Podcasts about Cloudflare

Scott and Wes break down the Model Context Protocol (MCP), a new open standard that gives AI agents secure, tool-like access to your dev environment. They cover how it works, why it's a big deal for AI coding workflows, and real-world use cases like GitHub, Sentry, and YouTube. Show Notes 00:00 Welcome to Syntax! 00:49 The lore of ICP. Wes MCP Shirt. 03:09 Brought to you by Sentry.io. 03:33 What is MCP? 05:06 The steps of AI coding. 07:11 MCP hosts. 07:28 MCP clients. 07:35 MCP servers. 08:24 Why you might want to do this. 10:39 How this works in VS Code. 14:10 Wes built an MCP server. SVGL. 14:57 Playwright. 17:24 Sentry's implementation. Building Sentry's MCP with David Cramer. 18:54 YouTube implementation. 21:19 DaVinci Resolve implementation. Smithery. 23:02 Postgres. 24:40 Transport protocols. 24:49 STDIO. 25:19 SSE. 25:32 Streaming. 26:24 Writing you own MCP server. 26:28 FastMCP. 27:00 Cloudflare. 28:01 Data validation. 28:47 Standard schema. Episode 873. 29:27 Other parts of MCP. 29:35 MCP resources. 30:37 MCP prompts. 30:48 MCP roots. Hit us up on Socials! Syntax: X Instagram Tiktok LinkedIn Threads Wes: X Instagram Tiktok LinkedIn Threads Scott: X Instagram Tiktok LinkedIn Threads Randy: X Instagram YouTube Threads

Chris Merritt, former CRO of Cloudflare, shares how the company scaled from single-digit millions to $1 billion in ARR and built a foundation for long-term, sustainable growth. Chris unpacks the strategies behind scaling go-to-market teams, aligning product and sales for maximum impact, and creating strong customer relationships based on trust and value delivery. He also discusses the challenges of building a world-class organization, maintaining momentum through different growth phases, and navigating the shifting dynamics of the SaaS landscape, especially with the emergence of AI and its impact on go-to-market strategies.  What You'll Learn in This Episode Scaling to $1 Billion ARR: Why scaling requires a balance between small, fast-growing customers and large enterprise deals How to build repeatable processes for growth while maintaining flexibility for experimentation Building Trust with Customers: Why trust is the foundation of successful customer relationships and large contracts How to align product capabilities with customer needs while being transparent about limitations Aligning Product and Go-To-Market Teams: The importance of creating a tight feedback loop between product and sales teams How joint customer engagements help ensure consistent messaging and better product development Leadership Through Growth Phases: How to move from founder-led sales to a scalable go-to-market organization The challenges of hiring and maintaining company culture during rapid growth Adapting to Changing Markets: The role of AI in reshaping go-to-market strategies and customer expectations Why the current business landscape is moving faster than ever and what that means for startups ALL ABOUT UNICORN BAKERY: https://zez.am/unicornbakery  Where to find Chris: LinkedIn: https://www.linkedin.com/in/cmerritt99/  Website: https://www.cloudflare.com/de-de/  Join our Founder Tactics Newsletter: 2x die Woche bekommst du die Taktiken der besten Gründer der Welt direkt ins Postfach: https://www.tactics.unicornbakery.de/  Chapters: (00:00:00) How to scale beyond 1 Billion ARR (00:04:39) Value & reasons to buy Cloudflare (00:08:23) The balance between building the best product vs. building a worldclass sales organization (00:15:18) Stages and phases in startups that help navigating through challenges (00:24:55) Chris' tipps for founder-led-sales (00:32:48) Advices to find support for go-to-market (00:43:12) How to ensure that product and go-to-market are not drifting apart while growing (00:52:34) How to bring the team together (00:57:23) Quality expectations at Cloudflare  (01:02:55) Building a sustainable company (01:09:03) Chris' best learnings on pricing (01:15:47) How to evaluate whether it is worth undercutting the competitor just to win the customer (01:22:06) Chris' thoughts on the momentum of the AI space

video: https://youtu.be/r2rD3MB8Jls On this episode, we review community feedback, explore Zorin OS 17.3 release and their shift to Brave as its default browser. We talk about Thunderbird's upcoming Thundermail service for privacy-focused email. Plus, we cover Cloudflare's "AI Labyrinth" to combat unauthorized data scraping. Forum Discussion Thread (https://destinationlinux.net/forum) Download as MP3 (https://aphid.fireside.fm/d/1437767933/32f28071-0b08-4ea1-afcc-37af75bd83d6/44b2a40f-7a96-418f-97dd-70daa8e74d9d.mp3) Support the show by becoming a patron at tuxdigital.com/membership (https://tuxdigital.com/membership) or get some swag at tuxdigital.com/store (https://tuxdigital.com/store) Hosted by: Ryan (DasGeek) = dasgeek.net (https://dasgeek.net) Jill Bryant = jilllinuxgirl.com (https://jilllinuxgirl.com) Michael Tunnell = michaeltunnell.com (https://michaeltunnell.com) Chapters: 00:00:00 Intro 00:01:22 Community Feedback 00:08:50 Sandfly Security 00:10:58 Zorin OS 17.3: What's New and Why It Matters 00:14:21 Zorin Goes Brave: Default Browser Shift Explained 00:15:39 Flip the Switch: VPN Now Built Into Vivaldi 00:17:54 The Vivaldi Conundrum: Locked Without a Reason? 00:19:27 Firefox's Secret Sauce: Containers and Bookmark Brilliance 00:21:58 Brave Gets a Makeover in Zorin OS 00:24:04 Brave Test Drive: Ryan Installs It Everywhere 00:26:21 Final Thoughts on Zorin, Brave, and Vivaldi 00:28:06 Thunderbird Evolves: Pro Features and Thundermail Unveiled 00:31:00 Separating Privacy from Security 00:32:03 Thunderbird's Identity: Separate from Mozilla 00:36:09 More Inboxes, Less Risk: Managing Sensitive Info 00:38:06 Wishing for Thunderbird to Take on Google Docs 00:38:35 Thunderbird's Web Services: Pro Tools Built for the Community 00:41:26 When Thunderbird Out-Mozillas Mozilla 00:44:39 Balancing Cost and Access in Thunderbird's Service Model 00:46:10 Cloudflare Builds an AI Maze for Misbehaving Bots 00:49:00 Ethical Dilemma: AI and Unauthorized Web Scraping 00:53:24 Responsible AI: Real Facts, No Misinformation 00:55:48 Jill's Village Under Siege: The Plot Thickens 00:56:33 Software Spotlight: MPV 0.40 Brings the Brightness 01:00:07 Support the Show 01:01:39 Cheetos Wisdom and Boss-Level Brilliance 01:05:53 Support the Show Take 2 01:07:22 Outro Links: Community Feedback https://destinationlinux.net/comments (https://destinationlinux.net/comments) https://destinationlinux.net/forum (https://destinationlinux.net/forum) Sandfly Security https://destinationlinux.net/sandfly (https://destinationlinux.net/sandfly) Home Edition Discount = destination50 Zorin OS 17.3: What's New and Why It Matters https://blog.zorin.com/2025/03/26/zorin-os-17.3-is-here/ (https://blog.zorin.com/2025/03/26/zorin-os-17.3-is-here/) VPN Now Built Into Vivaldi https://vivaldi.com/protonvpn/ (https://vivaldi.com/protonvpn/) Firefox's Secret Sauce: Containers and Bookmark Brilliance Michael's Container Tabs video = https://youtu.be/FfN5L5zAJUo (https://youtu.be/FfN5L5zAJUo) Michael's Bookmarks video = https://youtu.be/jRIyAu79OrM (https://youtu.be/jRIyAu79OrM) Thunderbird Evolves: Pro Features and Thundermail Unveiled https://blog.thunderbird.net/2025/04/thundermail-and-thunderbird-pro-services/ (https://blog.thunderbird.net/2025/04/thundermail-and-thunderbird-pro-services/) Cloudflare Builds an AI Maze for Misbehaving Bots https://blog.cloudflare.com/ai-labyrinth/ (https://blog.cloudflare.com/ai-labyrinth/) Software Spotlight: MPV 0.40 Brings the Brightness https://mpv.io/ (https://mpv.io/) https://github.com/mpv-player/mpv/releases (https://github.com/mpv-player/mpv/releases) Support the Show https://tuxdigital.com/membership (https://tuxdigital.com/membership) https://store.tuxdigital.com/ (https://store.tuxdigital.com/)

Brandon Liu is an open source developer and creator of the Protomaps basemap project. We talk about how static maps help developers build sites that last, the PMTiles file format, the role of OpenStreetMap, and his experience funding and running an open source project full time. Protomaps Protomaps PMTiles (File format used by Protomaps) Self-hosted slippy maps, for novices (like me) Why Deploy Protomaps on a CDN User examples Flickr Pinball Map Toilet Map Related projects OpenStreetMap (Dataset protomaps is based on) Mapzen (Former company that released details on what to display based on zoom levels) Mapbox GL JS (Mapbox developed source available map rendering library) MapLibre GL JS (Open source fork of Mapbox GL JS) Other links HTTP range requests (MDN) Hilbert curve Transcript You can help correct transcripts on GitHub. Intro [00:00:00] Jeremy: I'm talking to Brandon Liu. He's the creator of Protomaps, which is a way to easily create and host your own maps. Let's get into it. [00:00:09] Brandon: Hey, so thanks for having me on the podcast. So I'm Brandon. I work on an open source project called Protomaps. What it really is, is if you're a front end developer and you ever wanted to put maps on a website or on a mobile app, then Protomaps is sort of an open source solution for doing that that I hope is something that's way easier to use than, um, a lot of other open source projects. Why not just use Google Maps? [00:00:36] Jeremy: A lot of people are gonna be familiar with Google Maps. Why should they worry about whether something's open source? Why shouldn't they just go and use the Google maps API? [00:00:47] Brandon: So Google Maps is like an awesome thing it's an awesome product. Probably one of the best tech products ever right? And just to have a map that tells you what restaurants are open and something that I use like all the time especially like when you're traveling it has all that data. And the most amazing part is that it's free for consumers but it's not necessarily free for developers. Like if you wanted to embed that map onto your website or app, that usually has an API cost which still has a free tier and is affordable. But one motivation, one basic reason to use open source is if you have some project that doesn't really fit into that pricing model. You know like where you have to pay the cost of Google Maps, you have a side project, a nonprofit, that's one reason. But there's lots of other reasons related to flexibility or customization where you might want to use open source instead. Protomaps examples [00:01:49] Jeremy: Can you give some examples where people have used Protomaps and where that made sense for them? [00:01:56] Brandon: I follow a lot of the use cases and I also don't know about a lot of them because I don't have an API where I can track a hundred percent of the users. Some of them use the hosted version, but I would say most of them probably use it on their own infrastructure. One of the cool projects I've been seeing is called Toilet Map. And what toilet map is if you're in the UK and you want find a public restroom then it maps out, sort of crowdsourced all of the public restrooms. And that's important for like a lot of people if they have health issues, they need to find that information. And just a lot of different projects in the same vein. There's another one called Pinball Map which is sort of a hobby project to find all the pinball machines in the world. And they wanted to have a customized map that fit in with their theme of pinball. So these sorts of really cool indie projects are the ones I'm most excited about. Basemaps vs Overlays [00:02:57] Jeremy: And if we talk about, like the pinball map as an example, there's this concept of a basemap and then there's the things that you lay on top of it. What is a basemap and then is the pinball locations is that part of it or is that something separate? [00:03:12] Brandon: It's usually something separate. The example I usually use is if you go to a real estate site, like Zillow, you'll open up the map of Seattle and it has a bunch of pins showing all the houses, and then it has some information beneath it. That information beneath it is like labels telling, this neighborhood is Capitol Hill, or there is a park here. But all that information is common to a lot of use cases and it's not specific to real estate. So I think usually that's the distinction people use in the industry between like a base map versus your overlay. The overlay is like the data for your product or your company while the base map is something you could get from Google or from Protomaps or from Apple or from Mapbox that kind of thing. PMTiles for hosting the basemap and overlays [00:03:58] Jeremy: And so Protomaps in particular is responsible for the base map, and that information includes things like the streets and the locations of landmarks and things like that. Where is all that information coming from? [00:04:12] Brandon: So the base map information comes from a project called OpenStreetMap. And I would also, point out that for Protomaps as sort of an ecosystem. You can also put your overlay data into a format called PMTiles, which is sort of the core of what Protomaps is. So it can really do both. It can transform your data into the PMTiles format which you can host and you can also host the base map. So you kind of have both of those sides of the product in one solution. [00:04:43] Jeremy: And so when you say you have both are you saying that the PMTiles file can have, the base map in one file and then you would have the data you're laying on top in another file? Or what are you describing there? [00:04:57] Brandon: That's usually how I recommend to do it. Oftentimes there'll be sort of like, a really big basemap 'cause it has all of that data about like where the rivers are. Or while, if you want to put your map of toilets or park benches or pickleball courts on top, that's another file. But those are all just like assets you can move around like JSON or CSV files. Statically Hosted [00:05:19] Jeremy: And I think one of the things you mentioned was that your goal was to make Protomaps or the, the use of these PMTiles files easy to use. What does that look like for, for a developer? I wanna host a map. What do I actually need to, to put on my servers? [00:05:38] Brandon: So my usual pitch is that basically if you know how to use S3 or cloud storage, that you know how to deploy a map. And that, I think is the main sort of differentiation from most open source projects. Like a lot of them, they call themselves like, like some sort of self-hosted solution. But I've actually avoided using the term self-hosted because I think in most cases that implies a lot of complexity. Like you have to log into a Linux server or you have to use Kubernetes or some sort of Docker thing. What I really want to emphasize is the idea that, for Protomaps, it's self-hosted in the same way like CSS is self-hosted. So you don't really need a service from Amazon to host the JSON files or CSV files. It's really just a static file. [00:06:32] Jeremy: When you say static file that means you could use any static web host to host your HTML file, your JavaScript that actually renders the map. And then you have your PMTiles files, and you're not running a process or anything, you're just putting your files on a static file host. [00:06:50] Brandon: Right. So I think if you're a developer, you can also argue like a static file server is a server. It's you know, it's the cloud, it's just someone else's computer. It's really just nginx under the hood. But I think static storage is sort of special. If you look at things like static site generators, like Jekyll or Hugo, they're really popular because they're a commodity or like the storage is a commodity. And you can take your blog, make it a Jekyll blog, hosted on S3. One day, Amazon's like, we're charging three times as much so you can move it to a different cloud provider. And that's all vendor neutral. So I think that's really the special thing about static storage as a primitive on the web. Why running servers is a problem for resilience [00:07:36] Jeremy: Was there a prior experience you had? Like you've worked with maps for a very long time. Were there particular difficulties you had where you said I just gotta have something that can be statically hosted? [00:07:50] Brandon: That's sort of exactly why I got into this. I've been working sort of in and around the map space for over a decade, and Protomaps is really like me trying to solve the same problem I've had over and over again in the past, just like once and forever right? Because like once this problem is solved, like I don't need to deal with it again in the future. So I've worked at a couple of different companies before, mostly as a contractor, for like a humanitarian nonprofit for a design company doing things like, web applications to visualize climate change. Or for even like museums, like digital signage for museums. And oftentimes they had some sort of data visualization component, but always sort of the challenge of how to like, store and also distribute like that data was something that there wasn't really great open source solutions. So just for map data, that's really what motivated that design for Protomaps. [00:08:55] Jeremy: And in those, those projects in the past, were those things where you had to run your own server, run your own database, things like that? [00:09:04] Brandon: Yeah. And oftentimes we did, we would spin up an EC2 instance, for maybe one client and then we would have to host this server serving map data forever. Maybe the client goes away, or I guess it's good for business if you can sign some sort of like long-term support for that client saying, Hey, you know, like we're done with a project, but you can pay us to maintain the EC2 server for the next 10 years. And that's attractive. but it's also sort of a pain, because usually what happens is if people are given the choice, like a developer between like either I can manage the server on EC2 or on Rackspace or Hetzner or whatever, or I can go pay a SaaS to do it. In most cases, businesses will choose to pay the SaaS. So that's really like what creates a sort of lock-in is this preference for like, so I have this choice between like running the server or paying the SaaS. Like businesses will almost always go and pay the SaaS. [00:10:05] Jeremy: Yeah. And in this case, you either find some kind of free hosting or low-cost hosting just to host your files and you upload the files and then you're good from there. You don't need to maintain anything. [00:10:18] Brandon: Exactly, and that's really the ideal use case. so I have some users these, climate science consulting agencies, and then they might have like a one-off project where they have to generate the data once, but instead of having to maintain this server for the lifetime of that project, they just have a file on S3 and like, who cares? If that costs a couple dollars a month to run, that's fine, but it's not like S3 is gonna be deprecated, like it's gonna be on an insecure version of Ubuntu or something. So that's really the ideal, set of constraints for using Protomaps. [00:10:58] Jeremy: Yeah. Something this also makes me think about is, is like the resilience of sites like remaining online, because I, interviewed, Kyle Drake, he runs Neocities, which is like a modern version of GeoCities. And if I remember correctly, he was mentioning how a lot of old websites from that time, if they were running a server backend, like they were running PHP or something like that, if you were to try to go to those sites, now they're like pretty much all dead because there needed to be someone dedicated to running a Linux server, making sure things were patched and so on and so forth. But for static sites, like the ones that used to be hosted on GeoCities, you can go to the internet archive or other websites and they were just files, right? You can bring 'em right back up, and if anybody just puts 'em on a web server, then you're good. They're still alive. Case study of news room preferring static hosting [00:11:53] Brandon: Yeah, exactly. One place that's kind of surprising but makes sense where this comes up, is for newspapers actually. Some of the users using Protomaps are the Washington Post. And the reason they use it, is not necessarily because they don't want to pay for a SaaS like Google, but because if they make an interactive story, they have to guarantee that it still works in a couple of years. And that's like a policy decision from like the editorial board, which is like, so you can't write an article if people can't view it in five years. But if your like interactive data story is reliant on a third party, API and that third party API becomes deprecated, or it changes the pricing or it, you know, it gets acquired, then your journalism story is not gonna work anymore. So I have seen really good uptake among local news rooms and even big ones to use things like Protomaps just because it makes sense for the requirements. Working on Protomaps as an open source project for five years [00:12:49] Jeremy: How long have you been working on Protomaps and the parts that it's made up of such as PMTiles? [00:12:58] Brandon: I've been working on it for about five years, maybe a little more than that. It's sort of my pandemic era project. But the PMTiles part, which is really the heart of it only came in about halfway. Why not make a SaaS? [00:13:13] Brandon: So honestly, like when I first started it, I thought it was gonna be another SaaS and then I looked at it and looked at what the environment was around it. And I'm like, uh, so I don't really think I wanna do that. [00:13:24] Jeremy: When, when you say you looked at the environment around it what do you mean? Why did you decide not to make it a SaaS? [00:13:31] Brandon: Because there already is a lot of SaaS out there. And I think the opportunity of making something that is unique in terms of those use cases, like I mentioned like newsrooms, was clear. Like it was clear that there was some other solution, that could be built that would fit these needs better while if it was a SaaS, there are plenty of those out there. And I don't necessarily think that they're well differentiated. A lot of them all use OpenStreetMap data. And it seems like they mainly compete on price. It's like who can build the best three column pricing model. And then once you do that, you need to build like billing and metrics and authentication and like those problems don't really interest me. So I think, although I acknowledge sort of the indie hacker ethos now is to build a SaaS product with a monthly subscription, that's something I very much chose not to do, even though it is for sure like the best way to build a business. [00:14:29] Jeremy: Yeah, I mean, I think a lot of people can appreciate that perspective because it's, it's almost like we have SaaS overload, right? Where you have so many little bills for your project where you're like, another $5 a month, another $10 a month, or if you're a business, right? Those, you add a bunch of zeros and at some point it's just how many of these are we gonna stack on here? [00:14:53] Brandon: Yeah. And honestly. So I really think like as programmers, we're not really like great at choosing how to spend money like a $10 SaaS. That's like nothing. You know? So I can go to Starbucks and I can buy a pumpkin spice latte, and that's like $10 basically now, right? And it's like I'm able to make that consumer choice in like an instant just to spend money on that. But then if you're like, oh, like spend $10 on a SaaS that somebody put a lot of work into, then you're like, oh, that's too expensive. I could just do it myself. So I'm someone that also subscribes to a lot of SaaS products. and I think for a lot of things it's a great fit. Many open source SaaS projects are not easy to self host [00:15:37] Brandon: But there's always this tension between an open source project that you might be able to run yourself and a SaaS. And I think a lot of projects are at different parts of the spectrum. But for Protomaps, it's very much like I'm trying to move maps to being it is something that is so easy to run yourself that anyone can do it. [00:16:00] Jeremy: Yeah, and I think you can really see it with, there's a few SaaS projects that are successful and they're open source, but then you go to look at the self-hosting instructions and it's either really difficult to find and you find it, and then the instructions maybe don't work, or it's really complicated. So I think doing the opposite with Protomaps. As a user, I'm sure we're all appreciative, but I wonder in terms of trying to make money, if that's difficult. [00:16:30] Brandon: No, for sure. It is not like a good way to make money because I think like the ideal situation for an open source project that is open that wants to make money is the product itself is fundamentally complicated to where people are scared to run it themselves. Like a good example I can think of is like Supabase. Supabase is sort of like a platform as a service based on Postgres. And if you wanted to run it yourself, well you need to run Postgres and you need to handle backups and authentication and logging, and that stuff all needs to work and be production ready. So I think a lot of people, like they don't trust themselves to run database backups correctly. 'cause if you get it wrong once, then you're kind of screwed. So I think that fundamental aspect of the product, like a database is something that is very, very ripe for being a SaaS while still being open source because it's fundamentally hard to run. Another one I can think of is like tailscale, which is, like a VPN that works end to end. That's something where, you know, it has this networking complexity where a lot of developers don't wanna deal with that. So they'd happily pay, for tailscale as a service. There is a lot of products or open source projects that eventually end up just changing to becoming like a hosted service. Businesses going from open source to closed or restricted licenses [00:17:58] Brandon: But then in that situation why would they keep it open source, right? Like, if it's easy to run yourself well, doesn't that sort of cannibalize their business model? And I think that's really the tension overall in these open source companies. So you saw it happen to things like Elasticsearch to things like Terraform where they eventually change the license to one that makes it difficult for other companies to compete with them. [00:18:23] Jeremy: Yeah, I mean there's been a number of cases like that. I mean, specifically within the mapping community, one I can think of was Mapbox's. They have Mapbox gl. Which was a JavaScript client to visualize maps and they moved from, I forget which license they picked, but they moved to a much more restrictive license. I wonder what your thoughts are on something that releases as open source, but then becomes something maybe a little more muddy. [00:18:55] Brandon: Yeah, I think it totally makes sense because if you look at their business and their funding, it seems like for Mapbox, I haven't used it in a while, but my understanding is like a lot of their business now is car companies and doing in dash navigation. And that is probably way better of a business than trying to serve like people making maps of toilets. And I think sort of the beauty of it is that, so Mapbox, the story is they had a JavaScript renderer called Mapbox GL JS. And they changed that to a source available license a couple years ago. And there's a fork of it that I'm sort of involved in called MapLibre GL. But I think the cool part is Mapbox paid employees for years, probably millions of dollars in total to work on this thing and just gave it away for free. Right? So everyone can benefit from that work they did. It's not like that code went away, like once they changed the license. Well, the old version has been forked. It's going its own way now. It's quite different than the new version of Mapbox, but I think it's extremely generous that they're able to pay people for years, you know, like a competitive salary and just give that away. [00:20:10] Jeremy: Yeah, so we should maybe look at it as, it was a gift while it was open source, and they've given it to the community and they're on continuing on their own path, but at least the community running Map Libre, they can run with it, right? It's not like it just disappeared. [00:20:29] Brandon: Yeah, exactly. And that is something that I use for Protomaps quite extensively. Like it's the primary way of showing maps on the web and I've been trying to like work on some enhancements to it to have like better internationalization for if you are in like South Asia like not show languages correctly. So I think it is being taken in a new direction. And I think like sort of the combination of Protomaps and MapLibre, it addresses a lot of use cases, like I mentioned earlier with like these like hobby projects, indie projects that are almost certainly not interesting to someone like Mapbox or Google as a business. But I'm happy to support as a small business myself. Financially supporting open source work (GitHub sponsors, closed source, contracts) [00:21:12] Jeremy: In my previous interview with Tom, one of the main things he mentioned was that creating a mapping business is incredibly difficult, and he said he probably wouldn't do it again. So in your case, you're building Protomaps, which you've admitted is easy to self-host. So there's not a whole lot of incentive for people to pay you. How is that working out for you? How are you supporting yourself? [00:21:40] Brandon: There's a couple of strategies that I've tried and oftentimes failed at. Just to go down the list, so I do have GitHub sponsors so I do have a hosted version of Protomaps you can use if you don't want to bother copying a big file around. But the way I do the billing for that is through GitHub sponsors. If you wanted to use this thing I provide, then just be a sponsor. And that definitely pays for itself, like the cost of running it. And that's great. GitHub sponsors is so easy to set up. It just removes you having to deal with Stripe or something. 'cause a lot of people, their credit card information is already in GitHub. GitHub sponsors I think is awesome if you want to like cover costs for a project. But I think very few people are able to make that work. A thing that's like a salary job level. It's sort of like Twitch streaming, you know, there's a handful of people that are full-time streamers and then you look down the list on Twitch and it's like a lot of people that have like 10 viewers. But some of the other things I've tried, I actually started out, publishing the base map as a closed source thing, where I would sell sort of like a data package instead of being a SaaS, I'd be like, here's a one-time download, of the premium data and you can buy it. And quite a few people bought it I just priced it at like $500 for this thing. And I thought that was an interesting experiment. The main reason it's interesting is because the people that it attracts to you in terms of like, they're curious about your products, are all people willing to pay money. While if you start out everything being open source, then the people that are gonna be try to do it are only the people that want to get something for free. So what I discovered is actually like once you transition that thing from closed source to open source, a lot of the people that used to pay you money will still keep paying you money because like, it wasn't necessarily that that closed source thing was why they wanted to pay. They just valued that thought you've put into it your expertise, for example. So I think that is one thing, that I tried at the beginning was just start out, closed source proprietary, then make it open source. That's interesting to people. Like if you release something as open source, if you go the other way, like people are really mad if you start out with something open source and then later on you're like, oh, it's some other license. Then people are like that's so rotten. But I think doing it the other way, I think is quite valuable in terms of being able to find an audience. [00:24:29] Jeremy: And when you said it was closed source and paid to open source, do you still sell those map exports? [00:24:39] Brandon: I don't right now. It's something that I might do in the future, you know, like have small customizations of the data that are available, uh, for a fee. still like the core OpenStreetMap based map that's like a hundred gigs you can just download. And that'll always just be like a free download just because that's already out there. All the source code to build it is open source. So even if I said, oh, you have to pay for it, then someone else can just do it right? So there's no real reason like to make that like some sort of like paywall thing. But I think like overall if the project is gonna survive in the long term it's important that I'd ideally like to be able to like grow like a team like have a small group of people that can dedicate the time to growing the project in the long term. But I'm still like trying to figure that out right now. [00:25:34] Jeremy: And when you mentioned that when you went from closed to open and people were still paying you, you don't sell a product anymore. What were they paying for? [00:25:45] Brandon: So I have some contracts with companies basically, like if they need a feature or they need a customization in this way then I am very open to those. And I sort of set it up to make it clear from the beginning that this is not just a free thing on GitHub, this is something that you could pay for if you need help with it, if you need support, if you wanted it. I'm also a little cagey about the word support because I think like it sounds a little bit too wishy-washy. Pretty much like if you need access to the developers of an open source project, I think that's something that businesses are willing to pay for. And I think like making that clear to potential users is a challenge. But I think that is one way that you might be able to make like a living out of open source. [00:26:35] Jeremy: And I think you said you'd been working on it for about five years. Has that mostly been full time? [00:26:42] Brandon: It's been on and off. it's sort of my pandemic era project. But I've spent a lot of time, most of my time working on the open source project at this point. So I have done some things that were more just like I'm doing a customization or like a private deployment for some client. But that's been a minority of the time. Yeah. [00:27:03] Jeremy: It's still impressive to have an open source project that is easy to self-host and yet is still able to support you working on it full time. I think a lot of people might make the assumption that there's nothing to sell if something is, is easy to use. But this sort of sounds like a counterpoint to that. [00:27:25] Brandon: I think I'd like it to be. So when you come back to the point of like, it being easy to self-host. Well, so again, like I think about it as like a primitive of the web. Like for example, if you wanted to start a business today as like hosted CSS files, you know, like where you upload your CSS and then you get developers to pay you a monthly subscription for how many times they fetched a CSS file. Well, I think most developers would be like, that's stupid because it's just an open specification, you just upload a static file. And really my goal is to make Protomaps the same way where it's obvious that there's not really some sort of lock-in or some sort of secret sauce in the server that does this thing. How PMTiles works and building a primitive of the web [00:28:16] Brandon: If you look at video for example, like a lot of the tech for how Protomaps and PMTiles works is based on parts of the HTTP spec that were made for video. And 20 years ago, if you wanted to host a video on the web, you had to have like a real player license or flash. So you had to go license some server software from real media or from macromedia so you could stream video to a browser plugin. But now in HTML you can just embed a video file. And no one's like, oh well I need to go pay for my video serving license. I mean, there is such a thing, like YouTube doesn't really use that for DRM reasons, but people just have the assumption that video is like a primitive on the web. So if we're able to make maps sort of that same way like a primitive on the web then there isn't really some obvious business or licensing model behind how that works. Just because it's a thing and it helps a lot of people do their jobs and people are happy using it. So why bother? [00:29:26] Jeremy: You mentioned that it a tech that was used for streaming video. What tech specifically is it? [00:29:34] Brandon: So it is byte range serving. So when you open a video file on the web, So let's say it's like a 100 megabyte video. You don't have to download the entire video before it starts playing. It streams parts out of the file based on like what frames... I mean, it's based on the frames in the video. So it can start streaming immediately because it's organized in a way to where the first few frames are at the beginning. And what PMTiles really is, is it's just like a video but in space instead of time. So it's organized in a way where these zoomed out views are at the beginning and the most zoomed in views are at the end. So when you're like panning or zooming in the map all you're really doing is fetching byte ranges out of that file the same way as a video. But it's organized in, this tiled way on a space filling curve. IIt's a little bit complicated how it works internally and I think it's kind of cool but that's sort of an like an implementation detail. [00:30:35] Jeremy: And to the person deploying it, it just looks like a single file. [00:30:40] Brandon: Exactly in the same way like an mp3 audio file is or like a JSON file is. [00:30:47] Jeremy: So with a video, I can sort of see how as someone seeks through the video, they start at the beginning and then they go to the middle if they wanna see the middle. For a map, as somebody scrolls around the map, are you seeking all over the file or is the way it's structured have a little less chaos? [00:31:09] Brandon: It's structured. And that's kind of the main technical challenge behind building PMTiles is you have to be sort of clever so you're not spraying the reads everywhere. So it uses something called a hilbert curve, which is a mathematical concept of a space filling curve. Where it's one continuous curve that essentially lets you break 2D space into 1D space. So if you've seen some maps of IP space, it uses this crazy looking curve that hits all the points in one continuous line. And that's the same concept behind PMTiles is if you're looking at one part of the world, you're sort of guaranteed that all of those parts you're looking at are quite close to each other and the data you have to transfer is quite minimal, compared to if you just had it at random. [00:32:02] Jeremy: How big do the files get? If I have a PMTiles of the entire world, what kind of size am I looking at? [00:32:10] Brandon: Right now, the default one I distribute is 128 gigabytes, so it's quite sizable, although you can slice parts out of it remotely. So if you just wanted. if you just wanted California or just wanted LA or just wanted only a couple of zoom levels, like from zero to 10 instead of zero to 15, there is a command line tool that's also called PMTiles that lets you do that. Issues with CDNs and range queries [00:32:35] Jeremy: And when you're working with files of this size, I mean, let's say I am working with a CDN in front of my application. I'm not typically accustomed to hosting something that's that large and something that's where you're seeking all over the file. is that, ever an issue or is that something that's just taken care of by the browser and, and taken care of by, by the hosts? [00:32:58] Brandon: That is an issue actually, so a lot of CDNs don't deal with it correctly. And my recommendation is there is a kind of proxy server or like a serverless proxy thing that I wrote. That runs on like cloudflare workers or on Docker that lets you proxy those range requests into a normal URL and then that is like a hundred percent CDN compatible. So I would say like a lot of the big commercial installations of this thing, they use that because it makes more practical sense. It's also faster. But the idea is that this solution sort of scales up and scales down. If you wanted to host just your city in like a 10 megabyte file, well you can just put that into GitHub pages and you don't have to worry about it. If you want to have a global map for your website that serves a ton of traffic then you probably want a little bit more sophisticated of a solution. It still does not require you to run a Linux server, but it might require (you) to use like Lambda or Lambda in conjunction with like a CDN. [00:34:09] Jeremy: Yeah. And that sort of ties into what you were saying at the beginning where if you can host on something like CloudFlare Workers or Lambda, there's less time you have to spend keeping these things running. [00:34:26] Brandon: Yeah, exactly. and I think also the Lambda or CloudFlare workers solution is not perfect. It's not as perfect as S3 or as just static files, but in my experience, it still is better at building something that lasts on the time span of years than being like I have a server that is on this Ubuntu version and in four years there's all these like security patches that are not being applied. So it's still sort of serverless, although not totally vendor neutral like S3. Customizing the map [00:35:03] Jeremy: We've mostly been talking about how you host the map itself, but for someone who's not familiar with these kind of tools, how would they be customizing the map? [00:35:15] Brandon: For customizing the map there is front end style customization and there's also data customization. So for the front end if you wanted to change the water from the shade of blue to another shade of blue there is a TypeScript API where you can customize it almost like a text editor color scheme. So if you're able to name a bunch of colors, well you can customize the map in that way you can change the fonts. And that's all done using MapLibre GL using a TypeScript API on top of that for customizing the data. So all the pipeline to generate this data from OpenStreetMap is open source. There is a Java program using a library called PlanetTiler which is awesome, which is this super fast multi-core way of building map tiles. And right now there isn't really great hooks to customize what data goes into that. But that's something that I do wanna work on. And finally, because the data comes from OpenStreetMap if you notice data that's missing or you wanted to correct data in OSM then you can go into osm.org. You can get involved in contributing the data to OSM and the Protomaps build is daily. So if you make a change, then within 24 hours you should see the new base map. Have that change. And of course for OSM your improvements would go into every OSM based project that is ingesting that data. So it's not a protomap specific thing. It's like this big shared data source, almost like Wikipedia. OpenStreetMap is a dataset and not a map [00:37:01] Jeremy: I think you were involved with OpenStreetMap to some extent. Can you speak a little bit to that for people who aren't familiar, what OpenStreetMap is? [00:37:11] Brandon: Right. So I've been using OSM as sort of like a tools developer for over a decade now. And one of the number one questions I get from developers about what is Protomaps is why wouldn't I just use OpenStreetMap? What's the distinction between Protomaps and OpenStreetMap? And it's sort of like this funny thing because even though OSM has map in the name it's not really a map in that you can't... In that it's mostly a data set and not a map. It does have a map that you can see that you can pan around to when you go to the website but the way that thing they show you on the website is built is not really that easily reproducible. It involves a lot of c++ software you have to run. But OpenStreetMap itself, the heart of it is almost like a big XML file that has all the data in the map and global. And it has tagged features for example. So you can go in and edit that. It has a web front end to change the data. It does not directly translate into making a map actually. Protomaps decides what shows at each zoom level [00:38:24] Brandon: So a lot of the pipeline, that Java program I mentioned for building this basemap for protomaps is doing things like you have to choose what data you show when you zoom out. You can't show all the data. For example when you're zoomed out and you're looking at all of a state like Colorado you don't see all the Chipotle when you're zoomed all the way out. That'd be weird, right? So you have to make some sort of decision in logic that says this data only shows up at this zoom level. And that's really what is the challenge in optimizing the size of that for the Protomaps map project. [00:39:03] Jeremy: Oh, so those decisions of what to show at different Zoom levels those are decisions made by you when you're creating the PMTiles file with Protomaps. [00:39:14] Brandon: Exactly. It's part of the base maps build pipeline. and those are honestly very subjective decisions. Who really decides when you're zoomed out should this hospital show up or should this museum show up nowadays in Google, I think it shows you ads. Like if someone pays for their car repair shop to show up when you're zoomed out like that that gets surfaced. But because there is no advertising auction in Protomaps that doesn't happen obviously. So we have to sort of make some reasonable choice. A lot of that right now in Protomaps actually comes from another open source project called Mapzen. So Mapzen was a company that went outta business a couple years ago. They did a lot of this work in designing which data shows up at which Zoom level and open sourced it. And then when they shut down, they transferred that code into the Linux Foundation. So it's this totally open source project, that like, again, sort of like Mapbox gl has this awesome legacy in that this company funded it for years for smart people to work on it and now it's just like a free thing you can use. So the logic in Protomaps is really based on mapzen. [00:40:33] Jeremy: And so the visualization of all this... I think I understand what you mean when people say oh, why not use OpenStreetMaps because it's not really clear it's hard to tell is this the tool that's visualizing the data? Is it the data itself? So in the case of using Protomaps, it sounds like Protomaps itself has all of the data from OpenStreetMap and then it has made all the decisions for you in terms of what to show at different Zoom levels and what things to have on the map at all. And then finally, you have to have a separate, UI layer and in this case, it sounds like the one that you recommend is the Map Libre library. [00:41:18] Brandon: Yeah, that's exactly right. For Protomaps, it has a portion or a subset of OSM data. It doesn't have all of it just because there's too much, like there's data in there. people have mapped out different bushes and I don't include that in Protomaps if you wanted to go in and edit like the Java code to add that you can. But really what Protomaps is positioned at is sort of a solution for developers that want to use OSM data to make a map on their app or their website. because OpenStreetMap itself is mostly a data set, it does not really go all the way to having an end-to-end solution. Financials and the idea of a project being complete [00:41:59] Jeremy: So I think it's great that somebody who wants to make a map, they have these tools available, whether it's from what was originally built by Mapbox, what's built by Open StreetMap now, the work you're doing with Protomaps. But I wonder one of the things that I talked about with Tom was he was saying he was trying to build this mapping business and based on the financials of what was coming in he was stressed, right? He was struggling a bit. And I wonder for you, you've been working on this open source project for five years. Do you have similar stressors or do you feel like I could keep going how things are now and I feel comfortable? [00:42:46] Brandon: So I wouldn't say I'm a hundred percent in one bucket or the other. I'm still seeing it play out. One thing, that I really respect in a lot of open source projects, which I'm not saying I'm gonna do for Protomaps is the idea that a project is like finished. I think that is amazing. If a software project can just be done it's sort of like a painting or a novel once you write, finish the last page, have it seen by the editor. I send it off to the press is you're done with a book. And I think one of the pains of software is so few of us can actually do that. And I don't know obviously people will say oh the map is never finished. That's more true of OSM, but I think like for Protomaps. One thing I'm thinking about is how to limit the scope to something that's quite narrow to where we could be feature complete on the core things in the near term timeframe. That means that it does not address a lot of things that people want. Like search, like if you go to Google Maps and you search for a restaurant, you will get some hits. that's like a geocoding issue. And I've already decided that's totally outta scope for Protomaps. So, in terms of trying to think about the future of this, I'm mostly looking for ways to cut scope if possible. There are some things like better tooling around being able to work with PMTiles that are on the roadmap. but for me, I am still enjoying working on the project. It's definitely growing. So I can see on NPM downloads I can see the growth curve of people using it and that's really cool. So I like hearing about when people are using it for cool projects. So it seems to still be going okay for now. [00:44:44] Jeremy: Yeah, that's an interesting perspective about how you were talking about projects being done. Because I think when people look at GitHub projects and they go like, oh, the last commit was X months ago. They go oh well this is dead right? But maybe that's the wrong framing. Maybe you can get a project to a point where it's like, oh, it's because it doesn't need to be updated. [00:45:07] Brandon: Exactly, yeah. Like I used to do a lot of c++ programming and the best part is when you see some LAPACK matrix math library from like 1995 that still works perfectly in c++ and you're like, this is awesome. This is the one I have to use. But if you're like trying to use some like React component library and it hasn't been updated in like a year, you're like, oh, that's a problem. So again, I think there's some middle ground between those that I'm trying to find. I do like for Protomaps, it's quite dependency light in terms of the number of hard dependencies I have in software. but I do still feel like there is a lot of work to be done in terms of project scope that needs to have stuff added. You mostly only hear about problems instead of people's wins [00:45:54] Jeremy: Having run it for this long. Do you have any thoughts on running an open source project in general? On dealing with issues or managing what to work on things like that? [00:46:07] Brandon: Yeah. So I have a lot. I think one thing people point out a lot is that especially because I don't have a direct relationship with a lot of the people using it a lot of times I don't even know that they're using it. Someone sent me a message saying hey, have you seen flickr.com, like the photo site? And I'm like, no. And I went to flickr.com/map and it has Protomaps for it. And I'm like, I had no idea. But that's cool, if they're able to use Protomaps for this giant photo sharing site that's awesome. But that also means I don't really hear about when people use it successfully because you just don't know, I guess they, NPM installed it and it works perfectly and you never hear about it. You only hear about people's negative experiences. You only hear about people that come and open GitHub issues saying this is totally broken, and why doesn't this thing exist? And I'm like, well, it's because there's an infinite amount of things that I want to do, but I have a finite amount of time and I just haven't gone into that yet. And that's honestly a lot of the things and people are like when is this thing gonna be done? So that's, that's honestly part of why I don't have a public roadmap because I want to avoid that sort of bickering about it. I would say that's one of my biggest frustrations with running an open source project is how it's self-selected to only hear the negative experiences with it. Be careful what PRs you accept [00:47:32] Brandon: 'cause you don't hear about those times where it works. I'd say another thing is it's changed my perspective on contributing to open source because I think when I was younger or before I had become a maintainer I would open a pull request on a project unprompted that has a hundred lines and I'd be like, Hey, just merge this thing. But I didn't realize when I was younger well if I just merge it and I disappear, then the maintainer is stuck with what I did forever. You know if I add some feature then that person that maintains the project has to do that indefinitely. And I think that's very asymmetrical and it's changed my perspective a lot on accepting open source contributions. I wanna have it be open to anyone to contribute. But there is some amount of back and forth where it's almost like the default answer for should I accept a PR is no by default because you're the one maintaining it. And do you understand the shape of that solution completely to where you're going to support it for years because the person that's contributing it is not bound to those same obligations that you are. And I think that's also one of the things where I have a lot of trepidation around open source is I used to think of it as a lot more bazaar-like in terms of anyone can just throw their thing in. But then that creates a lot of problems for the people who are expected out of social obligation to continue this thing indefinitely. [00:49:23] Jeremy: Yeah, I can totally see why that causes burnout with a lot of open source maintainers, because you probably to some extent maybe even feel some guilt right? You're like, well, somebody took the time to make this. But then like you said you have to spend a lot of time trying to figure out is this something I wanna maintain long term? And one wrong move and it's like, well, it's in here now. [00:49:53] Brandon: Exactly. To me, I think that is a very common failure mode for open source projects is they're too liberal in the things they accept. And that's a lot of why I was talking about how that choice of what features show up on the map was inherited from the MapZen projects. If I didn't have that then somebody could come in and say hey, you know, I want to show power lines on the map. And they open a PR for power lines and now everybody who's using Protomaps when they're like zoomed out they see power lines are like I didn't want that. So I think that's part of why a lot of open source projects eventually evolve into a plugin system is because there is this demand as the project grows for more and more features. But there is a limit in the maintainers. It's like the demand for features is exponential while the maintainer amount of time and effort is linear. Plugin systems might reduce need for PRs [00:50:56] Brandon: So maybe the solution to smash that exponential down to quadratic maybe is to add a plugin system. But I think that is one of the biggest tensions that only became obvious to me after working on this for a couple of years. [00:51:14] Jeremy: Is that something you're considering doing now? [00:51:18] Brandon: Is the plugin system? Yeah. I think for the data customization, I eventually wanted to have some sort of programmatic API to where you could declare a config file that says I want ski routes. It totally makes sense. The power lines example is maybe a little bit obscure but for example like a skiing app and you want to be able to show ski slopes when you're zoomed out well you're not gonna be able to get that from Mapbox or from Google because they have a one size fits all map that's not specialized to skiing or to golfing or to outdoors. But if you like, in theory, you could do this with Protomaps if you changed the Java code to show data at different zoom levels. And that is to me what makes the most sense for a plugin system and also makes the most product sense because it enables a lot of things you cannot do with the one size fits all map. [00:52:20] Jeremy: It might also increase the complexity of the implementation though, right? [00:52:25] Brandon: Yeah, exactly. So that's like. That's really where a lot of the terrifying thoughts come in, which is like once you create this like config file surface area, well what does that look like? Is that JSON? Is that TOML, is that some weird like everything eventually evolves into some scripting language right? Where you have logic inside of your templates and I honestly do not really know what that looks like right now. That feels like something in the medium term roadmap. [00:52:58] Jeremy: Yeah and then in terms of bug reports or issues, now it's not just your code it's this exponential combination of whatever people put into these config files. [00:53:09] Brandon: Exactly. Yeah. so again, like I really respect the projects that have done this well or that have done plugins well. I'm trying to think of some, I think obsidian has plugins, for example. And that seems to be one of the few solutions to try and satisfy the infinite desire for features with the limited amount of maintainer time. Time split between code vs triage vs talking to users [00:53:36] Jeremy: How would you say your time is split between working on the code versus issue and PR triage? [00:53:43] Brandon: Oh, it varies really. I think working on the code is like a minority of it. I think something that I actually enjoy is talking to people, talking to users, getting feedback on it. I go to quite a few conferences to talk to developers or people that are interested and figure out how to refine the message, how to make it clearer to people, like what this is for. And I would say maybe a plurality of my time is spent dealing with non-technical things that are neither code or GitHub issues. One thing I've been trying to do recently is talk to people that are not really in the mapping space. For example, people that work for newspapers like a lot of them are front end developers and if you ask them to run a Linux server they're like I have no idea. But that really is like one of the best target audiences for Protomaps. So I'd say a lot of the reality of running an open source project is a lot like a business is it has all the same challenges as a business in terms of you have to figure out what is the thing you're offering. You have to deal with people using it. You have to deal with feedback, you have to deal with managing emails and stuff. I don't think the payoff is anywhere near running a business or a startup that's backed by VC money is but it's definitely not the case that if you just want to code, you should start an open source project because I think a lot of the work for an opensource project has nothing to do with just writing the code. It is in my opinion as someone having done a VC backed business before, it is a lot more similar to running, a tech company than just putting some code on GitHub. Running a startup vs open source project [00:55:43] Jeremy: Well, since you've done both at a high level what did you like about running the company versus maintaining the open source project? [00:55:52] Brandon: So I have done some venture capital accelerator programs before and I think there is an element of hype and energy that you get from that that is self perpetuating. Your co-founder is gungho on like, yeah, we're gonna do this thing. And your investors are like, you guys are geniuses. You guys are gonna make a killing doing this thing. And the way it's framed is sort of obvious to everyone that it's like there's a much more traditional set of motivations behind that, that people understand while it's definitely not the case for running an open source project. Sometimes you just wake up and you're like what the hell is this thing for, it is this thing you spend a lot of time on. You don't even know who's using it. The people that use it and make a bunch of money off of it they know nothing about it. And you know, it's just like cool. And then you only hear from people that are complaining about it. And I think like that's honestly discouraging compared to the more clear energy and clearer motivation and vision behind how most people think about a company. But what I like about the open source project is just the lack of those constraints you know? Where you have a mandate that you need to have this many customers that are paying by this amount of time. There's that sort of pressure on delivering a business result instead of just making something that you're proud of that's simple to use and has like an elegant design. I think that's really a difference in motivation as well. Having control [00:57:50] Jeremy: Do you feel like you have more control? Like you mentioned how you've decided I'm not gonna make a public roadmap. I'm the sole developer. I get to decide what goes in. What doesn't. Do you feel like you have more control in your current position than you did running the startup? [00:58:10] Brandon: Definitely for sure. Like that agency is what I value the most. It is possible to go too far. Like, so I'm very wary of the BDFL title, which I think is how a lot of open source projects succeed. But I think there is some element of for a project to succeed there has to be somebody that makes those decisions. Sometimes those decisions will be wrong and then hopefully they can be rectified. But I think going back to what I was talking about with scope, I think the overall vision and the scope of the project is something that I am very opinionated about in that it should do these things. It shouldn't do these things. It should be easy to use for this audience. Is it gonna be appealing to this other audience? I don't know. And I think that is really one of the most important parts of that leadership role, is having the power to decide we're doing this, we're not doing this. I would hope other developers would be able to get on board if they're able to make good use of the project, if they use it for their company, if they use it for their business, if they just think the project is cool. So there are other contributors at this point and I want to get more involved. But I think being able to make those decisions to what I believe is going to be the best project is something that is very special about open source, that isn't necessarily true about running like a SaaS business. [00:59:50] Jeremy: I think that's a good spot to end it on, so if people want to learn more about Protomaps or they wanna see what you're up to, where should they head? [01:00:00] Brandon: So you can go to Protomaps.com, GitHub, or you can find me or Protomaps on bluesky or Mastodon. [01:00:09] Jeremy: All right, Brandon, thank you so much for chatting today. [01:00:12] Brandon: Great. Thank you very much.

1. What are some recent major cryptocurrency hacks, and how were they carried out?High-profile crypto breaches include Bybit (~$1.5B), Ronin Network ($625M), and Poly Network ($611M). Attackers exploited vulnerabilities via social engineering (notably in the Bybit case), smart contract flaws, phishing, and targeted blockchain bridges. State-backed groups are increasingly active in this space.2. How is malware evolving to bypass traditional antivirus tools, and what languages are favored by attackers?Cybercriminals are turning to languages like Rust and Go to create or recompile malware, exploiting blind spots in antivirus tools that rely on static signature detection. These languages also offer cross-platform capabilities and security features that can be weaponized.3. What happened to computer scientist Xiaofeng Wang, and why is it significant?The FBI raided Wang's home—he's a well-known Indiana University expert in cryptography and privacy. Since the raid, he's gone missing, with his online presence scrubbed. The secrecy surrounding his disappearance, combined with his sensitive field of work and Chinese background, raises serious questions.4. Why is AI firm Anthropic sweeping its offices for hidden devices?To combat rising concerns about espionage and IP theft, Anthropic is conducting physical security sweeps. This move reflects heightened tensions in the competitive AI landscape and the growing risk of surveillance and corporate spying in the industry.5. What API security change is Cloudflare making, and why does it matter?Cloudflare is enforcing HTTPS-only access for its API domain by shutting down HTTP ports entirely. This ensures encrypted communication, protecting API tokens and user data, and sets a strong precedent for better internet-wide encryption standards.6. How did Madison Square Garden use surveillance tech to ban a fan, and what does it imply?MSG banned a fan for life after facial recognition identified him as the creator of a CEO-critical T-shirt. This incident underscores the growing use of surveillance in private venues and its implications for free expression and long-term personal tracking.7. What data exposure was found in several dating apps?Researchers found ~1.5M unprotected, sensitive photos—some explicit—exposed by five dating apps from M.A.D Mobile. Images included private messages and content believed to be deleted. This highlights the dangers of poor data hygiene and storage practices.8. What security failure occurred at the UK's GCHQ involving an intern?A GCHQ intern copied top-secret data from a secure system to his personal phone, then transferred it to a home hard drive. This breach reveals critical weaknesses in internal controls, particularly around device security and data exfiltration prevent

Kuala Lumpur International Airport says no to a ransom attack, switches to whiteboard. A tired and jet-lagged Troy Hunt got Phished then listed himself on his own site. Cloudflare completely pulls the plug on port 80 (HTTP) API access. Malware is switching to obscure languages to avoid detection. FORTH, anyone? Password reuse doesn't appear to be dropping. Cloudflare has numbers. A listener shares his log of malicious Microsoft login attempts. Why no geofencing? 23andMe down for the count (reminder). A sobering Ransomware attack & victim listing website. Gulp! "InControl" keeps VR planes aloft. And the European Union gets serious about a switch to Linux Show Notes - https://www.grc.com/sn/SN-1019-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: drata.com/securitynow outsystems.com/twit bitwarden.com/twit threatlocker.com for Security Now legatosecurity.com

Kuala Lumpur International Airport says no to a ransom attack, switches to whiteboard. A tired and jet-lagged Troy Hunt got Phished then listed himself on his own site. Cloudflare completely pulls the plug on port 80 (HTTP) API access. Malware is switching to obscure languages to avoid detection. FORTH, anyone? Password reuse doesn't appear to be dropping. Cloudflare has numbers. A listener shares his log of malicious Microsoft login attempts. Why no geofencing? 23andMe down for the count (reminder). A sobering Ransomware attack & victim listing website. Gulp! "InControl" keeps VR planes aloft. And the European Union gets serious about a switch to Linux Show Notes - https://www.grc.com/sn/SN-1019-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: drata.com/securitynow outsystems.com/twit bitwarden.com/twit threatlocker.com for Security Now legatosecurity.com

Kuala Lumpur International Airport says no to a ransom attack, switches to whiteboard. A tired and jet-lagged Troy Hunt got Phished then listed himself on his own site. Cloudflare completely pulls the plug on port 80 (HTTP) API access. Malware is switching to obscure languages to avoid detection. FORTH, anyone? Password reuse doesn't appear to be dropping. Cloudflare has numbers. A listener shares his log of malicious Microsoft login attempts. Why no geofencing? 23andMe down for the count (reminder). A sobering Ransomware attack & victim listing website. Gulp! "InControl" keeps VR planes aloft. And the European Union gets serious about a switch to Linux Show Notes - https://www.grc.com/sn/SN-1019-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: drata.com/securitynow outsystems.com/twit bitwarden.com/twit threatlocker.com for Security Now legatosecurity.com

Kuala Lumpur International Airport says no to a ransom attack, switches to whiteboard. A tired and jet-lagged Troy Hunt got Phished then listed himself on his own site. Cloudflare completely pulls the plug on port 80 (HTTP) API access. Malware is switching to obscure languages to avoid detection. FORTH, anyone? Password reuse doesn't appear to be dropping. Cloudflare has numbers. A listener shares his log of malicious Microsoft login attempts. Why no geofencing? 23andMe down for the count (reminder). A sobering Ransomware attack & victim listing website. Gulp! "InControl" keeps VR planes aloft. And the European Union gets serious about a switch to Linux Show Notes - https://www.grc.com/sn/SN-1019-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: drata.com/securitynow outsystems.com/twit bitwarden.com/twit threatlocker.com for Security Now legatosecurity.com

Kuala Lumpur International Airport says no to a ransom attack, switches to whiteboard. A tired and jet-lagged Troy Hunt got Phished then listed himself on his own site. Cloudflare completely pulls the plug on port 80 (HTTP) API access. Malware is switching to obscure languages to avoid detection. FORTH, anyone? Password reuse doesn't appear to be dropping. Cloudflare has numbers. A listener shares his log of malicious Microsoft login attempts. Why no geofencing? 23andMe down for the count (reminder). A sobering Ransomware attack & victim listing website. Gulp! "InControl" keeps VR planes aloft. And the European Union gets serious about a switch to Linux Show Notes - https://www.grc.com/sn/SN-1019-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: drata.com/securitynow outsystems.com/twit bitwarden.com/twit threatlocker.com for Security Now legatosecurity.com

Michael Duffy, President Donald Trump's nominee for Undersecretary of Defense for Acquisition and Sustainment, has committed to reviewing the Pentagon's Cybersecurity Maturity Model Certification (CMMC) 2.0 if confirmed. This revamped program, effective since December, mandates that defense contractors handling controlled, unclassified information comply with specific cybersecurity standards to qualify for Department of Defense contracts. Concerns have been raised about the burden these regulations may impose on smaller firms, with a report indicating that over 50% of respondents felt unprepared for the program's requirements. Duffy aims to balance security needs with regulatory burdens, recognizing the vulnerability of small and medium-sized businesses in the face of cyber threats.In addition to the CMMC developments, the General Services Administration (GSA) is set to unveil significant changes to the Federal Risk Authorization Management Program (FedRAMP). The new plan for 2025 focuses on establishing standards and policies rather than approving cloud authorization packages, which previously extended the process for up to 11 months. The GSA intends to automate at least 80% of current requirements, allowing cloud service providers to demonstrate compliance more efficiently, while reducing reliance on external support services.Across the Atlantic, the UK government has announced a comprehensive cybersecurity and resilience bill aimed at strengthening defenses against cyber threats. This legislation will bring more firms under regulatory oversight, specifically targeting managed service providers (MSPs) that provide core IT services and have extensive access to client systems. The proposed regulations will enhance incident reporting requirements and empower the Information Commissioner's Office to proactively identify and mitigate cyber risks, setting higher expectations for cybersecurity practices among MSPs.The episode also discusses the implications of recent developments in AI and cybersecurity. With companies like SolarWinds, CloudFlare, and Red Hat enhancing their offerings, the integration of AI into business operations raises concerns about security and compliance. The ease of generating fake documents using AI tools poses a significant risk to industries reliant on document verification. As the landscape evolves, IT service providers must adapt by advising clients on updated compliance practices and strengthening their cybersecurity measures to address these emerging threats. Four things to know today 00:00 New Regulatory Shifts for MSPs: CMMC 2.0, FedRAMP Overhaul, and UK Cyber Security Bill05:21 CISA Cuts and Signal on Gov Devices: What Could Go Wrong?08:15 AI Solutions Everywhere! SolarWinds, Cloudflare, and Red Hat Go All In11:37 OpenAI's Image Generation Capabilities Raise Fraud Worries: How Businesses Should Respond  Supported by:  https://www.huntress.com/mspradio/https://cometbackup.com/?utm_source=mspradio&utm_medium=podcast&utm_campaign=sponsorship  Join Dave April 22nd to learn about Marketing in the AI Era.  Signup here:  https://hubs.la/Q03dwWqg0 All our Sponsors: https://businessof.tech/sponsors/ Do you want the show on your podcast app or the written versions of the stories? Subscribe to the Business of Tech: https://www.businessof.tech/subscribe/Looking for a link from the stories? The entire script of the show, with links to articles, are posted in each story on https://www.businessof.tech/ Support the show on Patreon: https://patreon.com/mspradio/ Want to be a guest on Business of Tech: Daily 10-Minute IT Services Insights? Send Dave Sobel a message on PodMatch, here: https://www.podmatch.com/hostdetailpreview/businessoftech Want our stuff? Cool Merch? Wear “Why Do We Care?” - Visit https://mspradio.myspreadshop.com Follow us on:LinkedIn: https://www.linkedin.com/company/28908079/YouTube: https://youtube.com/mspradio/Facebook: https://www.facebook.com/mspradionews/Instagram: https://www.instagram.com/mspradio/TikTok: https://www.tiktok.com/@businessoftechBluesky: https://bsky.app/profile/businessof.tech

Kuala Lumpur International Airport says no to a ransom attack, switches to whiteboard. A tired and jet-lagged Troy Hunt got Phished then listed himself on his own site. Cloudflare completely pulls the plug on port 80 (HTTP) API access. Malware is switching to obscure languages to avoid detection. FORTH, anyone? Password reuse doesn't appear to be dropping. Cloudflare has numbers. A listener shares his log of malicious Microsoft login attempts. Why no geofencing? 23andMe down for the count (reminder). A sobering Ransomware attack & victim listing website. Gulp! "InControl" keeps VR planes aloft. And the European Union gets serious about a switch to Linux Show Notes - https://www.grc.com/sn/SN-1019-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: drata.com/securitynow outsystems.com/twit bitwarden.com/twit threatlocker.com for Security Now legatosecurity.com

Kuala Lumpur International Airport says no to a ransom attack, switches to whiteboard. A tired and jet-lagged Troy Hunt got Phished then listed himself on his own site. Cloudflare completely pulls the plug on port 80 (HTTP) API access. Malware is switching to obscure languages to avoid detection. FORTH, anyone? Password reuse doesn't appear to be dropping. Cloudflare has numbers. A listener shares his log of malicious Microsoft login attempts. Why no geofencing? 23andMe down for the count (reminder). A sobering Ransomware attack & victim listing website. Gulp! "InControl" keeps VR planes aloft. And the European Union gets serious about a switch to Linux Show Notes - https://www.grc.com/sn/SN-1019-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: drata.com/securitynow outsystems.com/twit bitwarden.com/twit threatlocker.com for Security Now legatosecurity.com

EP 236 For the Biggest Crypto Hacks it turns out “HODL” doesn't protect you from miscreants with social engineering degrees.Hackers are now coding in Rust and Go, because multilingual malware is harder to catch.An esteemed University Computer Scientist simply disappears. (See if you can pick up on the clues.)Anthropic expands into AI workplace cleaning, but before you get too excited, they're only sweeping offices for now.Cloudflare slams the door making one well known transfer protocol vanish.Then, design one anti-CEO shirt and "boom" a lifetime ban from Madison Square Garden.Millions of spicy selfies spilled online, and now your privates may be public.And we finish with the burning question of who blew up national security... the intern or GCHQ?Let's go find some explanations.Find the full transcript to this podcast here.

Kuala Lumpur International Airport says no to a ransom attack, switches to whiteboard. A tired and jet-lagged Troy Hunt got Phished then listed himself on his own site. Cloudflare completely pulls the plug on port 80 (HTTP) API access. Malware is switching to obscure languages to avoid detection. FORTH, anyone? Password reuse doesn't appear to be dropping. Cloudflare has numbers. A listener shares his log of malicious Microsoft login attempts. Why no geofencing? 23andMe down for the count (reminder). A sobering Ransomware attack & victim listing website. Gulp! "InControl" keeps VR planes aloft. And the European Union gets serious about a switch to Linux Show Notes - https://www.grc.com/sn/SN-1019-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: drata.com/securitynow outsystems.com/twit bitwarden.com/twit threatlocker.com for Security Now legatosecurity.com

A Tale of Two Phishing Sties Two phishing sites may use very different backends, even if the site itself appears to be visually very similar. Phishing kits are often copied and modified, leading to sites using similar visual tricks on the user facing site, but very different backends to host the sites and reporting data to the miscreant. https://isc.sans.edu/diary/A%20Tale%20of%20Two%20Phishing%20Sites/31810 A Phihsing Tale of DOH and DNS MX Abuse Infoblox discovered a new variant of the Meerkat phishing kit that uses DoH in Javascript to discover MX records, and generate better customized phishing pages. https://blogs.infoblox.com/threat-intelligence/a-phishing-tale-of-doh-and-dns-mx-abuse/ Using OpenID Connect for SSH Cloudflare opensourced it's OPKSSH too. It integrates SSO systems supporting OpenID connect with SSH. https://github.com/openpubkey/opkssh/

Grab a virtual doughnut to blaze through this week's IT news with Johna Johnson and John Burke as Drew Conry-Murray is enjoying his glazed, filled and sprinkled vacation donuts.  Today, we’re going to talk about getting good LLMs to do bad things, Dell’s workforce downsizing, Cloudflare’s recent outage, some developments in space networking, and more.... Read more »

Grab a virtual doughnut to blaze through this week's IT news with Johna Johnson and John Burke as Drew Conry-Murray is enjoying his glazed, filled and sprinkled vacation donuts.  Today, we’re going to talk about getting good LLMs to do bad things, Dell’s workforce downsizing, Cloudflare’s recent outage, some developments in space networking, and more.... Read more »

Grab a virtual doughnut to blaze through this week's IT news with Johna Johnson and John Burke as Drew Conry-Murray is enjoying his glazed, filled and sprinkled vacation donuts.  Today, we’re going to talk about getting good LLMs to do bad things, Dell’s workforce downsizing, Cloudflare’s recent outage, some developments in space networking, and more.... Read more »

Dr. Dave Chatterjee and David Close discuss the implications of post-quantum cryptography (PQC) on cybersecurity readiness. David, a Chief Solutions Architect at Futurex, explains the evolution of cryptographic methods to counter quantum computing threats. He highlights the importance of NIST's role in standardizing quantum-resistant algorithms like Kyber and Dilithium. David shares practical examples, such as Google and Cloudflare's hybrid TLS implementation and a financial institution's use of PQC for data storage. They emphasize the need for organizations to develop roadmaps, inventory cryptographic assets, and ensure vendor readiness. Dr. Chatterjee stresses the importance of a proactive, holistic approach to cybersecurity governance.To access and download the entire podcast summary with discussion highlights -- https://www.dchatte.com/episode-83-future-proofing-your-data-preparing-for-the-post-quantum-era/Latest Articles and Press Releases on The Cybersecurity Readiness Podcast Series:Dr. Dave Chatterjee Hosts Global Podcast Series on Cyber Readiness, Yahoo!Finance, Dec 16, 2024Dr. Dave Chatterjee Hosts Global Podcast Series on Cyber Readiness, Marketers Media, Dec 12, 2024.Cybersecurity Readiness Podcast by Dr. Dave Chatterjee Reaches 10,000 Downloads Globally, Business Insider/Markets Insider, Dec 10, 2024.Connect with Host Dr. Dave Chatterjee and Subscribe to the PodcastPlease subscribe to the podcast so you don't miss any new episodes! And please leave the show a rating if you like what you hear. New episodes are released every two weeks. Connect with Dr. Chatterjee on these platforms: LinkedIn: https://www.linkedin.com/in/dchatte/ Website: https://dchatte.com/Cybersecurity Readiness Book: https://www.amazon.com/Cybersecurity-Readiness-Holistic-High-Performance-Approach/dp/1071837338https://us.sagepub.com/en-us/nam/cybersecurity-readiness/book275712Latest Publications & Press Releases:“Meet Dr. Dave Chatterjee, the mind behind the CommitmentPreparedness-Discipline method for cybersecurity,” Chicago Tribune, February 24, 2025.“Dr. Dave Chatterjee...

Tech News Roundup: Google's Free AI Rollout, Data Privacy Tips for Travelers, CloudFlare's New SSH Tool, and Social Security System Overhaul In this episode of Trending, host Jim Love covers several key tech developments. Google has made its latest AI model, Gemini 2.5 Pro Experimental, available to all users, boosting its accessibility with impressive features like a 1 million token context window. The episode also covers crucial tips for safeguarding personal data while traveling, especially in light of heightened device searches by U.S. Customs and Border Protection. Additionally, CloudFlare has launched O-P-K-S-S-H, an open-source tool aiming to improve Secure Shell (SSH) security by replacing traditional keys with identity-based single sign-ons. Finally, the Department of Government Efficiency (Doge) plans to rewrite the U.S. Social Security Administration's outdated COBOL codebase within a few months, a move that has raised concerns among experts about potential risks and disruptions. 00:00 Latest AI Model from Google: Gemini 2.5 Pro 02:31 Travel Tips: Safeguarding Personal Data 06:11 CloudFlare's New Open Source Tool for Secure SSH 07:39 US Social Security System Overhaul: Risks and Challenges 11:56 Conclusion and Contact Information

Brought to you by TogetherLetters & Edgewise!In this episode: OpenAI expects revenue will triple to $12.7 billion this year, source says​​Trapping misbehaving bots in an AI LabyrinthTrump officials texted attack plans to a group chat in a secure app that included a journalistThe Trump Administration Accidentally Texted Me Its War PlansJPMorgan Says Quantum Experiment Generated Truly Random NumbersA Win for Encryption: France Rejects Backdoor MandateHow celebrities like Mark Wahlberg and Gwen Stefani are monetising spirituality through the Hallow appLyft to roll out robotaxis in AtlantaWeird and Wacky: Stephen Curry teams up with Michelle Obama to launch sports drinkCountry song dedicated to Elon Musk is completely ridiculous'We use them every day': In some parts of the US, the clack of typewriter keys can still be heardTech Rec:Sanjay - CalendarAdam - 3A 36W USB C to Lightning Adapter, USBC to Lightning AdapterFind us here:sanjayparekh.com & adamjwalker.comTech Talk Y'all is a proud production of Edgewise.Media.

Ce vendredi x mois année, Liste INVITES et FONCTiON, se sont penchés sur les titres (....à lister... ), dans On achète ou on vend ? dans l'émission C'est Votre Argent présentée par Marc Fiorentino. C'est Votre Argent est à voir ou écouter le vendredi sur B

Interview with Gary Rivlin A new, challenging AGI test stumps most AI models "KI ist nur ein Werkzeug. Jedes Werkzeug kann missbraucht werden" Cloudflare is luring web-scraping bots into an 'AI Labyrinth' From the ChatGPT community on Reddit Google is rolling out Gemini's real-time AI video features 23andMe has filed for bankruptcy and CEO Anne Wojcicki has stepped down Supreme Court declines to hear challenge to landmark press freedom case Why Apple, Meta and Google Are Buying Remote-Controlled Robot Arms OpenAI Unveils New Image Generator for ChatGPT OpenAI COO Brad Lightcap takes on expanded role as CEO Sam Altman shifts focus to research Gemini can now answer your Google Maps questions Announcing the (Reed) Hastings Initiative for AI and Humanity at Bowdoin Doctors Told Him He Was Going to Die. Then A.I. Saved His Life. Section 230 May Finally Get Changed as Lawmakers Prep New Bill Threads hanging by a thread Dave Troy: The Substack Dilemma: How Creators Are Inadvertently Fueling America's Failure Using Ray-Ban Meta glasses' Live AI and Live Translation to learn and understand foreign languages A Ray-Ban Meta battery add-on for people who miss looking like a complete Glasshole Hosts: Leo Laporte, Jeff Jarvis, and Mike Elgan Guest: Gary Rivlin Download or subscribe to Intelligent Machines at https://twit.tv/shows/intelligent-machines. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: get.stash.com/machines joindeleteme.com/twit promo code TWIT threatlocker.com/twit canary.tools/twit - use code: TWIT

Interview with Gary Rivlin A new, challenging AGI test stumps most AI models "KI ist nur ein Werkzeug. Jedes Werkzeug kann missbraucht werden" Cloudflare is luring web-scraping bots into an 'AI Labyrinth' From the ChatGPT community on Reddit Google is rolling out Gemini's real-time AI video features 23andMe has filed for bankruptcy and CEO Anne Wojcicki has stepped down Supreme Court declines to hear challenge to landmark press freedom case Why Apple, Meta and Google Are Buying Remote-Controlled Robot Arms OpenAI Unveils New Image Generator for ChatGPT OpenAI COO Brad Lightcap takes on expanded role as CEO Sam Altman shifts focus to research Gemini can now answer your Google Maps questions Announcing the (Reed) Hastings Initiative for AI and Humanity at Bowdoin Doctors Told Him He Was Going to Die. Then A.I. Saved His Life. Section 230 May Finally Get Changed as Lawmakers Prep New Bill Threads hanging by a thread Dave Troy: The Substack Dilemma: How Creators Are Inadvertently Fueling America's Failure Using Ray-Ban Meta glasses' Live AI and Live Translation to learn and understand foreign languages A Ray-Ban Meta battery add-on for people who miss looking like a complete Glasshole Hosts: Leo Laporte, Jeff Jarvis, and Mike Elgan Guest: Gary Rivlin Download or subscribe to Intelligent Machines at https://twit.tv/shows/intelligent-machines. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: get.stash.com/machines joindeleteme.com/twit promo code TWIT threatlocker.com/twit canary.tools/twit - use code: TWIT

Interview with Gary Rivlin A new, challenging AGI test stumps most AI models "KI ist nur ein Werkzeug. Jedes Werkzeug kann missbraucht werden" Cloudflare is luring web-scraping bots into an 'AI Labyrinth' From the ChatGPT community on Reddit Google is rolling out Gemini's real-time AI video features 23andMe has filed for bankruptcy and CEO Anne Wojcicki has stepped down Supreme Court declines to hear challenge to landmark press freedom case Why Apple, Meta and Google Are Buying Remote-Controlled Robot Arms OpenAI Unveils New Image Generator for ChatGPT OpenAI COO Brad Lightcap takes on expanded role as CEO Sam Altman shifts focus to research Gemini can now answer your Google Maps questions Announcing the (Reed) Hastings Initiative for AI and Humanity at Bowdoin Doctors Told Him He Was Going to Die. Then A.I. Saved His Life. Section 230 May Finally Get Changed as Lawmakers Prep New Bill Threads hanging by a thread Dave Troy: The Substack Dilemma: How Creators Are Inadvertently Fueling America's Failure Using Ray-Ban Meta glasses' Live AI and Live Translation to learn and understand foreign languages A Ray-Ban Meta battery add-on for people who miss looking like a complete Glasshole Hosts: Leo Laporte, Jeff Jarvis, and Mike Elgan Guest: Gary Rivlin Download or subscribe to Intelligent Machines at https://twit.tv/shows/intelligent-machines. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: get.stash.com/machines joindeleteme.com/twit promo code TWIT threatlocker.com/twit canary.tools/twit - use code: TWIT

Interview with Gary Rivlin A new, challenging AGI test stumps most AI models "KI ist nur ein Werkzeug. Jedes Werkzeug kann missbraucht werden" Cloudflare is luring web-scraping bots into an 'AI Labyrinth' From the ChatGPT community on Reddit Google is rolling out Gemini's real-time AI video features 23andMe has filed for bankruptcy and CEO Anne Wojcicki has stepped down Supreme Court declines to hear challenge to landmark press freedom case Why Apple, Meta and Google Are Buying Remote-Controlled Robot Arms OpenAI Unveils New Image Generator for ChatGPT OpenAI COO Brad Lightcap takes on expanded role as CEO Sam Altman shifts focus to research Gemini can now answer your Google Maps questions Announcing the (Reed) Hastings Initiative for AI and Humanity at Bowdoin Doctors Told Him He Was Going to Die. Then A.I. Saved His Life. Section 230 May Finally Get Changed as Lawmakers Prep New Bill Threads hanging by a thread Dave Troy: The Substack Dilemma: How Creators Are Inadvertently Fueling America's Failure Using Ray-Ban Meta glasses' Live AI and Live Translation to learn and understand foreign languages A Ray-Ban Meta battery add-on for people who miss looking like a complete Glasshole Hosts: Leo Laporte, Jeff Jarvis, and Mike Elgan Guest: Gary Rivlin Download or subscribe to Intelligent Machines at https://twit.tv/shows/intelligent-machines. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: get.stash.com/machines joindeleteme.com/twit promo code TWIT threatlocker.com/twit canary.tools/twit - use code: TWIT

Interview with Gary Rivlin A new, challenging AGI test stumps most AI models "KI ist nur ein Werkzeug. Jedes Werkzeug kann missbraucht werden" Cloudflare is luring web-scraping bots into an 'AI Labyrinth' From the ChatGPT community on Reddit Google is rolling out Gemini's real-time AI video features 23andMe has filed for bankruptcy and CEO Anne Wojcicki has stepped down Supreme Court declines to hear challenge to landmark press freedom case Why Apple, Meta and Google Are Buying Remote-Controlled Robot Arms OpenAI Unveils New Image Generator for ChatGPT OpenAI COO Brad Lightcap takes on expanded role as CEO Sam Altman shifts focus to research Gemini can now answer your Google Maps questions Announcing the (Reed) Hastings Initiative for AI and Humanity at Bowdoin Doctors Told Him He Was Going to Die. Then A.I. Saved His Life. Section 230 May Finally Get Changed as Lawmakers Prep New Bill Threads hanging by a thread Dave Troy: The Substack Dilemma: How Creators Are Inadvertently Fueling America's Failure Using Ray-Ban Meta glasses' Live AI and Live Translation to learn and understand foreign languages A Ray-Ban Meta battery add-on for people who miss looking like a complete Glasshole Hosts: Leo Laporte, Jeff Jarvis, and Mike Elgan Guest: Gary Rivlin Download or subscribe to Intelligent Machines at https://twit.tv/shows/intelligent-machines. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: get.stash.com/machines joindeleteme.com/twit promo code TWIT threatlocker.com/twit canary.tools/twit - use code: TWIT

Connect to John Gilroy on LinkedIn   https://www.linkedin.com/in/john-gilroy/ Want to listen to other episodes? www.Federaltechpodcast.com Most people know Cloudflare from federal or commercial experience. They have been around since 2009, and some will estimate that around 20% of all websites use Cloudflare for web security services. The listener's question is simple: can one apply this commercial success to improving federal network security? During today's interview, Anish Patel from Cloudflare answered that question by directing his comments to   Zero Trust, User experience, and automation. Zero Trust is a federal initiative that cuts across civilian and military agencies. Cloudflare can assist by providing access to applications and data by verifying every user and device before granting access. Because of their commercial success, Cloudflare realizes that an end-user experience can impact security at many levels. Simplifying the remote user experience will bolster security for everyone. With today's massive data increase and constant attacks, users can get alert fatigue and not be as responsive to threats as in an earlier age. During the interview, Anish Patel details how automation from Cloudflare can reduce the amount of vigilance needed by end users to accomplish network security goals.    

On this week's show Patrick Gray and Adam Boileau discuss the week's cybersecurity news: Yes, the Trump admin really did just add a journo to their Yemen-attack-planning Signal group The Github actions hack is smaller than we thought, but was targeting crypto Remote code exec in Kubernetes, ouch Oracle denies its cloud got owned, but that sure does look like customer keymat Taiwanese hardware maker Clevo packs its private keys into bios update zip US Treasury un-sanctions Tornado Cash, party time in Pyongyang? This week's episode is sponsored by runZero. Long time hackerman HD Moore joins to talk about how network vulnerability scanning has atrophied, and what he's doing to bring it back en vogue. Do you miss early 2000s Nessus? HD knows it, he's got you fam. This episode is also available on Youtube. Show notes The Trump Administration Accidentally Texted Me Its War Plans - The Atlantic Using Starlink Wi-Fi in the White House Is a Slippery Slope for US Federal IT | WIRED Coinbase Initially Targeted in GitHub Actions Supply Chain Attack; 218 Repositories' CI/CD Secrets Exposed GitHub Actions Supply Chain Attack: A Targeted Attack on Coinbase Expanded to the Widespread tj-actions/changed-files Incident: Threat Assessment (Updated 3/21) Critical vulnerabilities put Kubernetes environments in jeopardy | Cybersecurity Dive Researchers back claim of Oracle Cloud breach despite company's denials | Cybersecurity Dive The Biggest Supply Chain Hack Of 2025: 6M Records Exfiltrated from Oracle Cloud affecting over 140k Tenants | CloudSEK Capital One hacker Paige Thompson got too light a sentence, appeals court rules | CyberScoop US scraps sanctions on Tornado Cash, crypto ‘mixer' accused of laundering North Korea money | Reuters Tornado Cash Delisting | U.S. Department of the Treasury Major web services go dark in Russia amid reported Cloudflare block | The Record from Recorded Future News Clevo Boot Guard Keys Leaked in Update Package Six additional countries identified as suspected Paragon spyware customers | CyberScoop The Citizen Lab's director dissects spyware and the ‘proliferating' market for it | The Record from Recorded Future News Malaysia PM says country rejected $10 million ransom demand after airport outages | The Record from Recorded Future News Hacker defaces NYU website, exposing admissions data on 1 million students | The Record from Recorded Future News Notre Dame uni students say outage creating enrolment, graduation, assignment mayhem - ABC News DNA of 15 Million People for Sale in 23andMe Bankruptcy

00:00 - PreShow Banter™ — We're Not Ready For the Finger Thing01:40 - Trading in Jock Straps for Jock Hacks – BHIS - Talkin' Bout [infosec] News 2025-03-2403:24 - Story # 1: GitHub Action hack likely led to another in cascading supply chain attack07:53 - Story # 2: Wiz to Join Google Cloud: Making Magic Together14:47 - Story # 3: Oracle denies breach after hacker claims theft of 6 million data records19:52 - Story # 4: Critical flaw in Next.js lets hackers bypass authorization25:47 - Story # 5: Cloudflare builds an AI to lead AI scraper bots into a horrible maze of junk content29:20 - Story # 6: Ex-Michigan QB coach Matt Weiss facing 24 federal charges in hack of thousands of student accounts35:47 - Story # 7: DNA of 15 Million People for Sale in 23andMe Bankruptcy38:40 - Story # 8: Everything you say to your Echo will be sent to Amazon starting on March 2844:03 - Story # 9: We partner with world-renowned scambusters to create our own fraud-fighting call centre52:01 - Story # 10: Sperm donation giant California Cryobank warns of a data breach54:19 - Story # 11: Microsoft: New RAT malware used for crypto theft, reconnaissance56:32 - Story # 12: TrustedSec | Trimarc Joins Forces with TrustedSec to Strengthen…

I provide an update on the recent GitHub Actions exploits, information on a recently disclosed vulnerability in Veeam's backup service, the end of support for a OneNote app and much more! Reference Links: https://www.rorymon.com/blog/cloudflare-launches-ai-tricking-feature-google-drive-arm-compatibility-onenote-app-support-to-end/

Está no ar, o Data Hackers News !! Os assuntos mais quentes da semana, com as principais notícias da área de Dados, IA e Tecnologia, que você também encontra na nossa Newsletter semanal, agora no Podcast do Data Hackers !!Aperte o play e ouça agora, o Data Hackers News dessa semana !Para saber tudo sobre o que está acontecendo na área de dados, se inscreva na Newsletter semanal:⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://www.datahackers.news/⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Conheça nossos comentaristas do Data Hackers News:⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Monique Femme⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Paulo VasconcellosDemais canais do Data Hackers:⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Site⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Linkedin⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Instagram⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Tik Tok⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠You Tube⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠

The WordPress news from the last week which commenced Monday 17th March 2025. Today we're joined by Remkus de Vries, Anna Hurko and Jonathan Overall. We discuss the proposed move to one major WordPress release annually, sparking concerns about developer and user impacts. We explore Visa challenges for WordCamp Asia 2026 attendees and the implications of WordPress's update frequency on market competitiveness. The episode highlights Cloudflare's AI Labyrinth security feature and discusses the pros and cons of speculative loading in WordPress 6.8. Attendees' experiences at CloudFest, a large European event with diverse tech showcases and hackathons, are also shared.

Take a Network Break! This week we cover Google’s $32 billion acquisition of CNAPP provider Wiz, Cloudflare offerings for AI security and support for post-quantum encryption, and NVIDIA’s pledge to open a quantum research center in Boston. NVIDIA has also announced new switch platforms with co-packaged optics for greater efficiency, Cisco shares details on its... Read more »

Take a Network Break! This week we cover Google’s $32 billion acquisition of CNAPP provider Wiz, Cloudflare offerings for AI security and support for post-quantum encryption, and NVIDIA’s pledge to open a quantum research center in Boston. NVIDIA has also announced new switch platforms with co-packaged optics for greater efficiency, Cisco shares details on its... Read more »

Take a Network Break! This week we cover Google’s $32 billion acquisition of CNAPP provider Wiz, Cloudflare offerings for AI security and support for post-quantum encryption, and NVIDIA’s pledge to open a quantum research center in Boston. NVIDIA has also announced new switch platforms with co-packaged optics for greater efficiency, Cisco shares details on its... Read more »

DOU 20 років! Саме 24 березня 2005 року Макс Іщенко розпочав цю історію — і сформувалась крута спільнота розумних і активних айтівців. Дякуємо вам за всі ці роки разом! 

Cloudflare’s Compromised Credentials Report (and Unhealthy Security Absolutism); Lexipol and SpyX Data Breaches; Have I Been Pwned UX Updates; Sponsored by Report URI https://www.troyhunt.com/weekly-update-444/See omnystudio.com/listener for privacy information.

U.S. Treasury lifts sanctions on Tornado Cash Web service outage in Russia due to reported Cloudflare block Microsoft Trust Signing service abused to code-sign malware Huge thanks to our episode sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com. Find the stories behind the headlines at CISOseries.com.

Episode 219: Apple's new Passwords app was putting users at risk, Cloudflare sees all your passwords (and they're not good), a new malware steals info from basically every popular app out there, and more!Welcome to the Surveillance Report - featuring Techlore & The New Oil to keep you updated on the newest security & privacy news.

More Mail Encryption talk, AI makes up that a father killed his 3 sons! Cloudflare putting up a head-fake to AI Scrapers, Why is my iCloud full…do I even need it? AI Music attorney – Top Music Attorney, Apple User having issues with Exchange Mail, Setting up new Laptop, IRS Pausing 80Billion Tech modernizations….because AI.

First up in the news: Firefox's new terms aren't that bad, uBlock Origin is the Most Popular Firefox Add-on, Cloudflare bounces browsers, and PocketCast goes free In security and privacy: French government rejects security backdoors, and TAILS replaces balenaEtcher with Rufus as installer for Windows Then in our Wanderings: Joe moxxes the prox, Bill goes deep in the heart of Texas, Moss sings again, and Majid finally learns Audacity...sort of

That whole thing with Meta allegedly scraping all the world's books using LibGen is back in the news. Cloudflare is fighting AI scraping with AI slop. A super interesting executive shakeup at Apple. And, of course, the Weekend Longreads Suggestions.Sponsors:FreshBooks.comLinks:The Unbelievable Scale of AI's Pirated-Books Problem (The Atlantic)Cloudflare builds an AI to lead AI scraper bots into a horrible maze of junk content (The Register)Apple Shuffles AI Executive Ranks in Bid to Turn Around Siri (Bloomberg)Gmail rolling out AI-powered ‘Most relevant' search update (9to5Google)Weekend Longreads Suggestions:How the AI Boom Created the Most Valuable Monopolies in History (Bloomberg)One Man's Crypto Windfall Is Funding a $1 Billion Space Station Dream (Bloomberg)See Privacy Policy at https://art19.com/privacy and California Privacy Notice at https://art19.com/privacy#do-not-sell-my-info.

Apple's new C1 modem, introduced with the iPhone 16e, has garnered attention for its impressive performance, particularly in challenging network conditions. While it recorded average download speeds of 560 megabits per second, it excelled in the lower performance brackets, achieving nearly 218 megabits per second for the bottom 10% of users. This focus on efficiency and consistency over peak speeds positions the C1 as a competitive advantage for users in urban and rural settings alike. Additionally, the modem's power efficiency and superior upload speeds enhance the overall user experience, making it a significant step in Apple's vertical integration strategy.In the realm of software management, Auvik Networks has launched new features aimed at improving SaaS management and network visibility. These enhancements include automation and license optimization, which can help organizations reduce unnecessary expenses and improve security. Auvik's new capabilities extend to user devices in remote work settings, addressing the growing need for comprehensive network monitoring. Meanwhile, CyVent has introduced premium cybersecurity services for managed service providers (MSPs), allowing them to enhance their offerings amid rising cyber threats. This move positions Auvik and CyVent as key players in the evolving landscape of SaaS and cybersecurity.The podcast also highlights the growing threat of AI-generated deepfakes and the measures being taken to combat them. Low-T AI has made its deepfake detection service available for free to all users, emphasizing the importance of protecting personal identities in an increasingly digital world. Cloudflare has introduced AI Labyrinth, a new strategy to counteract malicious bots that ignore no-crawl directives, showcasing the ongoing battle against automated scraping. These developments reflect a broader trend towards enhancing digital security and protecting personal data in the face of evolving technological threats.Finally, the discussion touches on the future of work in the context of AI advancements. The concept of the AI manager is emerging, suggesting that AI will not replace human talent but rather enhance productivity and efficiency. As organizations adapt to this shift, the need for education and skill development in AI literacy becomes crucial. The podcast concludes with reflections on Apple's innovation trajectory and the implications of transitioning from traditional professional services to AI-driven solutions, prompting listeners to consider the future landscape of technology and services. Three things to know today 00:00 Apple's New Modem Isn't the Fastest—but It Might Be the Smartest04:06 SaaS Waste and Security Gaps in Focus as Auvik and CyVent Roll Out MSP-First Enhancements06:25 Now Everyone Can Fight Deepfakes—And AI Bots Are Getting Tricked, Not Blocked09:26 The New Tech Stack: Fewer Humans, Smarter Software, and a Question of Apple's Relevance Supported by:  https://getnerdio.com/nerdio-manager-for-msp/  Event: : https://www.nerdiocon.com/ All our Sponsors: https://businessof.tech/sponsors/ Do you want the show on your podcast app or the written versions of the stories? Subscribe to the Business of Tech: https://www.businessof.tech/subscribe/Looking for a link from the stories? The entire script of the show, with links to articles, are posted in each story on https://www.businessof.tech/ Support the show on Patreon: https://patreon.com/mspradio/ Want to be a guest on Business of Tech: Daily 10-Minute IT Services Insights? Send Dave Sobel a message on PodMatch, here: https://www.podmatch.com/hostdetailpreview/businessoftech Want our stuff? Cool Merch? Wear “Why Do We Care?” - Visit https://mspradio.myspreadshop.com Follow us on:LinkedIn: https://www.linkedin.com/company/28908079/YouTube: https://youtube.com/mspradio/Facebook: https://www.facebook.com/mspradionews/Instagram: https://www.instagram.com/mspradio/TikTok: https://www.tiktok.com/@businessoftechBluesky: https://bsky.app/profile/businessof.tech

In this episode of the Post Status Happiness Hour, host Michelle Frechette interviews Gen Herres from Easy A11y Guide to discuss web accessibility. Jen shares her background as a developer and her journey in understanding and implementing accessibility standards. She emphasizes the importance of simplifying complex accessibility concepts for clients and offers strategies for agencies to sell accessibility services. Jen introduces a five-day challenge to help agencies qualify potential clients and sell their first accessibility package. The conversation highlights the significance of making websites accessible to a broader audience and the various reasons why accessibility is essential for businesses.Top Takeaways:Accessibility Doesn't Have to Be Scary:  Many people find web accessibility intimidating, but experts like Gen Herres help simplify the process. There are resources available to make accessibility more approachable.Planning for Accessibility Takes Time: Implementing accessibility properly requires time for strategy, testing, and client approvals. Starting now helps businesses integrate it seamlessly into their workflow instead of rushing later.Accessibility Can Help Generate More Revenue: Learning how to sell accessibility services effectively can help web professionals increase their income by offering more value to clients.Mentioned In The Show:Easy A11y GuideWCAGMozilla17 HatsEqualize DigitalWacomNew York E-Z Pass Apple VoiceOverDequeJAWSCloudflareWPAccessibility.dayCami MacNamara5-Day Accessibility Selling ChallengeAgency Accessibility SystemGuidebook for Accessibility at Your Agency

NVIDIA has made significant announcements at its GTC 2025 event, introducing the Blackwell Ultra and Vera Rubin AI chips, which promise to revolutionize AI computing. The Blackwell Ultra chips are expected to deliver up to 50 times more revenue for cloud providers compared to previous generations, while the Vera CPU and next-gen Rubin GPU are set for release in 2026. CEO Jensen Wang emphasized the transition of data centers into AI factories, highlighting the economic necessity of AI-driven infrastructure. However, skepticism remains regarding the feasibility of such revenue claims and the impact of open-source AI models on proprietary systems.In the realm of workplace technology, a Gartner report indicates that while over 20% of digital applications will utilize AI-driven personalization by 2028, employee satisfaction with digital tools has declined. Only 23% of digital workers reported being completely satisfied with their applications in 2024, down from 30% in 2022. To address this, technology leaders are encouraged to implement best practices in AI personalization, ensuring that workplace applications are as intuitive as popular consumer apps.Concerns about data privacy are also rising, particularly regarding U.S.-based AI chatbots like Google Gemini, which collects extensive user data. A study revealed that nearly a third of chatbots share sensitive information with third parties, raising compliance risks for businesses. Additionally, a survey found that generative AI is causing internal conflict within enterprises, with many employees resisting the adoption of AI tools, highlighting the cultural challenges of integrating AI into existing workflows.Amidst these developments, companies like Cloudflare, HPE, and Adobe are launching new tools and services to enhance AI security and functionality. Cloudflare's new suite aims to help businesses manage AI risks, while HPE's unified data layer seeks to accelerate AI applications. Adobe is introducing AI agents to improve customer experiences, and OpenAI is beta testing features to integrate ChatGPT with popular applications. As AI specialization and regionalization become key themes, businesses must navigate the evolving landscape to balance capability and cost efficiency in their AI investments. Three things to know today 00:00 NVidia Says ‘The More You Buy, The More Revenue You Get'—But Is That Really True?04:32 More Tech, More Problems? Employees Aren't Happy with Digital Tools09:26 AI That's Safer, Smarter, and Faster—Cloudflare, HPE, Adobe, and OpenAI Announcements12:03 AI's Next Battle: Champagne Pricing or Budget Bites? OpenAI, Baidu, and AWS Take Sides Supported by:  https://www.huntress.com/mspradio/  Event: : https://www.nerdiocon.com/ All our Sponsors: https://businessof.tech/sponsors/ Do you want the show on your podcast app or the written versions of the stories? Subscribe to the Business of Tech: https://www.businessof.tech/subscribe/Looking for a link from the stories? The entire script of the show, with links to articles, are posted in each story on https://www.businessof.tech/ Support the show on Patreon: https://patreon.com/mspradio/ Want to be a guest on Business of Tech: Daily 10-Minute IT Services Insights? Send Dave Sobel a message on PodMatch, here: https://www.podmatch.com/hostdetailpreview/businessoftech Want our stuff? Cool Merch? Wear “Why Do We Care?” - Visit https://mspradio.myspreadshop.com Follow us on:LinkedIn: https://www.linkedin.com/company/28908079/YouTube: https://youtube.com/mspradio/Facebook: https://www.facebook.com/mspradionews/Instagram: https://www.instagram.com/mspradio/TikTok: https://www.tiktok.com/@businessoftechBluesky: https://bsky.app/profile/businessof.tech

Wes and Scott talk about Infrastructure as Code and how SST makes deploying to AWS easier than ever. They dive into SST's features, developer experience, and how it simplifies managing services like databases, email, and more. Plus, insights on Cloudflare integration, auto-scaling, and real-world use cases. Show Notes 00:00 Welcome to Syntax! Supper Club × Next.js on AWS + Serverless with Dax Raad 02:37 Brought to you by Sentry.io 04:52 Intro to SST config SST AWS 05:40 Overview of Scott's SST config file 12:33 Exploring SST's endless capabilities SST's docs Cloudflare 15:42 The SST developer experience Infrastructure for TS Devs: Kubernetes, WASM and Containers with David Flanagan Supper Club × Flightcontrol with Brandon Bayer 19:05 SST console and GUI overview 22:13 Resource management and pricing 24:52 Secrets management 27:38 Tunneling and security https://sst.dev/docs/live 30:52 Simplifying DNS 35:18 Sick Picks + Shameless Plugs Sick Picks Scott: Aquaphor Healing Ointment Wes: Magnetic Picture Hanger Frame Shameless Plugs Syntax YouTube Channel Hit us up on Socials! Syntax: X Instagram Tiktok LinkedIn Threads Wes: X Instagram Tiktok LinkedIn Threads Scott: X Instagram Tiktok LinkedIn Threads Randy: X Instagram YouTube Threads

Google has officially confirmed its acquisition of cloud security firm Wiz for a staggering $32 billion, marking the largest deal in the company's history. This strategic move aims to bolster Google Cloud's security and multi-cloud capabilities, especially as the demand for cloud security intensifies. Wiz, founded in 2020, has quickly gained traction, serving nearly half of the Fortune 100 companies and projecting a significant increase in annual recurring revenue. However, the acquisition comes with risks, including potential regulatory scrutiny and a substantial reverse termination fee, reflecting the challenges Google may face in integrating Wiz into its existing cloud infrastructure.In a related development, the Cybersecurity and Infrastructure Security Agency (CISA) is working to contact over 130 former employees after a federal court ruled their layoffs were unlawful. This decision is part of a broader legal challenge against workforce cuts made during the Trump administration. The reinstated employees will receive full pay and benefits while on administrative leave, but the agency has already lost a significant portion of its workforce, raising concerns about its ability to combat cyber threats effectively. The situation highlights the ongoing challenges faced by CISA in maintaining a capable workforce amid increasing cyberattacks.Cloudflare has launched a new threat events platform called Cloudforce One, designed to enhance real-time intelligence on cyberattacks. This platform leverages Cloudflare's extensive global network, which has blocked billions of cyber threats daily. Additionally, Logic Monitor has partnered with Amazon Web Services to facilitate the migration of VMware workloads to AWS, aiming to optimize cloud performance for global enterprises. Meanwhile, RingCentral has introduced several AI features to improve business communications, including a virtual assistant for managing inbound calls and tools for real-time knowledge retrieval.Lastly, a London court held a secret hearing regarding Apple's appeal against a UK government order to create a backdoor in its encrypted cloud storage systems. This case raises significant concerns about government surveillance, encryption, and data privacy, with potential global implications for cloud security and regulatory compliance. Civil rights organizations have criticized the secrecy of the proceedings, emphasizing the importance of strong encryption in protecting individuals from harassment and oppression. The outcome of this case could have far-reaching effects on the balance between security and privacy in the digital age. Four things to know today 00:00 Google's Biggest Deal Ever: $32B on Wiz to Secure the Cloud. Will It Work?03:25 CISA Scrambles to Contact Wrongfully Laid-Off Employees Amid Cybersecurity Workforce Strain05:27 Cloudflare, AWS, and RingCentral Drop Major Updates07:39 UK Court Holds Secret Hearing on Apple's Encryption Backdoor Supported by:  https://cometbackup.com/?utm_source=mspradio&utm_medium=podcast&utm_campaign=sponsorshiphttps://www.huntress.com/mspradio/ Event: : https://www.nerdiocon.com/ All our Sponsors: https://businessof.tech/sponsors/ Do you want the show on your podcast app or the written versions of the stories? Subscribe to the Business of Tech: https://www.businessof.tech/subscribe/Looking for a link from the stories? The entire script of the show, with links to articles, are posted in each story on https://www.businessof.tech/ Support the show on Patreon: https://patreon.com/mspradio/ Want to be a guest on Business of Tech: Daily 10-Minute IT Services Insights? Send Dave Sobel a message on PodMatch, here: https://www.podmatch.com/hostdetailpreview/businessoftech Want our stuff? Cool Merch? Wear “Why Do We Care?” - Visit https://mspradio.myspreadshop.com Follow us on:LinkedIn: https://www.linkedin.com/company/28908079/YouTube: https://youtube.com/mspradio/Facebook: https://www.facebook.com/mspradionews/Instagram: https://www.instagram.com/mspradio/TikTok: https://www.tiktok.com/@businessoftechBluesky: https://bsky.app/profile/businessof.tech

Anton Osika is the co-founder and CEO of Lovable, which is building what they call “the last piece of software”—an AI-powered tool that turns descriptions into working products without requiring any coding knowledge. Since launching three months ago, Lovable hit $4 million ARR in the first four weeks and $10 million ARR in two months with a team of just 15 people, making it Europe's fastest-growing startup ever.—What you'll learn:1. Why you need to be in the top 1% of AI tool users2. Watch Lovable build a functional Airbnb clone in 30 seconds—complete with working features and modern design3. The unconventional hiring approach that helped build a 15-person team capable of extraordinary execution4. How traditional product development will look with AI5. What skills will matter most to product teams going forward6. How Anton's team discovered a breakthrough in AI “unsticking itself”—Brought to you by:• Sinch—Build messaging, email, and calling into your product• Persona—A global leader in digital identity verification• Fundrise Flagship Fund—Invest in $1.1 billion of real estate—Find the transcript at: https://www.lennysnewsletter.com/p/building-lovable-anton-osika—Where to find Anton Osika:• X: https://x.com/antonosika• LinkedIn: https://www.linkedin.com/in/antonosika/—Where to find Lenny:• Newsletter: https://www.lennysnewsletter.com• X: https://twitter.com/lennysan• LinkedIn: https://www.linkedin.com/in/lennyrachitsky/—In this episode, we cover:(00:00) Introduction to Anton and Lovable(05:12) Lovable's rapid growth(09:39) Live demo: Building an Airbnb clone(18:34) Tips for mastering Lovable(21:42) The origin story(26:50) Scaling laws and getting AI unstuck(33:20) Reliability and unique features(36:25) The vision and future of Lovable(38:14) Skills and job market evolution in the age of AI(40:30) Hiring philosophy and team dynamics(46:21) Building in Europe(48:02) Prioritization and product roadmap(51:38) Tools and work environment(53:17) Tactics for moving fast(54:37) Advice for building product teams(57:11) Empowering non-technical founders(58:31) Future developments and user support(01:01:23) Failure corner(01:05:20) Final thoughts and advice—Referenced:• Lovable: https://lovable.dev/• Lovable Launched: https://launched.lovable.app/• Cloudflare: https://www.cloudflare.com/• Supabase: https://supabase.com/• GPT engineer: https://github.com/gpt-engineer-org/gptengineer.app• Microsoft Copilot: https://copilot.microsoft.com/chats/cmFw8dTsGU8D6b9siqQ6U• Fabian Hedin on LinkedIn: https://www.linkedin.com/in/fabian-hedin-2377b0144/• Behind the product: Replit | Amjad Masad (co-founder and CEO): https://www.lennysnewsletter.com/p/behind-the-product-replit-amjad-masad• Replit: https://replit.com/• Cursor: https://www.cursor.com• Bolt: https://bolt.new/• GitHub: https://github.com/• Lane Shackleton on LinkedIn: https://www.linkedin.com/in/laneshackleton/• FigJam: https://www.figma.com/figjam/• Linear: https://linear.app/• Sana Labs: https://sanalabs.com/• Duolingo: https://www.duolingo.com/• Claude: https://claude.ai/• ChatGPT: https://chatgpt.com/• Lovable on X: https://x.com/Lovable_dev—Production and marketing by https://penname.co/. For inquiries about sponsoring the podcast, email podcast@lennyrachitsky.com.—Lenny may be an investor in the companies discussed. Get full access to Lenny's Newsletter at www.lennysnewsletter.com/subscribe