Podcasts about Cloudflare

Share on
Share on Facebook
Share on Twitter
Share on Reddit
Copy link to clipboard

American technology company

  • 584PODCASTS
  • 1,066EPISODES
  • 47mAVG DURATION
  • 5WEEKLY NEW EPISODES
  • Jan 24, 2022LATEST

POPULARITY

20122013201420152016201720182019202020212022


Best podcasts about Cloudflare

Show all podcasts related to cloudflare

Latest podcast episodes about Cloudflare

Motley Fool Money
Being a Net Buyer of Stocks, Investing in China's Middle Class

Motley Fool Money

Play Episode Listen Later Jan 24, 2022 29:22


It's never easy to see your stocks go down, especially when the overall market starts the way it has this year. Jason Moser discusses the importance (and psychological challenge) of being a net buyer of stocks and opens up about his decision-making process to buy more shares of Cloudflare, before he and Chris Hill share two stocks on their respective watchlists that they are looking to add shares of next. Plus, Bill Mann discusses China's enormous middle class, why so many businesses are making a play for it, and the role real estate investing plays in China. If you're looking for stocks to add to your own watchlist, we've got 15 in our free Investing Starter Kit. For a copy just go to www.fool.com/StarterKit Stocks: NET, SBUX, TWLO, AMZN, NFLX, PYPL, SHOP, JD, NTDOY Host: Chris Hill Guests: Jason Moser, Bill Mann Producer: Ricky Mulvey Engineers: Dan Boyd, Rick Engdahl

Alles auf Aktien
Kartografie der Tech-Krise und Bayer mit Biotech-Fantasie

Alles auf Aktien

Play Episode Listen Later Jan 24, 2022 15:28


In der heutigen Folge „Alles auf Aktien“ sprechen die Finanzjournalisten Anja Ettel und Holger Zschäpitz über das Comeback von Teamviewer, eine grüne Aktie mit Energieverlust und digitale Konkurrenz für Krypto. Außerdem geht es um Goldman Sachs, JPMorgan, Siemens Gamesa, Siemens Energy, Bitcoin, Bayer, Virgin Galactic, Vroom, CureVac, C3.ai, Lemonade, GoHealth, Peloton, QuantumScape, Rivian, Quantumscape, Virgin Galactic, C3.ai, GameStop, Beyond Meat, Palantir, Fiverr, Pinduoduo, MercadoLibre, DoorDash, Etsy, Draftkings, Netflix, Vimeo, DocuSign, Cloudflare, Crowdstrike und Roblox. "Alles auf Aktien" ist der tägliche Börsen-Shot aus der WELT-Wirtschaftsredaktion. Die Wirtschafts- und Finanzjournalisten Holger Zschäpitz, Anja Ettel, Philipp Vetter, Daniel Eckert und Nando Sommerfeldt diskutieren im Wechsel über die wichtigsten News an den Märkten und das Finanzthema des Tages. Außerdem gibt es jeden Tag eine Inspiration, die das Leben leichter machen soll. In nur zehn Minuten geht es um alles, was man aktuell über Aktien, ETFs, Fonds und erfolgreiche Geldanlage wissen sollte. Für erfahrene Anleger und Neueinsteiger. Montag bis Freitag, ab 5 Uhr morgens. Wir freuen uns an Feedback über aaa@welt.de. Disclaimer: Die im Podcast besprochenen Aktien und Fonds stellen keine spezifischen Kauf- oder Anlage-Empfehlungen dar. Die Moderatoren und der Verlag haften nicht für etwaige Verluste, die aufgrund der Umsetzung der Gedanken oder Ideen entstehen. Hörtipps: Für alle, die noch mehr wissen wollen: Holger Zschäpitz können Sie jede Woche im Finanz- und Wirtschaftspodcast "Deffner&Zschäpitz" hören. Außerdem bei WELT: Im werktäglichen Podcast „Kick-off Politik - Das bringt der Tag“ geben wir Ihnen im Gespräch mit WELT-Experten die wichtigsten Hintergrundinformationen zu einem politischen Top-Thema des Tages. Mehr auf welt.de/kickoff und überall, wo es Podcasts gibt. +++Werbung+++ Hier geht's zur App: Scalable Capital ist der Broker mit Flatrate. Unbegrenzt Aktien traden und alle ETFs kostenlos besparen – für nur 2,99 € im Monat, ohne weitere Kosten. Und jetzt ab aufs Parkett, die Scalable App downloaden und loslegen. Hier geht's zur App: https://bit.ly/3abrHQm

programmier.bar – der Podcast für App- und Webentwicklung
News 03/22: Quantencomputer // Cloudflare // Parcel CSS / iCloud Privat Relay // Google Analytics Datenschutz // Luca App // colors.js Rebellion

programmier.bar – der Podcast für App- und Webentwicklung

Play Episode Listen Later Jan 19, 2022 33:59


In der dritten Woche des neuen Jahres geben wir ein Update zu Googles Quantencomputer-Plänen. Google hat dafür eine hübsche, interaktive Karte gebaut, die den aktuellen Stand und weitere Schritte übersichtlich zusammenfasst.In den letzten News ging es um die Nutzung des Internets, die Cloudflare zusammengetragen hat. Ein netter Hörer hat uns nochmal mehr Kontext gegeben, warum sie Zugriff auf diese Daten haben und diese Info teilen wir mit euch.Parcel CSS ist ein neues Tool am Rust-Himmel, das super schnell CSS zusammenpackt im Vergleich zu ESBuild und CSSNano.Deutsche Mobilfunkanbieter sträuben sich gegen iCloud Private Relay. Wir verstehen die Gründe noch nicht ganz.Ein Contributer der bekannten Open-Source-Bibliotheken color.js und faker.js rebelliert, indem er absichtlich eine Endlosschleife einbaut. Die Community reagiert gespalten auf diese Vorgehensweise.Google Analytics ist laut der Österreichischen Datenschutzbehörde nicht für den Einsatz in der EU kompatibel.Schreibt uns! Schickt uns eure Themenwünsche und euer Feedback: podcast@programmier.barFolgt uns! Bleibt auf dem Laufenden über zukünftige Folgen und virtuelle Meetups und beteiligt euch an Community-Diskussionen. TwitterInstagramFacebookMeetupYouTube

The Business Brew
Muji – A hhhypergrowth Discussion

The Business Brew

Play Episode Listen Later Jan 13, 2022 85:15


Muji stops by The Business Brew to discuss modern internet infrastructure.  Muji has extensive technical knowledge about internet infrastructure, network security, and high growth companies such as Snowflake.  He shares his knowledge via a paid newsletter, found at hhhypergrowth.com, which Bill subscribes to and enjoys very much.  Our discussion mostly focuses on how information travels over the internet to end up being consumed by everyone.  This is a very interesting discussion and we hope you enjoy. Detailed show notes below the Stream by Mosiac sponsor copy and thank yous. Please leave us a rating in your favorite podcast player! This episode is brought to you by Stream by Mosaic, a product that is integral to any fundamental research process.  Stream has developed an extensive library of expert interviews that cover a variety of industries.  StreamRG.com features over 300 expert interviews.  70% of Stream's experts are found exclusively on StreamRG.com.  Visit StreamRG.com and use promo code BREW for a 14 day trial. Album art photo taken by Mike Ando.  Please see https://www.mikeando.com/ Thank you to @mathewpassy (on Twitter) for the show production. Detailed Show Notes 4:30 – What is an edge network and a CDN   9:45 – How Fastly and Cloudflare attacked Akami   15:40 – Cloud Infrastructure vs. CDNs   18:50 – Fastly strategy   21:30 – The rise of software defined networking   23:15 – Fully programmable app stacks vs. monolithic app stacks   27:50 – Why Muji was hesitant to invest in software and what changed   30:30 – Why some applications are potentially more sticky than they used to be   36:30 – How Muji finds hhhypergrowth companies to invest in   41:00 – When Muji sells   44:50 – Muji's process and what he looks for   50:50 – What is zero trust and why is it important?   57:20 – Back to CDNs and their roles in app reliability and performance   1:02:00 – CDNs are now “mesh” and what that means   1:06:20 -  What is the role of centralized data going forward?   1:12:54 – The Internet of Things and how 5G fits in   1:18:00 – How does Muji think about valuation? 1:22:00 – How Muji thinks about company culture and the risks of growth

Doppelgänger Tech Talk
#108 SEA | Dlocal | Opensea | Metaverse |

Doppelgänger Tech Talk

Play Episode Listen Later Jan 7, 2022 66:00


Erstmals fallende Kurse? Was ist bei SEA und Dlocal los? Der NFT Marktplatz Opensea hat eine neue Finanzierungsrunde gemacht. Metaverse in Las Vegas. Fraser Perring shortet Tesla. Wird Google in Zukunft Apple noch für die Suche zahlen dürfen? Philipp Glöckler (https://twitter.com/gloeckler) und Philipp Klöckner (https://twitter.com/pip_net) sprechen heute über: 00:17:15 Robinhood 00:18:35 SEA 00:21:55 Dlocal 00:29:15 OpenSea 00:34:25 Meta / Wallmart 00:40:00 Playstation VR 00:44:45 Fraser Perring shortet Tesla 00:59:20 Google Antitrust, Apple, Affirm, Klarna Shownotes: Fraser Perring wettet gegen Elon Musk https://www.handelsblatt.com/finanzen/anlagestrategie/trends/leerverkaeufer-short-wette-bei-tesla-fraser-perring-wettet-gegen-elon-musk/27948690.html Washington puts "buy now, pay later" industry on notice https://www.axios.com/buy-now-pay-later-scrutiny-bnpl-07bb5981-3c06-4e55-8665-cc41d786497a.html Bedeutende Sammelklage: Such-Deal zwischen Apple und Google soll vollständig offengelegt und beendet werden https://www.apfelpage.de/news/bedeutende-sammelklage-such-deal-zwischen-apple-und-google-soll-vollstaendig-offengelegt-und-beendet-werden/ Germany's antitrust probe of Google products steps up a gear https://techcrunch.com/2022/01/05/germany-fco-google-decision/ **Doppelgänger Tech Talk Podcast** Earnings & Event Kalender https://www.doppelgaenger.io/kalender/ Sheet https://doppelgaenger.io/sheet/ Disclaimer https://www.doppelgaenger.io/disclaimer/ Post Production by Jan Wagener https://www.linkedin.com/in/jan-wagener-49270018b Sponsoring Anfrage https://forms.gle/RDqb8FDFmdgxrwdZ6

The WP Minute
Not a year in WordPress review

The WP Minute

Play Episode Listen Later Dec 29, 2021 5:13


WordPress 5.9 Beta 4 was released this week. Sara Gooding over at the Tavern wrote that there are a few important changes to note in this release regarding how the WordPress admin will direct users who are exploring block themes. There is an incompatibility message for redirection depending on whether the theme is using blocks or the customizer. The release team has determined that a 5th beta will not be necessary and the official release is scheduled for January 25, 2022. Events The call for speakers is now open for WordCamp Europe 2022. We will have to keep an eye on how this in-person event will be safely organized. It appears that you will also be able to participate online. From Our Contributors and Producers A software vendor has lost a civil case in a first-time ruling by Italian courts on open source licensing. The case involved Ovation's GPL licensed Dynamic.ooo software, which is a plugin for the open-source Elementor platform for building WordPress websites. The software was distributed without including acknowledgment of the original work, including information about changes tthat he defendants had made to the software, and with no mention of the software's copyright holders. There is a fine levied against the defendants every day until the software is brought into compliance. WPCS.io, an Amsterdam-based provider of the world's first multi-tenant WordPress cloud platform to create SaaS solutions with WordPress, announced that they are raising a substantial seed investment from Arches Capital. WPEngine announced on their blog that they have acquired the Frost theme, adding to their open-source cache of WordPress solutions. This theme was created by Brian Gardner and focuses on block editing and the full site editor. Gardner re-joined WPEngine in late September of this year as Principal Developer Advocate. This ended his “gap year” after staying with WPEngine during a transition period of the hosting company acquiring StudioPress, a company he was a partner in previously. WPEngine will be issuing full refunds to active customers. Matt Mullenweg lays out a debate over the future of the internet. Mullenweg, Automattic CEO and WordPress founder, joins ‘TechCheck' to discuss the future of their internet. The WordPress developer explains the difference between open vs. closed platforms and which will see the most growth. This will be interesting to watch next year. Interesting TikTok news Is it possible that TikTok brought more traffic than Google this year? The viral video app seems to be on a high, finishing the year with the most cumulative internet traffic of any domain in the world — more so even than Google, which typically holds the number-one spot. Cloudflare reviewed how the Internet went for TikTok in 2021. Next up Michelle Frechette with a year-end wrap-up. Don't forget to read Michelle's contributor post: In-person events:

Cyrus Says
Cock & Bull feat. Amit and Antariksh | Social Media and Streaming Platforms in 2021

Cyrus Says

Play Episode Listen Later Dec 29, 2021 77:27


On this episode, Cyrus is joined by Amit and Silverie (Antariksh) to discuss CloudFlare's end of year 2021 study of the most popular social media platforms, streaming platforms and websites and domains in the past year. Did you know that YouTube was the most used streaming platform for only one particular day in 2021? We didn't either! Tune in.Subscribe to our new YouTube channel: https://www.youtube.com/channel/UCmY4iMGgEa49b7-NH94p1BQAlso, subscribe to Cyrus' YouTube channel: https://youtube.com/channel/UCHAb9jLYk0TwkWsCxom4q8AYou can follow Amit on Instagram & Twitter @DoshiAmit: https://twitter.com/doshiamit and https://instagram.com/doshiamitYou can follow Antariksh on Instagram @antariksht: https://instagram.com/antarikshtDo send in AMA questions for Cyrus by tweeting them to @cyrussaysin or e-mailing them at whatcyrussays@gmail.comDon't forget to follow Cyrus Broacha on Instagram @BoredBroacha (https://www.instagram.com/boredbroacha)In case you're late to the party and want to catch up on previous episodes of Cyrus Says you can do so at: www.ivmpodcasts.com/cyrussaysYou can listen to this show and other awesome shows on the new and improved IVM Podcasts App on Android: https://ivm.today/android or iOS: https://ivm.today/ios

Software Social
It's Been a Year

Software Social

Play Episode Listen Later Dec 28, 2021 41:44


Every doctor is concerned about your vital signs, but a good doctor cares about your overall health. Your website deserves the same care, and Hey Check It is here to help- Hey Check It is a website performance monitoring and optimization tool- Goes beyond just core web vitals to give you a full picture on how to optimize your website to give your users an optimal, happy experience- Includes AI-generated SEO data, accessibility scanning and site speed checks with suggestions on how to optimize, spelling and grammar checking, custom sitemaps, and a number of various tools to help youStart a free trial today at heycheckit.comAUTOMATED TRANSCRIPTColleen Schnettler  0:02  Hey, Colleen, hey, Michelle. Good morning.Michele Hansen  0:43  It's been a year. Oh,Colleen Schnettler  0:45  it has been a year. Yes.Michele Hansen  0:48  2020. Part Two. Okay. 2021. Part two is coming to a closeColleen Schnettler  0:56  eye. That is hard to believe, isn't it?Michele Hansen  0:59  Yeah. And so I thought maybe this would be a good time to reflect on the year that has been and think about the year to come.Colleen Schnettler  1:13  I love this idea. Wow, that's so cool that we've been doing the podcast long enough that we can have a yearly reflection. We've been doing it more than a year. I know as to how a year and a half. I love it.Michele Hansen  1:26  No. So okay, so let's start out with simple file upload. And I feel like it's been a while since we've like actually talked about simple file upload. So you know, as, again, if this was a professionally edited, produced podcast, this is where the heart noises would be. Coleen, can you take us back to where you were in January of 2021. With your business,Colleen Schnettler  1:55  so in January of 2021.So in January of 2021, simple file upload was in alpha, I believe in the Heroku add on store. And so that means it was not yet available for sale. You have to get 100 users, maybe it's beta, you have to get 100 users of your product in the app store before you're allowed to list it for sale. I've my years Right, right. Yeah, yeah, no, that was okay. It was that was 2020 2020. I launched it. Yep. It was JanuaryMichele Hansen  2:35  of 2020. That it was in beta.Colleen Schnettler  2:38  Right. It December, January, it was in beta. Right? Yeah, because I have the date as of February 4 2021, I was able to make it available for sale. So the product has been available for sale since February of 2021. Wow. And this is December. And since that time, it has grown to I'm not 1200 MRR, which is very exciting. And it has been a I mean, this year has been a wild ride professionally if I look back on it, because launch simple file upload. Learned a lot while doing that. And almost even bigger than that in August of 2021. I quit my job to join the Hammerstone team. And you tookMichele Hansen  3:25  a job and then you quite registered like because you were clear Soltan starting out the year. Okay, the next couple years like,Colleen Schnettler  3:33  yeah, I basically went on this roller coaster up, I'd been consulting for years, then one of the companies I consulted for for years, convinced me to come on full time with them. And I had every intention of that being like a long term gig. It's a wonderful company. And then I think I announced on Twitter or on the podcast that I took a job and I got inundated with offers, which was pretty cool. And good to know if you're job hunting, you should probably hunt before you just take one. But then a couple months later, I had this really unique opportunity to join Hammerstone Hammerstone stone is the company co founded with my buddies, Aaron and Shawn that's building the Query Builder component and get paid to build that out and keep the IP so I had to quit the full time job in order to do Hammerstone full time and right now I'm doing Hammerstone full time paid. Yeah, so that's what that's what's going on.Michele Hansen  4:40  I mean, that's a such a journey for you to go from consulting. And then like this sort of like how much consulting do I need to do like and there's kind of period of time where you're trying to go kind of full time or, like more time on simple file upload. Then kind of Just life necessitated taking a job.Colleen Schnettler  5:05  Yeah, I think that's accurate. And I think a lot of people who are trying to build their own businesses can appreciate this. Like, I am super, super excited for those people that can go all in on their business. But I have a lot of bills. And I moved. Oh, I also moved from Virginia to California this year, gradually, Geez, what a year, man. Yeah, so I think the decision thing for me was I launched simple file upload, and the consulting the thing about what I was doing with consulting as I had more than one client, so it was just this incredible overhead of context switching. And the full time job offered me the opportunity, I had negotiated a four day workweek. So it had offered me offered me the opportunity to only have the two things I was working on. And that would have worked out great. I think, if I had stayed there, that would have been, that would have been a great choice, too. But the Hammerstone opportunity just felt too exciting and too big. It's literally exactly what I want to do to turn down. And so I want to say join them in August, and I've been working full time for the client that is funding the development of the product, it actually gives me less time on simple file upload, which is a constant, again, everyone with a job and a side project can appreciate this. It's like a constant balance, trying to find the time for all the things I want to do. But if you think about Michelle, if we go back to 2020, I don't have any products, and I have so many products, like I don't even have time for the ball. Like it's amazing, right? multiple things, right? So it's been, it's been really, really, really exciting and spectacular. And one of our friends, Pete, he's written a couple books. And he uses this phrase, expanding your luck surface area. And the concept is, like, really successful guys will always say, Oh, I just got lucky. How many times have you met someone who's running a, you know, half 1,000,002 million ARR business? It's like, Oh, we got really lucky. It's like, Yeah, but luck played a part. But this concept, I really love this concept of luck, surface area. Luck played apart, but you did all the things to position yourself to take advantage of the opportunity when it presented itself. Yeah. And so all these things we do honestly, like the podcast and launching products, and speaking at conferences, all of those things, I think, really increase the luck surface area. And so I feel incredibly lucky. But also, I also took a lot of steps to put myself in the position Hammerstone, I think is going to be the thing, Michelle, like, it's we feel the poll. I mean, it is exciting. So, you know, we feel the poll,Michele Hansen  7:53  that's interesting, like so, I mean, being on something that's like moving and people are like customers are really excited about it. I guess how do you like contrast that with the response that you get from simple file upload? Like, does that feel like a contrast?Colleen Schnettler  8:11  Oh, yeah. And I think simple file upload meets a very pressing need people have on Heroku. But outside of that, it feels like pushing, right? Like it feels like and this is this is part of growing a business like I'm not, you know, it is what it is. But it feels like, there's a lot of competitors out there. And I have to convince people to go with me, small solo business vers go with, you know, Cloudflare images, or, you know, file stack or some huge company that has servers or they're just at their disposal. And so it feels like a lot of hustle. And I don't I mean, it's a great all of it is a great learning experience. But Hammerstone I mean, people are basically asking us, they are asking to pay us for this thing that is not even done. Like, yeah,Michele Hansen  9:01  like banging down the door. I mean, there have product market fit there. But it's like, it's like very clear that like it's going to happen.Colleen Schnettler  9:11  I mean, our Early Access, based on a couple tweets my co founder sent out, we have like 200 people on an early access list. Based on we don't even have a landing page for this thing. Like it's amazing. It's really exciting. So it's been really I think Justin Jackson has this great article, I think it was this week, he sent it out, although I don't know if everyone got it this week, but it was basically about like, your market is going to determine your success. Like you can have one person who's hustling. It's not necessarily it's not just how hard you work, like you can work really hard. But it's also your market is going to determine your success. And so I don't know it just feels like so many exciting things have happened to me this year is what I'm trying to say So and I think like the Hammerstone thing wouldn't have happened if simple file upload hadn't happened. Right? So these things compound when you think about like, getting you're putting yourself out there and and, you know, the luck going back to the whole luck surface area thing.Michele Hansen  10:17  Yeah, I mean, I think that makes a lot of sense. And like the whole thing about market like, I feel like that's that's something that that Justin hits on a lot and and valuably, so because, you know, there's a quote from a famous investor that I forget who it is. But it's, you know, if maybe it's Paul Graham, when a you know, a good product meets a bad market market wins when a good team meets a bad market market wins when a bad product meets a good market market wins. And I mean, you guys have like, you know, wind is in your sails, and you are just flying along.Colleen Schnettler  10:59  Yeah, it's, it's pretty exciting. And just to clarify, I am still, I still love working on simple file upload, simple file upload is so much fun for me, because there's such a tight feedback loop. Hammerstone is still in this phase, at least the stuff I'm working on where it's big, and it's it's kind of, it's not, it's not done, right. So it kind of feels like a slog, because it's just kind of brute force and getting the work done. Simple file upload is a joy, because every time a customer emails me a question, like I can iterate and improve it. And so I still I didn't mean to I'm not sunsetting it or anything, like I'm still way into it. And I still feel like there's a way to do both right now. Yeah, I just, it's fun, like people are engaging more, I think, if you go back to founders comp, which was in October, my I was I came out of that really excited. And my goal for simple file upload was to really push to see if I could grow it a little bit. And I had hoped to get to 1500 by the end of the year, and I'm at 1200. So that's fine, right? Like it is what it is. But I think a lot more people are engaging with me than in the beginning. Remember the beginning, I couldn't get anyone to talk to me. Mm hmm. I feel like a lot more people are talking to me now. And so I have all kinds of ideas with what I want to do with it. And so yeah, I'm just over overflowing with ideas right now. So it's cool. I think it'sMichele Hansen  12:29  valuable as entrepreneurs to also have like a, like a safe little sandbox to play in to experiment where, you know, if, if you want to try something, you can, there's nobody telling you, you can't there's nobody's job relying on you, no, you're not doing it, of course, you have customers and you're responsible to them. So you can't, you know, just decide to take down your infrastructure for no reason. But like, if you want to cut the prices, 50% like, you can do that, if you want to raise him 50% You can also do that, like and you can just kind of, like learn as an entrepreneur. I mean, that's how I, I kind of loved having a full time job and a side project for a period of time because it was it was just like my safe little playground. And I think it was really, really valuable to have it as just a side project and not intending to go full time on it, because it just took that pressure off it and it made it a joy to just learn how to run a business without that fear of, you know, this has to pay for our mortgage, and like all of that kind of stuff going into that which just adds a lot of pressure when you're already when you're learning a new skill and outside your comfort zone. Like having financial pressure on top of that is really for a lot of people not very helpful mentally, like it can drive you but it's it's it's a lot of pressure.Colleen Schnettler  14:00  Yeah, I think that's a good way to describe it for me like it's a nice side income right now. And I am learning I mean that is what's so cool is tight feedback loop and I'm learning so much how to talk to customers, I made this change to my onboarding email which seems to have made a huge difference. So stop me if I told you this but my onboarding email used to be asking questions and now it's so it used to be can you tell me why you're using simple file upload and I changed it to be quick tips to help you get started fast or something like that. And that seems to really have made a difference so all these little things I'm learning that I can apply elsewhere have been really fun like I'm really enjoying it.Michele Hansen  14:44  So we talked a little bit about at founder summit of like whether you sell the business or not. We didn't I feel like that conversation was that that was a pretty strong no that you that you really enjoy it as at you know, as this little playground So I'm curious, like, as you think about this coming year, and you know, bearing in mind that humans are famously bad at predictions, and this year had so many twists and turns that you did not expect going into the year.Colleen Schnettler  15:18  Oh my gosh, right here. IMichele Hansen  15:19  mean, not not like you set a goal or almost like, like, do you have like an intention that you would want to set for the year of like? Like, what do you mean, it's a big question, but like, what do you want out of?Colleen Schnettler  15:34  out of it? Yeah, that's a fair.Michele Hansen  15:37  Sorry, is, you know, your is your founder journey? Like, is that taking you more towards Hammerstone? Is that in like, less simple file upload? And I don't I I'm starting to answer my own question. So like, just,Colleen Schnettler  15:58  yeah, I understand. So yeah, right. The end of the year, let's look forward, oh, this will be fun, because then we can look at the end of next year and be like, Oh, how well did we align? Okay, so we're going into what? 2022? That's crazy. Okay. So my vision for 2022 would be, I am getting paid by the client to develop this, this Hammerstone product, and we agreed that I'd go until August, I'm sure that can go plus or minus either side, they're pretty flexible. So my vision for 2022 would be early 2022. We're going to start launching hammers stone in Laravel. We're gonna see what the responses there and kind of see what the support burden is. And I will finish out the rails component. While I do that, I still want to put time and effort into simple file upload. I want to get it to I just want to see what does it take to grow it to 2k? Like, can I get to 2k? What does that even look like? What I do? I'm not I mean, I think I want to see you know, what it's capable of? And yeah, if someone wants to give me $200,000 for it, I'll sell it today. But I think just FYI, I'm open to that. But I think realistic or open first. I think realistically, I have a product now I did the first thing is so many people at founder Summit. Okay, I don't know if you remember this at founder Summit, we were on the bus to go to the balloon. And one of the gentlemen on the bus named Matt was talking about how he's in the market to buy a SAS and someone was trying to sell him their SAS and they kept telling him it had really low MRR, like maybe 500 bucks. And they kept telling him, oh, there's all these opportunities to grow it like, you know, you can grow it this way. And he was like, Look, if that but but it had been like this way for like four or five years. And it just been sitting at two to 500 MRR and he said something that has stuck with me. And he said, Okay, if they can really, if there's really opportunity to grow it, why haven't they done it in the five years they've had this thing? And he said it in a way that made me think, Oh, you can just you can do things to grow your SAS like, it won't. I don't know it, it was this point that like, I have control to some degree over whether this thing grows or not. And so I want to put in the work to see I mean, maybe I'll I'll timebox that maybe I'll put in the work until I think in February, it will be a good review point because it'll be a year old. If I put in the work, what happens? Can I grow this? Can I learn how to use Google Analytics and which I don't still don't know how to use? Um, can I learn how to write better copy? Can I learn how to make landing pages that appeal to my users, like, there's so much marketing, I mean, simple file upload is a it's kind of like a playground where I can learn all this marketing stuff. And that'll help me in all products. But I think my goal would be, you know, Hammerstone is going to launch in the in the spring. And then I should be done in the summer. And then we'll be doing the rails launch and rails onboarding. So I think the preponderance of my time will be on Hammerstone. But I don't know about simple file upload. I don't know if I'll sell it. I don't know if I'll continue to grow it. But I'm not going to grow. I'm not going to sell it before February, so reevaluate in February. So I have no idea what it looks like. Yeah, but I think I think the idea would be to focus more on Hammerstone and grow Hammerstone to support me, so I don't have to consult anymore. That would be pretty sweet.Michele Hansen  19:32  I think it's also worth like reminding that when you launch simple file upload, you wanted to have a product. Oh, yeah. You also like you also did not want to be a solo founder like you have always wanted to be part of a team and I think that's something that drove you to take that job was being part of a team and why you had considered previous job offers.Colleen Schnettler  19:56  Yes, I was lonely. Absolutely. Yeah, very social person. And so I was absolutely lonely.Michele Hansen  20:03  Yeah. And so I think it would make sense if like, you know, Hammerstone becomes, you know, the the focus and the thing that you really want to go for but and simple file upload is just this, you know, cool thing you have on the side. And when you have time you learn, you know, new marketing skills to make it grow a little bit, but like, it doesn't like, it doesn't have to be the thing.Colleen Schnettler  20:28  Oh, yeah, I don't I don't know, with my current time and energies. I don't think it will be. I mean, I don't see this thing getting to 10 km RR in the next year, right. Like, I just don't I don't think that's the thing I think camera showed is going to be the thing. And this will be the side project that, you know, I can continue to dabble in, or I can sell or whatever. But you're right. I just wanted to have a product. I mean, if you look back at this year, it's amazing how far I've come. Absolutely. Yeah. So that's a my self. Oh, totally. I totally am. I'm really happy with with the growth. And the stuff that I did this year for sure. So let's talk about your year in review.Michele Hansen  21:15  Gosh, okay. January 2021. Um, I mean, I guess the point to start, there is really in February, when I started writing the newsletter book, whatever I calledColleen Schnettler  21:29  February, so good month for us.Michele Hansen  21:33  Yeah, right, we have a lot like, we should go back and listen to those episodes. They're probablyColleen Schnettler  21:37  I know, we totally should.Michele Hansen  21:41  So, so yeah, so I started writing the book, as a newsletter, I didn't really know what was gonna go. totally consumed my spring launched it in July. It's crazy. And like, I'd say, there was like, you know, in the beginning, it was like, you know, 9010, like, mostly geocode do and then just a little bit of book and then towards, like, May in June, it was like 7525. And then I feel like August to October was like, almost 5050. But I think as we kind of close out on the year, and all that I'm really realizing that, you know, so like, I wrote a book, but I don't want to be a writer. I am a software entrepreneur who happened to write a book, and not a software entrepreneur who became a writer. And I think that's an important difference. And I feel like I've been struggling with this a lot of like, should I do more books stuff? Like, should I do like paid workshops and courses? And, like, should I go, you know, like, give workshops at companies? And like, Should I do a mini book that's like the how to talk to people talk things should I do podcast should I do like, or like, you know, have a podcast for the book, like showed you all this other stuff. And I could, but I just, I don't want to, and I really miss, like, my company. Like, I really miss I like, you know, working on JUCO do stuff and just find myself really missing like SEO Marketing, rather than like Info Product Marketing. I miss working synchronously with Mateus. Because I feel like so often we're kind of working in the same office, but not actually working together, because my head is elsewhere on books, stuff and whatnot. And, you know, even if there's no pressure to, like, sell more like, like, I feel like, and maybe this is a voice in my head or from other people, or I don't really know where it comes from, but it's like people like, you know, it's like, you wrote a good book that accomplish the goals, I had to teach entrepreneurs how to understand their customers, and, you know, you know, teach them that everyone has a capacity for empathy, and that they should, you know, they could have more empathy for other people and for themselves and teach them how to do that. And like get accomplished that and yet I find myself, you know, refreshing sales reports and being like, am I going to feel like I accomplished what I set out to do when I sell 500 copies or 1000 copies or 10,000 copies and and no, because the book already accomplished what I set out for it to do. It's a all in one place. I can send other founders to learn how to understand their customers and hopefully to learn more about you know, having empathy for others in themselves. I think I'll still do podcasts about the book, but I think going into To 2022 I would like to do more geocoded stuff and less book stuff.Colleen Schnettler  25:08  Okay, that sounds like a very, it sounds like something you've thought about quite a lot.Michele Hansen  25:17  Yeah, it's it's been on my mind. I've been intending to journal about it. I didn't actually journal about it.Colleen Schnettler  25:23  Oh, God.Michele Hansen  25:25  Like, I should know this. And I, I did open my journal like once. Last week, no, twice. No, I opened it twice. Okay. And then I just have I've had a lot of things I've intended to journal about. And thenColleen Schnettler  25:42  I thought about Yeah, like, in my headMichele Hansen  25:43  kind of like drafting that in my head. That's like, I don't know is, you know, I feel like I'm sort of at a crossroads of like, do I want to lean more into this, like writers stuff? And like, right? I just sat answers, just no. Adults, couldColleen Schnettler  26:02  you figure that out. I mean,Michele Hansen  26:03  like, I liked writing the book, I had so much fun. writing it as a newsletter, especially and getting feedback as I went, and then like, interviewing all the people who are reading it, like, that was awesome. Like, I love the writing process, even the really hard parts where I felt like I was doing major surgery on it every weekend, like completely rewriting it, like, but all of the, the work of being an independent writer, like, you know, and I feel like I sound like you're, you know, sort of a very typical indie hacker when I'm like, Oh, I liked you know, creating the thing, but I don't like, like, Yes, I know, I hear that, thank you. But I don't know, I don't have to sell it, like I don't, you know, it's gonna, if it's a good book, people are gonna recommend it. Like, I'll still go on podcasts, like, I'm still gonna talk about it. But that's basically the only thing I found that doesn't really drain me. Like, I feel like I died a little bit inside when I was sending those emails Black Friday week about Lady sale. Like, it's just me, like, it's not that it's not like, that's a valid marketing approach. And it works for a lot of people, but it's just, you know, we like we kind of talked a little bit about, like, founder business fit. Yes, and I've sort of been mulling over this idea about founder marketing fit, which is that, you know, we design our businesses, right, you know, sometimes intentionally and sometimes not, but fundamentally, every decision you make is a design decision in the business. And, you know, it has to be a type of business that that suits you and how you want to work and what you're good at, and, but also how you market it, that has to fit with you too. And like, for some people, you know, sending out like, sales emails, and having a cohort come in, like, whether it's for software or for a course or whatnot. Like, that's how they want to do things. And that really fits with how they like to work. For other people like me, that's like, I really like talking to people and then looking at analytics, and then writing stuff related to what people need. And then like selling that way, and actually, you know, doing active sales, negotiating with people, I enjoy all of that. And I feel like with God, I have a really, really good founder, marketing fit, like, the way we market the product works. And I feel good about it, and it plays to my skill set. And I'm always improving that skill set, but like, it's, it's very much in my wheelhouse. And I just feel like the way of promoting a book and it's just not a fit for me. Like it's just not. And, you know, I could promote it in other ways. Like, um I don't, I'm just I'm just so drained. Like, by so much of it. Like, the only thing that feels drained me is like, you know, talking to people on podcasts.Colleen Schnettler  29:16  Okay, so I felt this way about the book for a while, it feels like you're asking permission to not market it.Michele Hansen  29:22  Yeah. Because I feel like to me, like you know, there was there was this point when I was still in the drafting phase when somebody who had who had bought the preorder of it you know, made a comment I think on like LinkedIn or something that like, the book was not only helping them understand their customers better, but also helping them understand how to be a better coworker and spouse. And like, that was the moment when I knew I was like, Okay, this book has achieved what I hoped it would achieve. And then some like my like, wildest dream goal here. And now I just need to ship it. But to me like the book is a success, if I have one person have that response to it, like, I don't need to have a million people read this book, I don't even need to have 10,000 Read it, right? Like it's and it's also like this is, this is a long term asset, right? Like it's not going to expire. You know, it's sold almost 1000 copies in its first year, which is apparently a lot better than, than most books both published and self published. Like this is a long term thing, I can't exhaust myself on it now doing all sorts of things that I don't need to do that don't feel natural or like a fit to me. But just success is just not the number of copies sold. And it's not like anybody is asking for how many I've sold. But I'm like, oh, like spilled in public thing. I should be posting like a numbers update every so often. And I do that. And then I find myself like checking the sales reports every day, and I feel so drained. And it's just like, it's just, that's just not success to me. Like I just don't. I just don't, I just don't care about like, that was just not I didn't write it to make money or to sell a certain number of copies. I feel like I've kind of been stuffing down my own feelings about what success for the book looks like.Colleen Schnettler  31:38  Right? So my thought here is, why are we even talking about it anymore? don't market it. Just let it be? Oh, no, no, that that's the right thing. Right. Like I said, Okay, well do what you feel comfortable with. I'm you know, podcast. SoMichele Hansen  31:53  booked on a bunch of podcasts like, Yeah, I kind of kind of like take like a month off from doing that. Okay, but like, I like doing that. Um, but even like writing the newsletter, like, has felt like a burden. And I think it's because I've been doing all this. I've been doing all this talking about talking to customers, but I haven't had time to actually talk to customers. Yeah, I feel like I have anything to say at this point. I mean, and the point of the book was to get everything in my head out. Right, I did that. And so now I don't really? I don't know I, at least for right now. I feel like I don't have anything else.Colleen Schnettler  32:34  Yeah, well, I think that okay, so you know me very well. I am a pretty logical person. Don't read horoscopes don't go to psychics, not really into that touchy feely stuff. And I am a firm believer, despite all of that, this is totally out of line with my personality. I'm a, I'm an I'm a firm believer of like going with your energy. So if you are dreading it every time you send out a Black Friday email, I mean, you you've learned this about yourself, you know that that's not the right thing to do. So I for you, and your, you know, because you have income from another source, you can totally do that you are in no way dependent on this book income. I think it's great that you've kind of discovered this about yourself and made this decision. And you're just going to do the things that, you know, bring you energy and you love which it sounds like is the podcast promoting and just let the other stuff go turn off the notifications? Who cares?Michele Hansen  33:25  Yeah. You know, I think for like, for me, like, my theme of 2021 was the phrase soul nourishing, and I love that doing things that I felt really, really nourished my soul whether that's conversations with people who have similar values, or ideas or dreams, or writing the book, and kind of fulfilling that lifelong dream of writing a book was one of them. I don't know what 2022 is going to be, but I feel like it needs to be not just my soul getting nourished because as we've talked about, I've neglected a lot of other areas of I don't I don't know the word I'm looking for here but like, there needs to be a sort of overall wellness. Focus, I think a little bit more of a holistic, nourishing. Okay, going on. And that includes kind of like, yeah, you're such a California girl, respecting my energy, you know,Colleen Schnettler  34:43  I know right? Come over, I'll give you an SAE Bowl trophy for breakfast now. I didn't even know what else it was before I moved here. Now I'm like, Oh, I buy that shit at Costco.Michele Hansen  34:53  Yes, I'm gonna show up and you're gonna give me like crystals and essential oils. Yeah, no, no, no, no, no, no, no Yeah, I know, I, you know, it took me like a couple of months for that phrase like Soul nourishing to kind of crystallize in my head and be driving me. So it's gonna take me time for whatever this new phrase is going to be. But like, I'm very much in my head, like, like I like I went to get a massage a couple weeks ago because like, I need to work on my stress, I need to lower my stress levels, I need to go get a massage. And the massage therapist was like, I need to get you out of your head and into your body because you are so much in your head. Yeah. And and so, I don't know. I don't know. I'll let you know when I figureColleen Schnettler  35:38  out what Yeah, report back. But so for you 2020 To tell us more aboutMichele Hansen  35:43  to like I was so outside my comfort zone this year between being in a country and writing a book and promoting a book and like, all these other things, like I'm so far outside my comfort zone that I really just want like, comfort and coziness in my life. Like I want yeah, I want it to be calm and peaceful and quiet. Like I find myself missing quietness.Colleen Schnettler  36:15  And so you think for you that you don't know what that looks like, but you think that probably means more time on geocodes to working with your husband. And just chill out? Like you're kind of acclimating you've been there a year now. How long have you lived there? Gosh, when did you go here a year and a half?Michele Hansen  36:32  Like, yeah,Colleen Schnettler  36:33  the podcast. I can always no, that's because we're notMichele Hansen  36:36  talking to each other. It's like, we need a weekly appointment to make sure we talk to each other. Let's make it a public appointment. Like,Colleen Schnettler  36:44  uh, but I Yeah, okay. I know, you're talking about calm over there. And I have, for whatever reason, something you said just started all these ideas going off into my head that I'm really excited about all of a sudden. So. Yes. 2020 To be a calm year for Michelle 2023 I mean, refer to comfortingly. arity Yeah. push really hard for a yearly arity. No, I totally get that. I think, right, you worked. I mean, you hustled like, whoa, this year. So maybe this 2022 is a year where you relax into what you have built and grown for yourself. I mean,Michele Hansen  37:27  and I also, you know, did expand my luck surface area to quote peeking again. And, you know, so that means, you know, maybe there will be conference talk opportunities or other podcasts or something like, I'm open to that. It's just, I'm just Yeah, I'm just so tired. And, you know, I like, I like giving talks, but I'm not gonna, like hustle and create this, like workshop package that I can sell to companies.Colleen Schnettler  38:00  Yeah, you know what? I'm not gonna do. Okay, can I say something? Because I want to get it on record. Okay. So, earlier, you said that you were looking, you know, how drainie I'm sorry, how the marketing for the book is really draining, and you want to do things that really, you know, bring you energy. Okay, this is only 2021. So I'm thinking like, 2025 and I know, I brought this up a few times. However, now that I have a business that looks like it's gonna be really successful. Dude, we are so starting an incubator. Like we're gonna have our own venture fund, and then we're going to help people build businesses. 2025 You heard it here first.Michele Hansen  38:39  I don't know if it's a venture fund or like, it's like our own on profit income. I don't know what it looks like or something. There's gonna be a software social something.Colleen Schnettler  38:51  I feel like this is gonna happen. Like you talking about your energy levels. That'sMichele Hansen  38:55  taken but software social something is Yeah. Gonna have coming at some pointsColleen Schnettler  39:03  in the next 10 years. The future in the future. Yeah. Okay. I know, I brought it up before I just when you were talking about excitement. I was like, Oh, dude, this is this is something we're gonna maybe do someday. That'll be a good retirement job for me. Yeah, totally. Right. I mean, maybe it'll be years 20 years. I don't know. Someday. So that sounds good, though. I mean, that sounds like for you.Michele Hansen  39:29  In my backyard those are my retirement you drink gin. Yeah, like dreamed about making a little like, gin distillery My oh my gosh, are so funny on our farms smell like they smell like apricots when you bolt them. And then I'm like, Oh, Nick, amazing. Like pine. Apricot. Gin. So I don't make it now. But that's again, retirement dreamColleen Schnettler  39:48  retirement dream. Yeah, so it sounds like to sum up your money 52 Oh my gosh, to submit for 2022 It sounds like you are looking for a year of finding balance. Yeah, and all the things balance. I think I am looking for another hustle year. So 2022 is going to be another I know 2021 was a hustle year for me with Hammerstone launching and simplify, upload kind of not sure what I'm going to do with that. But 2022 for me is another hustle year I thinkMichele Hansen  40:26  2020 was like a hustle year for you as much as like a ping pong year because I feel like all over the place kind of all over the place like both like physically and yeah, work wise. And like, I would love to see you really, really grow into this role of being a founder of Hammerstone. And like, and, and bringing that to life and helping that blossom and really leaning into that because I think you have so much more to discover about yourself as a founder.Colleen Schnettler  41:04  Yeah, totally agree. I love it.Michele Hansen  41:06  Cheers to 2022 Cheers toColleen Schnettler  41:09  2022 Oh, my goodness. All right, well, I guess that will wrap up this week's episode of the software, social podcast, Happy New Year to all of you. We'd love to hear what your goals are for 2022. Or if you want to hit us with the 2021 recap. That's always fun. We love to hear everyone's stories. You can reach us on Twitter at software slash pod. Talk to you next year. It's no my favorite joke. Remember when you were a kid and used to make that joke? Like like talk to you next year? It's still a great joke. Okay,

HABERTURK.COM
TikTok, Google'ı geride bırakarak en popüler platform oldu

HABERTURK.COM

Play Episode Listen Later Dec 24, 2021 1:56


İletişim teknolojisi güvenlik şirketi Cloudflare'e göre, viral video uygulaması TikTok, Amerikan arama motoru devi Google'dan daha fazla kullanılıyor.

TWiT Bits (Video HI)
SN Clip: TikTok Most Popular Domain of 2021

TWiT Bits (Video HI)

Play Episode Listen Later Dec 24, 2021 11:49


On Tech News Weekly, Jason Howell and Mikah Sargent talk to Abrar Al-Heeti of CNET about how TikTok dethroned Google as the most popular domain visited this year. For this story and more, check out Tech News Weekly: https://twit.tv/tnw/214 Hosts: Mikah Sargent and Jason Howell Guest: Abrar Al-Heeti You can find more about TWiT and subscribe to our podcasts at https://podcasts.twit.tv/

TWiT Bits (MP3)
SN Clip: TikTok Most Popular Domain of 2021

TWiT Bits (MP3)

Play Episode Listen Later Dec 24, 2021 11:46


On Tech News Weekly, Jason Howell and Mikah Sargent talk to Abrar Al-Heeti of CNET about how TikTok dethroned Google as the most popular domain visited this year. For this story and more, check out Tech News Weekly: https://twit.tv/tnw/214 Hosts: Mikah Sargent and Jason Howell Guest: Abrar Al-Heeti You can find more about TWiT and subscribe to our podcasts at https://podcasts.twit.tv/

TWiT Bits (Video HD)
SN Clip: TikTok Most Popular Domain of 2021

TWiT Bits (Video HD)

Play Episode Listen Later Dec 24, 2021 11:49


On Tech News Weekly, Jason Howell and Mikah Sargent talk to Abrar Al-Heeti of CNET about how TikTok dethroned Google as the most popular domain visited this year. For this story and more, check out Tech News Weekly: https://twit.tv/tnw/214 Hosts: Mikah Sargent and Jason Howell Guest: Abrar Al-Heeti You can find more about TWiT and subscribe to our podcasts at https://podcasts.twit.tv/

mixxio — podcast diario de tecnología
¿De qué sirve tanta tecnología…?

mixxio — podcast diario de tecnología

Play Episode Listen Later Dec 22, 2021 13:00


¿Si no usamos Radar Covid para qué sirve? / Navegador web para Android Automotive / Más gobiernos se suman a HIBP / TikTok dominio más popular del mundo / AirPods de Lidl / Cortana casi se llama Bingo Patrocinador: Descubre los nuevos Xiaomi 11T y Xiaomi 11T Pro https://www.mi.com/es/product/xiaomi-11t/, dos móviles de cine que tienen todo lo que necesitas: una pantalla de 120 Hz para el disfrute permanente de tus ojos, y una carga ultra-rápida de 120W que permite recargar tu móvil por completo en tan solo 17 minutos. https://www.mi.com/es/product/xiaomi-11t-pro ¿Si no usamos Radar Covid para qué sirve? / Navegador web para Android Automotive / Más gobiernos se suman a HIBP / TikTok dominio más popular del mundo / AirPods de Lidl / Cortana casi se llama Bingo

The Cloudcast
2021 in Review, 2022 Predictions

The Cloudcast

Play Episode Listen Later Dec 22, 2021 59:54


Aaron (@aarondelp) and Brian (@bgracely) discuss the biggest trends from 2021, and make bold cloud computing predictions in 2022.SHOW: 577CLOUD NEWS OF THE WEEK - http://bit.ly/cloudcast-cnotwCHECK OUT OUR NEW PODCAST - "CLOUDCAST BASICS"SHOW SPONSORS:CBT Nuggets: Expert IT Training for individuals and teamsSign up for a CBT Nuggets Free Learner accountMegaport - Network as a Service PlatformTry Megaport - Cloud Connectivity SimplifiedSHOW NOTES:PODCAST BUSINESS:Crossed out 11yr anniversary We crossed 500 shows (March '21)Most listens in history, up about 20% from last yearWe launched Cloudcast Basics (4 seasons)We launched the Sunday Perspectives showsWe got named #1 Cloud podcastWe got named top 20 security podcastsListeners in 130 countries | 4200 CitiesIPOs from our guests - $2.678BVC Funding for our guest - $2.516BTRENDS and MAJOR STORIES from 2021:COVID pandemic continued, although some parts of many businesses opened up as vaccines became available. Working from Home seems to be a very real, long-term possibility for many in Tech. 25% of workers changed jobs (via LinkedIn)AWS - $60B, Azure - $68B, GCP - $15BAWS has new leadership. re:Invent felt very different.ARM is making a big push in the cloud (and Mac M1)This idea of “supercloud” or “overlay cloud services” is gaining traction - companies like Red Hat, Snowflake, MongoDB, Confluent, CockroachDB, etc. are growing quickly as SaaS services, even when the cloud has a native service.Cloudflare is making a move to chip away at AWS' profits (egress networking)Digital Ocean is making a bigger push around SMB cloud and developersVMware become independent again (from Dell)Cloud providers still haven't acquired legacy software companies to get into the on-premises data centers. They keep adjusting their offerings (Outposts, Arc, Anthos)Kubernetes keeps growing, but the hype has slowed down and moved to other areas adjacent to Kubernetes (Service Mesh, eBPF, etc.)Software-Supply-Chains and DevSecOps “shift left security” are now heavily funded industry segments. The metaverse, Web3, Crypto, NFTs are all starting to get a lots of hype (and confusion)2022 PREDICTIONS: Our 2020 Predictions from last yearOur 2021 Predictions from last yearAARON's PREDICTIONSZero Trust Models (again…) - Also security has been/will be the hardest part of cloud and hot job market will continueMicrosoft will become top public cloud worldwide, AWS will fall to #2Google will settle into 3rd, 4th, even 5th spot… BRIAN's PREDICTIONS Alphabet/Google decides if they still believe they can get to #2 by 2023We'll start seeing the first generation of ex-AWS people starting new companiesFEEDBACK?Email: show at the cloudcast dot netTwitter: @thecloudcastnet

Security Explained
Log4j Holiday Special!

Security Explained

Play Episode Listen Later Dec 22, 2021 50:54


We're currently on an extended break between seasons 3 and 4 but LO AND BEHOLD the Internet has given us an early Christmas (non)gift .Log4j has been all over the news recently as one of the most impactful vulnerabilities disclosed in recent memory. From AWS to GCP, Cloudflare to DigitalOcean, the Log4shell vulnerability is forcing all manners of security teams to stay up late patching their systems.Join us in this impromptu dive into what is arguably the most impactful vulnerability of the last decade!

PodRocket - A web development podcast from LogRocket

Jon Kuperman, Developer Advocate at Cloudflare, takes us through Cloudflare's product portfolio, including the DNS provider, DDoS protection, Cloudflare workers, video streaming, and more. Links https://www.cloudflare.com https://twitter.com/jkup https://workers.cloudflare.com Review us https://ratethispodcast.com/podrocket Contact us https://podrocket.logrocket.com/contact-us @PodRocketpod (https://twitter.com/PodRocketpod) What does LogRocket do? LogRocket combines frontend monitoring, product analytics, and session replay to help software teams deliver the ideal product experience. Try LogRocket for free today. (https://logrocket.com/signup?pdr) Special Guest: Jon Kuperman.

Recorded Future - Inside Threat Intelligence for Cyber Security

Distributed Denial of Services attacks continue to grow in size, frequency and sophistication, and it's in every organization's best interest to properly prepare themselves against this sort of online attack.  The team at Cloudflare recently published their 2021 Q3 report on DDoS, outlining their observations and recommendations for mitigating DDoS attacks. Joining us is John Graham-Cumming, CTO at Cloudflare, to share his insights on the state of the DDoS threat, and where things may be headed.

AWS Morning Brief
...And Now Everything Is On Fire

AWS Morning Brief

Play Episode Listen Later Dec 16, 2021 6:56


Links: The internet is now on fire:https://www.engadget.com/log4shell-vulnerability-log4j-155543990.html Blog post:https://blog.cloudflare.com/exploitation-of-cve-2021-44228-before-public-disclosure-and-evolution-of-waf-evasion-patterns/ Expecting to be down for weeks:https://www.darkreading.com/attacks-breaches/kronos-suffers-ransomware-attack-expects-full-restoration-to-take-weeks- Update for the Apache Log4j2 Issue:https://aws.amazon.com/security/security-bulletins/AWS-2021-006/ Log4Shell Vulnerability Tester at log4shell.huntress.com:https://log4shell.huntress.com/ TranscriptCorey: This is the AWS Morning Brief: Security Edition. AWS is fond of saying security is job zero. That means it's nobody in particular's job, which means it falls to the rest of us. Just the news you need to know, none of the fluff.Corey: It seems like there is a new security breach every day. Are you confident that an old SSH key or a shared admin account isn't going to come back and bite you? If not, check out Teleport. Teleport is the easiest, most secure way to access all of your infrastructure. The open-source Teleport Access Plane consolidates everything you need for secure access to your Linux and Windows servers—and I assure you there is no third option there. Kubernetes clusters, databases, and internal applications like AWS Management Console, Yankins, GitLab, Grafana, Jupyter Notebooks, and more. Teleport's unique approach is not only more secure, it also improves developer productivity. To learn more, visit goteleport.com. And no, that's not me telling you to go away; it is, goteleport.com.Corey: I think I owe the entire internet a massive apology. See, last week I titled the episode, “A Somehow Quiet Security Week.” This is the equivalent of climbing to the top of a mountain peak during a violent thunderstorm, then waving around a long metal rod. While cursing God.So, long story short, the internet is now on fire due to a vulnerability in the log4j open-source logging library. Effectively, if you can get an arbitrary string into the logs of a system that uses a vulnerable version of the log4j library, it will make outbound network requests. It can potentially run arbitrary code.The impact is massive and this one's going to be with us for years. WAF is a partial solution, but the only real answer is to patch to an updated version, or change a bunch of config options, or disallow affected systems from making outbound connections. Further, due to how thoroughly embedded in basically everything it is—like S3; more on that in a bit—a whole raft of software you run may very well be using this without your knowledge. This is, to be clear, freaking wild. I am deeply sorry for taunting fate last week. The rest of this issue of course talks entirely about this one enormous concern.Corey: This episode is sponsored in part by my friends at Cloud Academy. Something special for you folks: if you missed their offer on Black Friday or Cyber Monday or whatever day of the week doing sales it is, good news, they've opened up their Black Friday promotion for a very limited time. Same deal: $100 off a yearly plan, 249 bucks a year for the highest quality cloud and tech skills content. Nobody else is going to get this, and you have to act now because they have assured me this is not going to last for much longer. Go to cloudacademy.com, hit the ‘Start Free Trial' button on the homepage and use the promo code, ‘CLOUD' when checking out. That's C-L-O-U-D. Like loud—what I am—with a C in front of it. They've got a free trial, too, so you'll get seven days to try it out to make sure it really is a good fit. You've got nothing to lose except your ignorance about cloud. My thanks to Cloud Academy once again for sponsoring my ridiculous nonsense.Cloudflare has a blog post talking about the timeline of what they see as a global observer of exploitation attempts of this nonsense. They're automatically shooting it down for all of their customers and users—to be clear, if you're not paying for a service you are not its customer, you're a marketing expense—and they're doing this as part of the standard service they provide. Meanwhile AWS's WAF has added the ruleset to its AWSManagedRulesKnownBadInputsRuleSet—all one word—managed rules—wait a minute; they named it that? Oh, AWS. You sad, ridiculous service-naming cloud. But yeah, you have to enable AWS WAF, for which there is effectively no free tier, and configure this rule to get its protection, as I read AWS's original update. I'm sometimes asked why I use CloudFlare as my CDN instead of AWS's offerings. Well, now you know.Also, Kronos, an HR services firm, won the ransomware timing lottery. They're expecting to be down for weeks, but due to the log4shell—which is what they're calling this exploit: The log4shell problem—absolutely nobody is paying attention to companies that are having ransomware problems or data breaches. Good job, Kronos.Now, what did AWS have to say? Well, they have an ongoing “Update for the Apache Log4j2 Issue” and they've been updating it as they go. But at the time of this recording, AWS is a Java shop, to my understanding.That means that basically everything internet-facing at AWS—which is, you know, more or less everything they sell—has some risk exposure to this vulnerability. And AWS has moved with a speed that can only be described as astonishing, and mitigated this on their managed services in a timeline I wouldn't have previously believed possible given the scope and scale here. This is the best possible argument to make for using higher-level managed services instead of building your own things on top of EC2. I just hope they're classy enough not to use that as a marketing talking point.And for the tool of the week, the Log4Shell Vulnerability Tester at log4shell.huntress.com automatically generates a string and then lets you know when that is exploited by this vulnerability what systems are connecting to is. Don't misuse it obviously, but it's great for validating whether a certain code path in your environment is vulnerable. And that's what happened last week in AWS Security, and I just want to say again how deeply, deeply sorry I am for taunting fate and making everyone's year suck. I'll talk to you next week, if I live.Corey: Thank you for listening to the AWS Morning Brief: Security Edition with the latest in AWS security that actually matters. Please follow AWS Morning Brief on Apple Podcast, Spotify, Overcast—or wherever the hell it is you find the dulcet tones of my voice—and be sure to sign up for the Last Week in AWS newsletter at lastweekinaws.com.Announcer: This has been a HumblePod production. Stay humble.

MarketFoolery
Overreacting To Retail Data

MarketFoolery

Play Episode Listen Later Dec 15, 2021 19:34


The retail sales report for November underwhelms Wall Street. Comments from Lowe's executives cause momentary panic. Jason Moser analyzes those stories, and we discuss why the CEOs of The Trade Desk, Cloudflare, and Dick's Sporting Goods should receive strong consideration for “CEO of the Year”.   We want your input! Please click the link to take our 4-question survey about TMF podcasts: https://www.foolinsights.com/se/04BD76CC18830996   Holiday Song - If We Make It Through December by Pistol Annies

CRM.Buzz - שיווק, חווית לקוח, טכנולוגיה, דאטה ועוד
מדריך למדוור העיוור. אימייל ללא נתוני פתיחות אימייל והקלקות

CRM.Buzz - שיווק, חווית לקוח, טכנולוגיה, דאטה ועוד

Play Episode Listen Later Dec 15, 2021 13:03


מאמר בבלוג דמיינו עולם של אימייל מרקטינג ללא נתוני הקלקה

Cyber and Technology with Mike
14 December 2021 Cyber and Tech News

Cyber and Technology with Mike

Play Episode Listen Later Dec 14, 2021 9:41


In today's podcast we cover four crucial cyber and technology topics, including:  1. Log4j details emerge, suggesting criminals had 9-day head start  2. TinNuke is back, and targeting French firms   3. Kronos impacted by ransomware; many services offline  4. Apple pushes Android app to detect rogue AirTags  I'd love feedback, feel free to send your comments and feedback to  | cyberandtechwithmike@gmail.com

Cyber Security Weekly Podcast
Episode 301 - Future of Zero-Trust - Insights into the acquisition of Guardicore

Cyber Security Weekly Podcast

Play Episode Listen Later Dec 14, 2021


We speak with Ariel Zeitlin, VP, CTO Enterprise Security Group at Akamai Technologies and Chris Gibbs, Managing Director and Regional Vice President, Australia and New Zealand. Ariel co-founded Guardicore, after spending 11 years as an officer in the Israeli Defense Forces (IDF), where he worked closely with Guardicore's co-founder Pavel Gurvich. At Akamai, Ariel is focusing on building best in class Zero Trust platform. Chris joined Akamai in 2021 with more than 20 years of strategic leadership experience within the technology and telecommunications sector, across both Australia and Asia-Pacific & Japan (APJ). In September 2021, Akamai Technologies, Inc. (NASDAQ: AKAM), announced it will acquire Tel Aviv, Israel-based Guardicore. By adding Guardicore's micro-segmentation solution into Akamai's extensive Zero Trust security portfolio, Akamai has broadened its solution suite to provide comprehensive protections to the enterprise, defending against threat actors and the spread of malware and ransomware. We also discuss the Apache Log4j library vulnerability, (CVE-2021-44228) that was exposed days earlier. The vulnerability, also named Log4Shell or LogJam, has a CVSS severity level of 10 out of 10. The vulnerability allows hackers to execute arbitrary code and potentially take full control of a system.On 10 December, a Friday morning (US time), an exploit was publicly released for the critical zero-day vulnerability. Reports indicate hackers need the application to write just one string to the log. From there, hackers can remotely upload their own code to the application via the message lookup substitution function. Millions of servers are reportedly at risk, including those used by high-profile companies, including Apple, Cloudflare, Twitter, Valve, Tencent, iCloud, Steam, and Minecraft.Further Readinghttps://www.akamai.com/resources/ebook/5-step-ransomware-defense-ebookhttps://www.akamai.com/resources/white-paper/stop-the-impact-of-ransomware-white-paper

Yalla To The Cloud
Episode 81 - CloudFlare R2 Storage

Yalla To The Cloud

Play Episode Listen Later Dec 14, 2021 7:26


בפינה זו, נגיש לכם מידע על העבודה היומיומית בסביבת ענן מנקודת המבט שלנו. דוברי הפרק: אריאל מונפו ואבי קינן.‍ בפרק הקודם, דיברנו על מהו כלי ה- AWS CloudFormation Templates, מה המקור שלו ומאיפה הכל התחיל. כמו כן, הצגנו דוגמאות ל-AWS CloudFormation Templates עבור Serverless Application. ‍ בפרק זה, נדבר על שירות חדש של CloudFlare בשם R2 Storage שנועד להתמודד מול שירות הדגל של AWS בשם S3. נספק הסבר מקיף על אחד הכאבים גדולים בעולם הענן - ה-Egress Fee, שנובע מהקלות של העברת המידע אל תוך הענן לעומת התשלום עבור הוצאת המידע אל מחוצה לו ובסקייל גבוה. רוצים להתעדכן בתכנים נוספים בנושאי ענן וטכנולוגיות מתקדמות? הירשמו עכשיו לניוזלטר שלנו ותמיד תישארו בעניינים. להרשמה: https://www.israelclouds.com/newslettersignup

Alles auf Aktien
Aktien gegen das Internet-Inferno und Meme-Meltdown

Alles auf Aktien

Play Episode Listen Later Dec 14, 2021 14:47


In der heutigen Folge „Alles auf Aktien“ berichten die Finanzjournalisten Nando Sommerfeldt und Holger Zschäpitz über die Rallye der Daimler-Truck-Aktie, einen Krypto-Kontraindikator und eine lukrative gegen die Energiekrise. Außerdem geht es um Windeln.de, Ether, Bitcoin, Apple, Google, Tesla, Amazon, Microsoft, Crowdstrike, Palo Alto Networks, Check Point Software, Datadog,  Cloudflare, Zscaler, Mimecast, Accenture, Cisco, Okta, Global X Cybersecurity (WKN: A2QPB2) WisdomTree Cybersecurity (WKN: A2QGAH), Rize Cybersecurity and Data Privacy (WKN: A2PX6V), First Trust Nasdaq Cybersecurity (WKN: ​​A2P4HV), WisdomTree Natural Gas (WKN: A0KRJ3), WisdomTree Natural Gas 1x Daily Short (WKN: A0V9X4), WisdomTree Natural Gas 3x Daily Leveraged (WKN: A3GL7C), WisdomTree Natural Gas 3x Daily Short (WKN: A1VBKC), Societe Generale Faktor 3x Long Zertifikat auf CO2 Emissionsrechte (WKN: SB37KX), Morgan Stanley Faktor 5.0x Long Zertifikat auf CO2 Emissionsrechte ICE (WKN: MC3SF5) "Alles auf Aktien" ist der tägliche Börsen-Shot aus der WELT-Wirtschaftsredaktion. Die Wirtschafts- und Finanzjournalisten Holger Zschäpitz, Anja Ettel, Philipp Vetter, Daniel Eckert und Nando Sommerfeldt diskutieren im Wechsel über die wichtigsten News an den Märkten und das Finanzthema des Tages. Außerdem gibt es jeden Tag eine Inspiration, die das Leben leichter machen soll. In nur zehn Minuten geht es um alles, was man aktuell über Aktien, ETFs, Fonds und erfolgreiche Geldanlage wissen sollte. Für erfahrene Anleger und Neueinsteiger. Montag bis Freitag, ab 5 Uhr morgens. Wir freuen uns an Feedback über aaa@welt.de. Disclaimer: Die im Podcast besprochenen Aktien und Fonds stellen keine spezifischen Kauf- oder Anlage-Empfehlungen dar. Die Moderatoren und der Verlag haften nicht für etwaige Verluste, die aufgrund der Umsetzung der Gedanken oder Ideen entstehen. Hörtipps: Für alle, die noch mehr wissen wollen: Holger Zschäpitz können Sie jede Woche im Finanz- und Wirtschaftspodcast "Deffner&Zschäpitz" hören. Außerdem neu bei WELT: Im werktäglichen Podcast „Kick-off Politik - Das bringt der Tag“ geben wir Ihnen im Gespräch mit WELT-Experten die wichtigsten Hintergrundinformationen zu einem politischen Top-Thema des Tages. Mehr auf welt.de/kickoff und überall, wo es Podcasts gibt. +++Werbung+++ Hier geht's zur App: Scalable Capital ist der Broker mit Flatrate. Unbegrenzt Aktien traden und alle ETFs kostenlos besparen – für nur 2,99 € im Monat, ohne weitere Kosten. Und jetzt ab aufs Parkett, die Scalable App downloaden und loslegen. Hier geht's zur App: https://bit.ly/3abrHQm

Packet Pushers - Fat Pipe
Network Break 363: Broadcom Buys AppNeta For Experience Monitoring; Cloudflare Offers New Firewall Service

Packet Pushers - Fat Pipe

Play Episode Listen Later Dec 13, 2021 50:45


This week's Network Break asks whether Broadcom's acquisition of AppNeta, which offers SaaS-based digital experience monitoring, is a good fit. We look at new features in the SONiC network OS, dive into a new firewall service available from Cloudflare, and more IT news. The post Network Break 363: Broadcom Buys AppNeta For Experience Monitoring; Cloudflare Offers New Firewall Service appeared first on Packet Pushers.

Packet Pushers - Network Break
Network Break 363: Broadcom Buys AppNeta For Experience Monitoring; Cloudflare Offers New Firewall Service

Packet Pushers - Network Break

Play Episode Listen Later Dec 13, 2021 50:45


This week's Network Break asks whether Broadcom's acquisition of AppNeta, which offers SaaS-based digital experience monitoring, is a good fit. We look at new features in the SONiC network OS, dive into a new firewall service available from Cloudflare, and more IT news. The post Network Break 363: Broadcom Buys AppNeta For Experience Monitoring; Cloudflare Offers New Firewall Service appeared first on Packet Pushers.

Packet Pushers - Full Podcast Feed
Network Break 363: Broadcom Buys AppNeta For Experience Monitoring; Cloudflare Offers New Firewall Service

Packet Pushers - Full Podcast Feed

Play Episode Listen Later Dec 13, 2021 50:45


This week's Network Break asks whether Broadcom's acquisition of AppNeta, which offers SaaS-based digital experience monitoring, is a good fit. We look at new features in the SONiC network OS, dive into a new firewall service available from Cloudflare, and more IT news. The post Network Break 363: Broadcom Buys AppNeta For Experience Monitoring; Cloudflare Offers New Firewall Service appeared first on Packet Pushers.

The Swyx Mixtape
[Weekend Drop] Cloudflare vs AWS, API Economy, Learning in Public on the Changelog

The Swyx Mixtape

Play Episode Listen Later Dec 12, 2021 68:13


Listen to the Changelog: https://changelog.com/podcast/467Essays: https://www.swyx.io/LIP https://www.swyx.io/api-economy https://www.swyx.io/cloudflare-go TranscriptJerod Santo: So swyx, we have been tracking your work for years; well, you've been Learning in Public for years, so I've been (I guess) watching you learn, but we've never had you on the show, so welcome to The Changelog.Shawn Wang: Thank you. Long-time listener, first-time guest, I guess... [laughs]Adam Stacoviak: Yeah.Jerod Santo: Happy to have you here.Adam Stacoviak: Very excited to have you here.Jerod Santo: So tell us a little bit of your story, because I think it informs the rest of our conversation. We're gonna go somewhat deep into some of your ideas, some of the dots you've been connecting as you participate and watch the tech industry... But I think for this conversation it's probably useful to get to know you, and how you got to be where you are. Not the long, detailed story, but maybe the elevator pitch of your recent history. Do you wanna hook us up?Shawn Wang: For sure. For those who want the long history, I did a 2,5-hour podcast with Quincy Larson from FreeCodeCamp, so you can go check that out if you want. The short version is I'm born and raised in Singapore, came to the States for college, and was totally focused on finance. I thought people who were in the finance industry rules the world, they were masters of the universe... And I graduated just in time for the financial crisis, so not a great place to be in. But I worked my way up and did about 6-7 years of investment banking and hedge funds, primarily trading derivatives and tech stocks. And the more I covered tech stocks, the more I realized "Oh, actually a) the technology is taking over the world, b) all the value is being created pre-IPO, so I was investing in public stocks, after they were basically done growing... And you're kind of just like picking over the public remains. That's not exactly true, but...Jerod Santo: Yeah, tell that to Shopify...Shawn Wang: I know, exactly, right?Adam Stacoviak: And GitLab.Shawn Wang: People do IPO and have significant growth after, but that's much more of a risk than at the early stage, where there's a playbook... And I realized that I'd much rather be value-creating than investing. So I changed careers at age 30, I did six months of FreeCodeCamp, and after six months of FreeCodeCamp - you know, I finished it, and that's record time for FreeCodeCamp... But I finished it and felt not ready, so I enrolled myself in a paid code camp, Full Stack Academy in New York, and came out of it working for Two Sigma as a frontend developer. I did that for a year, until Netlify came along and offered me a dev rel job. I took that, and that's kind of been my claim to fame; it's what most people know me for, which is essentially being a speaker and a writer from my Netlify days, from speaking about React quite a bit.[04:13] I joined AWS in early 2020, lasted a year... I actually was very keen on just learning the entire AWS ecosystem. You know, a frontend developer approaching AWS is a very intimidating task... But Temporal came along, and now I'm head of developer experience at Temporal.Adam Stacoviak: It's an interesting path. I love the -- we're obviously huge fans of FreeCodeCamp, and Quincy, and all the work he's done, and the rest of the team has done to make FreeCodeCamp literally free, globally... So I love to see -- it makes you super-happy inside just to know how that work impacts real people.Like, you see things happen out there, and you think "Oh, that's impacting", but then you really meet somebody, and 1) you said you're a long-time listener, and now you're on the show, so it just really -- like, having been in the trenches so long, and just see all this over-time pay off just makes me really believe in that whole "Slow and steady, keep showing up, do what needs done", and eventually things happen. I just love that.Shawn Wang: Yeah. There's an infinite game mentality to this. But I don't want to diminish the concept of free, so... It bothers me a little, because Quincy actually struggles a lot with the financial side of things. He supports millions of people on like a 300k budget. 300k. If every single one of us who graduated at FreeCodeCamp and went on to a successful tech career actually paid for our FreeCodeCamp education - which is what I did; we started the hashtag. It hasn't really taken off, but I started a hashtag called #payitbackwards. Like, just go back, once you're done -- once you can afford it, just go back and pay what you thought it was worth. For me, I've paid 20k, and I hope that everyone who graduates FreeCodeCamp does that, to keep it going.Adam Stacoviak: Well, I mean, why not...?Shawn Wang: I'd also say one thing... The important part of being free is that I can do it on nights and weekends and take my time to decide if I want to change careers. So it's not just a free replacement to bootcamps, it actually is an async, self-guided, dip-your-toe-in-the-water, try-before-you-buy type of thing for people who might potentially change their lives... And that's exactly what happened for me. I kept my day job until the point I was like "Okay, I like enough of this... I'm still not good, but I like enough of this that I think I could do this full-time."Adam Stacoviak: I like the #payitbackwards hashtag. I wish it had more steam, I suppose.Jerod Santo: We should throw some weight behind that, Adam, and see if we can...Adam Stacoviak: Yeah. Well, you know, you think about Lambda School, for example - and I don't wanna throw any shade by any means, because I think what Austin has done with Lambda... He's been on Founders Talk before, and we talked deeply about this idea of making a CS degree cost nothing, and there's been a lot of movement on that front there... But you essentially go through a TL;DR of Lambda as you go through it, and you pay it after you get a job if you hit certain criteria, and you pay it based upon your earnings. So why not, right? Why not have a program like that for FreeCodeCamp, now that you actually have to commit to it... But it's a way. I love that you paid that back and you made that an avenue, an idea of how you could pay back FreeCodeCamp, despite the commitment not being there.Jerod Santo: Right.Shawn Wang: Yeah. And Quincy is very dedicated to it being voluntary. He thinks that people have different financial situations. I don't have kids, so I can afford a bit more. People should have that sort of moral obligation rather than legal obligation.I should mention that Lambda School is currently being accused of some fairly substantial fraud against its students...Jerod Santo: Oh, really?Shawn Wang: Yeah, it actually just came out like two days ago.Adam Stacoviak: I saw that news too, on Monday.Shawn Wang: Yeah. It's not evidenced in the court of law, it's one guy digging up dirt; let's kind of put this in perspective. But still, it's very serious allegations, and it should be investigated. That said, the business of changing careers and the business of teaching people to code, and this innovation of Income Share Agreements (ISA), where it actually makes financial sense for people to grow bootcamps and fund bootcamps - this is something I strongly support... Whether or not it should be a venture-funded thing, where you try to go for 10x growth every year - probably not... [laughs]Adam Stacoviak: Yeah...Jerod Santo: So after FreeCodeCamp you didn't feel quite ready, so you did do a bootcamp... Did you feel ready after that?Shawn Wang: [08:03] Yeah. [laughs] I did a reflection, by the way, of my first year of learning to code, so people can look it up... It's called "No zero days. My path to learning to code", and I think I posted it on Hacker News. And doing everything twice actually helped me a lot. Because before I came into my paid bootcamp, I had already spun up some React apps. I had already started to mess with WebPack, and I knew enough that I wasn't understanding it very much, I was just following the instructions. But the second time you do things, you have to space, to really try to experiment, to actually read the docs, which most people don't do, and actually try to understand what the hell it is you're doing. And I felt that I had an edge over the other people in my bootcamp because I did six months of FreeCodeCamp prior.Jerod Santo: So this other thing that you do, which not everybody does, is this Learning in Public idea... And you have this post, Learn in Public. You call it "The fastest way to learn", or the fastest way to build your expertise - networking, and second brain. I'm not sure what the second brain is, so help us out with that one... But also, why is learning in public faster than learning in private.Shawn Wang: Yeah. This is a reflection that came from me understanding the difference, qualitatively, between why I'm doing so well in my tech career versus my finance career. In finance, everything is private, meaning the investment memos that I wrote, the trade ideas that I had - they're just from a company; they're intellectual property of my company. In fact, I no longer own them. Some of my best work has been in that phase, and it's locked up in an email inbox somewhere, and I'll never see it again. And that's because tech is a fundamentally open and positive-sum industry, where if you share things, you don't lose anything; you actually gain from sharing things... Whereas in finance it's a zero-sum battle against who's got the secret first and who can act on it first.And I think when you're in tech, you should exploit that. I think that we have been trained our entire lives to be zero-sum, from just like the earliest days of our school, where we learn, we keep it to ourselves to try to pass the test, try to get the best scores, try to get the best jobs, the best colleges, and all that, because everything's positional. For you to win, others have to lose. But I don't see tech in that way, primarily because tech is still growing so fast. There's multiple ways for people to succeed, and that's just the fundamental baseline. You layer on top of that a bunch of other psychological phenomenon.I've been really fascinated by this, by what it is so effective. First of all, you have your skin in the game, meaning that a lot of times when your name is on the blog posts out there, or your name is on the talk that you gave, your face is there, and people can criticize you, you're just incentivized to learn better, instead of just "Oh, I'll read this and then I'll try to remember it." No, it doesn't really stick as much. So having skin in the game really helps.When you get something wrong in public, there are two effects that happen. First is people will climb over broken glass to correct you, because that's how the internet does. There's a famous XKCD comic where like "I can't go to bed yet." "Why?" "Someone's wrong on the internet. I have to correct them."Jerod Santo: Right.Shawn Wang: So people are incentivized to fix your flaws for you - and that's fantastic - if you have a small ego.Jerod Santo: I was gonna say, that requires thick skin.Shawn Wang: Yeah, exactly. So honestly -- and that's a barrier for a lot of people. They cannot get over this embarrassment. What I always say is you can learn so much on the internet, for the low, low price of your ego. If we can get over that, we can learn so much, just because you don't care. And the way to get over it is to just realize that the version that you put out today is the version you should be embarrassed about a year from now, because that shows that you've grown. So you divorce your identity from your work, and just let people criticize your work; it's fine, because it was done by you, before you knew what you know today. And that's totally fine.And then the second part, which is that once you've gotten something wrong in public, it's just so embarrassing that you just remember it in a much clearer fashion. [laughter] This built a feedback loop, because once you started doing this, and you show people that you respond to feedback, then it builds a feedback and an expectation that you'll do the next thing, and people respond to the next thing... It becomes a conversation, rather than a solitary endeavor of you just learning the source material.So I really like that viral feedback loop. It helps you grow your reputation... Because this is not just useful for people who are behind you; a lot of people, when they blog, when they write, when they speak, they're talking down. They're like "I have five years experience in this. Here's the intro to whatever. Here's the approach to beginners." They don't actually get much out of that.[12:17] That's really good, by the way, for beginners; that's really important, that experts in the field share their knowledge. They don't see this blogging or this speaking as a way to level up in terms of speaking to their experts in their fields. But I think it's actually very helpful. You can be helpful to people behind you, you can be helpful to people around you, but you can actually be helpful to people ahead of you, because you're helping to basically broadcast or personalize their message. They can check their messaging and see - if you're getting this wrong, then they're getting something wrong on their end, docs-wise, or messaging-wise. That becomes a really good conversation. I've interacted with mentors that way. That's much more how I prefer to interact with my mentors than DM-ing and saying "Hey, can you be my mentor?", which is an unspecified, unpaid, indefinitely long job, which nobody really enjoys. I like project-based mentorship, I like occasional mentorship... I really think that that develops when you learn in public.Adam Stacoviak: I've heard it say that "Today is the tomorrow you hope for."Shawn Wang: Wow.Adam Stacoviak: Because today is always tomorrow at some point, right? Like, today is the day, and today you were hoping for tomorrow to be better...Jerod Santo: I think by definition today is not tomorrow...Adam Stacoviak: No, today is the tomorrow that you hoped for... Meaning like "Seize your moment. It's here."Jerod Santo: Carpe diem. Gotcha.Adam Stacoviak: Yeah, kind of a thing like that.Shawn Wang: I feel a little shady -- obviously, I agree, but also, I feel a little shady whenever I venture into this territory, because then it becomes very motivational speaking-wise, and I'm not about that. [laughs]Adam Stacoviak: Kind of... But I think you're in the right place; keep showing up where you need to be - that kind of thing. But I think your perspective though comes from the fact that you had this finance career, and a different perspective on the way work and the way a career progressed. And so you have a dichotomy essentially between two different worlds; one where it's private, and one where it's open. That to me is pretty interesting, how you were able to tie those two together and see things differently. Because I think too often sometimes in tech, especially staying around late at night, correcting someone on the internet, you're just so deeply in one industry, and you have almost a bubble around you. You have one lens for which you see the world. And you've been able to have multi-faceted perspectives of this world, as well as others, because of a more informed career path.Jerod Santo: Yeah. When you talk about finance as a zero-sum game, I feel like there's actually been moves now to actually open up about finance as well; I'm not sure if either of you have tracked the celebrity rise of Cathie Wood and Ark Invest, and a lot of the moves that she's doing in public. They're an investment fund, and they will actually publish their moves at the end of every day. Like, "We sold these stocks. We bought these stocks." And people laughed at that for a while, but because she's been successful with early on Bitcoin, early with Tesla, she's very much into growth stocks - because of that, people started to follow her very closely and just emulate. And when she makes moves now, it makes news on a lot of the C-SPANs and the... Is C-SPAN the Congress one? What's the one that's the finance one...?Shawn Wang: CNBC?Jerod Santo: CNBC, not C-SPAN. And so she's very much learning in public. She's making her moves public, she's learning as she goes, and to a certain degree it's paid off, it's paid dividends in her career. Now, I'm not sure if everyone's doing that... When you look at crypto investors, like - okay, pseudonymous, but a lot of that stuff, public ledgers. So there's moves that are being made in public there as well. So I wonder if eventually some of that mentality will change. What do you think about that?Shawn Wang: [15:45] It's definitely changed for -- there's always been celebrity investors, and people have been copying the Buffett portfolio for 30 years. So none of that is new. What is new is that Cathie Wood is running an ETF, and just by way of regulation and by way of innovation, she does have to report those changes. [laughs] So mutual funds, hedge fund holdings - these have all been public, and people do follow them. And you're always incentivized to talk your book after you've established your position in your book...Jerod Santo: Right, but you establish it first.Shawn Wang: ...so none of that has changed. But yeah, Cathie has been leading an open approach...Jerod Santo: Is it the rate of disclosure perhaps that's new? Because it seems like it's more real-time than it has historically...Shawn Wang: Yeah. I mean, she's running an ETF, which is new, actually... Because most people just run mutual funds or hedge funds, and those are much more private. The other two I'll probably shout out is Patrick O'Shaughnessy who's been running I guess a fund of funds, and he's been fairly open. He actually adopted the "learn in public" slogan in the finance field, independently of me. And then finally, the other one is probably Ted Seides, who is on the institutional investor side of things. So he invests for universities, and teachers pensions, and stuff like that. So all these people - yeah, they've been leading that... I'm not sure if it's spreading, or they've just been extraordinarily successful in celebrity because of it.Adam Stacoviak: This idea of "in public" is happening. You see people too, like -- CopyAI is building in public... This idea of learning in public, or building in public, or exiting in public... Whatever the public might be, it's happening more and more... And I think it's definitely similar to the way that open source moves around. It's open, so it's visible to everyone. There's no barrier to see what's happening, whether it's positive or negative, with whatever it is in public. They're leveraging this to their advantage, because it's basically free marketing. And that's how the world has evolved to use social media. Social media has inherently been public, because it's social...Jerod Santo: Sure.Adam Stacoviak: Aside from Facebook being gated, with friends and stuff like that... Twitter is probably the most primary example of that, maybe even TikTok, where if I'm a creator on TikTok, I almost can't control who sees my contact. I assume it's for the world, and theoretically, controlled by the algorithm... Because if I live in Europe, I may not see content in the U.S, and the algorithm says no, or whatever. But it's almost like everybody is just in public in those spaces, and they're leveraging it to their advantage... Which is an interesting place to be at in the world. There was never an opportunity before; you couldn't do it at that level, at that scale, ten years ago, twenty years ago. It's a now moment.Jerod Santo: Yeah. Swyx, can you give us an example of something learned in public? Do you basically mean like blog when you've learned something, or ask questions? What does learning in public actually mean when it comes to -- say, take a technology. Maybe you don't understand Redux. I could raise my hand on that one... [laughter] How could I learn that in public?Shawn Wang: There are a bunch of things that you can try. You can record a livestream of you going through the docs, and that's useful to maintainers, understanding "Hey, is this useful or not?" And that's immediately useful. It's so tangible.I actually have a list -- I have a talk about this on the blog post as well... Just a suggestion of things you can do. It's not just blogging. You can speak, you can draw comics, cheatsheets are really helpful... I think Amy Hoy did a Ruby on Rails cheatsheet that basically everyone has printed out and stapled to their wall, or something... And if you can do a nice cheatsheet, I think that's also a way for you to internalize those things that you're trying to learn anyway, and it just so happens to benefit others.So I really like this idea that whatever content you're doing, it's learning exhaust, it's a side effect of you learning, and you just happen to put it out there; you understand what formats work for you, because you have abnormal talents. Especially if you can draw, do that. People love developers who can draw. And then you just put it out there, and you win anyway just by doing it. You don't need an audience. You get one if you do this long enough, but you don't need an audience right away. And you win whether or not people participate with you. It's a single-player game that can become a multiplayer game.Specifically for Redux - you know, go through source code, or go through the docs, build a sample app, do like a simple little YouTube video on it... Depending on the maturity, you may want to try to speak at a meetup, or whatever... You don't have to make everything a big deal. I'm trying to remove the perception from people that everything has to be this big step, like it has to be top of Hacker News, or something. No. It could just be helpful for one person. I often write blog posts with one persona in mind. I mean, I don't name that person, but if you focus on that target persona, actually often it does better than when you try to make some giant thesis that shakes the world...Adam Stacoviak: [20:22] Yeah. Too often we don't move because we feel like the weight of the move is just too much. It's like "How many people have to read this for me to make this a success for me?" You mentioned it's a learning exhaust... And this exhaust that you've put out before - has it been helpful really to you? Is that exhaust process very helpful to you? Is that ingrained in the learnings that you've just gone through, just sort of like synthesize "Okay, I learned. Here's actually what I learned"?Shawn Wang: Yeah. This is actually an opportunity to tie into that second brain concept which maybe you wanted to talk a little bit about. Everything that you write down becomes your second brain. At this point I can search Google for anything I've ever written on something, and actually come up on my own notes, on whatever I had. So I'm not relying on my memory for that. Your human brain, your first brain is not very good at storage, and it's not very good at search; so why not outsource that to computers? And the only way to do that is you have to serialize your knowledge down into some machine-readable format that's part of research. I do it in a number of places; right now I do it across GitHub, and my blog, and a little bit of my Discord. Any place where you find you can store knowledge, I think that's a really good second brain.And for Jerod, I'll give you an example I actually was gonna bring up, which is when I was trying to learn React and TypeScript - like, this goes all the way back to my first developer job. I was asked to do TypeScript, even though I'd never done it before. And honestly, my team lead was just like "You know TypeScript, right? You're a professional React dev, you have to know TypeScript." And I actually said no, and I started learning on day one.And what I did was I created the React to TypeScript cheatsheet, which literally was just copy-pasteable code of everything that I found useful and I wish I knew when I was starting out. And I've just built that over time. That thing's been live for three years now, it's got like 20,000 stars. I've taught thousands of developers from Uber, from Microsoft, React and TypeScript. And they've taught me - every time they send in a question or a PR... I think it's a very fundamental way of interacting, which is learning in public, but specifically this one - it's open source knowledge; bringing up our open source not just to code, but to everything else. I think that's a fundamental feedback loop that I've really enjoyed as well.Break: [22:31]Jerod Santo: One of the things I appreciate about you, swyx, is how you are always thinking, always writing down your thoughts... You've been watching and participating in this industry now for a while, and you've had some pretty (I think) insightful writings lately. The first one I wanna talk about is this API Economy post. The Light and Dark Side of the API Economy. You say "Developers severely underestimate the importance of this to their own career." So I figure if that's the case, we should hear more about it, right?Shawn Wang: [laughs] Happy to talk about it. So what is the API economy? The API economy is developers reshaping the world in their image. Very bold statement, but kind of true, in the sense that there is now an API for everything - API for cards, API for bank accounts, API for text, API for authentication, API for shipping physical goods... There's all sorts of APIs. And what that enables you to do as a developer is you can call an API - as long as you know REST or GraphQL these days, you know how to invoke these things and make these things function according to the rest of your program. You can just fit those things right in. They're a very powerful thing to have, because now the cost of developing one of these services just goes down dramatically, because there's another company doing that as a service for you.I wrote about it mainly because at Netlify we were pitching serverless, we were pitching static hosting, and we were pitching APIs. That's the A in JAMstack. But when I google "API economy", all the search results were terrible. Just horrible SEO, bland, meaningless stuff that did not speak to developers; it was just speaking to people who like tech buzzwords. So I wrote my own version. The people who coined it at Andreessen Horowitz, by the way, still to this day do not have a blog post on the API economy. They just have one podcast recording which nobody's gonna listen. So I just wrote my version.Jerod Santo: You're saying people don't listen to podcasts, or what?Shawn Wang: [laughs] When people are looking up a term, they are like "What is this thing?", and you give them a podcast, they're not gonna sit down and listen for 46 minutes on a topic. They just want like "Give me it, in one paragraph. Give me a visual, and I'm gonna move on with my day." So yeah, whenever I see an opportunity like that, I try to write it up. And that's the light side; a lot of people talk about the light side. But because it's a personal blog, I'm empowered to also talk about the dark side, which is that as much as it enables developers, it actually is a little bit diminishing the status of human expertise and labor and talent. So we can talk a little bit about that, but I'm just gonna give you time to respond.Jerod Santo: [28:05] Hm. I'm over here thinking now that you're not at Netlify, I'm curious - this is tangential, but what's your take on JAMstack now? I know you were a professional salesman there for a while, but... It seems like JAMstack - we've covered it for years, it's a marketing term, it's something we've already been doing, but maybe taking it to the next level... There's lots of players now - Netlify, Vercel etc. And yet, I don't see much out there in the real world beyond the people doing demos, "Here's how to build a blog, here's how to do this, here's my personal website", and I'm just curious... I'm not like down on JAMstack, but I just don't see it manifesting in the ways that people have been claiming it's going to... And maybe we're just waiting for the technology to catch up. I'd just love to hear what you think about it now.Shawn Wang: Yeah. I think that you're maybe not involved in that world, so you don't see this, but real companies are moving on to JAMstack. The phrasing that I like is that -- JAMstack has gone mainstream, and it's not even worth talking about these days, because it's just granted that that's an option for you... So PayPal.me is on the JAMstack, there's large e-commerce sites... Basically, anything that decouples your backend from your frontend, and your frontend is statically-hosted - that is JAMstack.I actually am blanking on the name, but if you go check out the recent JAMstack Conf, they have a bunch of examples of people who've not only moved to JAMstack, but obviously moved to Netlify, where they're trying to promote themselves.Jerod Santo: Sure, yeah.Shawn Wang: So yes, it's true that I'm no longer a professional spokesperson, but it's not true that JAMstack is no longer being applied in the enterprise, because it is getting adoption; it's moved on that boring phase where people don't talk about it.One thing I'll say - a thesis that I've been pursuing is that JAMstack is in its endgame. And what do I mean by that? There's a spectrum between the previous paradigm that JAMstack was pushing back on, which is the all-WordPress/server-render-everything paradigm, and then JAMstack is prerender-everything. And now people are filling in--Jerod Santo: In the middle.Shawn Wang: ...I'm gonna put my hands in the Zoom screen right now. People are filling that gap between fully dynamic and fully static. So that's what you see with Next.js and Gatsby moving into serverless rendering, partial rendering or incremental rendering... And there's a full spectrum of ways in which you can optimize your rendering for the trade-offs of updating your content, versus getting your data/content delivered as quickly as possible. There's always some amount of precompilation that you need to do, and there's always some amount of dynamicism that you have to do, that cannot be precompiled. So now there is a full spectrum between those.Why I say it's the end game is because that's it, there's nothing else to explore. It's full-dynamic, full-static, choose some mix in the middle, that's it. It's boring.Jerod Santo: Hasn't that always been the case though? Hasn't there always been sites that server-side render some stuff, and pre-render other things? You know, we cache, we pre-render, some people crawl their own websites once, and... I don't know it seems like maybe just a lot of excitement around a lot of things that we've been doing for many years.Shawn Wang: [laughs] So first of all, those are being remade in the React ecosystem of things, which a lot of us lost when a lot of the web development industry moved to React... So that's an important thing to get back.I mean, I agree, that's something that we've always had, pre-rendering, and services like that, caching at the CDN layer - we've always had that. There's some differences... So if you understand Netlify and why they're trying to push distributed persistent rendering (DVR), it's because caching is a hard problem, and people always end up turning off the cache. Because the first time you run into a bug, you're gonna turn off the cache. And the cache is gonna stay off.So the way that Netlify is trying to fix it is that we put the cache in Git, essentially. Git is the source of truth, instead of some other source of truth distributed somewhere between your CDN and your database and somewhere else. No, everything's in Git. I'm not sure if I've represented that well, to be honest... [laughter]Adam Stacoviak: Well, good thing you don't work for Netlify anymore. We're not holding you to the Netlify standard.Shawn Wang: [31:58] Exactly. All I can say is that to me now it's a good thing in the sense that it's boring. It's the good kind of boring, in the sense of like "Okay, there's a spectrum. There's all these techniques. Yes, there were previous techniques, but now these are the new hotness. Pick your choice." I can get into a technical discussion of why this technique, the first one, the others... But also, is it that interesting unless you're evaluating for your site? Probably not...Jerod Santo: Well, it does play into this API economy though, right? Because when you're full JAMstack, then the A is your most important thing, and when the A is owned by a bunch of companies that aren't yours - like, there's a little bit of dark side there, right? All of a sudden, now I'm not necessarily the proprietor of my own website, to a certain degree, because I have these contracts. I may or may not get cut off... There's a lot of concerns when everybody else is a dependency to your website.Shawn Wang: Yeah. So I don't consider that a dark side at all.Jerod Santo: No, I'm saying to me that seems like a dark side.Shawn Wang: Yeah, sure. This is the risk of lock-in; you're handing over your faith and your uptime to other people. So you have to trade that off, versus "Can you build this yourself? And are you capable of doing something like this, and are you capable of maintaining it?" And that is a very high upfront cost, versus the variable cost of just hiring one of these people to do it for you as a service.So what I would say is that the API economy is a net addition, because you as a startup - the startup cost is very little, and if you get big enough where it makes sense for you to build in-house - go ahead. But this is a net new addition for you to turn fixed costs into variable costs, and start with a small amount of investment. But I can hire -- like, Algolia was started by three Ph.D's in search, and I can hire them for cents to do search on my crummy little website. I will absolutely do that every single day, until I get to a big enough point where I cannot depend on them anymore, and I have to build my own search. Fine, I'll do that. But until then, I can just rely on them. That's a new addition there.Jerod Santo: One hundred percent. So what then do you think is the darker side? You mentioned it, but put a finer point on it.Shawn Wang: Yeah. The dark side is that there are people -- like, when I call an Uber ride, Uber is an API for teleportation, essentially. I'm here, I wanna go there. I press a button, the car shows up. I get in the car, get off, I'm there. What this papers over is that the API is calling real actual humans, who are being commoditized. I don't care who drives the car, I really don't. I mean, they may have some ratings, but I kind of don't care.Jerod Santo: That was the case with taxis though, wasn't it?Shawn Wang: That was the case with taxis, for sure. But there's a lot of people living below the API, who are economically constrained, and people who live above the API, developers, who have all the upside, essentially... Because the developers are unique, the labor is commoditized. My DoorDash pickers, my Instacart deliverers - all these are subsumed under the API economy. They're commodities forever, they know it, and there's no way out for them, unless they become developers themselves. There's a class system developing below and above the API. And the moment we can replace these people under the API with robots, you better believe we'll do that, because robots are way cheaper, and they complain less, they can work 24 hours, all this stuff.Jerod Santo: Yeah.Shawn Wang: So that's the dark side, which is, yeah, as a developer now - fantastic. I can control most parts of the economy with just a single API call. As a startup founder, I can develop an API for literally anything, and people will buy it. The downside is human talent is being commoditized, and I don't know how to feel about that. I think people are not talking enough about it, and I just wanna flag it to people.Jerod Santo: Yeah.Adam Stacoviak: So dark side could mean a couple things. One, it could mean literally bad; dark as synonymous with bad. Or dark as in shady. And we're not sure, it's obscured in terms of what's happening. And so let's use an Instacarter or a Dasher - to use their terminology. I happen to be a DoorDash user, so I know they're called Dashers; that's the only reason I know that. It's not a downplay, it's just simply what the terminology is...[35:59] You could say it's below the API, but I wonder, if you've spoken with these people, or people that live in what you call below the API, because I would imagine they're not doing that because they're being forced. Like, it's an opportunity for them.Shawn Wang: Oh, yeah.Adam Stacoviak: And I remember when I was younger and I had less opportunity because I had less "above the API" (so to speak) talent... And I do agree there's a class here, but I wonder if it's truly bad; that dark is truly bad, or if it's just simply obscure in terms of how it's gonna play out.Shawn Wang: This is about upside. They will never get to that six figures income with this thing.Adam Stacoviak: Not that job.Jerod Santo: No.Shawn Wang: It's really about the class system, which is the dark side. You don't want to have society splinter into like a serving class and whatever the non-serving class is. It's also about the upside - like, I don't see a way for these people to break out unless, they really just take a hard stop and just go to a completely different career track.Jerod Santo: Right.Adam Stacoviak: Here's where I have a hard time with that... I'm not pushing back on that you're wrong, I'm just wondering more deeply...Shawn Wang: Sure.Adam Stacoviak: I imagine at one point in my life I was a DoorDasher.Shawn Wang: Yeah.Adam Stacoviak: I washed dishes, I did definitely unique jobs at a young age before I had skill. And so the path is skill, and as long as we have a path to skill, which you've show-cased through FreeCodeCamp in your path, then I think that dark side is just simply shady, and not bad.Shawn Wang: Okay.Adam Stacoviak: And I'm just trying to understand it, because I was truly a DoorDasher before DoorDash was available. I washed dishes, delivered papers, I had servant-level things; I was literally a server at a restaurant before... And I loved doing that kind of work, but my talents have allowed me to go above that specific job, and maybe even the pay that came with that job. I've served in the military before, got paid terrible dollars, but I loved the United States military; it's great. And I love everybody who's served in our military. But the point is, I think the path is skill, and as long as we have a pathway to skill, and jobs that can house that skill and leverage that skill to create new value for the world, I just wonder if it's just necessary for society to have, I suppose, above and below API things.Jerod Santo: Until we have all the robots. Then there is nobody underneath. At that point it's all robots under the API.Shawn Wang: Yes, and that is true in a lot of senses, actually. Like, farming is mostly robots these days. You do have individual farmers, but they're much less than they used to be. I don't know what to say about that, shady or dark... I think it's just -- there's no career track. You have to go break out of that system yourself. Thank God there's a way to do it. But back in the day, you used to be able to go from the mailroom to the boardroom.Adam Stacoviak: I see.Shawn Wang: I see these stories of people who used to be janitors at schools become the principal. Companies used to invest in all their people and bring them up. But now we're just hiring your time, and then if you wanna break out of that system - good luck, you're on your own. I think that that lack of upward mobility is a problem, and you're not gonna see it today. It's a slow-moving train wreck. But it's gonna happen where you have society split in two, and bad things happen because of it.Adam Stacoviak: I mean, I could agree with that part there, that there definitely is no lateral movement from Dasher to CEO of DoorDash.Shawn Wang: It's just not gonna happen.Adam Stacoviak: Or VP of engineering at DoorDash. I think because there is no path, the path would be step outside of that system, because that system doesn't have a path. I could agree with that, for sure.Jerod Santo: Yeah. I mean, the good news is that we are creating -- there are paths. This is not like a path from X to Y through that system, but there are other alternate paths that we are creating and investing in, and as well as the API gets pushed further and further down in terms of reachability - we now have more and more access to those things. It's easier now, today, than it ever has been, because of what we were talking about, to be the startup founder, right? To be the person who starts at CEO because the company has one person in it, and they're the CEO. And to succeed in that case, and become the next DoorDash.Adam Stacoviak: True.Jerod Santo: So there are opportunities to get out, it's just not a clear line... And yeah, it takes perhaps some mentorship, perhaps ingenuity... A lot of the things that it takes to succeed anyway, so...Shawn Wang: [40:05] I'll give a closing note for developers who are listening, because you're already a developer... So the analogy is if you're above the API, you tell machines what to do; if you're below the API, machines tell you what to do. So here's the developer analogy, which is there's another division in society, which is the kanban board. If you're below the kanban board, the kanban board tells you what to do. If you're above it, you tell developers what to do. [laughs]Jerod Santo: There you go.Shawn Wang: So how do you break out of that class division? I'll leave it out to you, but just keep in mind, there's always layers.Jerod Santo: I love that.Adam Stacoviak: I love the discussion around it, but I'm also thankful you approached the subject by a way of a blog post, because I do believe that this is interesting to talk about, and people should talk about it, for sure. Because it provides introspection into, I guess, potentially something you don't really think about, like "Do I live below or above the APi?" I've never thought about that in that way until this very moment, talking to you, so... I love that.Break: [40:58]Jerod Santo: So another awesome post you have written lately is about Cloudflare and AWS. Go - not the language, the game Go... I know very little about the language, and I know even less about the game... And Chess... How Cloudflare is approaching things, versus how AWS and Google and others are... Given us the TL;DR of that post, and then we'll discuss.Shawn Wang: Okay. The TL;DR of that post is that Cloudflare is trying to become the fourth major cloud after AWS, Azure and GCP. The way they're doing it is fundamentally different than the other three, and the more I've studied them - I basically observed Cloudflare for the entire time since I joined Netlify. Netlify kind of is a competitor to Cloudflare, and it's always this uncomfortable debate between "Should you put Cloudflare in front of Netlify? Netlify itself is a CDN. Why would you put a CDN in front of another CDN?" Oh, because Netlify charges for bandwidth, and Cloudflare does not. [laughter]Jerod Santo: It's as simple as that.Shawn Wang: And then there's DDOS protection, all that stuff; very complicated. Go look up the Netlify blog post on why you should not put Cloudflare in front of Netlify, and decide for yourself. But Netlify now taking on AWS S3 - S3 is like a crown jewel of AWS. This is the eighth wonder of the world. It provides eleven nines of durability. Nothing less than the sun exploding will take this thing down... [laughs]Jerod Santo: Right? You know what's funny - I don't even consider us at Changelog AWS customers; I don't even think of us that way. But of course, we use S3, because that's what you do. So yeah, we're very much AWS customers, even though I barely even think about it, because S3 is just like this thing that of course you're gonna use.Shawn Wang: There's been a recent history of people putting out S3-compatible APIs, just because it's so dominant that it becomes the de-facto standard. Backblaze did it recently. But Cloudflare putting out R2 and explicitly saying "You can slurp up the S3 data, and by the way, here's all the cost-benefit of AWS egress charges that's what Matthew Prince wrote about in his blog post is all totally true, attacks a part of AWS that it cannot compromise on and just comes at the top three clouds from a different way, that they cannot respond to.[44:17] So I always like these analogies of how people play destruction games. I'm a student of destruction, and I study Ben Thompson and Clay Christensen, and that entire world, very quickly... So I thought this was a different model of destruction, where you're essentially embracing rather than trying to compete head-on. And wrapping around it is essentially what Go does versus chess, and I like -- you know, there's all these comparisons, like "You're playing 2D chess, I'm playing 3D chess. You're playing chess, I'm playing Go." So Cloudflare is playing Go by surrounding the S3 service and saying "Here is a strict superset. You're already a consumer of S3. Put us on, and magically your costs get lower. Nothing else about it changes, including your data still lives in AWS if you ever decide to leave us." Or if you want to move to Cloudflare, you've just gotta do the final step of cutting off S3.That is a genius, brilliant move that I think people don't really appreciate, and it's something that I study a lot, because I work at companies that try to become the next big cloud. I worked at Netlify, and a lot of people are asking, "Can you build a large public company on top of another cloud? Our second-layer cloud is viable." I think Vercel and Netlify are proving that partially it is. They're both highly valued. I almost leaked some info there... When does this go out? [laughs]Jerod Santo: Next week, probably...Shawn Wang: Okay, alright... So they're both highly valued, and - like, can they be hundred-billion-dollar companies? I don't know. We don't know the end state of cloud, but I think people are trying to compete there, and every startup -- I nearly joined Render.com as well. Every startup that's trying to pitch a second-layer cloud thesis is always working under the shadows of AWS. And this is the first real thesis that I've seen, that like "Oh, okay, you not only can credibly wrap around and benefit, you can actually come into your own as a fourth major cloud." So I'm gonna stop there... There's so many thoughts I have about Cloudflare.Jerod Santo: Yeah. So do you see that R2 then -- I think it's a brilliant move, as you described it... As I read your post, I started to appreciate, I think, the move, more than I did when I first read about it and I was like "Oh, they're just undercutting." But it seems they are doing more than just that. But do you think that this R2 then is a bit of a loss leader in order to just take a whole bunch of AWS customers, or do you think there's actually an economic -- is it economically viable as a standalone service, or do you think Cloudflare is using it to gain customers? What are your thoughts in their strategy of Why?Shawn Wang: This is the top question on Twitter and on Hacker News when they launch. They are going to make money on this thing, and the reason is because of all the peering agreements that they've established over the past five years. As part of the normal business strategy of Cloudflare, they have peering agreements with all of the ISPs; bandwidth is free for them. So... For them in a lot of cases. Again, I have to caveat all this constantly, because I should note to people that I am not a cloud or networking expert. I'm just learning in public, just like the rest of you, and here's what I have so far. So please, correct me if I'm wrong, and I'll learn from it.But yeah, I mean - straight on, it's not a loss leader. They plan to make money on it. And the reason they can is because they have worked so hard to make their cost structure completely different in AWS, and they've been a friend to all the other ISPs, rather than AWS consuming everything in its own world. Now you're starting to see the benefits of that strategy play out. And by the way, this is just storage, but also they have data store, also they have service compute, all following the same model.Jerod Santo: So what do you think is a more likely path over the next two years? Cloudflare --Adam Stacoviak: Prediction time!Jerod Santo: ...Cloudflare steals just massive swathes of AWS customers, or AWS slashes prices to compete?Shawn Wang: So I try not to do the prediction business, because I got out of that from the finance days... All I'm doing is nowcasting. I observe what I'm seeing now and I try to put out the clearest vision of it, so the others can follow.I think that it makes sense for them to be replicating the primitives of every other cloud service. So in 2017 they did service compute with Cloudflare Workers. In 2018 they did eventually consistent data store. In 2019 - website hosting; that's the Netlify competitor. In 2020 they did strongly-consistent data store, with Durable Objects. In 2021 object storage. What's next on that list? Go on to your AWS console and go shopping. And instead of seven different ways to do async messaging in AWS, probably they're gonna do one way in Cloudflare. [laughs]Adam Stacoviak: [48:34] A unified API, or something like that...Jerod Santo: Yeah, they'll just look at AWS' offerings, the ones they like the best, and do it that way, right?Shawn Wang: Yeah, just pick it up.Adam Stacoviak: Maybe the way to get a prediction out of you, swyx, might be rather than directly predict, maybe describe how you win Go.Shawn Wang: How you win Go...Adam Stacoviak: Yeah, what's the point of Go? How do you win Go? Because that might predict the hidden prediction, so to speak.Shawn Wang: Okay. For listeners who don't know Go, let me draw out the analogy as well. So most people are familiar with chess; individual chess pieces have different values and different points, and they must all support each other. Whenever you play chess, you need the Knight to support the pawns, something like that... Whereas in Go, you place your pieces everywhere, and they're all indistinguishable from each other. And it's more about claiming territory; at the end of the day, that's how you win Go, you claim the most territory compared to the others... And it's never a winner-take-all situation. Most likely, it's like a 60/40. You won 60% of the territory and your competitor has 40% of the territory. That's more likely a mapping of how cloud is gonna play out than chess, where winner-takes-all when you take the King. There's no King in the cloud, but--Jerod Santo: Are you sure...?Shawn Wang: ...there's a lot likely of territory claiming, and Cloudflare is really positioned very well for that. It's just part of the final realization that I had at the end of the blog post. And partially, how you take individual pieces of territory is that you surround all the pieces of the enemy and you place the final piece and you fill up all the gaps, such that the enemy is completely cut off from everything else and is surrounded. And that's what R2 does to S3 - it surrounds S3, and it's up to you to place that final piece. They call it, Atari, by the way, which is the name of the old gaming company, Atari. They have placed AWS S3 in Atari, and it's up to the customers to say "I'm gonna place that final piece. I'm gonna pay the cost of transferring all my data out of S3 and cut S3 off", and they cut off all the remaining liberties. So how do you win in Go? You claim the most amount of territory, and you surround the pieces of the enemy.Adam Stacoviak: Which, if you thought maybe that was oxygen, the territory, you might suck the oxygen away from them, so they can't live anymore, so to speak... And maybe you don't take it by killing it. Maybe you sort of suffocate it almost, if their space becomes small enough; if you take enough territory and it begins to shrink enough, it's kind of like checkmate, but not.Shawn Wang: Yeah. There's also a concept of sente in Go, which is that you make a move that the opponent has to respond to, which is kind of like a check, or checkmate -- actually, not; just the check, in chess. And right now, AWS doesn't feel the need to respond. Cloudflare is not big enough. Like, these are names to us, but let's just put things in numbers. Cloudflare's market cap is 36 billion, AWS' market cap is 1.6 trillion; this is Amazon's total market cap. Obviously, AWS is a subset of that.Jerod Santo: Sure.Shawn Wang: So your competitor is 40 times larger than you. Obviously, Cloudflare is incentivized to make a lot of noise and make themselves seem bigger than it is. But until AWS has to respond, this is not real.Adam Stacoviak: Nice.Jerod Santo: So as a developer, as a customer of potentially one or both of these... Let's say you have a whole bunch of stuff on S3 - I'm asking you personally now, swyx - and R2 becomes available... Is that a no-brainer for you, or is there any reason not to use that?Shawn Wang: You're just adding another vendor in your dependency tree. I think for anyone running silicon bandwidth, it is a no-brainer.Jerod Santo: Yeah. So over the course of n months, where n equals when they launch plus a certain number - I mean, I think this is gonna end up eventually on Amazon's radar, to where it's gonna start affecting some bottom lines that important people are gonna notice. So I just wonder - I mean, how much territory can Cloudflare grab before there's a counter-move? It's gonna be interesting to watch.Shawn Wang: [52:12] So Ben from Vantage actually did a cost analysis... Vantage is a startup that is made up former AWS Console people; they're trying to build a better developer experience on top of AWS. They actually did a cost analysis on the R2 move, and they said that there's probably a hundred billion dollars' worth of revenue at stake for Amazon. So if they start to have a significant dent in that, let's say like 40%, AWS will probably have to respond. But until then, there's nothing to worry about. That's literally how it is in Amazon; you have to see the numbers hit before you respond.Jerod Santo: Yeah. It hasn't even been a blip on the radar at this point, the key metrics to the people who are important enough to care are watching. You said you started watching all of these CDNs. Of course, you worked at Netlify... You take an interest in backends. There's something you mentioned in the break about frontenders versus backend, and where you've kind of been directing your career, why you're watching Cloudflare so closely, what you're up to now with your work... Do you wanna go there?Shawn Wang: Let's go there. So if you track my career, I started out as a frontend developer. I was developing design systems, I was working with Storybook, and React, and all that... Then at Netlify I was doing more serverless and CLI stuff. At AWS more storage and database and AppSync and GraphQL stuff... And now at Temporal I'm working on a workflow engine, pure backend. I just went to KubeCon two weeks ago...Jerod Santo: Nice!Shawn Wang: What is a frontend developer doing at KubeCon...?Adam Stacoviak: New territory.Shawn Wang: It's a frontend developer who realizes that there's a career ceiling for frontend developers. And it's not a polite conversation, and obviously there are exceptions to frontend developers who are VPs of engineering, frontend developers who are startup founders... And actually, by the way, there's a lot of VC funding coming from frontend developers, which is fantastic for all my friends. They're all getting funded, left, right and center. I feel left out. But there is a Career ceiling, in a sense that survey a hundred VPs of engineering, how many of them have backend backgrounds, and how many of them have frontend backgrounds? And given that choice, what's more likely for you and your long-term career progression? Do you want to specialize in frontend or do you want to specialize in backend? Different people have different interests, and I think that you can be successful in whatever discipline you pick. But for me, I've been moving towards the backend for that reason.Adam Stacoviak: Describe ceiling. What exactly do you mean when you say "ceiling"?Shawn Wang: Career ceiling. What's your terminal title.Jerod Santo: Like your highest role, or whatever. Highest salary, highest role, highest title...Adam Stacoviak: Gotcha.Shawn Wang: Like, straight up, how many VPs of engineering and CTOs have backend backgrounds versus frontend.Jerod Santo: Yeah. I mean, just anecdotally, I would agree with you that it's probably 8 or 9 out of 10 CTOs have -- is that what you said, 8 or 9?Shawn Wang: Yeah, yeah. So there's obviously an economic reasoning for this; it's because there's a bias in the industry that frontend is not real development, and backend is. And that has to be combated. But also, there's an economic reasoning, and I always go back to the economics part, because of my finance background... Which is that your value to the company, your value to the industry really depends on how many machines run through you. You as an individual unit of labor, how much money do you control, and how much machine process, or compute, or storage, or whatever runs through you. And just straight-up frontend doesn't take as much. [laughs] Yes, frontend is hard, yes, design is hard, yes, UX is crucially important, especially for consumer-facing products... But at the end of the day, your compute is being run on other people's machines, and people don't value that as much as the compute that I pay for, that I need to scale, and therefore I need an experienced leader to run that, and therefore that is the leader of my entire eng.Jerod Santo: I wonder if that changes at all for very product-focused orgs, where I think a lot of frontenders, the moves are into product design and architecture, and away from - not software architecture, but product design. And it seems like maybe if you compare - not VP of engineering, but VP of product, you'd see a lot of former frontenders.Shawn Wang: [56:03] Yeah.Jerod Santo: Maybe that's their path. Do you think that's --Shawn Wang: Totally. But you're no longer a frontend dev. You suddenly have to do mocks...Jerod Santo: Yeah, but when you're VP of engineering you're not a backend dev either.Shawn Wang: Yeah.Jerod Santo: So you're kind of both ascending to that degreeShawn Wang: Backends devs will never report to you, let's put it that way.Jerod Santo: Okay. Fair.Shawn Wang: [laughter] But somehow, frontend devs have to report to backend devs, for some reason; just because they're superior, or something. I don't know, it's just like an unspoken thing... It's a very impolite conversation, but hey, it's a reality, man.Jerod Santo: So do you see this personally, or do you see this by looking around?Shawn Wang: Yeah.Jerod Santo: Yeah. You felt like you had reached a ceiling.Shawn Wang: Well, again, this is very impolite; there's a ton of ways to succeed, and there are definitely exceptions. Emily Nakashima at Honeycomb - former frontend person, now VP of engineering. I don't know, I could have done that. I have interest in backend and I'm pursuing that. So I will say that - this is a soft ceiling, it's a permeable ceiling. It's not a hard ceiling.Jerod Santo: Sure.Shawn Wang: But there's a ceiling though, because you can see the numbers.Adam Stacoviak: What is it in particular the VP of engineering does that would make a frontender less likely to have that role? What specifically? I mean, engineering is one of the things, right? Commanding the software... Which is not necessarily frontend.Jerod Santo: Well, frontend is also an engineering discipline.Adam Stacoviak: I guess it kind of depends on the company, too. Honeycomb is probably a different example.Shawn Wang: I haven't been a VP of engineering, so I only have some theories. I suggest you just ask the next VP of engineering that you talk to, or CTO.Adam Stacoviak: Yeah.Jerod Santo: Yeah. That'd be a good one to start asking people.Adam Stacoviak: What do you do here? What is it you do here?Shawn Wang: What is it you do here?Jerod Santo: Exactly.Shawn Wang: [laughs]Adam Stacoviak: Well, I just wondered if there was a specific skillset that happens at that VP of engineering level that leads more towards a backender being more likely than a frontender to get hired into the role.Shawn Wang: I think there's some traditional baggage. Power structures persist for very long times... And for a long time UX and frontend was just not valued. And we're like maybe five years into the shift into that. It's just gonna take a long time.Jerod Santo: I agree with that. So tell us what you're up to now. You said you're doing workflows... I saw a quick lightning talk; you were talking about "React for the backend." So you're very much taking your frontend stuff into the backend here, with React for the backend. Tell us about that.Shawn Wang: Let's go for it. So at Netlify and at AWS I was essentially a developer advocate for serverless. So this is very cool - it does pay-as-you-go compute, and you can do a lot of cool stuff with it. But something that was always at the back of my mind bothering me, that serverless does not do well, is long-running jobs. It just does not do well. You have to chain together a bunch of stuff, and it's very brittle; you cannot test it... It's way more expensive than you would do in a normal environment.Jerod Santo: Yeah.Shawn Wang: And it made me realize that in this move to take apart everything and make everything as a service, we have gained scalability, but we've lost basically everything else. And what I was trying to do was "How do we reconstruct the experience of the monolith? What are the jobs to be done?" When you break it down, what does a computer do for you, and what is not adequately addressed by the ecosystem?I went through the exercise... I wrote a blog post called "Reconstructing the monolith, and I actually listed it out." So what are the jobs of cloud for a computer? You want static file serving, you want functions, you want gateway, you want socket management, job runners, queue, scheduler, cold storage, hot storage. There's meta jobs like error logging, usage logging, dashboarding, and then edge computing is like a unique to cloud thing. But everything else, you can kind of break it up and you can locate it on one machine, or you can locate it on multiple machines, some of them owned by you, some of them not owned by you.The thing that serverless -- that had a whole in the ecosystem was job running. Not good. Basically, as an AWS developer right now, the answer is you set a CloudWatch schedule function, and you pull an endpoint, and that should read some states from a database, and check through where you are, and compute until the 15-minute timeout for Lambda, and then save it back in, and then wait for the next pull, and start back up again. Super-brittle, and just a terrible experience; you would never want to go this way.[01:00:08.13] The AWS current response to that is AWS Step Functions, which is a JSON graph of what happens after the other, and this central orchestrator controls all of that. I think we could do better, and that's eventually what got me to temporal. So essentially, this blog post that I wrote - people found me through that, and hired both our head of product and myself from this single blog post. So it's probably the highest ROI blog post I've ever written.Jerod Santo: Wow. That's spectacular.Shawn Wang: It's just the VC that invested in Temporal. So what Temporal does is it helps you write long-running workflows in a doable fashion; every single state transition is persisted to a database, in idiomatic code. So idiomatic Java, idiomatic Go, idiomatic JavaScript, and PHP. This is different from other systems, because other systems force you to learn their language. For Amazon, you have to learn Amazon States Language. For Google Workflows - Google Workflows has a very long, very verbose JSON and YAML language as well.And these are all weird perversions of -- like, you wanna start simple; JSON is very simple, for doing boxes and arrows, and stuff like that... But you start ending up having to handwrite the AST of a general-purpose programming language, because you want variables, you want loops, you want branching, you want all that god stuff. And the best way to model asynchronous and dynamic business logic is with a general-purpose programming language, and that's our strong opinion there.So Temporal was created at Uber; it runs over 300 use cases at Uber, including driver onboarding, and marketing, and some of the trips stuff as well. It was open source, and adopted at Airbnb, and Stripe, and Netflix, and we have all those case studies on -- DoorDash as well, by the way, runs on the Uber version of Temporal.Jerod Santo: There you go, Adam.Shawn Wang: And yeah, they spun out to a company two years ago, and we're now trying to make it as an independent cloud company. And again, the

Paul's Security Weekly TV
Unicorns Galore, Selling Text Messages, Spicy Takes, & Treacherous Devs - ESW #253

Paul's Security Weekly TV

Play Episode Listen Later Dec 11, 2021 59:36


Finally, in the enterprise security news: At least a dozen cybersecurity companies announced raises totaling more than $900m - just in the past week!, Permira proposes to take Mimecast private for $5.8bn, The leader of a Swiss tech company is accused of selling access to text message data for surveillance, A former Ubiquiti developer was behind the big breach announced earlier this year - he unsuccessfully tried to extort his employer, SentinelOne tries to bring mobile security back?, Google and Trail of Bits team up to release a tool that scans for vulnerable Python packages, CISA has assembled a panel that will begin making cybersecurity recommendations, Make sure to stick around for, This week's spicy take - Cloudflare recommends ditching your firewall, and This week's squirrel story - a new streaming service from an unexpected source! All that and more, on this episode of Enterprise Security Weekly!    Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw253

Enterprise Security Weekly (Video)
Unicorns Galore, Selling Text Messages, Spicy Takes, & Treacherous Devs - ESW #253

Enterprise Security Weekly (Video)

Play Episode Listen Later Dec 10, 2021 59:36


Finally, in the enterprise security news: At least a dozen cybersecurity companies announced raises totaling more than $900m - just in the past week!, Permira proposes to take Mimecast private for $5.8bn, The leader of a Swiss tech company is accused of selling access to text message data for surveillance, A former Ubiquiti developer was behind the big breach announced earlier this year - he unsuccessfully tried to extort his employer, SentinelOne tries to bring mobile security back?, Google and Trail of Bits team up to release a tool that scans for vulnerable Python packages, CISA has assembled a panel that will begin making cybersecurity recommendations, Make sure to stick around for, This week's spicy take - Cloudflare recommends ditching your firewall, and This week's squirrel story - a new streaming service from an unexpected source! All that and more, on this episode of Enterprise Security Weekly!   Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw253

Paul's Security Weekly
Treacherous Devs, Selling Text Messages, Spicy Takes, & Unicorns Galore - ESW #253

Paul's Security Weekly

Play Episode Listen Later Dec 10, 2021 125:51


This week, we welcome Allie Mellen, Industry Analyst at Forrester Research to discuss Digging Into XDR! In the second segment, Vincent Berk, CTO and Chief Security Architect at Riverbed to talk about Securing the Invisible: Holes in Your Visibility Fabric & Where Hackers Hide! Finally, in the Enterprise Security News for this week: At least a dozen cybersecurity companies announced raises totaling more than $900m - just in the past week!, Permira proposes to take Mimecast private for $5.8bn, The leader of a Swiss tech company is accused of selling access to text message data for surveillance, A former Ubiquiti developer was behind the big breach announced earlier this year - he unsuccessfully tried to extort his employer, SentinelOne tries to bring mobile security back?, Google and Trail of Bits team up to release a tool that scans for vulnerable Python packages, CISA has assembled a panel that will begin making cybersecurity recommendations, Make sure to stick around for, This week's spicy take - Cloudflare recommends ditching your firewall, and This week's squirrel story - a new streaming service from an unexpected source! All that and more, on this episode of Enterprise Security Weekly! Segment Resources: https://visibility.riverbed.com/ https://www.riverbed.com/solutions/security.html https://www.riverbed.com/products/npm/netprofiler-advanced-security-module.html Visit https://securityweekly.com/riverbed to learn more about them! Visit https://www.securityweekly.com/esw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly Show Notes: https://securityweekly.com/esw253

Enterprise Security Weekly (Audio)
Treacherous Devs, Selling Text Messages, Spicy Takes, & Unicorns Galore - ESW #253

Enterprise Security Weekly (Audio)

Play Episode Listen Later Dec 10, 2021 125:51


This week, we welcome Allie Mellen, Industry Analyst at Forrester Research to discuss Digging Into XDR! In the second segment, Vincent Berk, CTO and Chief Security Architect at Riverbed to talk about Securing the Invisible: Holes in Your Visibility Fabric & Where Hackers Hide! Finally, in the Enterprise Security News for this week: At least a dozen cybersecurity companies announced raises totaling more than $900m - just in the past week!, Permira proposes to take Mimecast private for $5.8bn, The leader of a Swiss tech company is accused of selling access to text message data for surveillance, A former Ubiquiti developer was behind the big breach announced earlier this year - he unsuccessfully tried to extort his employer, SentinelOne tries to bring mobile security back?, Google and Trail of Bits team up to release a tool that scans for vulnerable Python packages, CISA has assembled a panel that will begin making cybersecurity recommendations, Make sure to stick around for, This week's spicy take - Cloudflare recommends ditching your firewall, and This week's squirrel story - a new streaming service from an unexpected source! All that and more, on this episode of Enterprise Security Weekly! Segment Resources: https://visibility.riverbed.com/ https://www.riverbed.com/solutions/security.html https://www.riverbed.com/products/npm/netprofiler-advanced-security-module.html Visit https://securityweekly.com/riverbed to learn more about them! Visit https://www.securityweekly.com/esw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly Show Notes: https://securityweekly.com/esw253

SDxCentral Weekly Wrap
SDxCentral 2-Minute Weekly Wrap: Cloudflare CEO Calls to Ditch Palo Alto Networks for Oahu

SDxCentral Weekly Wrap

Play Episode Listen Later Dec 10, 2021 2:17


SDxCentral 2-Minute Weekly Wrap Podcast for Dec. 10, 2021 Plus, Amazon launched a new WAN platform, and Dish's 5G network remains a work in progress Cloudflare calls out Palo Alto Networks; Amazon widens its WAN reach; and Dish's 5G plate remains empty. Cloudflare CEO: Ditch Palo Alto Networks, Win a Trip to Oahu AWS Cloud WAN Parries Google, Microsoft Dish Misses Another 5G Marker at AWS re:Invent Learn more about your ad choices. Visit megaphone.fm/adchoices

Cyber Security Headlines
December 10, 2021

Cyber Security Headlines

Play Episode Listen Later Dec 10, 2021 8:22


Volume of attacks on IoT/OT devices increasing Cloudflare and others form incident response cyber insurance IT execs half as likely to face the axe after breaches, shortages to blame? Thanks to our episode sponsor, Tines Tines is no-code automation for security teams, trusted by the world's best companies like Canva, Auth0, and Coinbase. This holiday season, book a 10 minute demo of Tines and we'll donate $100 to your favorite charity – we're that certain you'll love what you see. Head over to tines.com/charity to book your 10 minute demo and send $100 to your favorite cause. For the stories behind the headlines, head to CISOseries.com.

Software Defined Talk
Episode 333: Chop wood, carry water

Software Defined Talk

Play Episode Listen Later Dec 10, 2021 67:50


This week we discuss the State of Developer Relations and Cloud Adoption Trends. Plus, some thoughts on taking out the trash. Rundown State of devrel 2021 (https://www.stateofdeveloperrelations.com/_files/ugd/383279_55d4ef5b6f3847c188639d20f3f31b01.pdf) The Cloud in 2021: Adoption Continues (https://www.oreilly.com/radar/the-cloud-in-2021-adoption-continues/) Relevant to your interests AWS Primitives (https://twitter.com/sogrady/status/1466464691312594955?s=21) An Engineer's Hype-Free Observations on Web3 (and its Possibilities) (https://www.psl.com/feed-posts/web3-engineer-take) Meta Selects AWS as Key, Long-Term Strategic Cloud Provider (https://www.businesswire.com/news/home/20211201005108/en/Meta-Selects-AWS-as-Key-Long-Term-Strategic-Cloud-Provider) @Werner vs @QuinnyPig (https://twitter.com/werner/status/1466803730934734849?s=21) Unleash the Booch on No Code (https://twitter.com/grady_booch/status/1467278429221384193?s=21) A Top SoftBank Executive Wants $2 Billion in Pay. His Boss Disagrees. (https://www.nytimes.com/2021/12/03/business/softbank-marcelo-claure-masayoshi-son.html) Someone stole $120 million in crypto by hacking a DeFi website (https://www.theverge.com/2021/12/2/22814849/badgerdao-defi-120-million-hack-bitcoin-ethereum) FTC sues Nvidia to preserve Arm's status as “Switzerland” of semiconductors (https://arstechnica.com/tech-policy/2021/12/ftc-sues-nvidia-to-preserve-arms-status-as-switzerland-of-semiconductors/) How H-E-B got into livestreaming (https://www.grocerydive.com/news/how-h-e-b-got-into-livestreaming/610935/) The Winklevoss Twins' Crypto Exchange Just Raised $400M (https://www.builtinnyc.com/2021/11/22/gemini-raises-400m-7b-valuation-winklevoss-crypto-hiring) Microsoft will charge 20% more for Office 365 (https://twitter.com/jordannovet/status/1467932100527632389) Prayers up for our Better.com layoff victims. #layoff #remotework #teamremote #workfromhome #corporate #9to5 (https://m.tiktok.com/v/7038608341731691823.html?_d=secCgwIARCbDRjEFSACKAESPgo85n%2BtKIwo1Zhqn4KTcyroixZ%2FDA8lQYFxeSIpCqXVWLAncwFASfJBaYShvEGUS%2FMGXSehfMJ3NZVGOvAZGgA%3D&checksum=eaad8d27a15f6b79885fc253d8a2c4e8c08460d79884cbf7bc70c937b1a945d1&language=en&preview_pb=0&sec_user_id=MS4wLjABAAAA0HTt90iOfdDeuCxbCJ90nZmvHaieIsIe8dMxMIXWtMD0S9s2k4mM58aBqknhPDlp&share_app_id=1233&share_item_id=7038608341731691823&share_link_id=412686F9-9887-49F9-A2AB-D70149209B02&source=h5_m×tamp=1638830750&tt_from=copy&u_code=dkl91gk6a054k8&user_id=7011150160509174789&utm_campaign=client_share&utm_medium=ios&utm_source=copy) Lies, damned lies, and (Cloudflare) statistics: debunking Cloudflare's recent performance tests (https://www.fastly.com/blog/debunking-cloudflares-recent-performance-tests) AWS Top Secret-West (https://twitter.com/aselipsky/status/1468062726656167937?s=21) Social Media Trends 2022 (https://www.hootsuite.com/research/social-trends) $50M to reinvent security automation (https://torq.io/blog/a-new-beginning-security-automation/) Anyscale - Introducing Anyscale: The Future Is Distributed (https://www.anyscale.com/blog/the-future-is-distributed) GitGuardians announces a $44M fundraise to further enable the AppSec Shared Responsibility Model (https://blog.gitguardian.com/announcing-our-44m-fundraise-to-further-enable-the-appsec-shared-responsibility-model/) Liqid raises $100M as demand for composable data center infrastructure grows (https://siliconangle.com/2021/12/07/liqid-raises-100m-demand-composable-data-center-infrastructure-grows/) Launched Managed Kubernetes service (https://serverspace.io/services/managed-kubernetes/) An Amazon server outage is causing problems for Alexa, Ring, Disney Plus, and others (https://www.theverge.com/2021/12/7/22822332/amazon-server-aws-down-disney-plus-ring-outage) The Trump SPAC Did a PIPE (https://www.bloomberg.com/opinion/articles/2021-12-06/the-trump-spac-did-a-pipe) Salesforce, Zoom lead $580M investment in call center software company (NYSE:CRM) (https://seekingalpha.com/news/3777464-salesforce-zoom-lead-580m-investment-in-call-center-software-company) Kelsey wades into Bitcoin (https://twitter.com/kelseyhightower/status/1468263886323261443?s=21) AppNeta Acquired by Broadcom in Order to Bring Its Award-Winning Visibility Platform to the World's Largest Enterprises (https://www.newswire.ca/news-releases/appneta-acquired-by-broadcom-in-order-to-bring-its-award-winning-visibility-platform-to-the-world-s-largest-enterprises-835894275.html) New Horizons for Open Source (https://www.linuxfoundation.org/wp-content/uploads/2021_LF_Annual_Report_120721c.pdf) VMware Tanzu Application Platform with TriggerMesh (https://tanzu.vmware.com/content/white-papers/vmware-tanzu-application-platform-with-triggermesh) A Message from Our CEO: Investing in CloudBees Customers and the Future (http://) Software maker HashiCorp raises $1.2 billion in U.S. IPO -source (http://) Hyperscalers don't appreciate the needs of SMBs - what should AWS be doing at re:Invent? (https://diginomica.com/hyperscalers-dont-appreciate-needs-smbs-what-should-aws-be-doing-reinvent) An Amazon server outage is causing problems for Alexa, Ring, Disney Plus, and others (https://www.theverge.com/2021/12/7/22822332/amazon-server-aws-down-disney-plus-ring-outage) Top DevOps Trends to Watch in 2022 | IT Business Edge (https://www.itbusinessedge.com/development/devops-trends-2022/) Nonsense icanhazdadjoke (https://icanhazdadjoke.com/api) Estonian capital began with a traffic jam (https://twitter.com/kane/status/1466883996315308032?s=21) Here's Why Movie Dialogue Has Gotten More Difficult To Understand (And Three Ways To Fix It) (https://www.slashfilm.com/673162/heres-why-movie-dialogue-has-gotten-more-difficult-to-understand-and-three-ways-to-fix-it/) Sponsors strongDM — Manage and audit remote access to infrastructure. Start your free 14-day trial today at strongdm.com/SDT (http://strongdm.com/SDT) CBT Nuggets — Training available for IT Pros anytime, anywhere. Start your 7-day Free Trial today at cbtnuggets.com/sdt (https://cbtnuggets.com/sdt) Postlight — Postlight co-founders Paul Ford and Rich Ziade talk tech, business, ethics, and culture. Subscribe to the Postlight Podcast: postlight.com/podcast (https://postlight.com/podcast) Conferences THAT Conference comes to Texas January 17-20, 2022 (https://that.us/events/tx/2022/) Software Defined Talk Live Recording - THAT (https://that.us/activities/onqzzIqfp9NOeyLm67SY) Discount Codes: Everything Ticket ($75 off): SDTFriends75 3 Day Camper Ticket ($50 off): SDTFriends50 Virtual Ticket ($75 off): SDTFriendsON75 DevOpsDays Chicago 2022: Call for Speakers/Papers (https://sessionize.com/devopsdays-chicago-2022/) CFP closes on Jan 31, 2022, Event Date: May 10 & 11th, 2022 DevOps Days Birmingham AL, 2022 Call for Speakers (https://www.papercall.io/devopsdays-2022-birmingham-al) CFP closes on Jan 31, 2022, Event Dates: April 18 & 19th, 2022 SDT news & hype Join us in Slack (http://www.softwaredefinedtalk.com/slack). Get a SDT Sticker! Send your postal address to stickers@softwaredefinedtalk.com (mailto:stickers@softwaredefinedtalk.com) and we will send you free laptop stickers! Follow us on Twitch (https://www.twitch.tv/sdtpodcast), Twitter (https://twitter.com/softwaredeftalk), Instagram (https://www.instagram.com/softwaredefinedtalk/), LinkedIn (https://www.linkedin.com/company/software-defined-talk/) and YouTube (https://www.youtube.com/channel/UCi3OJPV6h9tp-hbsGBLGsDQ/featured). Use the code SDT to get $20 off Coté's book, (https://leanpub.com/digitalwtf/c/sdt) Digital WTF (https://leanpub.com/digitalwtf/c/sdt), so $5 total. Become a sponsor of Software Defined Talk (https://www.softwaredefinedtalk.com/ads)! Recommendations Brandon: Brother Compact Monochrome Laser Printer (https://www.amazon.com/dp/B0763WDSYZ/?tag=thewire06-20&linkCode=xm2&ascsubtag=AwEAAAAAAAAAAS50&th=1) Matt: (https://k8slens.dev)Lens Desktop for Kubernetes (https://k8slens.dev) Coté: Basel gingerbread (https://www.laeckerli-huus.ch/en/). Photo Credits Header Graphic (https://unsplash.com/photos/aGxAsacQ1LY) Cover Art (https://unsplash.com/photos/b9-odQi5oDo)

Response-ability.Tech
Engineering Cultures and Internet Infrastructure Politics. With Corinne Cath-Speth

Response-ability.Tech

Play Episode Listen Later Dec 8, 2021 47:31


My guest today is Dr Corinne Cath-Speth. Corinne is a cultural anthropologist whose research focuses on Internet infrastructure politics, engineering cultures, and technology policy and governance.Corinne has recently completed their PhD at the Oxford Internet Institute (OII), which was titled, Changing Minds & Machines. It was an ethnographic study of internet governance, the culture(s) and politics of internet infrastructure, standardization and civil society. Drawing on their research, Corinne gave a talk as part of an event series hosted by the Oxford Internet Institute which explored the opaque companies and technologists who exercise significant but rarely questioned power over the Internet. As Corinne said during their talk, this mostly unknown aspect of the Internet is “as important as platform accountability". I invited Corinne onto the show to tell us more.Using the Fastly incident in June, Corinne explains who and what these largely invisible, powerful Internet infrastructure companies are and how an outage can have a “large impact on the entirety of our online ecosystem”. The incident shows “how power is enacted through the functioning and maintenance of Internet infrastructure design.” Corinne goes on to say that  “just because the Internet infrastructure is largely invisible to users doesn't mean that it's apolitical [in the case of Cloudflare and 8chan in particular] and it doesn't mean that these companies can claim neutrality”.Corinne talks about their PhD dissertation and says, “I was really interested in understanding how the engineering cultures of infrastructure organizations influence what but also whose values end up steering technical discussions”. Their fieldwork was conducted in an organization called the Internet Engineering Taskforce (IETF). (Corinne brilliantly summarised their PhD in a series of tweets.)Corinne explains what drew them to research this particular topic and notes that “it is so important to get at the personal drivers of our research and being really upfront and explicit about how those are key part of our research practice and the kind of decisions that we end up making.”Corinne shares why they believe cultural anthropology is relevant “to questions of Internet infrastructure of politics and power”, saying “I believe that anthropology really can provide new, novel perspectives on current Internet infrastructure dilemmas, including those related to the connections between cultures and code.”While there's rightly concern about platform accountability or the power of tech companies, what many people don't realise is that companies like Meta and Amazon are also infrastructure companies. We need to ask ourselves, says Corinne, “how comfortable we are with the fact that a handful of companies are starting to influence huge parts of the entire Internet”. Corinne “really wants to encourage people” to study aspects of the Internet “because the last thing we want” is for a small number of companies to have “a say over many parts of our lives….And us not understanding how it happened”.Lastly, Corinne says, “what we need is a balanced and well-resourced counter-power to the influence of corporate actors that are steering the future of the Internet”.Further readingCorinne has kindly supplied a list of resources and reading that they mentioned in the podcast.

The Swyx Mixtape
Why Remix [Michael Jackson]

The Swyx Mixtape

Play Episode Listen Later Dec 8, 2021 11:16


Listen to devtools.fm: https://devtools.fm/episode/19 (23mins) My livestream going thru Remix docs (ft Lee Robinson): https://www.youtube.com/watch?v=HZV1pT-qMqg Remix's blogpost today: https://remix.run/blog/react-server-components TranscriptAndrew: I've heard the core of remix referenced as that compiler. Can you explain that a little bit? What's it compiling? Is it kind of like Vite where it's more in browser? So what's happening there.Michael: Yeah, that's a great question. So, um, the way I kind of think about remix is it's a compiler for react router, compilers, it might seem funny to somebody that, to sort of think about it this way, because if you're new to web development, you might think, well,haven't we always just compiled our web apps?And the answer is no, we didn't, that's, that's actually pretty new. I remember when I, when I worked at Twitter, we used to have, we had a file. Uh, that we, we just sort of cargo culted into our app from some other team that was working at Twitter, it was called T w T T R dot JS.And it was like, that file was just sort of like making its way around. And if you needed something, some shared thing, you would just go and add it to that file and then you just commit it. And then like the next team would come along and they would be like, oh, we need a, we need a thing in there too.Like, we'll just add it to the file. And then, and that file just was huge. And I remember opening it up one time and thinking like, I remember, uh, cause we, it, it had existed in the days before ES five. And so it had like, it had like a lot of the array pro prototype methods, like reduce and filter and like basic stuff in there.Except they had it like five or six times, because the file was so long that like people didn't take the opportunity to like go back further in the moment. So w why, why am I saying this? Well, that was a decade ago, that was a decade ago at a high-tech company in downtown San Francisco. We were not building our apps.We were not using, modules, uh, and, and a compiler like Webpack and all that stuff. We were, we were literally just like writing JavaScript. Uh, we certainly didn't have TypeScript, uh, or, or, you know, uh, CSS in JS, or a lot of the stuff that people nowadays are, are using compilers for it.Um, and, and honestly, it wasn't even a popular thing back then to pull code off of NPM. Like if you were doing note, it was, but I remember the first time I saw installed jQuery off of NPM, I was like, Like jQuery off npm? Like, why don't I just go to the website and download jQuery? Why am I installing it from NPM?Nowadays if you're a JavaScript developer, it's like, why would you go to somebody's website and download a file? Why don't you just NPM install it, right? Like that is the way we get code. Right? So, so the whole model of consuming front-end code has dramatically changed over the last eight or nine years. And, um, and, and so, compiling for the web is now the thing and installing dependencies, and that's how you share code that is now also the way to do things.And so as a front end team, the front end development team, uh, your job, has, has ballooned in the last 10 years. You used to just write JavaScript and HTML and CSS, and like there's already enough there for you to know how to do right. When you're talking about semantically sound HTML, like building accessible app.And performant apps. There's a lot to discuss with those technologies, but now you, you also are moving further back in the stack. And so you now also have to understand compilers and build pipelines and even things like code splitting, how are you going to do that?And, and, dynamic importing and loading the bundles that sort of run time. And, um, th th there are just so, so many concerns as a front end developer, now that you have, that you didn't use to have. It used to be pop the script tags on the page and go. And so, uh, so yeah, so, so that's kind of how I tend to think about remix is, react router is one piece of it.You can take react-router or you can serve a render it, you can not server render it You can do code splitting with it. You get ignore code splitting. You can build a static site with it. You could build a fully dynamic site with it. It's not opinionated at all. You can build whatever kind of a site that you want with react-router remix comes along and says, Hey, you know, that, that cool router that we built, uh, we're actually going to build a framework for you to take full advantage of that router. So, uh, so we're going to give you TypeScript compiling right out of the box. Uh, we're going to give you things like a strategy for loading data right out of the box.And we're going to give you a strategy for a mutating data right out of the box. And by the way, how do you keep that data fresh on the page? As you do things as you, as you do mutate data, how do you keep other other routes, data fresh, um, how, how do you do things like, transitioning gradually or gracefully between.And so react router or sorry, remix is, uh, it, it really is this a compiler that, your, your input into remix is basically your routes on the file system. Um, and then your output is this, this code, split server rendered app that, uh, yeah. That we can run and we can run on node, we can run it in the browser. We can also run it in places like cloudflare workers. So that's something that I don't think we've we've even hit on yet. But, um, you, you mentioned, I think Justin, before, before we started, you said node was not an option for the app that you're working on. Um, and I totally totally get that.Nowadays we have multiple JavaScript runtimes, so the, you know, the cloudflare workers people. Uh, they just have these V8 isolates with this kind of custom runtime that's based on server work service workers. And they're saying, Hey, we'll run that at the edge for you. Right. So that is, that is not node.Um, and I'm not speaking specifically to your, your use case because a lot of other people are, have that same case, but yeah, they're, they're building, uh they're building something that is not node and they're saying, "Hey, it's still JavaScript. You might maybe want to run your app here." And so one conscious decision that we made early on in the, in the design for remix was this thing is not going to be dependent on node.Uh, we've also got Dino or Deno. I'm not sure how to pronounce it. That's that's out there, right? That is also a not node. Definitely not node and node has been forked in the past. You know? So like, I, I just anticipate that the future is going to be a proliferation of, of runtimes for JavaScript that are not node. Node is going to be a big popular choice for a long, long time, but I think that we're going to see see more and more options for developers going forward. Uh, and so remix is not coupled to node. We actually run natively on CloudFlare workers and our server runtime is completely generic.We actually borrowed the idea for our server runtime from them that I said they, they based their whole thing on the service worker model, which of course includes, uh, the fetch API requests, response headers. We took that and we ran with it.And so our entire server runtime is generic and just runs on these requests and response objects, uh, that conform to that exact same API. So, you know, we've already talked about how we'd love standards. I love standards We're actually building on these web standards on the, on our server layer as well.Which allows it to be portable across any runtime that supports that standard, which is really cool.Justin: Was this, something that would generally run on what we would traditionally consider a serverless platform. So like AWS lambda are you specifically targeting like service worker, like APIs, like CloudFlare or even the browser service workers I guess?Michael: So we, we sometimes need a little bit of a translation layer depending on where we're running. Right. So we have these things called adapters. Um, so our, our server runtime is generic, right. We just, we just deal with request and response objects with the fetch API or the service worker API. Um, but yeah, but if we are running on node, then we need a little bit of help, right.Cause node doesn't have those things. So we can install node fetch, and now we can get those primitives running on node. We already get them running on CloudFlare workers, which is nice. They're already on Dino, which is nice as well. So, you know, whatever platform that we're on, if we're running on AWS Lambda, um, or, Google cloud functions, like what, wherever remix is running.Um, if they have support for the web fetch API. Great. If they don't, we'll polyfill it and remix will run there to.

BlogAid Podcast
Tips Tuesday – TikTok Fan Money, IndexNow, WP 5.9 Beta, Product Review Guidelines

BlogAid Podcast

Play Episode Listen Later Dec 7, 2021 20:31


Tips this week include: • Get discounts on all BlogAid Courses during the holiday sales • New DIY SEO tutorials are coming soon • Code Name Ida tests are underway • The first WP Beta 5.9 is out • Update on a project I'm trying to stop in the WP Performance team • Why we won't be using the Cloudflare beta test of IndexNow • Good news from Google for product review posts and affiliate marketers • TikTok adds more ways for creators to get paid directly from their followers • Facebook tries to copycat this TikTok move, and why it won't work

Backup Central's Restore it All
Rclone creator Nick Craig-Wood Explains This Powerfool Tool

Backup Central's Restore it All

Play Episode Listen Later Dec 6, 2021 46:38


This week, we talk to Nick Craigwood, the creator and principal developer of rclone, a very popular open-source tool for copying data to and from cloud providers. Rclone is downloaded roughly 250,000 times each month, and has over 30,000 stars on GitHub. There are six core developers, and a great community of users and other developers at rclone.org. We talk a little bit about Nick's development philosophy, which is that he doesn't mind adding features - as long as they don't break backwards compatibility. Then we talk about how rclone works, and what it's like to sync a filesystem to an object store – including support for multi-part uploads and downloads. We also talk about rclone's encryption support, while Nick was “relaxing” on holiday. We then talked about how rclone can be used to minimize the risk of backing up to any one cloud provider, preventing things like what happened during the OVH fire earlier in 2021. We also discuss some strategies, such as backing up directly to two different clouds, versus backing up to one, then syncing to another – and how CloudFlare's R2 might figure into things. Finally, we talk about Nick's plans for rclone's future, such as making their web UI better to increase usability for many more people – while not sacrificing the command line. Join us for a fascinating episode, the first one where we're talking to the creator of the tool in question. Don't forget the drawing for a free e-book version of Modern Data Protection. All you have to do to be eligible is sign up for my newsletter at https://www.backupcentral.com/subscribe-to-our-newsletter/

Joey's Totally Tech
Koolertron 9-Key Programmable Keyboard Review

Joey's Totally Tech

Play Episode Listen Later Dec 6, 2021 26:19


Programmable macro keyboards! They make life easier for many! Recently in one of our episodes we mentioned a Koolertron programmable macro keyboard! Well I found a smaller 9-key version of the keyboard and today I'm reviewing that! Is this something you should buy? Find out here on Joey's Totally Tech! Visit https://joeystotallytech.com/webhostpython for Webhost Python's excellent web hosting! They provide fast hosting and fast customer service! And Venom Power accelerates your website 30 times faster than the competition with fast NVMe SSD storage and E5 powerhouse servers as well as a partnership with Cloudflare and Railgun for your content delivery! Use coupon code HD50 for half off of your first month of service!

Alles auf Aktien
Doomsday für Hype-Aktien und Didis unrühmlicher Abgang

Alles auf Aktien

Play Episode Listen Later Dec 6, 2021 17:29


In der heutigen Folge „Alles auf Aktien“ berichten die Finanzjournalisten Daniel Eckert und Anja Ettel von einem unrühmlichen Abgang an der Wall Street, dem krassen Absturz eines Corona-Highflyers und einem großen Dividenden-Versprechen. Außerdem geht es um MTU Aero Engines, Continental, Deutsche Telekom, Daimler, Allianz, Pinduoduo, Netease, JD.com, Baidu., Didi, Uber, Crowdstrike, DocuSign, Bitcoin, Ether, Atlassian, Cloudflare, Jumia, Tesla, The Trade Desk, Zoom Video, MicroStrategy, Coinbase, Square, Adobe, DigitalOcean, PlugPower, Salesforce, ARK Innovation, Amazon, Apple, Alphabet (Google), Meta Platforms (Facebook), Microsoft und BASF. "Alles auf Aktien" ist der tägliche Börsen-Shot aus der WELT-Wirtschaftsredaktion. Die Wirtschafts- und Finanzjournalisten Holger Zschäpitz, Anja Ettel, Philipp Vetter, Daniel Eckert und Nando Sommerfeldt diskutieren im Wechsel über die wichtigsten News an den Märkten und das Finanzthema des Tages. Außerdem gibt es jeden Tag eine Inspiration, die das Leben leichter machen soll. In nur zehn Minuten geht es um alles, was man aktuell über Aktien, ETFs, Fonds und erfolgreiche Geldanlage wissen sollte. Für erfahrene Anleger und Neueinsteiger. Montag bis Freitag, ab 6 Uhr morgens. Wir freuen uns an Feedback über aaa@welt.de. Disclaimer: Die im Podcast besprochenen Aktien und Fonds stellen keine spezifischen Kauf- oder Anlage-Empfehlungen dar. Die Moderatoren und der Verlag haften nicht für etwaige Verluste, die aufgrund der Umsetzung der Gedanken oder Ideen entstehen. Für alle, die noch mehr wissen wollen: Holger Zschäpitz können Sie jede Woche im Finanz- und Wirtschaftspodcast "Deffner&Zschäpitz" hören.

Screaming in the Cloud
Ironing out the BGP Ruffles with Ivan Pepelnjak

Screaming in the Cloud

Play Episode Listen Later Dec 3, 2021 42:19


About IvanIvan Pepelnjak, CCIE#1354 Emeritus, is an independent network architect, blogger, and webinar author at ipSpace.net. He's been designing and implementing large-scale service provider and enterprise networks as well as teaching and writing books about advanced internetworking technologies since 1990.https://www.ipspace.net/About_Ivan_PepelnjakLinks:ipSpace.net: https://ipspace.net TranscriptAnnouncer: Hello, and welcome to Screaming in the Cloud with your host, Chief Cloud Economist at The Duckbill Group, Corey Quinn. This weekly show features conversations with people doing interesting work in the world of cloud, thoughtful commentary on the state of the technical world, and ridiculous titles for which Corey refuses to apologize. This is Screaming in the Cloud.Corey: This episode is sponsored in part by my friends at ThinkstCanary. Most companies find out way too late that they've been breached. ThinksCanary changes this and I love how they do it. Deploy canaries and canary tokens in minutes and then forget about them. What's great is the attackers tip their hand by touching them, giving you one alert, when it matters. I use it myself and I only remember this when I get the weekly update with a “we're still here, so you're aware” from them. It's glorious! There is zero admin overhead  to this, there are effectively no false positives unless I do something foolish. Canaries are deployed and loved on all seven continents. You can check out what people are saying at canary.love. And, their Kub config canary token is new and completely free as well. You can do an awful lot without paying them a dime, which is one of the things I love about them. It is useful stuff and not an, “ohh, I wish I had money.” It is speculator! Take a look; that's canary.love because it's genuinely rare to find a security product that people talk about in terms of love. It really is a unique thing to see. Canary.love. Thank you to ThinkstCanary for their support of my ridiculous, ridiculous non-sense.  Corey: Developers are responsible for more than ever these days. Not just the code they write, but also the containers and cloud infrastructure their apps run on. And a big part of that responsibility is app security — from code to cloud.That's where Snyk comes in. Snyk is a frictionless security platform that meets developers where they are, finding and fixing vulnerabilities right from the CLI, IDEs, repos, and pipelines. And Snyk integrates seamlessly with AWS offerings like CodePipeline, EKS, ECR, etc., etc., etc., you get the picture! Deploy on AWS. Secure with Snyk. Learn more at snyk.io/scream. That's S-N-Y-K-dot-I-O/scream. Because they have not yet purchased a vowel.Corey: Welcome to Screaming in the Cloud. I'm Corey Quinn. I have an interesting and storied career path. I dabbled in security engineering slash InfoSec for a while before I realized that being crappy to people in the community wasn't really my thing; I was a grumpy Unix systems administrator because it's not like there's a second kind of those out there; and I dabbled ever so briefly in the wide world of network administration slash network engineering slash plugging the computers in to make them talk to one another, ideally correctly. But I was always a dabbler. When it comes time to have deep conversations about networking, I immediately tag out and look to an expert. My guest today is one such person. Ivan Pepelnjak is oh so many things. He's a CCIE emeritus, and well, let's start there. Ivan, welcome to the show.Ivan: Thanks for having me. And oh, by the way, I have to tell people that I was a VAX/VMS administrator in those days.Corey: Oh, yes the VAX/VMS world was fascinating. I talked—Ivan: Yes.Corey: —to a company that was finally emulating them on physical cards because that was the only way to get them there. Do you refer to them as VAXen, or VAXes, or how did you wind up referring—Ivan: VAXes.Corey: VAXes. Okay, I was on the other side of that with the inappropriately pluralizing anything that ends with an X with an en—‘boxen' and the rest. And that's why I had no friends for many years.Ivan: You do know what the first VAX was, right?Corey: I do not.Ivan: It was a Swedish Hoover company.Corey: Ooh.Ivan: And they had a trademark dispute with Digital over the name, and then they settled that.Corey: You describe yourself in your bio as a CCIE Emeritus, and you give the number—which is low—number 1354. Now, I've talked about certifications on this show in the context of the modern era, and whether it makes sense to get cloud certifications or not. But this is from a different time. Understand that for many listeners, these stories might be older than you are in some cases, and that's okay. But Cisco at one point, believe it or not, was a shining beacon of the industry, the kind of place that people wanted to work at, and their certification path was no joke.I got my CCNA from them—Cisco Certified Network Administrator—and that was basically a byproduct of learning how networks worked. There are several more tiers beyond that, culminating in the CCIE, which stands for Cisco Certified Internetworking Expert, or am I misremembering?Ivan: No, no, that's it.Corey: Perfect. And that was known as the doctorate of networking in many circles for many years. Back in those days, if you had a CCIE, you are guaranteed to be making an awful lot of money at basically any company you wanted to because you knew how networking—Ivan: In the US.Corey: —worked. Well, in the US. True. There's always the interesting stories of working in places that are trying to go with the lowest bidder for networking gear, and you wind up spending weeks on end trying to figure out why things are breaking intermittently, and only to find out at the end that someone saved 20 bucks by buying cheap patch cables. I digress, and I still have the scars from those.But it was fascinating in those days because there was a lab component of getting those tests. There were constant rumors that in the middle of the night, during the two-day certification exam, they would come in and mess with the lab and things you'd set up—Ivan: That's totally true.Corey: —you'd have to fix it the following day. That is true?Ivan: Yeah. So, in the good old days, when the lab was still physical, they would even turn the connectors around so that they would look like they would be plugged in, but obviously there was no signal coming through. And they would mess up the jumpers on the line cards and all that stuff. So, when you got your broken lab, you really had to work hard, you know, from the physical layer, from the jumpers, and they would mess up your config and everything else. It was, you know, the real deal. The thing you would experience in real world with, uh, underqualified technicians putting stuff together. Let's put it this way.Corey: I don't wish to besmirch our brethren working in the data centers, but having worked with folks who did some hilariously awful things with cabling, and how having been one of those people myself from time to time, it's hard to have sympathy when you just spent hours chasing it down. But to be clear, the CCIE is one of those things where in a certain era, if you're trying to have an argument on the internet with someone about how networks work and their responses, “Well, I'm a CCIE.” Yeah, the conversation was over at that point. I'm not one to appeal to authority on stuff like that very often, but it's the equivalent of arguing about medicine with a practicing doctor. It's the same type of story; it is someone where if they're wrong, it's going to be in the very fringes or the nuances, back in this era. Today, I cannot speak to the quality of CCIEs. I'm not attempting to besmirch any of them. But I'm also not endorsing that certification the way I once did.Ivan: Yeah, well, I totally agree with you. When this became, you know, a mass certification, the reason it became a mass certification is because reseller discounts are tied to reseller status, which is tied to the number of CCIEs they have, it became, you know, this, well, still high-end, but commodity that you simply had to get to remain employed because your employer needed the extra two point discount.Corey: It used to be that the prerequisite for getting the certification was beyond other certifications was, you spent five or six years working on things.Ivan: Well, that was what gave you the experience you needed because in those days, there were no boot camps. Today, you have [crosstalk 00:06:06]—Corey: Now, there's boot camp [crosstalk 00:06:07] things where it's we're going to train you for four straight weeks of nothing but this, teach to the test, and okay.Ivan: Yeah. No, it's even worse, there were rumors that some of these boot camps in some parts of the world that shall remain unnamed, were actually teaching you how to type in the commands from the actual lab.Corey: Even better.Ivan: Yeah. You don't have to think. You don't have to remember. You just have to type in the commands you've learned. You're done.Corey: There's an arc to the value of a certification. It comes out; no one knows what the hell it is. And suddenly it's, great, you can use that to really identify what's great and what isn't. And then it goes at some point down into the point where it becomes commoditized and you need it for partner requirements and the rest. And at that point, it is no longer something that is a reliable signal of anything other than that someone spent some time and/or money.Ivan: Well, are you talking about bachelor degree now?Corey: What—no, I don't have one of those either. I have—Ivan: [laugh].Corey: —an eighth grade education because I'm about as good of an academic as it probably sounds like I am. But the thing that really differentiated in my world, the difference between what I was doing in the network engineering sense, and the things that folks like you who were actually, you know, professionals rather than enthusiastic amateurs took into account was that I was always working inside of the LAN—Local Area Network—inside of a data center. Cool, everything here inside the cage, I can make a talk to each other, I can screw up the switching fabric, et cetera, et cetera. I didn't deal with any of the WAN—Wide Area Network—think ‘internet' in some cases. And at that point, we're talking about things like BGP, or OSPF in some parts of the world, or RIP. Or RIPv2 if you make terrible life choices.But BGP is the routing protocol that more or less powers the internet. At the time of this recording, we're a couple weeks past a BGP… kerfuffle that took Facebook down for a number of hours, during which time the internet was terrific. I wish they could do that more often, in fact; it was almost like a holiday. It was fantastic. I took my elderly relatives out and got them vaccinated. It was glorious.Now, we're back to having Facebook and, terrific. The problem I have whenever something like this happens is there's a whole bunch of crappy explainers out there of, “What is BGP and how might it work?” And people have angry opinions about all of these things. So instead, I prefer to talk to you. Given that you are a networking trainer, you have taught people about these things, you have written books, you have operated large—scale environments—Ivan: I even developed a BGP course for Cisco.Corey: You taught it for Cisco, of all places—Ivan: Yeah. [laugh].Corey: —back when that was impressive, and awesome and not a has-been. It's honestly, I feel like I could go there and still wind up going back in time, and still, it's the same Cisco in some respects: ‘evolve or die dinosaur,' and they got frozen in amber. But let's start at the very beginning. What is BGP?Ivan: Well, you know, when the internet was young, they figured out that we aren't all friends on the internet anymore. And I want to control what I tell you, and you want to control what you tell me. And furthermore, I want to control what I believe from what you're telling me. So, we needed a protocol that would implement policy, where I could say, “I will only announce my customers to you, but not what I've heard from Verizon.” And you will do the same.And then I would say, “Well, but I don't want to hear about that customer of yours because he's also my customer.” So, we need some sort of policy. And so they invented a protocol where you will tell me what you have, I will tell you what I have and then we would both choose what we want to believe and follow those paths to forward traffic. And so BGP was born.Corey: On some level, it seems like it's this faraway thing to people like me because I have a residential internet connection and I am not generally allowed to make my own BGP announcements to the greater world. Even when I was working in data centers, very often the BGP was handled by our upstream provider, or very occasionally by a router they would drop in with the easiest maintenance instructions in the world for me of, “Step one, make sure it has power. Step two, never touch it. Step three, we'd prefer if you don't even look at it and remain at least 20 feet away to keep from bringing your aura near anything we care about.” And that's basically how you should do with me in the context of hardware. So, it was always this arcane magic thing.Ivan: Well, it's not. You know, it's like power transmission: when you know enough about it, it stops being magic. It's technology, it's a bit more complicated than some other stuff. It's way less complicated than some other stuff, like quantum physics, but still, it's so rarely used that it gets this aura of being mysterious. And then of course, everyone starts getting their opinion, particularly the graduates of the Facebook Academy.And yes, it is true that usually BGP would be used between service providers, so whenever, you know, we are big enough to need policy, if you just need one uplink, there is no policy there. You either use the uplink or you don't use the uplink. If you want to have two different links to two different points of presence or to two different service providers, then you're already in the policy land. Do I prefer one provider over the other? Do I want to announce some things to one provider but other things to the other? Do I want to take local customers from both providers because I want to, you know, have lower latency because they are local customers? Or do I want to use one solely as the backup link because I paid so little for that link that I know it's shitty.So, you need all that policy stuff, and to do that, you really need BGP. There is no other routing protocol in the world where you could implement that sort of policy because everything else is concerned mostly with, let's figure out as fast as possible, what is reachable and how to get there. And BGP is like, “Hey, slow down. There's policy.”Corey: Yeah. In the context of someone whose primary interaction with networks is their home internet, where there's a single cable coming in from the outside world, you plug it into a device, maybe yours, maybe ISPs, maybe we don't care. That's sort of the end of it. But think in terms of large interchanges, where there are multiple redundant networks to get from here to somewhere else; which one should traffic go down at any given point in time? Which networks are reachable on the other end of various distant links? That's the sort of problem that BGP is very good at addressing and what it was built for. If you're running BGP internally, in a small network, consider not doing exactly that.Ivan: Well, I've seen two use cases—well, three use cases for people running BGP internally.Corey: Okay, this I want to hear because I was always told, “No touch ‘em.” But you know, I'm about to learn something. That's why I'm talking to you.Ivan: The first one was multinationals who needed policy.Corey: Yes. Many multi-site environments, large-scale companies that have redundant links, they're trying to run full mesh in some cases, or partial mesh where—between a bunch of facilities.Ivan: In this case, it was multiple continents and really expensive transcontinental links. And it was, I don't want to go from Europe to Sydney over US; I want to go over Middle East. And to implement that type of policy, you have to split, you know, the whole network into regions, and then each region is what BGP calls an autonomous system, so that it gets its stack, its autonomous system number and then you can do policy on that saying, “Well, I will not announce Asian routes to Europe through US, or I will make them less preferred so that if the Middle East region goes down, I can still reach Asia through US but preferably, I will not go there.”The second one is yet again, large networks where they had too many prefixes for something like OSPF to carry, and so their OSPF was breaking down and the only way to solve that was to go to something that was designed to scale better, which was BGP.And third one is if you want to implement some of the stuff that was designed for service providers, initially, like, VPNs, layer two or layer three, then BGP becomes this kitchen sink protocol. You know, it's like using Route 53 as a database; we're using BGP to carry any information anyone ever wants to carry around. I'm just waiting for someone to design JSON in BGP RFC and then we are, you know… where we need to be.Corey: I feel on some level, like, BGP gets relatively unfair criticism because the only time it really intrudes on the general awareness is when something has happened and it breaks. This is sort of the quintessential network or systems—or, honestly, computer—type of issue. It's either invisible, or you're getting screamed at because something isn't working. It's almost like a utility. On some level. When you turn on a faucet, you don't wonder whether water is going to come out this time, but if it doesn't, there's hell to pay.Ivan: Unless it's brown.Corey: Well, there is that. Let's stay away from that particular direction; there's a beautiful metaphor, probably involving IBM, if we do. So, the challenge, too, when you look at it is that it's this weird, esoteric thing that isn't super well understood. And as soon as it breaks, everyone wants to know more about it. And then in full on charging to the wrong side of the Dunning-Kruger curve, it's, “Well, that doesn't sound hard. Why are they so bad at it? I would be able to run this better than they could.” I assure you, you can't. This stuff is complicated; it is nuanced; it's difficult. But the common question is, why is this so fragile and able to easily break? I'm going to turn that around. How is it that something that is this esoteric and touches so many different things works as well as it does?Ivan: Yeah, it's a miracle, particularly considering how crappy the things are configured around the world.Corey: There have been periodic outages of sites when some ISP sends out a bad BGP announcement and their upstream doesn't suppress it because hey, you misconfigured things, and suddenly half the internet believes oh, YouTube now lives in this tiny place halfway around the world rather than where it is currently being Anycasted from.Ivan: Called Pakistan, to be precise.Corey: Exact—there was an actual incident there; we are not dunking on Pakistan as an example of a faraway place. No, no, an Pakistani ISP wound up doing exactly this and taking YouTube down for an afternoon a while back. It's a common problem.Ivan: Yeah, the problem was that they tried to stop local users accessing YouTube. And they figured out that, you know, YouTube, is announcing this prefix and if they would announce to more specific prefixes, then you know, they would attract the traffic and the local users wouldn't be able to reach YouTube. Perfect. But that leaked.Corey: If you wind up saying that, all right, the entire internet is available on this interface, and a small network of 256 nodes available on the second interface, the most specific route always wins. That's why the default route or route of last resort is the entire internet. And if you don't know where to send it, throw it down this direction. That is usually, in most home environments, the gateway that then hands it up to your ISP, where they inspect it and do all kinds of fun things to sell ads to you, and then eventually get it to where it's going.This gets complicated at these higher levels. And I have sympathy for the technical aspects of what happened at Facebook; no sympathy whatsoever for the company itself because they basically do far more harm than they do good and I've been very upfront about that. But I want to talk to you as well about something that—people are going to be convinced I'm taking this in my database direction, but I assure you I'm not—DNS. What is the relationship between BGP and DNS? Which sounds like a strange question, sometimes.Ivan: There is none.Corey: Excellent.Ivan: It's just that different large-scale properties decided to implement the global load-balancing global optimal access to their servers in different ways. So, Cloudflare is a typical example of someone who is doing Anycast, they are announcing the same networks, the same prefixes, from hundreds locations around the world. So, BGP will take care that you always get to the close Cloudflare [unintelligible 00:18:46]. And that's it. That's how they work. No magic. Facebook didn't believe in the power of Anycast when they started designing their service. So, what they're doing is they have DNS servers around the world, and the DNS servers serve the local region, if you wish. And that DNS server then decides what facebook.com really stands for. So, if you query for facebook.com, you'll get a different answer in Europe than in US.Corey: Just a slight diversion on what Anycast is. If I ping Google's public resolver 8.8.8.8—easy to remember—from my computer right now, the packet gets there and back in about five milliseconds.Wherever you are listening to this, if you were to try that same thing you'd see something roughly similar. Now, one of two things is happening; either Google has found a way to break the laws of physics and get traffic to a central point faster than light for the 8.8.8.8 that I'm talking to and the one that you are talking to are not in fact the same computer.Ivan: Well, by the way, it's 13 milliseconds for me. And between you and me, it's 200 millisecond. So yes, they are cheating.Corey: Just a little bit. Or unless they tunneled through the earth rather than having to bounce it off of satellites and through cables.Ivan: No, even that wouldn't work.Corey: That's what the quantum computers are for. I always wondered. Now, we know.Ivan: Yeah. They're entangling the replies in advance, and that's how it works. Yeah, you're right.Corey: Please continue. I just wanted to clarify that point because I got that one hilariously wrong once upon a time and was extremely confused for about six months.Ivan: Yeah. It's something that no one ever thinks about unless, you know, you're really running large-scale DNS because honestly, root DNS servers were Anycasted for ages. You think they're like 12 different root DNS servers; in reality, there are, like, 300 instances hidden behind those 12 addresses.Corey: And fun trivia fact; the reason there are 12 addresses is because any more than that would no longer fit within the 512 byte limit of a UDP packet without truncating.Ivan: Thanks for that. I didn't know that.Corey: Of course. Now, EDNS extensions that you go out with a larger [unintelligible 00:21:03], but you can't guarantee that's going to hit. And what happens when you receive a UDP packet—when you receive a DNS result with a truncate flag set on the UDP packet? It is left to the client. It can either use the partial result, or it can try and re-establish over a TCP connection.That is one of those weird trivia questions they love to ask in sysadmin interviews, but it's yeah, fundamentally, if you're doing something that requires the root nameservers, you don't really want to start going down those arcane paths; you want it to just be something that fits in a single packet not require a whole bunch of computational overhead.Ivan: Yeah, and even within those 300 instances, there are multiple servers listening to the same IP address and… incoming packets are just sprayed across those servers, and whichever one gets the packet replies to it. And because it's UDP, it's one packet in one packet out. Problem solved. It all works. People thought that this doesn't work for TCP because, you know, you need a whole session, so you need to establish the session, you send the request, you get the reply, there are acknowledgements, all that stuff.Turns out that there is almost never two ways to get to a certain destination across the internet from you. So, people thought that, you know, this wouldn't work because half of your packets will end in San Francisco, and half of the packets will end in San Jose, for example. Doesn't work that way.Corey: Why not?Ivan: Well, because the global Internet is so diverse that you almost never get two equal cost paths to two different destinations because it would be San Francisco and San Jose announcing 8.8.8.8 and it would be a miracle if you would be sitting just in the middle so that the first packet would go to San Francisco, the second one would go to San Jose, and you know, back and forth. That never happens. That's why Cloudflare makes it work by analysing the same prefix throughout the world.Corey: So, I just learned something new about how routing announcements work, an aspect of BGP, and you a few minutes ago learned something about the UDP size limit and the root name servers. BGP and DNS are two of the oldest protocols in existence. You and I are also decades into our careers. If someone is starting out their career today, working in a cloud-y environment, there are very few network-centric roles because cloud providers handle a lot of this for us. Given these protocols are so foundational to what goes on and they're as old as they are, are we as an industry slash sector slash engineers losing the skills to effectively deploy and manage these things?Ivan: Yes. The same problem that you have in any other sufficiently developed technology area. How many people can build power lines? How many people can write a compiler? How many people can design a new CPU? How many people can design a new motherboard?I mean, when I was 18 years old, I was wire wrapping my own motherboard, with 8-bit processor. You can't do that today. You know, as the technology is evolving and maturing, it's no longer fun, it's no longer sexy, it stops being a hobby, and so it bifurcates into users and people who know about stuff. And it's really hard to bridge the gap from one to the other. So, in the end, you have, like, this 20 [graybeard 00:24:36] people who know everything about the technology, and the youngsters have no idea. And when these people die, don't ask me [laugh] how we'll get any further on.Corey: This episode is sponsored by our friends at CloudAcademy. That's right, they have a different lab challenge up for you called, “Code Red: Repair an AWS Environment with a Linux Bastion Host.” What does it do? Well, its going to assess your ability to troubleshoot AWS networking and security issues in a production like environment. Well, kind of, its not quite like production because some exec is not standing over your shoulder, wetting themselves while screaming. But..ya know, you can pretend in fact I'm reasonably certain you can retain someone specifically for that purpose should you so choose. If you are the first prize winner who completes all four challenges with the fastest time, you'll win a thousand bucks. If you haven't started yet you can still complete all four challenges between now and December 3rd to be eligible for the grand prize. There's only a few days left until the whole thing ends, so I would get on it now. Visit cloudacademy.com/corey. That's cloudacademy.com/C-O-R-E-Y, for god's sake don't drop the “E” that drives me nuts, and thank you again to Cloud Academy for not only promoting my ridiculous non sense but for continuing to help teach people how to work in this ridiculous environment.Corey: On some level, it feels like it's a bit of a down the stack analogy for what happened to me early in my career. My first systems administration job was running a large-scale email system. So, it was a hobby that I was interested in. I basically bluffed my way into working at a university for a year—thanks, Chapman; I appreciate that [laugh]—and it was great, but it was also pretty clear to me that with the rise of things like hosted email, Gmail, and whatnot, it was not going to be the future of what the present day at that point looked like, which was most large companies needed an email administrator. Those jobs were dwindling.Now, if you want to be an email systems administrator, there are maybe a dozen companies or so that can really use that skill set and everyone else just outsources that said, at those companies like Google and Microsoft, there are some incredibly gifted email administrators who are phenomenal at understanding every nuance of this. Do you think that is what we're going to see in the world of running BGP at large scale, where a few companies really need to know how this stuff works and everyone else just sort of smiles, nods and rolls with it?Ivan: Absolutely. We're already there. Because, you know, if I'm an end customer, and I need BGP because I have to uplinks to two ISPs, that's really easy. I mean, there are a few tricks you should follow and hopefully, some of the guardrails will be built into network operating systems so that you will really have to configure explicitly that you want to leak [unintelligible 00:26:15] between Verizon and AT&T, which is great fun if you have too low-speed links to both of them and now you're becoming transit between the two, which did happen to Verizon; that's why I'm mentioning them. Sorry, guys.Anyway, if you are a small guy and you just need two uplinks, and maybe do a bit of policy, that's easy and that's achievable, let's say with some Google and paste, and throwing spaghetti at the wall and seeing what sticks. On the other hand, what the large-scale providers—like for example Facebook because we were talking about them—are doing is, like, light years away. It's like comparing me turning on the light bulb and someone running, you know, nuclear reactor.Corey: Yeah, you kind of want the experts running some aspects on that. Honestly, in my case, you probably want someone more competent flipping the light switch, too. But that's why I have IoT devices here that power my lights, it on the one hand, keeps me from hurting myself on the other leads to a nice seasonal feel because my house is freaking haunted.Ivan: So, coming back to Facebook, they have these DNS servers all around the world and they don't want everyone else to freak out when one of these DNS servers goes away. So, that's why they're using the same IP address for all the DNS servers sitting anywhere in the world. So, the name server for facebook.com is the same worldwide. But it's different machines and they will give you different answers when you ask, “Where is facebook.com?”I will get a European answer, you will get a US answer, someone in Asia will get whatever. And so they're using BGP to advertise the DNS servers to the world so that everyone gets to the closest DNS server. And now it doesn't make sense, right, for the DNS server to say, “Hey, come to European Facebook,” if European Facebook tends to be down. So, if their DNS server discovers that it cannot reach the servers in the data center, it stops advertising itself with BGP.Why would BGP? Because that's the only thing it can do. That's the only protocol where I can tell you, “Hey, I know about this prefix. You really should send the traffic to me.” And that's what happened to Facebook.They bricked their backbone—whatever they did; they never told—and so their DNS server said, “Gee, I can't reach the data center. I better stop announcing that I'm a DNS server because obviously I am disconnected from the rest of Facebook.” And that happens to all DNS servers because, you know, the backbone was bricked. And so they just, you know, [unintelligible 00:29:03] from the internet, they've stopped advertising themselves, and so we thought that there was no DNS server for Facebook. Because no DNS server was able to reach their core, and so all DNS servers were like, “Gee, I better get off this because, you know, I have no clue what's going on.”So, everything was working fine. Everything was there. It's just that they didn't want to talk to us because they couldn't reach the backend servers. And of course, people blamed DNS first because the DNS servers weren't working. Of course they weren't. And then they blame the BGP because it must be BGP if it isn't DNS. But it's like, you know, you're blaming headache and muscle cramps and high fever, but in fact you have flu.Corey: For almost any other company that wasn't Facebook, this would have been a less severe outage just because most companies are interdependent on each other companies to run infrastructure. When Facebook itself has evolved the way that it has, everything that they use internally runs on the same systems, so they wound up almost with a bootstrapping problem. An example of this in more prosaic terms are okay, the data center had a power outage. Okay, now I need to power up all the systems again and the physical servers I'm trying to turn on need to talk to a DNS server to finish booting but the DNS server is a VM that lives on those physical servers. Uh-oh. Now, I'm in trouble. That is a overly simplified and real example of what Facebook encountered trying to get back into this, to my understanding.Ivan: Yes, so it was worse than that. It looks like, you know, even out-of-band management access didn't work, which to me would suggest that out-of-band management was using authentication servers that were down. People couldn't even log to Zoom because Zoom was using single-sign-on based on facebook.com, and facebook.com was down so they couldn't even make Zoom calls or open Google Docs or whatever. There were rumors that there was a certain hardware tool with a rotating blade that was used to get into a data center and unbrick a box. But those rumors were vehemently denied, so who knows?Corey: The idea of having someone trying to physically break into a data center in order to power things back up is hilarious, but it does lead to an interesting question, which is in this world of cloud computing, there are a lot of people in the physical data centers themselves, but they don't have access, in most cases to log into any of the boxes. One of the most naive things I see all the time is, “Oh well, the cloud provider can read all of your data.” No, they can't. These things are audited. And yeah, theoretically, if they're lying outright, and somehow have falsified all of the third-party audit stuff that has been reported and are willing to completely destroy their business when it gets out—and I assure you, it would—yeah, theoretically, that's there. There is an element of trust here. But I've had to answer a couple of journalists questions recently of, “Oh, is AWS going to start scanning all customer content?” No, they physically cannot do it because there are many ways you can configure things where they cannot see it. And that's exactly what we want.Ivan: Yeah, like a disk encryption.Corey: Exactly. Disk encryption, KMS on some level, using—rolling your own, et cetera, et cetera. They use a lot of the same systems we do. The point being, though, is that people in the data centers do not even have logging rights to any of these nodes for the physical machines, in some cases, let alone the customer tenants on top of those things. So, on some level, you wind up with people building these systems that run on top of these computers, and they've never set foot in one of the data centers.That seems ridiculous to me as someone who came up visiting data centers because I had to know where things were when they were working so I could put them back that way when they broke later. But that's not necessary anymore.Ivan: Yeah. And that's the problem that Facebook was facing with that outage because you start believing that certain systems will always work. And when those systems break down, you're totally cut off. And then—oh, there was an article in ACM Queue long while ago where they were discussing, you know, the results of simulated failures, not real ones, and there were hilarious things like phone directory was offline because it wasn't on UPS and so they didn't know whom to call. Or alerts couldn't be diverted to a different data center because the management station for alert configuration was offline because it wasn't on UPS.Or, you know the one, right, where in New York, they placed the gas pump in the basement, and the diesel generators were on the top floor, and the hurricane came in and they had to carry gas manually, all the way up to the top floor because the gas pump in the basement just stopped working. It was flooded. So, they did everything right, just the fuel wouldn't come to the diesel generators.Corey: It's always the stuff that is under the hood on these things that you can't make sense of. One of the biggest things I did when I was evaluating data center sites was I'd get a one-line diagram—which is an electrical layout of the entire facility—great. I talked to the folks running it. Now, let's take a walk and tour it. Hmmm, okay. You show four transformers on your one-line diagram. I see two transformers and two empty concrete pads. It's an aspirational one-line diagram. It's a joke that makes it a one-liner diagram and it's not very funny. So it's, okay if I can't trust you for those little things, that's a problem.Ivan: Yeah, well, I have another funny story like that. We had two power feeds coming into the house plus the diesel generator, and it was, you know, the properly tested every month diesel generator. And then they were doing some maintenance and they told us in advance that they will cut both power feeds at 2 a.m. on a Sunday morning.And guess what? The diesel generator didn't start. Half an hour later UPS was empty, we were totally dead in water with quadruple redundancy because you can't get someone it's 2 a.m. on a Sunday morning to press that button on the diesel generator. In half an hour.Corey: That is unfortunate.Ivan: Yeah, but that's how the world works. [laugh].Corey: So, it's been fantastic reminding myself of some of the things I've forgotten because let's be clear, in working with cloud, a lot of this stuff is completely abstracted away. I don't have to care about most of these things anymore. Now, there's a small team of people that AWS who very much has to care; if they don't, I will say mean things to them on Twitter, if I let my HugOps position slip up just a smidgen. But they do such a good job at this that we don't have problems like this, almost ever, to the point where when it does happen, it's noteworthy. It's been fun talking to you about this just because it's a trip down a memory lane that is a lot more aligned with the things that are there and we tend not to think about them. It's almost a How it's Made episode.Ivan: Yeah. And don't be so relaxed regarding the cloud networking because, you know, if you don't go full serverless with nothing on-premises, you know what protocol you're running between on-premises and the cloud on direct connect? It's called BGP.Corey: Ah. You know, I did not know that. I've done some ridiculous IPsec pairings over those things, and was extremely unhappy for a while afterwards, but I never got to the BGP piece of it. Makes sense.Ivan: Yeah, even over IPsec if you want to have any dynamic failover, or multiple sites, or anything, it's [BP 00:36:56].Corey: I really want to thank you for taking the time to go through all this with me. If people want to learn more about how you view these things, learn more things from you, as I'd strongly recommend they should if they're even slightly interested by the conversation we've had, where can they find you?Ivan: Well, just go to ipspace.net and start exploring. There's the blog with thousands of blog entries, some of them snarkier than others. Then there are, like, 200 webinars, short snippets of a few hours of—Corey: It's like a one man version of re:Invent. My God.Ivan: Yeah, sort of. But I've been working on this for ten years, and they do it every year, so I can't produce the content at their speed. And then there are three different full-blown courses. Some of them are just, you know, the materials from the webinars, plus guest speakers plus hands-on exercises, plus I personally review all the stuff people submit, and they cover data centers, and automation, and public clouds.Corey: Fantastic. And we will, of course, put links to that into the [show notes 00:38:01]. Thank you so much for being so generous with your time. I appreciate it.Ivan: Oh, it's been such a huge pleasure. It's always great talking with you. Thank you.Corey: It really is. Thank you once again. Ivan Pepelnjak network architect and oh so much more. CCIE #1354 Emeritus. And read the bio; it's well worth it. I am Cloud Economist Corey Quinn and this is Screaming in the Cloud. If you've enjoyed this podcast, please leave a five-star review on your podcast platform of choice, whereas if you've hated this podcast, please leave a five-star review on your podcast platform of choice and a comment formatted as a RIPv2 announcement.Corey: If your AWS bill keeps rising and your blood pressure is doing the same, then you need The Duckbill Group. We help companies fix their AWS bill by making it smaller and less horrifying. The Duckbill Group works for you, not AWS. We tailor recommendations to your business and we get to the point. Visit duckbillgroup.com to get started.Announcer: This has been a HumblePod production. Stay humble.

BlogAid Podcast
Tips Tuesday –  UpdraftPlus and AMALinks Issues, Build Email List, Content Marketing, Video

BlogAid Podcast

Play Episode Listen Later Nov 30, 2021 19:02


Tips this week include: • BlogAid Holiday Deals are still going with discounts on all courses • New DIY SEO tutorials are underway • Info on Code Name Ida will be going out to BB Hub members this week • Why all bloggers need to take the WP annual survey this year • Fixes for UpdraftPlus and a new nuisance warning that came with it • What's up with AMALinks and Cloudflare plugin conflicts • How to exclude Web Stories in WP Fastest Cache • 3 tips for building your email list with awesome content • 8 fresh content types that every marketer should consider for 2022 • The new YouTube Analytics that Google is testing • 16 best Instagram giveaways and contests to run • Why I think Social Media Today missed the mark about the IG feed going to all video

Screaming in the Cloud
Striking a Balance on the Cloud with Rachel Stephens

Screaming in the Cloud

Play Episode Listen Later Nov 29, 2021 39:11


About RachelRachel Stephens is a Senior Analyst with RedMonk, a developer-focused industry analyst firm. RedMonk focuses on how practitioners drive technological adoption. Her research covers a broad range of developer and infrastructure products, with a particular focus on emerging growth technologies and markets. (But not crypto. Please don't talk to her about NFTs.)Before joining RedMonk, Rachel worked as a database administrator and financial analyst. Rachel holds an MBA from Colorado State University and a BA in Finance from the University of Colorado.Links: RedMonk: https://redmonk.com/ Great analysis: https://redmonk.com/rstephens/2021/09/30/a-new-strategy-r2/ “Convergent Evolution of CDNs and Clouds”: https://redmonk.com/sogrady/2020/06/10/convergent-evolution-cdns-cloud/ “Everything is Securities Fraud?”: https://cafe.com/stay-tuned/everything-is-securities-fraud-with-matt-levine/ Twitter: https://twitter.com/rstephensme TranscriptAnnouncer: Hello, and welcome to Screaming in the Cloud with your host, Chief Cloud Economist at The Duckbill Group, Corey Quinn. This weekly show features conversations with people doing interesting work in the world of cloud, thoughtful commentary on the state of the technical world, and ridiculous titles for which Corey refuses to apologize. This is Screaming in the Cloud.Corey: This episode is sponsored in part by my friends at ThinkstCanary. Most companies find out way too late that they've been breached. ThinkstCanary changes this and I love how they do it. Deploy canaries and canary tokens in minutes and then forget about them. What's great is the attackers tip their hand by touching them, giving you one alert, when it matters. I use it myself and I only remember this when I get the weekly update with a “we're still here, so you're aware” from them. It's glorious! There is zero admin overhead  to this, there are effectively no false positives unless I do something foolish. Canaries are deployed and loved on all seven continents. You can check out what people are saying at canary.love. And, their Kub config canary token is new and completely free as well. You can do an awful lot without paying them a dime, which is one of the things I love about them. It is useful stuff and not an, “ohh, I wish I had money.” It is speculator! Take a look; that's canary.love because it's genuinely rare to find a security product that people talk about in terms of love. It really is a unique thing to see. Canary.love. Thank you to ThinkstCanary for their support of my ridiculous, ridiculous non-sense.   Corey: This episode is sponsored in part by our friends at Vultr. Spelled V-U-L-T-R because they're all about helping save money, including on things like, you know, vowels. So, what they do is they are a cloud provider that provides surprisingly high performance cloud compute at a price that—while sure they claim its better than AWS pricing—and when they say that they mean it is less money. Sure, I don't dispute that but what I find interesting is that it's predictable. They tell you in advance on a monthly basis what it's going to going to cost. They have a bunch of advanced networking features. They have nineteen global locations and scale things elastically. Not to be confused with openly, because apparently elastic and open can mean the same thing sometimes. They have had over a million users. Deployments take less that sixty seconds across twelve pre-selected operating systems. Or, if you're one of those nutters like me, you can bring your own ISO and install basically any operating system you want. Starting with pricing as low as $2.50 a month for Vultr cloud compute they have plans for developers and businesses of all sizes, except maybe Amazon, who stubbornly insists on having something to scale all on their own. Try Vultr today for free by visiting: vultr.com/screaming, and you'll receive a $100 in credit. Thats v-u-l-t-r.com slash screaming.Corey: Welcome to Screaming in the Cloud, I'm Corey Quinn. The last time I spoke to Rachel Stephens over at RedMonkwas in December of 2019. Well, on this podcast anyway; we might have exchanged conversational tidbits here and there at some point since then. But really, if we look around the world there's nothing that's materially different than it was today from December in 2019, except, oh, that's right everything. Rachel Stephens, you're still a senior analyst at RedMonk, which hey, in this day and age, longevity at a company is something that is almost enough to occasion comment on its own. Thanks for coming back for another round, I appreciate it.Rachel: Oh, I'm so happy to be here, and it's exciting to talk about the state of the world a few years later than the last time we talked. But yeah, it's been a hell of a couple years.Corey: Really has, but rather than rehashing pandemic stuff because I feel like unless people have been living in a cave for the last couple of years—because we've all been living in caves for the last couple of years—they know what's up with that. What's new in your world? What has changed for you aside from all of this in the past couple of years working in one of the most thankless of all jobs, an analyst in the cloud computing industry?Rachel: Well, the job stuff is all excellent and I've had wonderful time working at RedMonk. So, RedMonk overall is an analyst firm that is focused on helping people understand technology trends, particularly from the view of the developer or the practitioner. So, helping to understand how the people who are using technologies are actually driving their overall adoption. And so there has been all kinds of interesting things that have happened in that score in the last couple of years. We've seen a lot of interesting trends, lots of fun things to look at in the space and it's been a lot.On a personal side, like a week into lockdown I found out that I was pregnant, so I went through all of locking down and the heart of the pandemic pregnant. I had my maternity leave earlier this year and came back and so excited to be back in. But it's also just been a lot to catch up on in the space as you come back from leave which I'm sure you are well familiar with.Corey: Yes, I did the same thing, slightly differently timed. My second daughter Josephine was born at the end of September. When did your kiddo arrive on the scene to a world of masked strangers?Rachel: So, I have an older daughter who just turned four, and then my youngest is coming up on his first birthday. He was born in December.Corey: Excellent. It sounds like our kids are basically the same age, in both directions. And from my perspective, at least looking back, what advice would I give someone for having a baby in a pandemic? It distills down to ‘don't,' just because it changes so much, it's no longer a trivial thing to have a grandparent come out and spend time with the kid. It's the constant… drumbeat of is this over? Is this not over?And that manifested a bunch of different ways. And I'm glad that I got the opportunity to take some time off to spend time with my family during that timeframe, but at the same time, it would've great if there were options such as not being stuck at home with every rambunctious—at the time—three-year-old as I went through that entire joy of having the kid.Rachel: Yeah. No, for the longest time, my thing was like, okay, like, there's no amount of money you could pay me to go back to middle school. I would never do it. And my new high bar there is no amount of money that you could pay me to go back to April 2020. That was the hardest month of my entire life was getting through that, like, first trimester, both parents at home, toddler at home, nowhere to go, no one to help. That was a [BLEEP] hard month. [laugh] that was bad.Corey: Oh, my God, yes, and we don't talk about this because we're basically communicating with people on social media, and everyone feels bad looking at social media because they're comparing their blooper reel with everyone else's highlights. And it feels odd on some level to complain about things like that. And let's be very clear as a man, I wind up in society getting lauded for even deigning to mention that I have children, whereas when mothers wind up talking about anything even slightly negative it's, “Oh, you sound like a bad mom.” And it is just one of the most abhorrent things out there in the world, I suppose. It's a strange inverted thing but one of the things that surprised me the most when I was expecting my first kid was looking at the different parenting forums, and the difference in tone was palpable where on the dad forums, everyone is super supportive and you got this dude it's great. You're fine. You're doing your best.Sure, these the occasional, “I gave my toddler beer and now people yell at me,” and it's, “What is wrong with you asshole?” But everyone else is mostly sane and doing their best. Whereas a lot of the ‘mommy' forums seem to bias more toward being relatively dismissive other people's parenting choices. And I understand I'm stereotyping wildly, not all forums, not all people, et cetera, et cetera, but it really was an interesting window into an area that as a stereotypical white man world, I don't see a lot of places I hang out with that are traditionally male that are overwhelmingly supportive in quite the same way. It was really an eye-opening experience for me.Rachel: I think you hit on some really important trends. One of the things that I have struggled with is—so I came into RedMonk—I've had a Twitter account forever, and it was always just, like, my personal Twitter account until I started working at RedMonk five years ago. And then all of a sudden I'm tweeting in technical and work capacities as well. And finding that balance initially was always a challenge.But then finding that balance again after having kids was very different because I would always—it was, kind of, mix of my life and also what I'm seeing in the industry and what I'm working on and this mix of things. And once you started tweeting about kids, it very much changes the potential perception that people have of who you are, what you're doing. I know this is just a mommy blogger kind of thing.You have to be really cognizant of that balance and making sure that you continue to put yourself in a place where you can still be your authentic self, but you really as a mom in the workspace and especially in tech have to be cognizant of not leaning too far into that. Because it can really damage your credibility with some audiences which is a super unfortunate thing, but also something I've learned just, like, I have to be really careful about how much mom stuff I share on Twitter.Corey: It's bizarre to me that we have to shade aspects of ourselves like this. And I don't know what the answer is. It's a weird thing that I never thought about before until suddenly I find that, oh, I'm a parent. I guess I should actually pay attention to this thing now. And it's one of those once you see it you can't unsee it things and it becomes strange and interesting and also more than a little sad in some respects.Rachel: I think there are some signs that we are getting to a better place, but it's a hard road for parents I think, and moms, in particular, working moms, all kinds of challenges out there. But anyways, it's one of those ones that is nice because love having my kids as a break, but sometimes Mondays come and it's such a relief to come back to work after a weekend with kids. Kids are a lot of work. And so it has brought elements of joy to my personal life, but it has also brought renewed elements of joy to my work life as really being able to lean into that side of myself. So, it's been a good year.Corey: Now that I have a second kid, I'm keenly aware of why parents are always very reluctant to wind up—the good parents at least to say, “Oh yeah, I have X number of kids, but that one's my favorite.” And I understand now why my mom always said with my brother and I that, “I can't stand either one of you.” And I get that now. Looking at the children of cloud services it's like, which one is my favorite?Well, I can't stand any of them, but the one that I hate the most is the Managed NAT Gateway because of its horrible pricing. In fact, anything involving bandwidth pricing in this industry tends to be horrifying, annoying, ill-behaved, and very hard to discipline. Which is why I think it's probably time we talk a little bit about egress charges in cloud providers.You had a great analysis of Cloudflare's R2, which is named after a robot in Star Wars and is apparently also the name of their S3 competitor, once it launches. Again, this is a pre-announcement, yeah, I could write blog posts that claim anything; the proof is really going to be in the pudding. Tell me more about, I guess, what you noticed from that announcement and what drove you to, “Ah, I have thoughts on this?”Rachel: So, I think it's an interesting announcement for several reasons. I think one of them is that it makes their existing offering really compelling when you start to add in that object store to something like the CDN, or to their edge functions which is called their Workers platform. And so, if you start to combine some of those functionalities together with a better object storage story, it can make their existing offering a lot more compelling which I think is an interesting aspect of this.I think one of the aspects that is probably gotten a lot more of the traction though is their lack of egress pricing. So, I think that's really what took everyone's imaginations by storm is what does the world look like when we are not charging egress pricing on object storage?Corey: What I find interesting is that when this came out first, a lot of AWS fans got very defensive over it, which I found very odd because their egress charges are indefensible from my point of view. And their response was, “Well, if you look at how a lot of the data access patterns work this isn't as big of a deal as it looks like,” and you're right. If I have a whole bunch of objects living in an object store, and a whole bunch of people each grab one of those objects this won't help me in any meaningful sense.But if I have one object that a bunch of people grab, well, suddenly we're having a different conversation. And on some level, it turns into an interesting question of what differentiates this with their existing CDN-style approach. From my perspective, this is where the object actually lives rather than just a cache that is going to expire. And that is transformative in a bunch of different ways, but my, I guess, admittedly overstated analysis for some use cases was okay, I store a petabyte in AWS and use it with and without this thing. Great, the answer came out to something like 51 or $52,000 in egress charges versus zero on Cloudflare. That's an interesting perspective to take. And the orders of magnitude in difference are eye-popping assuming that it works as advertised, which is always the caveat.Rachel: Yeah. I remember there was a RedMonk conversation with one of the cloud vendors set us up with a client conversation that want to, kind of, showcase their products kind of thing. And it was a movie studio and they walked us through what they architecturally have to do when they drop a trailer. If you think about that thing from this use case where all of a sudden you have videos that are all going out globally at the same time, and everybody wants to watch it and you're serving it over and over, that's a super interesting and compelling use case and very different from a cost perspective.Corey: You'll notice the video streaming services all do business with something that is not AWS for what they stream to end-users from. Netflix has its own Open Connect project that effectively acts as their own homebuilt CDN that they partner with providers to put in their various environments. There are a bunch of providers that focus specifically on this. But if you do the math for the Netflix story at retail pricing—let's be clear at large scale, no one pays retail pricing for anything, but okay—even assuming that you're within hailing distance of the same universe as retail pricing; you don't have to watch too many hours of Netflix before the data egress charges cost more than you're paying a month than subscription. And I have it on good authority—read as from their annual reports—that a much larger expense for Netflix than their cloud and technology and R&D expenses is their content expenses.They're making a lot of original content. They're licensing an awful lot of content, and that's way more expensive than providing it to folks. They have to have a better economic model. They need to be able to make a profit of some kind on streaming things to people. And with the way that all the major cloud providers wind up pricing this stuff, it's not tenable. There has to be a better answer.Rachel: So, Netflix calls to mind an interesting antidote that has gone around the industry which is who can become each other faster? Can HBO become Netflix faster, or can Netflix become HBO faster? So, can you build out that technology infrastructure side, or can you build out that content side? And I think what you're talking to with their content costs speaks to that story in terms of where people are investing and trying to actually make dents in their strategic outlays.I think a similar concept is actually at play when we talk about cloud and CDN. We do have this interesting piece from my coworker, Steve O'Grady, and he called it “Convergent Evolution of CDNs and Clouds.” And they originally evolved along separate paths where CDNs were designed to do this edge-caching scenario, and they had the core compute and all of the things that go around it happening in the cloud.And I think we've seen in recent years both of them starting to grow towards each other where CDNs are starting to look a lot more cloud-like, and we're seeing clouds trying to look more CDN-like. And I think this announcement in particular is very interesting when you think about what's happening in the CDN space and what it actually means for where CDNs are headed.Corey: It's an interesting model in that if we take a look at all of the existing cloud providers they had some other business that funded the incredible expense outlay that it took to build them. For example, Amazon was a company that started off selling books and soon expanded to selling everything else, and then expanded to putting ads in all of their search portals, including in AWS and eroding customer trust.Google wound up basically making all of their money by showing people ads and also killing Google Reader. And of course, Microsoft has been a software company for a lot longer than they've been a cloud provider, and given their security lapses in Azure recently is the question of whether they'll continue to be taken seriously as a cloud provider.But what makes Cloudflare interesting from this approach is they start it from the outside in of building out the edge before building regions or anything like that. And for a lot of use cases that works super well, in theory. In practice, well, we've never seen it before. I'm curious to see how it goes. Obviously, they're telling great stories about how they envision this working out in the future. I don't know how accurate it's going to be—show, don't tell—but I can at least acknowledge that the possibility is definitely there.Rachel: I think there's a lot of unanswered questions at this point, like, will you be able to have zero egress fees, and edge-like latencies, and global distribution, and have that all make sense and actually perform the way that the customer expects? I think that's still to be seen. I think one of the things that we have watched with interest is this rise of—I think for lack of a better word techno-nationalism where we are starting to see enclaves of where people want technology to be residing, where they want things to be sourced from, all of these interesting things.And so having this global network of storage flies in the face of some of those trends where people are building more and more enclaves of we're going to go big and global. I think that's interesting and I think data residency in this global world will be an interesting question.Corey: It also gets into the idea of what is the data that's going to live there. Because the idea of data residency, yes, that is important, but where that generally tends to matter the most is things like databases or customer information. Not the thing that we're putting out on the internet for anyone who wants to, to be able to download, which has historically been where CDNs are aiming things.Yes, of course, they can restrict it to people with logins and the rest, but that type of object storage in my experience is not usually subject to heavy regulation around data residency. We'll see because I get the sense that this is the direction Cloudflare is attempting to go in, and it's really interesting to see how it works. I'm curious to know what their stories are around, okay, you have a global network. That's great. Can I stipulate which areas my data can live within or not?At some point, it's going to need to happen if they want to look at regulated entities, but not everyone has to start with that either. So, it really just depends on what their game plan is on this. I like the fact that they're willing to do this. I like the fact they're willing to be as transparent as they are about their contempt for AWS's egress fees. And yes, of course, they're a competitor.They're going to wind up smacking competition like this, but I find it refreshing because there is no defense for what they're saying, their math is right. Their approach to what customers experience from AWS in terms of egress fees is correct. And all of the defensiveness at, well, you know, no one pays retail price for this, yeah, but they see it on the website when they're doing back-of-the-envelope math, and they're not going to engage with you under the expectation that you're going to give them a 98% discount.So, figure out what the story is. And it's like beating my head against the wall. I also want to be fair. These networks are very hard to build, and there's a tremendous amount of investment. The AWS network is clearly magic in some respects just because having worked in data centers myself, the things that I see that I'm able to do between various EC2 instances at full network line rate would not have been possible in the data centers that I worked within.So, there's something going on that is magic and that's great. And I understand that it's expensive, but they've done a terrible job of messaging that. It just feels like, oh, bandwidth in is free because, you know, that's how it works. Sending it out, ooh, that's going to cost you X and their entire positioning and philosophy around it just feels unnecessary.Rachel: That's super interesting. And I think that also speaks to one of the questions that is still an open concern for what happens to Cloudflare if this is wildly successful. Which, based off of people's excitement levels at this point, it's seems like it's very potentially going to be successful. And what does this mean for the level of investment that they're going to have to make in their own infrastructure and network and order to actually be able to serve all of this?Corey: The thing that I find curious is that in a couple of comment threads on Hacker News and on Twitter, Cloudflare's CEO, Matthew Prince—who's always been extremely accessible as far as executives of giant cloud companies go—has said that at their scale and by which they he's referring to Cloudflare, and he says, “I assume that Amazon can probably get at least as decent economics on bandwidth pricing as we can,” which is a gross understatement because Amazon will spend years fighting over 50 cents.Great, but what's interesting is that he refers to bandwidth at that scale as being much closer to a fixed cost than something that's a marginal cost for everything that a customer uses. The way that companies buy and sell bandwidth back and forth is complex, but he's right. It is effectively a fixed monthly fee for a link and you can use as much or as little of that link as you want. 95th percentile billing aficionados, please don't email me.But by and large, that's the way to think about it. You pay for the size of the pipe, not how much water flows through it. And as long as you can keep the links going without saturating them to the point where more data can't fit through at a reasonable amount of time, your cost don't change. So, yeah, if there's a bunch of excitement they'll have to expand the links, but that's generally a fixed cost as opposed to a marginal cost per gigabyte.That's not how they think about it. There's a whole translation layer that's an economic model. And according to their public filings, they have something like a 77% gross margin which tells me that, okay, they are not in fact losing money on bandwidth even now where they generally don't charge on a metered basis until you're on the Cloudflare Enterprise Plan.Rachel: Yeah. I think it's going to just be really interesting to watch. I'm definitely interested to see what happens as they open this up, and like, 11 9s of availability feels like a lot of availabilities. It's just the engineering of this, the economics of this it feels like there's a lot of open questions that I'm excited to watch.Corey: You're onto my favorite part of this. So, the idea of 11 9s because it sounds ludicrous. That is well within the boundaries of probability of things such as, yeah, it is likely that gravity is going to stop working than it is that's going to lose data. How can you guarantee that? Generally speaking, although S3 has always been extremely tight-lipped about how it works under the hood, other systems have not been.And it looks an awful lot like the idea of Reed-Solomon erasure coding, where for those of us who spent time downloading large files of questionable legality due to copyright law and whatnot off of Usenet, they had the idea of parity files where they'd take these giant media files up—they're Linux ISOs; of course they are—and you'd slice them into a bunch of pieces and then generate parity files as well.So, you would wind up downloading the let's say 80 RAR files and, oh, three of them were corrupt, each parity file could wind up swapping in so as long as you had enough that added up to 80, any of those could wind up restoring the data that had been corrupted. That is almost certainly what is happening at the large object storage scale. Which is great, we're going to break this thing into a whole bunch of chunks. Let's say here is a file you've uploaded or an object.We're going to break this into a hundred chunks—let's say arbitrarily—and any 80 of those chunks can be used to reconstitute the entire file. And then you start looking at where you place them and okay, what are the odds of simultaneous drive failure in these however many locations? And that's how you get that astronomical number. It doesn't mean what people think of does. The S3 offers 11 9s of durability on their storage classes, including the One Zone storage class.Which is a single availability zone instead of something that's an entire region, which means that they're not calculating disaster recovery failure scenarios into that durability number. Which is fascinating because it's far, like, you're going to have all the buildings within the same office park burn down than it is all of the buildings within a hundred square miles burn down, but those numbers remain the same.There's a lot of assumptions baked into that and it makes for an impressive talking point. I just hear it as, oh yeah, you're a real object-store. That's how I see it. There's a lot that's yet to be explained or understood. And I think that I'm going to be going up one side and down the other as soon as this exists in the real world and I'm looking forward to seeing it. I'm just a little skeptical because it has been preannounced.The important part for me is even the idea that they can announce something like this and not be sued for securities fraud tells me that it is at least theoretically economically possible that they could be telling the truth on this. And that alone speaks volumes to just how out-of-bounds it tends to be in the context of giant cloud customers.Rachel: I mean, if you read Matt Levine, “Everything is Securities Fraud?“ so, I don't know how much we want to get excited about that.Corey: Absolutely. A huge fan of his work. Corey: You know its important to me that people learn how to use the cloud effectively. Thats why I'm so glad that Cloud Academy is sponsoring my ridiculous non-sense. They're a great way to build in demand tech skills the way that, well personally, I learn best which I learn by doing not by reading. They have live cloud labs that you can run in real environments that aren't going to blow up your own bill—I can't stress how important that is. Visit cloudacademy.com/corey. Thats C-O-R-E-Y, don't drop the “E.” Use Corey as a promo-code as well. You're going to get a bunch of discounts on it with a lifetime deal—the price will not go up. It is limited time, they assured me this is not one of those things that is going to wind up being a rug pull scenario, oh no no. Talk to them, tell me what you think. Visit: cloudacademy.com/corey,  C-O-R-E-Y and tell them that I sent you!Corey: So, we've talked a fair bit about what data egress looks like. What else have you been focusing on? What have you found that is fun, and exciting, and catches your eye in this incredibly broad industry lately?Rachel: Oh, there's all kinds of exciting things. One of the pieces of research that's been on my back-burner, usually I do it early summer, and it is—due to a variety of factors—still in my pipeline, but I always do a piece of research about base infrastructure pricing. And it's an annual piece of looking about what are all of the cloud providers doing in regards to their pricing on that core aspect of compute, and storage, and memory.And what does that look like over time, and what does that look like across providers? And it is absolutely impossible to get an apples-to-apples comparison over time and across providers. It just can't actually be done. But we do our best [laugh] and then caveat the hell out of it from there. But that's the piece of research that's most on my backlog right now and one that I'm working on.Corey: I think that there's a lot of question around the idea of what is the cost of a compute unit—or something like that—between providers? The idea of if I have this configuration will cost me more on cloud provider a or cloud provider B, my pet working theory is that whenever people ask for analyses like that—or a number of others, to be perfectly frank with you—what they're really looking for is confirmation bias to go in the direction that they wanted to go in already. I have yet to see a single scenario where people are trying to decide between cloud providers and they say, “That one because it's going to be 10% less.” I haven't seen it. That said I am, of course, at a very particular area of the industry. Have you seen it?Rachel: I have not seen it. I think users find it interesting because it's always interesting to look at trends over time. And in particular, with this analysis, it's interesting to watch the number of providers narrow and then widen back out because we've been doing this since 2012. So, we used to have [unintelligible 00:26:24] and HPE used to be in there. So, like, we used to—CenturyLink. We used to have this broader list of cloud providers that we considered that would narrow down to this doesn't really count anymore.And now why do you need to back out? It's like, okay, Oracle Cloud you're in, Alibaba, Tencent, like, let's look at you. And so, like, it's interesting to just watch the providers in the mix shift over time which I think is interesting. And I think one of just the broad trends that is interesting is early years of this, there was steep competition on price, and that leveled off for solid three, four years.We've seen some degree of competitiveness reemerge with competitors like Oracle in particular. So, those broad-brush trends are interesting. The specifics of the pricing if you're doing 10% difference kind of things I think you're missing the point of the analysis largely, but it's interesting to look at what's happening in the industry overall.Corey: If you were to ask me to set up a simple web app, if there is such a thing, and tell you in advance what it was going to cost to host, and I can get it accurate within 20%, I am on fire in terms of both analysis and often dumb luck just because it is so difficult to answer the question. Getting back to our earlier conversational topic, let's say I put CloudFront, Amazon's sorry excuse for a CDN, in front of it which is probably the closest competitor they have to Cloudflare as a CDN, what'll it cost me per gigabyte? Well, that's a fascinating question. The answer comes down to where are you visiting it from? Depending where on the planet, people who are viewing my website, or using my web app are sitting, the cost per gigabyte will vary between eight-and-a-half cents—retail pricing—and fourteen cents. That's a fairly wide margin and there's no way to predict that in advance for most use cases. It's the big open-ended question.And people build out their environments and they want to know they're making a rational decision and that their provider is not charging three times more than their competitor is for the exact same thing, but as long as it's within a certain level of confidence interval, that makes sense.Rachel: Yeah, and I think the other thing that's interesting about this analysis and one of the reasons that it's a frustrating analysis for me, in particular, is that I feel like that base compute is actually not where most of the cloud providers are actually competing anymore. So, like, it was definitely the interesting story early in cloud.I think very clearly not the focus area for most of us now. It has moved up an abstraction layer. It's moved to manage services. It has moved to other areas of their product portfolio. So, it's still useful. It's good to know. But I think that the broader portfolio of the cloud providers is definitely more the story than this individual price point.Corey: That is an interesting story because I believe it, and it speaks to the aspirational version of where a lot of companies see themselves going. And then in practice, I see companies talking like this constantly, and then I look in their environment and say, “Okay, you're basically spending 70% of your entire cloud bill on EC2 instances, running—it's a bunch of VMs that sit there.”And as much as they love to talk about the future and how other things are being considered and how their—use of machine learning in the rest, and Kubernetes, of course, a lot of this stuff all distills down to, yeah, it runs in software. It sits on top of EC2 instances and that's what you get billed for. At re:Invent it's always interesting and sad at the same time that they don't give EC2 nearly enough attention or stage time because it's not interesting, despite it being a majority of AWS bill.Rachel: I think that's a fantastic point, well made.Corey: I'll take it even one step further—and this is one where I think is almost a messaging failure on some level—Google Cloud offers sustained use discounts which apparently they don't know how to talk about appropriately, but it's genius. The way this works is if you run a VM for more than in a certain number of hours in a month, the entire month is now charged for that VM at a less than retail rate because you've been using it in a sustained way.All you have to do to capture that is don't turn it off. You know, what everyone's doing already. And sure if you commit to usage on it you get a deeper discount, but what I like about this is if you buy some reserved instances is or you buy some committed use discounting, great, you'll save more money, but okay, here's a $20 million buy. You should click the button on, people are terrified to click at that button because I don't usually get to approve dollar figure spend with multiple commas in them. That's kind of scary. So, people hem and they haw and they wait six months. This is maybe not as superior mathematically, but it's definitely an easier sell psychologically, and they just don't talk about it.It's what people say they care about when people actually do are worlds apart. And the thing that continually astounds me because I didn't expect it, but it's obvious in hindsight that when it comes to cloud economics it's more about psychology than it is about math.Rachel: I think one of the things that, having come from the finance world into the analyst world, and so I definitely have a particular point of view, but one of the things that was hardest for me when I worked in finance was not the absolute dollar amount of anything but the variability of it. So, if I knew what to expect I could work with that and we could make it work. It was when things varied in unexpected ways that it was a lot more challenging.And so I think one of the things that when people talked about, like, this shift to cloud and the move to cloud, and everyone is like, “Oh, we're moving things from the balance sheet to the income statement.” And everyone talked about that like it's a big deal. For some parts of the organization that is a big deal, but for a lot of the organization, the shift that matters is the shift from a fixed cost to a variable cost because that lack of predictability makes a lot of people's jobs, a lot more difficult.Corey: The thing that I always find fun is a thought exercise is okay, let's take a look at any given cloud company's cloud bill for the last 18 to 36 months and add all of that up. Great, take that big giant number and add 20% to it. If you could magically go back in time and offer that larger number to them as here's your cloud bill and all of your usage for the next 18 to 36 months. Here you go. Buy this instead.And the cloud providers laugh at me and they say, “Who in the world would agree to that deal?” And my answer is, “Almost everyone.” Because at the company's scale it's not like the individual developer response of, “Oh, my God, I just spent how much money? I've got to eat this month.” Companies are used to absorbing those things. It's fine. It's just a, “We didn't predict this. We didn't plan for this. What does this do to our projections, our budget, et cetera?”If you can offer them certainty and find some way to do it, they will jump at that. Most of my projects are not about make the bill lower, even though that is what is believed, in some cases by people working on these projects internally at these companies. It's about making it understandable. It's about making it predictable, it's about understanding when you see a big spike one month. What project drove that?Spoiler, it's almost always the data science team because that's what they do, but that's neither here nor there. Please don't send me letters. But yeah, it's about understanding what is going on, and that understanding and being able to predict it is super hard when you're looking at usage-based pricing.Rachel: Exactly.Corey: I want to thank you for taking so much time to speak with me. If people want to hear more about your thoughts, your observations, et cetera, where can they find you?Rachel: Probably the easiest way to get in touch with me is on Twitter, which is @rstephensme that's R-S-T-E-P-H-E-N-S-M-E.Corey: And we will, of course, put links to that in the [show notes 00:34:08]. Thank you so much for your time. I appreciate it.Rachel: Thanks for having me. This was great.Corey: Rachel Stephens, senior analyst at RedMonk. I'm Cloud Economist, Corey Quinn, and this is Screaming in the Cloud. If you've enjoyed this podcast, please leave a five-star review on your podcast platform of choice, whereas if you've hated this podcast, please leave a five-star review on your podcast platform of choice, along with an angry comment, angrily defending your least favorite child, which is some horrifying cloud service you have launched during the pandemic.Corey: If your AWS bill keeps rising and your blood pressure is doing the same, then you need The Duckbill Group. We help companies fix their AWS bill by making it smaller and less horrifying. The Duckbill Group works for you, not AWS. We tailor recommendations to your business and we get to the point. Visit duckbillgroup.com to get started.Announcer: This has been a HumblePod production. Stay humble.

BFM :: The Breakfast Grille
Cloudflare, The Disruptive Immunity System

BFM :: The Breakfast Grille

Play Episode Listen Later Nov 26, 2021 23:07


In a world where cyberattacks are increasingly common, security systems are a must. Jonathan Dixon, Vice President & General Manager of Cloudflare for Asia Pacific, Japan & Greater China tells us why their business model and technology gives this disruptor a leg up when compared to legacy companies. He also tells us their strategy for growth in this region. Image credit: Shutterstock.com

Lindzanity with Howard Lindzon
Michelle Zatlyn of Cloudflare on Building a Better Internet (EP.176)

Lindzanity with Howard Lindzon

Play Episode Listen Later Nov 18, 2021 60:31


On this episode, my good friend and fellow Canadian, Michelle Zatlyn, stops by to talk about building a better internet. This feels like the right time in the right moment to talk about the internet, and Michelle is just the right person to talk with. She's the Co-Founder, President and COO of Cloudflare, the company that helps the internet work. We discuss security, how things really work on the internet, where Cloudflare is headed, and how you grow even faster during COVID.  Guest - Michelle Zatlyn, Co-Founder, President and COO at Cloudflare  howardlindzon.com, cloudflare.com  Twitter: @howardlindzon, @zatlyn, @Cloudflare, @knutjensen  linkedin.com/in/michellezatlyn  #fintech #invest #investment #venturecapital #stockmarket #finance 

Screaming in the Cloud
Cutting Cloud Costs at Cloudflare with Matthew Prince

Screaming in the Cloud

Play Episode Listen Later Nov 16, 2021 48:08


About MatthewMatthew Prince is co-founder and CEO of Cloudflare. Cloudflare's mission is to help build a better Internet. Today the company runs one of the world's largest networks, which spans more than 200 cities in over 100 countries. Matthew is a World Economic Forum Technology Pioneer, a member of the Council on Foreign Relations, winner of the 2011 Tech Fellow Award, and serves on the Board of Advisors for the Center for Information Technology and Privacy Law. Matthew holds an MBA from Harvard Business School where he was a George F. Baker Scholar and awarded the Dubilier Prize for Entrepreneurship. He is a member of the Illinois Bar, and earned his J.D. from the University of Chicago and B.A. in English Literature and Computer Science from Trinity College. He's also the co-creator of Project Honey Pot, the largest community of webmasters tracking online fraud and abuse.Links: Cloudflare: https://www.cloudflare.com Blog post: https://blog.cloudflare.com/aws-egregious-egress/ Bandwidth Alliance: https://www.cloudflare.com/bandwidth-alliance/ Announcement of R2: https://blog.cloudflare.com/introducing-r2-object-storage/ Blog.cloudflare.com: https://blog.cloudflare.com Duckbillgroup.com: https://duckbillgroup.com TranscriptAnnouncer: Hello, and welcome to Screaming in the Cloud with your host, Chief Cloud Economist at The Duckbill Group, Corey Quinn. This weekly show features conversations with people doing interesting work in the world of cloud, thoughtful commentary on the state of the technical world, and ridiculous titles for which Corey refuses to apologize. This is Screaming in the Cloud.Corey: Writing ad copy to fit into a 30 second slot is hard, but if anyone can do it the folks at Quali can. Just like their Torque infrastructure automation platform can deliver complex application environments anytime, anywhere, in just seconds instead of hours, days or weeks. Visit Qtorque.io today and learn how you can spin up application environments in about the same amount of time it took you to listen to this ad.Corey: This episode is sponsored in part by Honeycomb. When production is running slow, it's hard to know where problems originate: is it your application code, users, or the underlying systems? I've got five bucks on DNS, personally. Why scroll through endless dashboards, while dealing with alert floods, going from tool to tool to tool that you employ, guessing at which puzzle pieces matter? Context switching and tool sprawl are slowly killing both your team and your business. You should care more about one of those than the other, which one is up to you. Drop the separate pillars and enter a world of getting one unified understanding of the one thing driving your business: production. With Honeycomb, you guess less and know more. Try it for free at Honeycomb.io/screaminginthecloud. Observability, it's more than just hipster monitoring.Corey: Welcome to Screaming in the Cloud, I'm Corey Quinn. Today, my guest is someone I feel a certain kinship with, if for no other reason than I spend the bulk of my time antagonizing AWS incredibly publicly. And my guest periodically descends into the gutter with me to do the same sort of things. The difference is that I'm a loudmouth with a Twitter account and Matthew Prince is the co-founder and CEO of Cloudflare, which is, of course, publicly traded. Matthew, thank you for deigning to speak with me today. I really appreciate it.Matthew: Corey, it's my pleasure, and appreciate you having me on.Corey: So, I'm mostly being facetious here, but not entirely, in that you have very publicly and repeatedly called out some of the same things I love calling out, which is AWS's frankly egregious egress pricing. In fact, that was a title of a blog post that you folks put out, and it was so well done I'm ashamed I didn't come up with it myself years ago. But it's something that is resonating with a large number of people in very specific circumstances as far as what their company does. Talk to me a little bit about that. Cloudflare is a CDN company and increasingly looking like something beyond that. Where do you stand on this? What got you on this path?Matthew: I was actually searching through really old emails to find something the other day, and I found a message from all the way back in 2009, so actually even before Michelle and I had come up with a name for Cloudflare. We were really just trying to understand the pricing on public clouds and breaking it all down. How much does the compute cost? How much does storage cost? How much does bandwidth cost?And we kept running the numbers over and over and over again, and the storage and compute costs actually seemed relatively reasonable and you could understand it, but the economics behind the bandwidth just made no sense. It was clear that as bandwidth usage grew and you got scale that your costs eventually effectively went to zero. And I think it was that insight that led to us starting Cloudflare. And the self-service plans at Cloudflare have always been unlimited bandwidth, and from the beginning, we didn't charge for bandwidth. People told us at the time we were crazy to not do that, but I think that that realization, that over time and at scale, bandwidth costs do go to zero is really core to who Cloudflare is.Cloudflare launched a little over 11 years ago now, and as we've watched the various public clouds and AWS in particular just really over that same 11 years not only not follow the natural price of bandwidth down, but really hold their costs steady. At some point, we've got a lot of mutual customers and it's a complaint that we hear from our mutual customers all the time, and we decided that we should do something about it. And so that started four years ago, when we launched the Bandwidth Alliance, and worked with almost all the major public clouds with the exception of Amazon, to say that if someone is sending traffic from a public cloud network to Cloudflare's network, we're not going to charge them for the bandwidth. It's going across a piece of fiber optic cable that yeah, there's some cost to put it in place and maybe there's some maintenance costs associated with it, but there's not—Corey: And the equipment at the end costs money, but it's not cloud cost; it just cost on a per second, every hour of your lifetime basis. It's a capital expense that is amortized across a number of years et cetera, et cetera.Matthew: And it's a fixed cost. It's not a variable cost. You put that fiber optic cable and you use a port on a router on each side. There's cost associated with that, but it's relatively de minimis. And so we said, “If it's not costing us anything and it's not costing a cloud provider anything, why are we charging customers for that?”And I think it's an argument that resonated with almost every other provider that was out there. And so Google discounts traffic when it's sent to us, Microsoft discounts traffic when it's sent to us, and we just announced that Oracle has joined this discounting their traffic, which was already some of the most cost-effective bandwidth from any cloud provider.Corey: Oh, yeah. Oracle's fantastic. As you were announced, I believe today, the fact that they're joining the Bandwidth Alliance is both fascinating and also, on some level, “Okay. It doesn't matter as much because their retail starting cost is 10% of Amazon's.” You have to start pushing an awful lot of traffic relative to what you would do AWS before it starts to show up. It's great to see.Matthew: And the fact that they're taking that down to effectively zero if you're using us is even better, right? And I think it again just illustrates how Amazon's really alone in this at being so egregious in how they do that. And it's, when we've done the math to calculate what their markups are, it's almost 80 times what reasonable assumptions on what their wholesale costs are. And so we really do believe in fighting for our customers and being customer-centric, and this seems like a place where—again, Amazon provides an incredible service and so many things, but the data transfer costs are just completely outrageous. And I'm glad that you're calling them out on it, and I'm glad we're calling them out on it and I think increasingly they look isolated and very anti-customer.Corey: What's interesting to me is that ingress to AWS at all the large public tier-one cloud providers is free. Which has led, I think, to the assumption—real or not—that bandwidth doesn't actually cost anything, whereas going outbound, all I can assume is that one day, some Amazon VP was watching a rerun of Meet the Parents and they got to the line where Ben Stiller says, “Oh, you can milk anything with nipples,” and said, “Holy crap. Our customers all have nipples; we can milk them with egress charges.” And here we are. As much as I think the cloud empowers some amazing stuff, the egress charges are very much an Achilles heel to a point where it starts to look like people won't even consider public cloud for certain workloads based upon that.People talk about how Netflix is a great representation of the ideal AWS customers. Yeah, but they don't stream a single byte to customers from AWS. They have their own CDN called Open Connect that they put all around the internet, specifically for that use case because it would bankrupt them otherwise.Matthew: If you're a small customer, bandwidth does cost something because you have to pay someone to do the work of interconnecting with all of the various networks that are out there. If you start to be, though, a large customer—like a Cloudflare, like an AWS, like an Azure—that is sending serious traffic to the internet, then it starts to actually be in the interest of ISPs to directly interconnect with you, and the costs of your bandwidth over time will approach zero. And that's the just economic reality of how bandwidth pricing works. I think that the confusion, to some extent, comes from all of us having bought our own home internet connection. And I think that the fact that you get more bandwidth up in most internet connections, and you get down, people think that there's some physics, which is associated with that.And there are; that turns out just to be the legacy of the cable system that was really designed to send pictures down to your—Corey: It wasn't really a listening post. Yeah.Matthew: Right. And so they have dedicated less capacity for up and again, in-home network connections, that makes a ton of sense, but that's not how internet connections work globally. In fact, you pay—you get a symmetric connection. And so if they can demonstrate that it's free to take the traffic in, we can't figure out any reason that's not simply about customer lock-in; why you would charge to take data out, but you wouldn't charge to put it in. Because actually cost more from writing data to a disk, it costs more than reading it from a disk.And so by all reasonable accounts, if they were actually charging based on what their costs were, they would charge for ingress but they want to charge for egress. But the approach that we've taken is to say, “For standard bandwidth, we just aren't going to charge for it.” And we do charge for if you use our premium routing services, which is something called Argo, but even then it's relatively cheap compared with what is just standard kind of internet connectivity that's out there. And as we see more of the clouds like Microsoft and Google and Oracle show that this is a place where they can be much more customer-centric and customer-friendly, over time I'm hopeful that will put pressure on Amazon and they will eliminate their egress fees.Corey: People also tend to assume that when I talk about this, that I'm somehow complaining about the level of discounting or whatnot, and they yell at me and say, “Oh, well, you should know by now, Corey, that no one at significant scale pays retail pricing.” “Thanks, professor. I appreciate that, but four years ago, or so I sat down with a startup founder who was sketching out the idea for a live video streaming service and said, ‘There's something wrong with my math because if I built this on AWS—which he knew very well, incidentally—it looks like it would cost me at our scale of where we're hoping to hit $65,000 a minute.'” And I checked and yep, sure enough, his math was not wrong, so he obviously did not build his proof of concept on top of AWS. And the last time I checked, they had raised several 100 million dollars in a bunch of different funding rounds.That is a company now that will not be on AWS because it was never an option. I want to talk as well about your announcement of R2, which is just spectacular. It is—please correct me if I get any of this wrong—it's an object store that lives in your existing distributed-points-of-presence-slash-data-centers-slash-colo-slash-a-bunch-of-computers-in-fancy-warehouse-rooms-with-the-lights-are-always-on-And-it's-always-cold-and-noisy. And people can store data there—Matthew: [crosstalk 00:10:23] aisles it's cold; in the other aisles, it's hot. But yes.Corey: Exactly. But it turns out when you lurk around to the hot aisle, that's not where all the buttons are and the things you're able to plug into, so it's freeze or sweat, and there's never a good answer. But it's an object store that costs a fair bit less than retail pricing for Amazon S3, or most other object stores out there. Which, okay, great. That's always good to see competition in the storage space, but specifically, you're not charging any data transfer costs whatsoever for doing this. First, where did this come from?Matthew: So, we needed it ourselves. I think all of the great products at Cloudflare start with an internal need. If you look at why do we build our zero-trust solutions? It's because we said we needed a security solution that was fast and reliable and secure to protect our employees as they were going out and using the internet.Why did we build Cloudflare Workers? Because we needed a very flexible compute platform where we could build systems ourselves. And that's not unique to us. I mean, why did Amazon build AWS? They built it because they needed those tools in order to continue to grow and expand as quickly as possible.And in fact, I think if you look at the products that Google makes that are really great, it ends up being the ones that Google's employees use themselves. Gmail started as Caribou once upon a time, which was their internal email system. And so we needed an object store and the sometimes belligerent CEO of Cloudflare insisted that our team couldn't use any of the public cloud object stores. And so we had to build it.That was the start of it and we've been using it internally for products over time. It powers, for example, Cloudflare Images, it powers a lot of our streaming video services, and it works great. And at some point, we said, “Can we take this and make it available to everyone?” The question that you've asked on Twitter, and I think a lot of people reasonably ask us, “What's the catch?”Corey: Well, in my defense, I think it's fair. There was an example that I gave of, “Okay, I'm going to go ahead and keep—because it's new, I don't trust new object stores. Great. I'm going to do the same experiment twice, keep one the pure AWS story and the other, I'm just going to add Cloudflare R2 to the mix so that I have to transfer out of AWS once.” For a one gigabyte file that gets shared out for a petabyte's worth of bandwidth, on AWS it costs roughly $52,000 to do that. If I go with the R2 solution, it cost me 13 cents, all of which except for a penny-and-a-half are AWS charges. And that just feels—when you're looking at that big of a gap, it's easy to look at that and think, “Okay, someone is trying to swindle me somewhere. And when you can't spot the sucker, it's probably me. What's the catch?”Matthew: I guess it's not really a catch; it's an explanation. We have been able to drive our bandwidth costs down low enough that in that particular use case, we have to store the file, and that, again, that—there's a hard disk in there and we replicate it to make sure that it's available so it's not just one hard disk, but it's multiple hard disks in various places, but that amortized over time, isn't that big a cost. And then bandwidth is effectively zero. And so if we can do that, then that's great.Maybe a different way of framing the question is like, “Why would we do that?” And I think what we see is that there is an opportunity for customers to be able to use the best of various cloud providers and hook the different parts together. So, people talk about multi-cloud all the time, and for a while, the way that I think people thought about that was you take the exact same workload and you run it in Azure and AWS. That turns out not to be—I mean, maybe some people do that, but it's super rare and it's incredibly hard.Corey: It has been a recurring theme of most things I say where, by default, that is one of the dumbest things I can imagine.Matthew: Yeah, that isn't good. But what people do want to do is they want to say, “Listen, there's some really great services that Amazon provides; we want to use those. And there's some really great services that Azure provides, and we want to use those. And Google's got some great machine learning, and so does IBM. And I want to sort of mix and match the various pieces together.”And the challenge in doing that is the egress fees. If everyone just had a detente and said there's going to be no egress fees for us to be able to hook these various [pits 00:14:48] together, then you would be able to take advantage of a lot of the different technologies and we would actually get stronger applications. And so the vision of what we're trying to build is how can we be the fabric that can stitch the various cloud providers together so that you can do that. And when we looked at that, and we said, “Okay, what's the path to getting there?” The big place where there's the just meatiest cost on egress fees is object stores.And so if you could have a centralized object store, and you can say then from that object go use whatever the best service is at Amazon, go use whatever the best service is at Google, go use whatever the best service is at Azure, that then allows, I think, actually people to take advantage of the cloud in a way which is what people really should mean when they talk about multi-cloud. Which is, there should be competition on the various features themselves, and you should be able to pick and choose the best of all of the different bits. And I think we as consumers then benefit from that. And so when we're looking at how we can strategically enable that future, building an object store was a real key part of that, and that's part of what we're doing. Now, how do we make money off of that? Well, there's a little bit off the storage, and again, even [laugh]—Corey: Well, that is the Amazonian answer there. It's like, “Your margin is my opportunity,” is a famous Bezos quote, and I figure you're sitting there saying, “Ah, it would cost $52,000 to do that in Amazon. Ah, we can make a penny-and-a-half.” That's very Amazonian, you could probably get hired over there with that philosophy.Matthew: Yeah. And this is a commodity service, just [laugh] storing data. If you look across the history of what Cloudflare has done, in 2014, we made encryption free because it's absurd to pay for math, right? I mean, it's just crazy right?Corey: Or to pay for security as a value-add. No, that should be baked into whatever you're doing, in an ideal world.Matthew: Domain registration. Like, it's writing something down in a ledger. It's a commodity; of course it should go to whatever the absolute cost is. On the other hand, there are things that we do that aren't commodities where we are able to better protect people because we see so much traffic, and we've built the machine learning models, and we've done those things, and so we charge for those things. So commodities, we think over time, go to effectively, whatever their cost is, and then the value is in the actual intelligent services that are on top of it.But an object store is a commodity and so we should be trying to drive that pricing down. And in the case of bandwidth, it's effectively free for us. And so if we can be that fabric that connects the different class together, I think that makes sense is a strategy for us and that's why R2 made a ton of sense for us to build and to launch.Corey: There seems to be a lack of ability for lots of folks, at least on the internet to imagine a use case other than theirs. I cheated by being a consultant, I get to borrow other people's use cases at a high degree of turnover. But the question I saw raised was, “Well, how many workloads really do that much egress from static objects that don't change? Doesn't sound like there'd be a whole lot of them.” And it's, “Oh, my sweet summer child. Sure, your app doesn't do a lot of that, but let me introduce it to my friends who are hosting videos on their website, for example, or large images that get accessed a whole bunch of times; things that are written once and then read forever by the internet.”Matthew: And we sit in a position where because of the role that Cloudflare plays where we sit in front of a number of these different cloud providers, we could actually look at the use cases and the data, and then build products in order to solve that. And that's why we started with Workers; that's why we then built the KV store that was on top of that; we built object-store next. And so you can see as we're sort of marching through these things, it is very much being informed by the data that we actually see from real customers. And one of the things that I really like about R2 is in exactly the example that you gave where you can keep everything in S3; you can set R2 in front of it and put it in slurp mode, and effectively it just—as those objects get pulled out, it starts storing them there. And so the migration path is super easy; you don't have to actually change anything about your application and will cut your bills substantially.And so I think that's the right thing to enable a multi-cloud world where, again, it's not you're running the exact same workload in different places, but you get to take advantage of the really great tack that all of these companies are building and use that. And then the companies will compete on building that tech well. So, it's not just about how do I get the data in and then kind of underinvest in all of the different services that I provide. It's how can we make sure that on a service-by-service basis, you actually are having real competition over time. And again, I think that's the right thing for customers, and absolutely R2 might not be the right thing for every use case that's out there, but I think that it wi—enabling more competition is going to make the cloud better for everyone.Corey: Oh, yeah. It's always fun hearing it from Amazonians. It's, “You have a service that talks to satellites in orbit. You really think that's a general-purpose thing that every company out there has to deal with?” No. Well, not yet, anyway.It also just feels to me like their transfer approach is antithetical to almost every other aspect of how they have built their cloud. Amazonians have told me repeatedly—I believe them—that their network is effectively magic. The fact that you can get near line rate between any two points without melting various [unintelligible 00:20:14], which shows that there was significant thought, work, effort, planning, technology, et cetera, put into the network. And I don't dispute that. But if I'm trying to build a workload and put it inside of AWS, I can control how it performs tied to budget; I can have a lot of RAM for things that are memory intensive, or I can have a little RAM; I can have great CPU performance or terrible CPU performance.The challenge with data transfer is it is uniformly great. “I want to get that data over there super quickly.” Yeah, awesome. I'm fine paying a premium for that. But I have this pile of data right here. I want to get it over there, ideally by Tuesday. There's no good way to do that, even with their Snowball—or Snow Family devices—when you fill them with data and send them into AWS, yeah, that's great. Then you just pay for the use of the device.Use them to send data out of AWS, they tack on an additional per-gigabyte fee for getting the data out. You're training as a lawyer, you went to the same law school that my wife did, the University of Chicago, which, oh, interesting stories down that path. But if we look at this, my argument is that the way to do an end-run around this is to sue Amazon for something, and then demand access to the data you have living in their environment during discovery. Make them give it to you for free, though, they'd probably find a way to charge it there, too. It's just a complete lack of vision and lack of awareness because it feels like they're milking a cash cow until it dies.Matthew: Yeah, they probably would charge for it and you'd also have to pay a lot of lawyers. So, I'm not sure that's the cost [crosstalk 00:21:44]—Corey: Its only works above certain volumes, I figure.Matthew: I do think that if your pricing strategy is designed to lock people in to prevent competition, then that does create other challenges. And there are certainly some University of Chicago law professors out there that have spent their careers arguing why antitrust laws don't make any sense, but I think that this is definitely one of those areas where you can see very clearly that customers are actually being harmed by the pricing strategy that's there. And the pricing strategy is not tied in any way to the underlying costs which are associated with that. And so I do think that, especially as you see other providers in the space—like Oracle—taking their bandwidth costs to effectively zero, that's the sort of thing that I think will have regulators start to scratch their heads. If tomorrow, AWS took egress costs to zero, and as a result, R2 was not as advantaged as it is today against them, you know, I think there are a lot of people who would say, “Oh, they showed Cloudflare.” I would do a happy dance because that's the best thing [thing they can do 00:22:52] for our customers.Corey: Our long-term goals, it sounds like, are relatively aligned. People think that I want to see AWS reign ascendant; people also say I want to see them burning and crashing into the sea, and neither one of those are true. What I want is, I want someone in a few years from now to be doing a startup and trying to figure out which cloud provider they should pick, and I want that to be a hard decision. Ideally, if you wind up reducing data transfer fees enough, it doesn't even have to be only one. There are stories that starts to turn into an actual realistic multi-cloud story that isn't, at its face, ridiculous. But right now, you have to pick a horse and ride it, for a variety of reasons. And I don't like that.Matthew: It's entirely egress-based. And again, I think that customers are better off if they are able to pick who is the best service at any time. And that is what encourages innovation. And over time, that's even what's good for the various cloud providers because it's what keeps them being valuable and keeps their customers thinking that they're building something which is magical and that they aren't trapped in the decision that they made, which is when we talk to a lot of the customers today, they feel that way. And it's I think part of why something like R2 and something like the Bandwidth Alliance has gotten so much attention because it really touches a nerve on what's frustrating customers today. And if tomorrow Amazon announced that they were eliminating egress fees and going head-to-head with R2, again, I think that's a wonderful outcome. And one that I think is unlikely, but I would celebrate it if it happened.Corey: This episode is sponsored by our friends at Oracle Cloud. Counting the pennies, but still dreaming of deploying apps instead of "Hello, World" demos? Allow me to introduce you to Oracle's Always Free tier. It provides over 20 free services and infrastructure, networking databases, observability, management, and security.And - let me be clear here - it's actually free. There's no surprise billing until you intentionally and proactively upgrade your account. This means you can provision a virtual machine instance or spin up an autonomous database that manages itself all while gaining the networking load, balancing and storage resources that somehow never quite make it into most free tiers needed to support the application that you want to build.With Always Free you can do things like run small scale applications, or do proof of concept testing without spending a dime. You know that I always like to put asterisks next to the word free. This is actually free. No asterisk. Start now. Visit https://snark.cloud/oci-free that's https://snark.cloud/oci-free.Corey: My favorite is people who don't do research on this stuff. They wind up saying, “Oh, yeah. Cloudflare is saying that bandwidth is a fixed cost. Of course not. They must be losing their shirt on this.”You are a publicly-traded company. Your gross margins are 76% or 77%, depending upon whether we're talking about GAAP or non-GAAP. Point being, you are clearly not selling this at a loss and hoping to make it up in volume. That's what a VC-backed company does. Is something that is real and as accurate.I want to, on some level, I guess, low-key apologize because I keep viewing Cloudflare through a lens that is increasingly inaccurate, which is as a CDN. But you've had Cloudflare Workers for a while, effectively Functions as a Service that run at the edge, which has this magic aura around it, that do various things, which is fascinating to me. You're launching R2; it feels like you are in some ways aiming at becoming a cloud provider, but instead of taking the traditional approach of building it from the region's outward, you're building it from the outward in. Is that a fair characterization?Matthew: I think that's right. I think fundamentally what Cloudflare is, is a network. And I remember early on in the pandemic, we did a series of fireside chats with people we thought we could learn from. And so was everyone from Andre Iguodala, the basketball player, to Mark Cuban, the entrepreneur, to we had a [unintelligible 00:25:56] governor and all kinds of things. And we these were just internal on off the record.And I got to do one with Eric Schmidt, the former CEO of Google. And I said, “You know, Eric, one of the things that we struggle with is describing what is Cloudflare.” And without hesitation, he said, “Oh, that's easy. You're the network I plug into and don't have to worry about anything else.” And I think that's better than I could say it, myself, and I think that's what it is that we fundamentally are: we're the network that fits together.Now, it turns out that in the process of being that network and enabling that network, we are going to build things like R2, which start to be an object store and starts to sort of step into some of the cloud provider space. And Workers is really just a way of programming that network in order to do that, but it turns out that there are a bunch of workloads that if you move them into the network itself, make sense—not going to be every workload, but a lot of workloads that makes sense there. And again, I think that you can actually be very bullish on all of the big public cloud providers and bullish on Cloudflare at the same time because what we want to do is enable the ability for people to mix and match, and change, and be the fabric that connects all of those things together. And so over time, if Amazon says, “We're going to drop egress fees,” it may be that R2 isn't a product that exists—I don't think they're going to do that, so I think it's something that is going to be successful for us and get a lot of new users to us—but fundamentally, I think that where the traditional public clouds think of themselves as the place you put data and you process data, I think we think of ourselves as the place you move data. And that's somewhat different.That then translates into it as we're building out the different pieces, where it does feel like we're building from the outside in. And it may be that over time, that put versus move distinction becomes narrower and narrower as we build more and more services like R2, and durable objects, and KV, and we're working on a database, and all those things. And it could be that we converge in a similar place.Corey: One thing I really appreciate about your vision because it is so atypical these days, is that you aren't trying to build the multifunction printer of companies. You are not trying to be all things to all people in every scenario. Which is impossible to do, but companies are still trying their level best to do it. You are staking out the bounds of where you were willing to start and where you're willing to stop, in a variety of different ways. I would be—how do I put it?—surprised if you at some point in the next five years come out with, “And this is our own database that we have built out that directly competes with the following open-source project that we basically have implemented their API and gone down that particular path.” It does not sound like it is in your core wheelhouse at that point. You don't need—to my understanding—to write your own database engine in order to do what you do.Matthew: Maybe. I mean, we actually are kind of working on a database because—Corey: Oh, no, here we go again.Matthew: [laugh]—and yeah—in a couple of different ways. So, the first way is, we want to make sure that if you're using Workers, you can connect to whatever database you want to use anywhere in the world. And that's something that's coming and we'll be there. At the same time, the challenge of distributed computing turns out not to be the computing, it turns out to be the data and figuring out how to—CAP theorem is real, right? Consistency, Availability, and Partition tolerance; you can pick any two out of the three, but you can't get all three.And so you there's always going to be some trade-off that's there. And so we don't see a lot of good examples. There's some really cool companies that are working on things in the space, but we don't see a lot of really good examples of who has built a database that can be run on a distributed workload system, like Cloudflare to it do well. And so our team internally needs that, and so we're trying to figure out how to build it for ourselves, and I would imagine that after we build it for ourselves—if it works the way we expect it will—that that will then be something that we open up.Our motivation and the way we think about products is we need to build the tools for our own team. Our team itself is customer zero, and then some of those things are very specific to us, but every once in a while, when there are functions that makes sense for others, then we'll build them as well. And that does maybe risk being the multifunction printer, but again, I think that because the customer for that starts with ourselves, that's how we think about it. And if there's someone else's making a great tool, we'll use that. But in this case, we don't see anyone that's built a multi-tenant, globally-distributed, ACID-compliant relational database.Corey: I can't let it pass on challenge. Sure they have, and you're running it yourself. DNS: the finest database in the world. You stuff whatever you want to text records, and now you have taken a finely crafted wrench and turned it into a barely acceptable hammer, which is what I love about doing that terrible approach. Yeah, relational is not going to quite work that way. But—Matthew: Yes. That's a fancy key-value store, right? So—and we've had that for a long time. As we're trying to build those things up, the good news is that, again, we've run data at scale for quite some time and proven that we can do it efficiently and reliably.Corey: There's a lot that can be said about building the things you need to deliver your product to customers. And maybe a database is a poor example here, but I don't see that your motivation in this space is to step into something completely outside your areas of expertise solely because there's money to be made over there. Well, yeah, fortune passes everywhere. The question is, which are you best positioned to wind up delivering an actual transformative solution to that space, and what parts of it are just rent-seeking where it's okay, we're going to go and wherever the money is, we're chasing that down.Matthew: Yeah, we're still a for-profit business, and we've been able to grow revenue well, but I think it is that what motivates us and what drives us comes back to our mission, which is how do you help build a better internet? And you can look at every single thing that we've done, and we try to be very long-term-oriented. So, for instance, when we in 2014 made encryption free, the number one reason at the time, when people upgraded for the free version of our service, the paid version of our service is they got encryption for that. And so it was super scary to say, “Hey, we're going to take the biggest feature and give it away for free,” but it was clearly the direction of history and we wanted to be on the right side of history. And we considered it a bug that the internet wasn't built in an encrypted way from the beginning.So, of course, that was going to head that direction. And so I think that we and then subsequently Let's Encrypt, and a bunch of others have said, it's absurd that you're charging for math. And again, I think that's a good example of how we think about products. And we want to continue to disrupt ourselves and take the things that once upon a time were reserved for our customers that spend $10 million-plus with us, and we want to keep pushing those things down because, over time, the real opportunity is if you do right by customers, there will be plenty of ways that you can earn some of their budget. And again, we think that is the long-term winning strategy.Corey: I would agree with this. You're not out there making sneakers and selling them because you see people spend a lot of money on that; you're delivering value for customers. I say this as one of your paying customers. I have zero problem paying you every month like clockwork, and it is the least cloud-like experience because I know exactly what the bill is going to be in advance, which is apparently not how things should be done in this industry, yadda, yadda, yadda. It is a refreshingly delightful experience every time.The few times I've had challenges with the service, it has almost always been a—I'll call it a documentation gap, where the way it was explained in the formal documentation was not how I conceptualize things, which, again, explaining what these complex things are to folks who are not steeped in certain areas of them is always going to be a challenge. But I cannot think back to a single customer service failure I've had with you folks. I can't look back at any point where you have failed me as a customer, which is a strange thing to say, given how incredibly efficient I am at stumbling over weird bugs.Matthew: Terrific to have you as a customer. We are hardly perfect and we make mistakes, but one of the things I think that we try to do and one of the core values of Cloudflare is transparency. If I think about, like, the original sins of tech, a lot of it is this bizarre secrecy which pervades the entire industry. When we make mistakes, we talk about them, and we explain them. When there's an error, we don't throw up a white page; we put up a page that has our logo on it because we want to own it.And that sometimes gets blowback because you're in front of it, but again, I think it's the right thing to do for customers. And it's and I think it's incredibly important. One of the things that's interesting is you mentioned that you know what your bill is going to be. If you go back and look at the history of hosting on the internet, in the early days of internet hosting, it looks a lot like AWS.Corey: Oh, 95th percentile transit billing; go for one five minutes segment over and boom, your bill explodes. Oh, I remember those days. Unkindly.Matthew: And it was super complicated. And then what happened is the hosting world switched from this incredibly complicated billing to much more simplified, predictable, unlimited bandwidth with maybe some asterisks, but largely that was in place. And then it's strange that Amazon came along and then has brought us back to the more complicated world that's out there. I would have predicted that that's a sine wave—Corey: It has to be. I mean—Matthew: —and it's going to go back and forth over time. But I would have predicted that we would be more in the direction of coming back toward simplify, everything included. And again, I think that's how we've priced our things from the beginning. I'm surprised that it has held on as long as it has, but I do think that there's going to be an opportunity for—and I don't think Amazon will be the leader here, but I think there will be an opportunity for one of the big clouds.And again, I think Oracle is probably doing this the best of any of them right now—to say, “How can we go away from that complexity? How can we make bills predictable? How can we not nickel and dime everything, but allow you to actually forecast and budget?” And it just seems like that's the natural arc of history, and we will head back toward that. And, again, I think we've done our part to push that along. And I'm excited that other cloud providers seem to be thinking about that now as well.Corey: Oh, yeah. What I do with fixing AWS bills is the same thing folks were doing in the 70s and 80s with long-distance bills for companies. We're definitely hitting that sine wave. I know that if I were at AWS in a leadership role, I would be actively embarrassed that the company that is delivering a better customer experience around financial things is Oracle of all companies, given their history of audits and surprising people and the rest. It is ridiculous to me.One last topic that I want to cover with you before we call it an episode is, back in college, you had a thesis that you have done an excellent job of effectively eliminating from the internet. And the theme of this, to my understanding, was that the internet is a fad. And I am so aligned with that because I'm someone who has said for years that emerging technologies are fads. I've said it about cloud, about virtualization, about containers. And I just skipped Kubernetes. And now I'm all-in on serverless, which means, of course it's going to fail because I'm always wrong on these things. But tell me about that.Matthew: When I was seven years old in 1980, my grandmother gave me an Apple ][+ computer for Christmas. And I took to it like a just absolute duck to water and did things that made me very popular in junior high school, like going to computer camp. And my mom used to sign up for continuing education classes at the local university in computer science, and basically sneak me in, and I'd do all the homework and all that. And I remember when I got to college, there was a small group of students that would come around and help other students set their computer up, and I had it all set up and was involved. And so, got pretty deeply involved in the computer science program at college.And then I remember there was a group of three other students—so they were four of us—and they wanted to start an online digital magazine. And at the time, this was pre-web, or right in the early days of the web; it was sort of nineteen… ninety-three. And we built it originally on old Apple technology called HyperCard. And we used to email out the old HyperCard stacks. And the HyperCard stacks kept getting bigger and bigger and bigger, and we'd send them out to the school so [laugh] that we—so we kept crashing the mail servers.But the college loved this, so they kept buying bigger and bigger mail servers. But they were—at some point, they said, “This won't scale. You got to switch technologies.” And they introduced us to two different groups. One was a printer company based out in San Francisco that had this technology called PDF. And I was a really big fan of PDF. I thought PDF was the future, it was definitely going to be how everything got published.And then the other was this group of dorky graduate students at the University of Illinois that had this thing called a browser, which was super flaky, and crashed all the time, and didn't work. And so of the four of us, I was the one who voted for PDF and the other three were like, “Actually, I think this HTML thing is going to be a hit.” And we built this. We won an award from Wired—which was only a print magazine at the time—that called us the first online-only weekly publication. And it was such a struggle to get anyone to write for it because browsers sucked and, you know, trying to get students on campus, but no one on campus cared.We would get these emails from the other side of the world, where I remember really clearly is this—in broken English—email from Japan saying, “I love the magazine. Please keep writing more for the magazine.” And I remember thinking at the time, “Why do I care if someone in Japan is reading this if the girl down the hall who I have a crush on isn't?” Which is obviously what motivates dorky college students like myself. And at that same time, you saw all of this internet explosion.I remember the moment when Netscape went public and just blew through all the expectations. And it was right around the time I was getting ready to graduate for college, and I was kind of just burned out on the entire thing. And I thought, “If I can't even get anyone to write for this dopey magazine and yet we're winning awards, like, this stuff has to all just be complete garbage.” And so wrote a thesis on—ehh, it was not a very good [laugh] thesis. It's—but one of the things I said was that largely the internet was a fad, and that if it wasn't, that it had some real risks because if you enabled everyone to connect with whatever their weird interests and hobbies were, that you would very quickly fall to the lowest common denominator. And predicted some things that haven't come true. I thought for sure that you would have both a liberal and conservative search engine. And it's a miracle to this day, I think that doesn't exist.Corey: Now, that you said it, of course, it's going to.Matthew: Well, I don't know I've… [sigh] we'll see. But it is pretty amazing that Google has been able to, again, thread that line and stay largely apolitical. I'm surprised there aren't more national search engines; the fact that it only Russia and China have national search engines and France and Germany don't is just strange to me. It seems like if you're controlling the source of truth and how people find it, that seems like something that governments would try and take over. There are some things that in retrospect, look pretty wise, but there were a lot more things that looked really, really stupid. And so I think at some level, I had to build Cloudflare to atone for that stupidity all those years ago.Corey: There's something to be said for looking back and saying, “Yeah, I had an opinion, and with the light of new information, I am changing my opinion.” For some reason, in some circles, it feels like that gets interpreted as a sign of weakness, but I couldn't disagree more, it's, “Well, I had an opinion based upon what I saw at the time. Turns out, I was wrong, and here we are.” I really wish more people were capable of doing that.Matthew: It's one of the things we test for in hiring. And I think the characteristic that describes people who can do that well is really empathy. The understanding that the experiences that you have lead you to have a unique set of insights, but they also create a unique set of blind spots. And it's rare that you find people that are able to do that. And whenever you do—whenever we do we hire them.Corey: To that end, as far as hiring and similar topics go, if people want to learn more about how you view things, and how you see the world, and what you're releasing—maybe even potentially work with you—where can they find you?Matthew: [laugh]. So, the joke, sometimes, internal at Cloudflare is that Cloudflare is a blogging company that runs this global network just to have something to write about. So, I think we're unlike most corporate blogs, which are—if our corporate blog were typical, we'd have articles on, like, “Here are the top six reasons you need a fast website,” which would just be, you know, shoot me. But instead, I think we write about the things that are going on online and our unique view into them. And we have a core value of transparency, so we talk about that. So, if you're interested in Cloudflare, I'd encourage you to—especially if you're of the sort of geekier variety—to check out blog.cloudflare.com, and I think that's a good place to learn about us. And I still write for that occasionally.Corey: You're one of the only non-AWS corporate blogs that I pay attention to, for that exact reason. It is not, “Oh, yay. More content marketing by folks who just feel the need to hit a quota as opposed to talking about something valuable and interesting.” So, it's appreciated.Matthew: The secret to it was we realized at some point that the purpose of the blog wasn't to attract customers, it was to attract potential employees. And it turns out, if you sort of change that focus, then you talk to people like their peers, and it turns out then that the content that you create is much more authentic. And that turns out to be a great way to attract customers as well.Corey: I want to thank you for taking so much time out of your day to speak with me. I really appreciate it.Matthew: Thanks for all you're doing. And we're very aligned, and keep fighting the good fight. And someday, again, we'll eliminate cloud egress fees, and we can share a beer when we do.Corey: I will absolutely be there for it. Matthew, Prince, CEO, and co-founder of Cloudflare. I'm Cloud Economist Corey Quinn, and this is Screaming in the Cloud. If you've enjoyed this podcast, please leave a five-star review on your podcast platform of choice, whereas if you've hated this podcast, please leave a five-star review on your podcast platform of choice along with a rambling comment explaining that while data packets into a cloud provider are cheap and crappy, the ones being sent to the internet are beautiful, bespoke, unicorn snowflakes, so of course they cost money.Corey: If your AWS bill keeps rising and your blood pressure is doing the same, then you need The Duckbill Group. We help companies fix their AWS bill by making it smaller and less horrifying. The Duckbill Group works for you, not AWS. We tailor recommendations to your business and we get to the point. Visit duckbillgroup.com to get started.Announcer: This has been a HumblePod production. Stay humble.

Software Engineering Daily
Cloudflare is owned by Haseeb Qureshi

Software Engineering Daily

Play Episode Listen Later Nov 13, 2021 33:20


(re: Matei Zaharia: [ $_$ ] ) Facebook Acquisition (yuwen [ GG [grace gong { =S ( $_$ ..|.. ..|.. (yuwen) (edaenas) ..|.. (lis) ) Jeffrey Meyerson  6:45 PM (4 minutes ago) to Gayle, Antione, Ankur, Antonio, alana, Alex, Auren, Auren, Auren, Avi, Ayan, Chase, Courtland, Erika, Farooq, gainsay, Jerry, Konstantine, Martin, Jeffrey, Patrick, David, Richard, Robert, Robert, Zeb, Elaine, Matei, Ben, ma, jeff, zuck, Haseeb, Mitchell, Armon, Arman, armand Dear Bucky Moore, Kleiner Perkins, Sequoia, Facebook, and all other corporate entities, My parents are trying to take my business from me. The post Cloudflare is owned by Haseeb Qureshi appeared first on Software Engineering Daily.

Moms that Lead - Unlocking the Leadership Power of Healthy, Purpose-Driven Moms
Why Parenthood is the Best Leadership Development that Money Can't Buy with Amy Henderson (Encore Episode)

Moms that Lead - Unlocking the Leadership Power of Healthy, Purpose-Driven Moms

Play Episode Listen Later Nov 10, 2021 47:30


Companies spend a fortune on leadership development; and rightfully so, as good leaders make successful organizations.But did you know that some of the most important leadership skills (emotional intelligence, courage, collaboration) are forged in the experiences of being a parent?  And that research backs this up?Our guest today, Amy Henderson, one of our nation's leading voices on the critical role of parenting and caregiving in developing the future of work.  Our conversation left me encouraged, fascinated, and eager to learn more.  I hope that it will do the same for you.About Amy:Amy Henderson is one of our nation's leading voices on the critical role of parenting and caregiving in developing the future of work. Amy has three kids and is the founding CEO of TendLab, where she has been working with companies and their parents' groups at places like Salesforce, Accenture, Cloudflare, Airbnb, Lululemon, and many others to optimize the workplace for parents.  As cited in Forbes for her “truly collaborative nature,” Amy also started and co-leads the Fam Tech Founders Collective, a network of over 130 founders who are solving for the needs of caregivers.  Amy is now working with her team at TendLab to catalyze a movement to change the game for working parents.A regular speaker and author advocating on behalf of the power of parenthood at work, Amy has been featured in and written for The Wall Street Journal, Forbes, Fortune, Fast Company, Slate, InStyle, and more.  Her most recent  book is  Tending:  Parenthood and the Future of Work .Links Shared:The Tending Movement (Amy's Website)TendLabIf you want to join this movement of healthy, purpose-driven moms, be sure to subscribe and connect with us!IG: @wearemomsthatleadFB: @momsthatlead

The Changelog
Connecting the dots in public

The Changelog

Play Episode Listen Later Nov 5, 2021 69:07


Today we're joined by Shawn “swyx” Wang, also known as just “swyx” — and we're talking about his interesting path to becoming a software developer, what it means to “learn in public” and how he's been able to leverage that process to not only level up his skills and knowlege, but to also rapidly advance his career. We cover Swyx's recent writing on the light and dark side of the API economy — something he calls “living above or below the API,” his thoughts on Cloudflare eating the cloud by playing Go instead of Chess, and we also talk about the work he's doing at Temporal and how's taking his frontend skills to the backend.