, um, in, um, uh, a Solana parlance, uh, no pun intended, with the gas town, um, where basically like that’s, you know, like the, the, the fees that you spend to have the transaction work off of the blockchain, right? Like, especially if there’s. A lot of times that it would take, like, you pay a certain percentage of something and like those fees could be designated to an individual. And, um, in this case, like both of these guys were reached out to when basically they were like, Hey, this coin exists. You’ve got all this money just kind of sitting in a crypto wallet waiting for you. [00:33:00] Take the money, get, get the, the transaction fees, so to speak. And, uh, I mean, I think that, that, that’s, if you wanna take that money right, it’s, it’s there for you. I’m not gonna certainly judge anyone for that. What I will judge you for is if you then promote your shit coin to your community and basically kind of encourage everyone. To kind of buy into it. Maybe you put in the caveat, oh, this isn’t financial advice. Oh, this is all just for whatever. But, but you’re trying to do that and then you go one step beyond, which I think is actually pretty dumb, which is to be like, okay, well, ’cause like, here’s the thing, I’m not gonna judge anyone. If someone who’s like, Hey, here’s a wallet that we’re gonna give you, and it has real cash in it, and you can do whatever you want with it, and these are the transaction fees, so to speak, like, you know, the gas fees, whatever, you know what you do. You, even if you wanna let your audience know that you’ve done that, and maybe you’re promoting that, maybe some people will buy into it, like, people are adults. Fine. Where, where I do like side eye a little bit is if you are, then for whatever reason [00:34:00] going to be like, oh, I’m gonna take my fees and I’m gonna reinvest it in the coin. Like, okay, you are literally sitting on top of the pyramid, like you could not be in a better position and now you’re, but right. And now you’re literally like paying into the pyramid scheme. It’s like, this is not going to work well for you. These are rug bulls. Um, and so like the, the, the, the gas town coin like dropped like massively. The Ralph coin like dropped massively, like after the, the, the Ralph creator, I think he took out like 300 K or something and people, or, you know, sold like 300 K worth of coins. And people were like, oh, he’s pulling a rug pull. And I’m like, well, A, what did you expect? But B it’s like, this is why don’t, like, if someone’s gonna give you free money from something that’s, you know, kind of scammy, like, I’m not saying don’t take the money. I am saying maybe be smart enough to not to reinvest it into the scam. Brett: Yeah. Christina: Like, I don’t know. Anyway, that’s the only thing I will mention on that. ’cause I don’t think that that takes [00:35:00] anything away from either of those projects or it says that you shouldn’t use or play around with it either of those ideas at all. But that is just a thing that’s happened in the last couple of weeks too, where it’s like, oh, and now there’s like crypto, you know, the crypto people are trying to get kind of involved with these projects and, um, I, I think that that’s, uh, okay. You know, um, like I said, I’m, I’m not gonna judge anybody for taking free money that, that somebody is gonna offer them. I will judge you if you’re gonna try to then, you know, try to like, promote that to your audience and try to be like, oh, this is a great way where we, where you can help me and we can all get rich. It’s like, no, there are, if you really wanna support creators, like there are things like GitHub sponsors and there are like other methods that you can, you can do that, that don’t involve making financial risks on shit coins. Brett: I wish anything I made could be popular enough that I could do something that’s stupid. Yeah. Like [00:36:00] I, I, I, I’m not gonna pull a rug pull on anyone, but the chances that I’ll ever make $300,000 on anything I’m working on, it’s pretty slim. Christina: Yeah, but at the same time, like if you, if you did, if you were in that position, like, I don’t know, I mean, I guess that’d be a thing that you would have to kind of figure out, um, yourself would be like, okay, I have access to this amount of money. Am I going to try to, you know, go all in and, and maybe go full grift to get even more? Some, something tells me that like your own personal ethics would probably preclude you from that. Brett: I, um, I have spent, what, um, how old am I? 47. I, I’ve been, since I started blogging in like 1999, 2000, um, I have always adhered to a very strict code and like turning down sponsors. I didn’t agree with [00:37:00] not doing anything that would be shady. Not taking, not, not taking money from anyone I was writing about. Ethics in Journalism and Personal Dilemmas Brett: Like, it’s been, it’s a pain in the ass to try to be truly ethical, but I feel like I’ve done it for 30 some years and, and I don’t know, I wouldn’t change it. I’m not rich. I’ll never be rich. But yeah, I think ethics are important, especially if you’re in any kind of journalism. Christina: Yeah, if you’re in any sort of journalism. I think so, and I think like how people wanna define those things, I think it’s up to them. And, and like I said, like I’m not gonna even necessarily like, like judge people like for, because I, I don’t know personally like what my situation would be like. Like if somebody was like, Christina, here’s a wallet that has the equivalent of $300,000 in it and it’s just sitting here and we’re not even asking you to do anything with this. I would probably take the money. I’m not gonna lie, I don’t, I don’t, I don’t [00:38:00] know if I would promote it or anything and I maybe I would feel compelled to disclose, Hey, Brett: That is Christina: wallet belongs to me. Brett: money though. Christina: I, I, right. I, I, I might, I might be, I might feel compelled to com to, to disclose, Hey, someone created this coin in this thing. They created the foam grow coin and they are giving me, you know, the, the, the gas fees and I have accepted Brett: could be, I’d feel like you could do it if you were transparent enough about it. Christina: Yeah, I mean, I, I, I think where I draw the line is when you then go from like, because again, it’s fine if you wanna take it. It’s then when you are a. Reinvesting the free money into the coin, which I think is just idiotic. Like, I think that’s just actually dumb. Um, like I just, I just do like, that just seems like you are literally, like I said, you’re at the top of the pyramid and you’re literally like volunteering to get into the bottom again. Um, and, or, or b like if you do that and then you try to rationalize in some way, oh, well, you know, I think [00:39:00] that this could be a great thing for everybody to, you know, I get rich, you know, you could get rich, we could all get money out of this because this is the future of, you know, creator economy or whatever. It’s like, no, it’s not. This is gambling. Um, and, and, and, and you could make the argument to me, and I’d probably be persuaded to be like, this isn’t that different from poly market or any of the other sorts of things. But you know what? I don’t do those things either. And I wouldn’t promote those things to any audience that I had either. Um, but if somebody wanted to give me free money. I probably wouldn’t turn it down. I’m not gonna pretend that my ethics are, are that strong. Uh, I just don’t know if I would, if I would, uh, go on the other end and be like, okay, to the Moom, everyone let, let’s all go in on the crypto stuff. It’s like, okay, The Future of Open Source and Cryptocurrency Brett: So is this the future of open source is, ’cause I mean like open source has survived for decades as like a concept and it’s never been terribly profitable. But a [00:40:00] lot of large companies have invested in open source, and I guess at this point, like most of the big open source projects are either run by a corporation or by a foundation. Um, that are independently financed, but for a project like Gastown, like is it the future? Is this, is this something people are gonna start doing to like, kind of make open source profitable? Christina: I mean, maybe, I don’t know. I think the problem though is that it’s not necessarily predictable, right? And, and not to say that like normal donations or, or support methods are predictable, but at least that could be a thing where you’re like, they’re not, but, but, but it’s not volatile to the extent where you’re like, okay, I’m basing, you know, like my income based on how well this shit coin that someone else controls the supply of someone else, you know, uh, uh, created someone else, you know, burned, so to speak, somebody else’s is going to be, uh, [00:41:00] controlling and, and has other things and could be responsible for, you know, big seismic like market movements like that I think is very different, um, than anything else. And so, I don’t know. I mean, I, I think that they, what I do expect that we’ll see more of is more and more popular projects, things that go viral, especially around ai. Probably being approached or people like proactively creating coins around those things. And there have been some, um, developers who’ve already, you know, stood up oddly and been like, if you see anybody trying to create a coin around this, it is not associated with me. I won’t be associated with any of it. I won’t do it. Right. Uh, and I think that becomes a problem where you’re like, okay, if these things do become popular, then that becomes like another risk if you don’t wanna be involved in it. If you’re involved with a, with a popular project, right? Like the, like the, like the creator of MPM Isaac, like, I think there’s like an MPM coin now, and that, that he’s, you know, like involved in and it’s like, you know, again, he didn’t create it, but he is happy to promote it. He’s happy to take the money. I’m like, look, I’m happy for [00:42:00] Isaac to get money from NPMI am at the same time, you know, bun, which is basically like, you know, the, you know, replacement for, for Node and NPM in a lot of ways, they sold to Anthropic for. I guarantee you a fuck load more money than whatever Isaac is gonna make off of some MPM shitcoin. So, so like, it, it’s all a lottery and it’s not sustainable. But I also feel like for a lot of open source projects, and this isn’t like me saying that the people shouldn’t get paid for the work, quite the contrary. But I think if you go into it with the expectation of I’m going to be able to make a sustainable living off of something, like when you start a project, I think that that is not necessarily going to set you up for, I think that those expectations are misaligned with what reality might be, which again, isn’t to say that you shouldn’t get paid for your work, it’s just that the reason that we give back and the reason we contribute open source is to try to be part of like the, the greater good and to make things more available to everyone. Not to be [00:43:00] like, oh, I can, you know, quit my job. Like, that would be wonderful. I, I wish that more and more people could do that. And I give to a lot of, um, open source projects on, on a monthly basis or on an annual basis. Um, Brett: I, I give basically all the money that’s given to me for my open source projects I distribute among other open source projects. So it’s a, it’s a, it’s a wash for me, but yeah, I am, I, I pay, you know, five, 10 bucks a month to 20 different projects and yeah. Christina: Yeah. I mean, I think it’s important, but, but I, I don’t know. I, I, I hope that it’s not the future. I’m not mad, I think like if that’s a way where people can make, you know, a, a, an income. But I do, I guess worry the sense that like, if, if, if, I don’t want that to be, the reason why somebody would start an open source project is because they’re like, oh, I, I can get rich on a crypto thing. Right? Like, ’cause that that’s the exact wrong Brett: that’s not open source. That’s not the open source philosophy. Christina: no, [00:44:00] it’s not. And, and so, I mean, but I think, I think if it already exists, I mean, I don’t know. I, I also feel like no one should feel obligated. This should go without saying that. If you see a project that you like that is involved in one of those coins. Do you have a zero obligation to be, uh, supportive of that in any way? And in fact, it is probably in your financial best interest to not be involved. Um, it, it is your life, your money, your, you do whatever you want, gamble, however you want. But, uh, I, I, I, I do, I guess I, I bristle a little bit. Like if people try to portray it like, oh, well this is how you can support me by like buying into this thing. I’m like, okay, that’s alright. Like, I, I, if you wanna, again, like I said, if you wanna play poly market with this, fine, but don’t, don’t try to wrap that around like, oh, well this is how you can give back. It’s like, no, you can give back in other ways. Like you can do direct donations, you can do other stuff. Like I would, I would much rather encourage people to be like, rather than putting a hundred dollars in Ralph Coin, [00:45:00] give a hundred dollars to the Ralph Guy directly. Apex 1.0? Brett: So, speaking of unprofitable open source, I have Apex almost to 1.0. Um, it officially handles, I think, all of the syntax that I had hoped it would handle. Um, it does like crazy things, uh, that it’s all built on common mark, GFM, uh, like cmar, GFM, GitHub’s project. Um, so it, it does all of that. Plus it handles stuff from like M mark with like indices. Indices, and it incorporates, uh. Uh, oh, I forget the name of it. Like two different ways of creating indices. It handles all kinds of bibliography syntax, like every known bibliography syntax. Um, I just added, you can, you can create insert tags with plus, plus, uh, the same way you would create a deletion with, uh, til detail. Um, and [00:46:00] I’ve added a full plugin structure, and the plugins now can be project local. So you can have global plugins. And then if you have specific settings, so like I have a, I, my blogs are all based on cramdown and like the bunch documentation is based on cramdown, but then like the mark documentation. And most of my writing is based on multi markdown and they have different. Like the, for example, the IDs that go on headers in multi markdown. If it’s, if it has a space in multi markdown, it gets compressed to no space in common Mark or GFM, it gets a dash instead of a space, which means if I have cross links, cross references in my document, if I don’t have the right header syntax, the cross reference will break. So now I can put a, a config into like my bunch documentation that tells Apex to use, [00:47:00] um, the dash syntax. And in my Mark documentation, I can tell it to use the multi markdown syntax. And then I can just run Apex with no command line arguments and everything works. And I don’t know, I, I haven’t gotten adoption for it. Like the one place I thought it could be really useful was DEVONthink, Christina: Mm-hmm. Brett: which has always been based on multi markdown, which. Um, is I love multi markdown and I love Fletcher and, um, it’s just, it’s missing a lot of what I would consider modern syntax. Christina: Right. Brett: so I, I offered it to Devin think, and it turned out they were working on their own project along the same lines at the same time. Um, but I’m hoping to find some, some apps that will incorporate it and maybe get it some traction. It’s solid, it’s fast, it’s not as fast as common Mark, but it does twice as much. Um, like the [00:48:00] benchmarks, it a complex document renders in common mark in about. Uh, 27 milliseconds, and in Apex it’s more like 46 milliseconds. But in the grand scheme of things, I could render my whole blog 10 times faster than I can with cramm down or Panoc and yeah, and, and I can use all the syntax I want. Challenges and Innovations in Markdown Processing Brett: Did I tell you about, did I tell you about, uh, Panoc Divs? The div extension, um, like you can in with the panoc D extension, you can put colon, colon, colon instead of like back, take, back, take backtick. So normally, like back ticks would create a code block with colons, it creates a div, and you can apply, you can apply inline attribute lists after the colons to make, to give it a class and an ID and any other attributes you wanna apply to it. I extended that so that you can do colon, [00:49:00] colon, colon, and then type a tag name. So if you type colon, colon, colon aside and then applied an attribute list to it, it would create an aside tag with those attributes. Um, the, the only pan deck extension that I wish I could support that I don’t yet is grid tables. Have you ever seen grid tables? Christina: I have not. Brett: There, it’s, it’s kind of like multi markdown table syntax, except you use like plus signs for joints and uh, pipes and dashes, and you actually draw out the table like old ASCI diagrams Christina: Okay. Brett: and that would render that into a valid HTML table. But that supporting that has just been, uh, tables. Tables are the thing. I’ve pulled the most hair out over. Christina: Yeah, I was gonna say, I think I, they feel like tables are hard. I also feel like in a lot of circumstances, I mean obviously people use tables and whatnot, but like, [00:50:00] only thing I would say to you, like, you know, apex is, is so cool and I hope that other projects adopt it. Um, and, uh, potentially with the POC support as far as you’ve gotten with it, maybe, you know, projects that support some of POC stuff could, could, you know, uh, jump into it. But I will say it does feel like. Once you go into like the Panoc universe, like that almost feels like a separate thing from the markdown Flavors like that almost feels like its own like ecosystem. You know what I mean? Brett: Well, yeah, and I haven’t tried to adopt everything Panoc does because you can als, you can also use panoc. You can pipe from Apex into Panoc or vice versa. So I’m not gonna try to like one for one replicate panoc, Christina: No, no. Totally Brett: do all of panoc export options because Panoc can take HTML in and then output PDFs and Doc X and everything. So you can just pipe output from Apex into Panoc to create your PDF or whatever Christina: And like, and, and like to, [00:51:00] and like to me, like that seems ideal, right? But I feel like maybe like adopting some of the other things, especially like, like their grid, you know, table, things like that. Like that would be cool. But like, that feels like that’s a, potentially has the, has the potential, maybe slow down rendering and do other stuff which you don’t want. And then b it’s like, okay, now are we complicated to the point that like, this is, this is now not becoming like one markdown processor to rule them all, but you Brett: Yeah, the whole point, the whole point is to be able to just run Apex and not worry about what cex you’re using. Um, but grid tables are the kind of thing that are so intentional that you’re not gonna accidentally use them. Like the, the, the, the impetus for Apex was all these support requests I get from people that are like the tilde syntax for underline or delete doesn’t work in Mark. And it, it does if you choose the right processor. But then you have to know, yeah, you have to [00:52:00] know what processor supports what syntax and that takes research and time and bringing stuff in from, say, obsidian into mart. You would just kind of expect things to work. And that’s, that’s why I built Apex and Christina: right? Brett: you are correct that grid tables are the kind of thing, no one’s going to use grid tables if they haven’t specifically researched what Christina: I right. Brett: they’re gonna work with. Christina: And they’re going to have a way that has their file marked so that it is designated as poc and then whatever, you know, flags for whatever POC features it supports, um, does. Now I know that the whole point of APEX is you don’t have to worry about this, but, but I am assuming, based on kind of what you said, like if I pass like arguments like in like a, you know, in a config file or something like where I was like, these documents or, or, or this URL or these things are, you know, in this process or in this in another, then it can, it can just automatically apply those rules without having to infer based on the, on the syntax, right. Brett: right. It has [00:53:00] modes for cram down and common mark and GFM and discount, and you can like tell it what mode you’re writing in and it will limit the feature set to just what that processor would handle. Um, and then all of the flags, all of the features have neg negotiable flags on them. So if you wanted to say. Skip, uh, relax table rendering. You could turn that off on the command line or in a config file. Um, so yeah, everything, everything, you can make it behave like any particular processor. Uh, but I focus mostly on the unified mode, which again, like you don’t have to think about which processor you are using. Christina: Are you seeing, I guess like in, in circumstances like, ’cause I, in, in my, like, my experience, like, I would never think to, like, I would probably like, like to, I would probably do like what you do, which is like, I’m [00:54:00] going to use one syntax or, or one, you know, processor for one type of files and maybe another and another. Um, but I, I don’t think that like, I would ever have a, and maybe I’m misunderstanding this, but I don’t think I would ever have an instance where I would be like mixing the two together in the same file. Brett: See, that’s my, so that’s, that’s what’s changing for me is I’m switching my blog over to use Apex instead of Cramdown, which means I can now incorporate syntax that wasn’t available before. So moving forward, I am mixing, um, things from common mark, things from cram down, things from multi markdown. Um, and, and like, so once you know you have the option Christina: right. Then you might do that Brett: you have all the syntax available, you start doing it. And historically you won’t have, but like once you get used to it, then you can. Christina: Okay. So here’s the next existential question for you. At what point then does it go from being, you know, like [00:55:00] a, a, a rendering engine, kind of like an omni rendering engine to being a syntax and a flavor in and of itself? Brett: That is that, yeah, no, that’s a, that’s a very valid question and one that I have to keep asking myself, um, because I never, okay, so what to, to encapsulate what you’re saying, if you got used to writing for Apex and you were mixing your syntax, all of a sudden you have a document that can’t render in anything except Apex, which does eventually make it its own. Yeah, no, it is, it’s always, it’s a concern the whole time. Christina: well, and I, I wouldn’t even necessarily, I mean, like, and I think it could be two things, right? I mean, like, you could have it live in two worlds where, like on the one hand it could be like the rendering engine to end all rendering engines and it can render, you know, files and any of them, and you can specify like whatever, like in, in, in like a tunnel or something. Like, you know, these files are, [00:56:00] are this format, these are these, and you know, maybe have some sort of, you know, um, something, even like a header files or whatever to be like, this is what this rendering engine is. Um, you know, with, with your projects to have it, uh, do that. Um. Or have it infer, you know, based on, on, on, um, the, the logic that you’re importing. But it could also be one of those things where you’re like, okay, I just have created like, you know, the omni syntax. And that’s a thing that maybe, maybe you get people to try to encourage or try, try to adopt, right? Like, it’s like, okay, you can always just use common mark. You can always just use GFM, you can always just use multi markdown, but we support these other things too, from these other, um, systems and you can intermix and match them. Um, because, because I, I do feel like at a certain point, like at least the way you’re running it yourself, you have your own syntax. Like, like, you know. Brett: yeah. No, you have perfectly encapsulated the, the major [00:57:00] design concern. And I think you’re correct. It can exist, it can be both things at once. Um, but I have like, nobody needs another markdown syntax. Like there are so many flavors right now. Okay. There may be a dozen. It’s not like an infinite number, but, but there’s enough that the confusion is real. Um, and we don’t need yet another markdown flavor, but we do need a universal processor that. Makes the differentiations less, but yeah, no, it’s, I need, I need to nail down that philosophy, uh, and really like, put it into writing and say, this is the design goal of this project, uh, which I have like hinted at, but I’m a scattered thinker and like, part of, part of the design philosophy is if someone says, Hey, [00:58:00] could you make this work? I just wanted a project where I could say, yeah, I’m gonna make that work. I, I, I’m gonna add this somewhat esoteric syntax and it’s just gonna work and it’s not gonna affect anything else. And you don’t have to use it, but if you do, there it is. So it’s kind of, it was designed to bloat to a circuit certain extent. Um, but yeah, I need to, I need to actually write a page That’s just the philosophy and really, really, uh, put, put all my thoughts together on that. Christina: Yeah, no, ’cause I was just kind of thinking, I was like, ’cause it’s so cool. Um, but the way that I would’ve envisioned using it, like I, I still like, it’s cool that you can mix all those things in together. I still feel like I probably wouldn’t because I’m not you. And so then I would just have like this additional dependency that it’s like, okay, if something happens to Apex one day and that’s the only thing that can render my documents, then like, you know what I mean? And, and, and if it’s not getting updated [00:59:00] anymore or whatever, then I’m kind of like SOL, um, Brett: Maku. Do you remember Maku? Christina: vaguely. Brett: It’s, the project is kind of dead and a lot of its syntax has been incorporated into various other processors. But if you built your whole blog on Maku, you have to, you have to be able to run like a 7-year-old binary, um, and, and it’ll never be updated, and eventually you’re gonna run into trouble. The nice thing about Unix based stuff is it’s. Has a, you can stop developing it and it’ll work for a decade, um, until, like, there’s a major shift in processors, but like, just the shift to arm. Like if, if Maku was only ever compiled for, uh, for, uh, Intel and it wasn’t open source, you would, it would be gone. You wouldn’t be able to run it anymore. So yeah, these things can happen. Christina: [01:00:00] Well, and I just even think about like, you know, the fact that like, you know, like some of the early processors, like I remember like back, I mean this is a million years ago, but having to use like certain, like pearl, you know, based things, you know, but depending on like whatever your backend system was, then you moved to PHP, they maybe you move, moved to, you know, Ruby, if you’re using like Jekyll and maybe you move to something else. And I was like, okay, you know, what will the thing be in the future? Yeah. If, if I, if it’s open source and there’s a way that, you know, you can write a new, a new processor for that, but it does create like, dependencies on top of dependencies, which is why I, I kind of feel like I like having like the omni processor. I don’t know if, like, for me, I’m like, okay, I, I would probably be personally leery about intermingling all my different syntaxes together. Brett: to that end though, that is why I wanted it in C um, because C will probably never die. C can be compiled on just about any platform. And it can be used with, like, if you have, if you have a Jekyll blog and you wanna [01:01:00] incorporate a C program into a gem, it’s no problem. Uh, you can incorporate it into just about any. Langu

Welcome to episode 340 of The Cloud Pod, where the forecast is always cloudy! It's a full house (eventually) with Justin, Jonathan, Ryan, and Matt all on board for today's episode. We've got a lot of announcements, from Gemini for Gov (no more CamoGPT!) to Route 52 and Claude. Let's get started!  Titles we almost went with this week Claude’s Pricing Tiers: Free, Pro, and Maximum Overdrive GitHub Copilot Learns Database Schema: Finally an AI That Understands Your Joins SSMS Gets a Copilot: Your T-SQL Now Writes Itself While You Grab Coffee Too Many Cooks in the Cloud Kitchen: How 32 GPUs Outcooked the Big Tech Industrial Kitchens Uncle Sam Gets a Gemini Twin: Google’s AI Goes Federal Route 53 Gets Domain of Its Own: .ai Joins the Party Thai One On: Google Cloud Plants Its Flag in Bangkok NAT So Fast: Azure’s Gateway Gets a V2 Glow-Up Beware Azure's SQL Assistant doesn't smoke your joints. AI Is Going Great, Or How ML Makes Money   30:10 Announcing BlackIce: A Containerized Red Teaming Toolkit for AI Security Testing | Databricks Blog Databricks released BlackIce, an open-source containerized toolkit that bundles 14 AI security testing tools into a single Docker image available on Docker Hub as databricksruntime/blackice:17.3-LTS.  The toolkit addresses common red teaming challenges, including conflicting dependencies, complex setup requirements, and the fragmented landscape of AI security tools, by providing a unified command-line interface similar to how Kali Linux works for traditional penetration testing. The toolkit includes tools covering three main categories: Responsible AI, Security testing, and classical adversarial ML, with capabilities mapped to MITRE ATLAS and the Databricks AI Security Framework.  Tools are organized as either static (simple CLI-based with minimal programming needed) or dynamic (Python-based with customization options), with static tools isolated in separate virtual environments and dynamic tools in a global environment with managed dependencies. BlackIce integrates directly with Databricks Model Serving endpoints through custom patches applied to several tools, allowing security teams to test for vulnerabilities like prompt injections, data leakage, hallucination detection, jailbreak attacks, and supply chain security issues.  Users can deploy it via Databricks Container Services by specifying the Docker image URL when creating compute clusters. The release includes a demo notebook showing how to orchestrate multiple security tools in a single environment, with all build artifacts, tool documentation, and examples available in the GitHub repository.  The CAMLIS Red Paper provides additional technical details on tool selection criteria and the Docker image architecture. 04:30 Ryan – “It's very difficult to feel confident in your AI security practice or patterns. I feel like it's just bleeding edge, and I

Techno Tim joins Adam to dive deep into the state of homelab'ing in 2026. Hardware is scarce and expensive due to the AI gold rush, but software has never been better. From unleashing Claude on your UDM Pro to building custom Proxmox CLIs, they explores how AI is transforming what's possible in the homelab. Tim declares 2026 the "Year of Self-Hosted Software" while Adam reveals his homelab's secret weapons: DNSHole (a Pi-hole replacement written in Rust) and PXM (a Proxmox automation CLI).

Techno Tim joins Adam to dive deep into the state of homelab'ing in 2026. Hardware is scarce and expensive due to the AI gold rush, but software has never been better. From unleashing Claude on your UDM Pro to building custom Proxmox CLIs, they explores how AI is transforming what's possible in the homelab. Tim declares 2026 the "Year of Self-Hosted Software" while Adam reveals his homelab's secret weapons: DNSHole (a Pi-hole replacement written in Rust) and PXM (a Proxmox automation CLI).

On this edition of the Sams Report, Xbox has its big event, Sony might delay, and Windows has yet another CLI. Chapters: Intro: 00:00-1:00 Tech News: 1:00-4:28 Gaming News: 4:28-12:14 Questions: 12:14-27:52 Outro: 27:52-28:09

Tim stores his passwords in the browser. There, we said it. But before you grab your pitchforks, it turns out he's got an ancient password vault program backing him up—so he's not completely feral. Still, the hosts can't resist a good-natured intervention. What starts as a gentle roasting turns into a deep dive on password managers, shared family vaults, and why your retirement account deserves better than Chrome's autofill. Carol reveals her galaxy-brain solution to her husband constantly forgetting his master password: she just signed him into her account. He still doesn't know he doesn't have his own 1Password.LinksClaude Code - Anthropic's CLI for coding with ClaudeRalph Wiggum Plugin - Official Claude Code plugin for autonomous loopsEverything is a Ralph Loop - Geoffrey Huntley's deep dive on the techniqueFollow the show and be sure to join the discussion on Discord! Our website is workingcode.dev and we're @workingcode.dev on Bluesky. New episodes drop weekly on Thursday.And, if you're feeling the love, support us on Patreon.With audio editing and engineering by ZCross Media.Full show notes and transcript here.

In our latest episode, co-hosts Robby and Tim talk with Robert Brennan, Co-Founder & CEO of OpenHands - the open platform for cloud coding agents. Their open source project, also called OpenHands, has 67K starts on GitHub and provides a software agent SDK, CLI, and local GUI. They also have OpenHands cloud - their paid, hosted version of the OpenHands GUI. This episode traces the rise of OpenDevin - now OpenHands - as an open-source alternative to closed AI coding agents like Devin. Open to anyone from day one, it attracted highly technical developers, academics, and eventually large enterprises that valued flexibility, privacy, and lack of model lock-in. Launched amid the 2024 surge of excitement around autonomous coding agents, OpenHands quickly built a massive community and differentiated itself by rejecting the idea of replacing engineers, instead focusing on empowering them through transparent, human-in-the-loop tooling.The discussion also covers the fragmented AI dev-tool landscape and why open source may define future standards. While many tools compete in the individual “inner loop” of coding, OpenHands emphasizes the collaborative “outer loop,” safety, and running agents at scale. Its organic growth, community-driven roadmap, and focus on real developer pain points highlight a future where AI accelerates software creation without removing human accountability.

Cli­nica Abierta con Dr. Elmo Rodriguez

Are you an AI skeptic or an enthusiast? Ethan and Drew sit down with Igor Tarasenko, Senior Director of Product Software Architecture and Engineering at Equinix, to break down the reality of AI in the network. In this sponsored episode, Tarasenko discusses why APIs are the new CLI, the critical need for observability in AI,... Read more »

Are you an AI skeptic or an enthusiast? Ethan and Drew sit down with Igor Tarasenko, Senior Director of Product Software Architecture and Engineering at Equinix, to break down the reality of AI in the network. In this sponsored episode, Tarasenko discusses why APIs are the new CLI, the critical need for observability in AI,... Read more »

Are you an AI skeptic or an enthusiast? Ethan and Drew sit down with Igor Tarasenko, Senior Director of Product Software Architecture and Engineering at Equinix, to break down the reality of AI in the network. In this sponsored episode, Tarasenko discusses why APIs are the new CLI, the critical need for observability in AI,... Read more »

Cli­nica Abierta con Dr. Elmo Rodriguez

The Unix v4 recovery, webzfs, openbgpd 9.0, MidnightBSD 4.0, and more... NOTES This episode of BSDNow is brought to you by Tarsnap (https://www.tarsnap.com/bsdnow) and the BSDNow Patreon (https://www.patreon.com/bsdnow) Headlines University of Utah team discovers rare computer relic (https://ksltv.com/science-technology/university-of-utah-discovers-rare-computer-relic/853296/) The attempt to read the UNIX V4 tape is underway! (https://mastodon.social/redirect/statuses/115747843746305391) UNIX V4 Tape from University of Utah (https://archive.org/details/utah_unix_v4_raw) UNIX V4 tape successfully recovered: First ever version of UNIX written in C is running again (https://www.theregister.com/2025/12/23/unix_v4_tape_successfully_recovered/) An initial analysis of the discovered Unix V4 tape (https://www.spinellis.gr/blog/20251223/) WebZFS (https://github.com/webzfs/webzfs) News Roundup OpenBGPD 9.0 released (https://www.undeadly.org/cgi?action=article;sid=20251231070524) MidnightBSD 4.0 (https://www.midnightbsd.org/notes/4.0/index.html) Let's run FreeBSD 15.0-RELEASE on a Raspberry Pi Zero 2 W (https://briancallahan.net/blog/20251216.html) Figuring out how I want to set up the TVPC (https://vulcanridr.mataroa.blog/blog/figuring-out-how-i-want-to-set-up-the-tvpc/) TVPC update (https://vulcanridr.mataroa.blog/blog/tvpc-update/) C&C Red Alert2 in your browser (https://chronodivide.com) Tarsnap This weeks episode of BSDNow was sponsored by our friends at Tarsnap, the only secure online backup you can trust your data to. Even paranoids need backups. Feedback/Questions rick - shout out.md (https://github.com/BSDNow/bsdnow.tv/blob/master/episodes/646/feedback/rick%20-%20shout%20out.md) Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv (mailto:feedback@bsdnow.tv) Join us and other BSD Fans in our BSD Now Telegram channel (https://t.me/bsdnow)

Cli­nica Abierta con Dr. Elmo Rodriguez

Cli­nica Abierta con Dr. Elmo Rodriguez

Anthropic's Claude Cowork reframes what AI assistance looks like for non-technical users, turning what began as a developer CLI into a task-oriented, agentic coworker that can actually do work across local files, browsers, and connected tools. This episode breaks down why UI shifts like this matter, how Cowork changes who can benefit from agentic AI, where it falls short in its early research preview, and why making Claude Code accessible may unlock an entirely new wave of everyday productivity—even if the hardest part now is productizing the right use cases rather than building the models themselves.Brought to you by:KPMG – Discover how AI is transforming possibility into reality. Tune into the new KPMG 'You Can with AI' podcast and unlock insights that will inform smarter decisions inside your enterprise. Listen now and start shaping your future with every episode. ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://www.kpmg.us/AIpodcasts⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Zencoder - From vibe coding to AI-first engineering - ⁠⁠⁠⁠⁠⁠⁠⁠http://zencoder.ai/zenflow⁠⁠⁠⁠⁠⁠⁠⁠Optimizely Opal - The agent orchestration platform build for marketers - ⁠⁠⁠⁠https://www.optimizely.com/theaidailybrief⁠⁠⁠⁠AssemblyAI - The best way to build Voice AI apps - ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://www.assemblyai.com/brief⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠LandfallIP - AI to Navigate the Patent Process - https://landfallip.com/Robots & Pencils - Cloud-native AI solutions that power results ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://robotsandpencils.com/⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠The Agent Readiness Audit from Superintelligent - Go to ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://besuper.ai/ ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠to request your company's agent readiness score.The AI Daily Brief helps you understand the most important news and discussions in AI. Subscribe to the podcast version of The AI Daily Brief wherever you listen: ⁠⁠⁠⁠https://pod.link/1680633614⁠⁠⁠⁠Interested in sponsoring the show? sponsors@aidailybrief.ai

The storage apocalypse has arrived. An old friend drops by to talk survival strategies as prices explode, and we pitch our own unapologetically 90s approach to stretching storage.Sponsored By:Managed Nebula: Meet Managed Nebula from Defined Networking. A decentralized VPN built on the open-source Nebula platform that we love. CrowdHealth: Discover a Better Way to Pay for Healthcare with Crowdfunded Memberships. Join CrowdHealth to get started today for $99 for your first three months using UNPLUGGED. Support LINUX UnpluggedLinks:

This is a recap of the top 10 posts on Hacker News on January 11, 2026. This podcast was generated by wondercraft.ai (00:30): The struggle of resizing windows on macOS TahoeOriginal post: https://news.ycombinator.com/item?id=46579864&utm_source=wondercraft_ai(01:51): I dumped Windows 11 for Linux, and you should tooOriginal post: https://news.ycombinator.com/item?id=46574707&utm_source=wondercraft_ai(03:13): Don't fall into the anti-AI hypeOriginal post: https://news.ycombinator.com/item?id=46574276&utm_source=wondercraft_ai(04:34): Statement from Jerome PowellOriginal post: https://news.ycombinator.com/item?id=46582420&utm_source=wondercraft_ai(05:56): CLI agents make self-hosting on a home server easier and funOriginal post: https://news.ycombinator.com/item?id=46580326&utm_source=wondercraft_ai(07:17): iCloud Photos DownloaderOriginal post: https://news.ycombinator.com/item?id=46578921&utm_source=wondercraft_ai(08:39): Gentoo Linux 2025 ReviewOriginal post: https://news.ycombinator.com/item?id=46574769&utm_source=wondercraft_ai(10:00): Anthropic: Developing a Claude Code competitor using Claude Code is bannedOriginal post: https://news.ycombinator.com/item?id=46578701&utm_source=wondercraft_ai(11:22): Meta announces nuclear energy projectsOriginal post: https://news.ycombinator.com/item?id=46578497&utm_source=wondercraft_ai(12:43): My Home Fibre Network DisintegratedOriginal post: https://news.ycombinator.com/item?id=46572679&utm_source=wondercraft_aiThis is a third-party project, independent from HN and YC. Text and audio generated using AI, by wondercraft.ai. Create your own studio quality podcast with text as the only input in seconds at app.wondercraft.ai. Issues or feedback? We'd love to hear from you: team@wondercraft.ai

In this episode, I'm breaking down a guide from Ben Tossel on how you can actually build with AI agents without being technical. I walk through what he's shipped as a “non-technical” builder, why he lives in the terminal/CLI, and the exact workflow he uses to go from idea → spec → build → iterate. We also talk about the meta-skill here: treating the model like your over-the-shoulder engineer/teacher, and using every bug as a learning checkpoint. The takeaway is simple: pick a tool, ship fast, fail forward, and build your own system as you go. Ben's Article: https://startup-ideas-pod.link/Ben-Tossell-Article Timestamps 00:00 – Intro 01:04 – What Ben Has Shipped 03:21 – The Workflow: Feed Context → Spec Mode → Let The Agent Rip 07:52 – His Agent Setup 08:56 – Coding On The Go 10:07 – Things to Learn 13:33 – The New Abstraction Layer: Learning To Work With Agents 14:33 – Learning from Others 16:15 – Use The Model As Your Teacher (Ask Everything) 18:13 – Contributing to Real Products 19:13 – Why this is Different 21:31 – Asking Silly Questions 24:00 – Beyond “Vibe Coding”: A New Technical Class 24:43 – Vibe Coding is a game 27:12 – Fail Forward + Permission To Build And Throw Things Away 28:16 – Pick One Tool, Minimize Friction, Keep Shipping Key Points I don't need to be a traditional engineer to ship—I can learn by watching agent output and iterating. The terminal/CLI is the power move because it's more capable and I can see what the agent is doing. “Spec mode” works best when I interrogate the plan like a philosopher instead of pretending I understand everything. agents.md becomes my portable instruction manual so every new repo starts clean and consistent. The fastest learning path is building ahead of my capability and treating bugs as checkpoints—fail forward. Numbered Section Summaries The Thesis: Non-Technical Doesn't Mean Non-Builder I open with Ben's core claim: you can ship real software by working through a terminal with agents, even if you can't write the code yourself—because you can read the output and learn the system over time. Proof: What He's Actually Shipped I run through examples Ben built—custom CLIs, a crypto tracker, “Droidmas” experiments, an AI-directed video demo system, and automations that keep projects moving even when he's away from his desk. The Workflow: Context → Spec Mode → Autonomy High Ben's process is straightforward: talk to the model to load context, switch into spec mode to pressure-test the plan, link docs/repos for exploration, then let the model run while he watches and steers when needed. http://agents.md/ The “Readme For Agents” That Follows You Everywhere I explain why agents . md matters—one predictable place to tell your agent how you want repos structured, how to commit, how to test, and what “good” looks like so each session gets smoother. Coding On The Go: PRs, Issues, Phone, Telegram, Slack We get into the real “agent native” behavior: install the GitHub app, work via pull requests and issues, tag the agent to self-fix, and even push changes from your phone—plus using Slack as a one-person “product” with an agent in the loop. Learning The Primitives: Bash, CLIs, VPS, Skills I cover the building blocks Ben's learning: bash commands and repeatable terminal workflows, preferring CLIs over MCPs to save context, and using a VPS + syncing to keep projects always-on. The Mindset Shift: The Model Is The Teacher The real unlock is treating the model like your patient expert—ask everything you don't understand, bake “explain simply” into your agent instructions, and close knowledge gaps as they appear. Fail Forward, Pick One, Keep Shipping I end on the playbook: build ahead of your capability, treat it like play, give yourself permission to throw things away, and stop tool-hopping—pick one system and go deep. The #1 tool to find startup ideas/trends - https://www.ideabrowser.com LCA helps Fortune 500s and fast-growing startups build their future - from Warner Music to Fortnite to Dropbox. We turn 'what if' into reality with AI, apps, and next-gen products https://latecheckout.agency/ The Vibe Marketer - Resources for people into vibe marketing/marketing with AI: https://www.thevibemarketer.com/ FIND ME ON SOCIAL X/Twitter: https://twitter.com/gregisenberg Instagram: https://instagram.com/gregisenberg/ LinkedIn: https://www.linkedin.com/in/gisenberg/

Derick Schaefer, author of CLI: A Practical Guide to Creating Modern Command-Line Interfaces, talks with host Robert Blumen about command-line interfaces old and new. Starting with a short review of the origin of commands in the early unix systems, they trace the evolution of commands into modern CLIs. Following the historic rise, fall, and re-emergence of CLIs, they consider innovative examples such as git, github, WordPress, and warp. Schaefer clarifies whether commands are the same as CLIs and then discusses a range of topics, including implementation languages, packages in the golang ecosystem for CLI development, CLIs and APIs, CLIs and AIs, AI tooling versus MCP, the object-command pattern, command flags, API authentication, whether CLIs should be stateless, and output formats - json, rich text. Brought to you by IEEE Computer Society and IEEE Software magazine.