American motorcycle stunt performer
POPULARITY
10 episodes with Corey Scott
9 episodes with Corey Scott
9 episodes with Corey Scott
2 episodes with Corey Scott
2 episodes with Corey Scott
2 episodes with Corey Scott
2 episodes with Corey Scott
2 episodes with Corey Scott
3 episodes with Corey Scott
Whether its found in nature or composed by chemists a sweetener undergoes the same evaluations, according to Corey Scott, PhD, Principal Nutritionist, Cargill. Dr. Scott explains to co-hosts Anne Chappelle, PhD, and David Faulkner, PhD, how all sweeteners must be able to replace multiple properties inherit in sugar, such as taste, nutritional content, and binding properties.About the GuestCorey Scott, PhD, is a Principal Nutrition Scientist with Cargill in Minneapolis, Minnesota, where he leads global nutritional research on sweeteners and carbohydrates. Prior to this role, he was Global Nutrition Manager for Lipid Nutrition BV in the Netherlands, focusing on clinical research involving novel lipids for early life nutrition, weight management, and diabetes. Dr. Scott has also worked for General Mills in Golden Valley, Minnesota, as a nutrition scientist at The Bell Institute of Health and Nutrition. He currently serves as a steering team member and work package leader for Project SWEET (a five-year EU Consortium project evaluating sweeteners). He is the Chair of the Institute for the Advancement of Food and Nutrition Sciences Low- and Non-caloric Sweetener Committee, Chair of the North Carolina Agricultural and Life Sciences at North Carolina State University Technical Advisory and Finance Committee, and an industry advisor for the University and Industry Consortium/Foundation for Food and Agriculture Research Sally Rockey Fellowship. Dr. Scott holds a doctorate degree in food science and nutrition from Ohio State University, a master's degree in chemistry from North Carolina A&T State University, and a bachelor's degree in chemistry from the University of North Carolina at Chapel Hill. Send SOT thoughts on the episodes, ideas for future topics, and more.
In this episode of Somewhere and Elsewhere, we sit down with Corey Scott, co-owner and chef of On Thyme Restaurant in Wilmington, North Carolina. Corey takes us through his journey—from washing dishes at a hospital to launching a beloved spot on Castle Street. With support from his wife and inspired by family traditions, he shares how he learned to cook in his childhood kitchen and turned that passion into a culinary career.Scott talks about the challenges of running a business, the impact of the pandemic on his catering and food truck ventures, and the power of faith and community in overcoming obstacles. As he redefines soul food with his creative dishes, Corey remains rooted in his beginnings and committed to building a space where customers become family.Produced by audio contributor Nick SzuberlaArtwork by Day CamposecoMusic by PenguinMusic – Better Day from Pixabay.On Thyme Restaurant is located at 918 Castle St, Wilmington, NC 28401.
Is your ministry protected? In an era where faith, family, and freedom are all under fire, it's vital that believers take a proactive stance in protecting their vision. Join Dr. Dunne in this interview with homeschooling dad of six and founder of The 508 Company Corey Scott, and discover how shifting from a 501 to a 508 might provide the protection you need to help your nonprofit thrive. Learn more about The 508 Company at www.The508Company.com, and be sure to register for their annual conference in Colorado Springs (use our code KPRAISE to get $200 off this year's admission!). And if you're not sure what ministry to step into with your new nonprofit, why not help us shift the culture of education for the next generation? Using your existing church building and the talent pool in your own local community, we can help you launch a preschool to college homeschool outreach in just four weeks! Learn more at AcademicRescueMission.com. Education is broken. We can fix it!
Celebrating June Dairy Month with Corey Scott, CEO of Midwest Dairy Association
In this episode, Connie Kuber of Connor Agriscience and Sealpro silage Barrier Films talks with Corey Scott, the new CEO of Midwest Dairy. They discuss Corey's history, what Midwest Dairy does, and what her top priorities are going forward.
In this episode Neil has a discussion with Corey Scott from Castle Road Coaching. Corey has a Masters degree in the world-renowned Human Systems Intervention program from Concordia University, as well as the Foundations of Professional Coaching program from Concordia, and the Transformational Coaching Academy led by Jayne Jewell. Neil and Corey discuss what overcoming obstacles & embracing possibilities can do for a persons life and that if we have no obstacles to overcome we will always be in the same place. Corey Scott Links: linkedin.com/in/coreyscottcanada https://www.castleroadcoaching.com/ -- Connect with Neil on: Linkedin: linkedin.com/in/neilmortgages Email: wyatt.kastflex@gmail.com
In today's show Dustin is joined by Corey Scott the new CEO of Midwest Dairy, Riley speaks with Dr. Dehra Harris of Landus on the importance of mental health, and Mark and Dustin discuss the impact of the headlines on the dairy industry in recent weeks.
Part 2 with Corey Scott, new CEO Midwest Dairy Association.
Meet the new Midwest Dairy CEO, Corey Scott
Midwest Dairy, the checkoff organization representing over 4,000 dairy farmers in a ten-state region, officially announced that Corey Scott of Marine on Saint Croix, Minn. has been named its new Chief Executive Officer. See omnystudio.com/listener for privacy information.
Merry Christmas! Today's devotion was written by Corey Scott.
When Jesus people allow Jesus to inhabit every inch of their lives, they can't help but gratefully worship by speaking, singing, and serving. Today's message is from Corey Scott, worship minister.
Christ is glorified when disciple makers faithfully steward God's gift of grace to others by serving wherever they are. Message from Corey Scott, worship minister.
Message from Corey Scott, worship minister.
This week, we discuss the State of the Market. Jeff Mateja and Harrison Smith provide an insider's perspective to what buyers and sellers are experiencing in the market right now. Corey Scott from Annie-Mac Mortgage joins to share an update on the mortgage market and how a local lender can make you more competitive in this market. We hope you enjoy the behind the scenes look at what is happening in the market right now.
We were fortunate enough to speak with Corey Scott. Corey was a special education teacher that arrived at teaching without an education degree or training. He has taken what he wished he had known and has created a course and coaching program that prepares new, inexperienced Special Education Teachers for their first day in the classroom. Listen to learn the things that should be non-negotiables to prepare a brand new teacher with no training. You can find Corey on LinkedIn at: https://www.linkedin.com/in/corey-scott-760735165/Twisted Teachers Podcast wants to hear from you!Website-Twistedteacherspodcast.comLINKTREE :https://linktr.ee/twistedteacherContact us via email: Twistedteachers2@gmail.comInstagram: @twisted__teacher; @inked_educator68; @escaping_educationTik Tok: @inkededucator @escape_educationFacebook: @TwistedTeacherLinkedIn: https://www.linkedin.com/in/jennifersquireroberts
This week Jeff & Harrison are joined by a panel of experts to discuss the State of the Market. Corey Scott from Annie-Mac Mortgage and Donna Galluzzo and Kat Azimi from the Mateja Group discuss what's happening in the real estate market for buyers and sellers and what has changed recently. The group discusses the current market conditions, what is working in this market, and what to expect as we move forward.
We will be like Jesus as we reveal Him through a “come and see” spirit of invitation. Message preached by Corey Scott.
This week Jeff & Harrison are joined by a panel of experts to discuss the State of the Market. Corey Scott from Annie-Mac Mortgage and Donna Galluzzo and Kat Azimi from the Mateja Group discuss what's happening in the real estate market for buyers and sellers and what has changed recently. The group discusses the current market conditions, what is working in this market, and what to expect as we move forward.
Corey Scott, the National Chapter President of the National Engineering League, teaches Black Men Sundays about the importance of getting an Engineering Career and how it easily establishes generational wealth for your family. He talks about the mental preparation for students, and how to engage parents in enhancing their children engineering career. He even discusses barriers between teachers and Professors of Engineering. Listen to this episode. We are giving the gems!
Corey Scott, worship minister, shares how we serve the end goal of disciple-making by surrendering to the power of Jesus' authority, by partnering with His mission and by believing His promise of the end.
This week Jeff & Harrison are joined by a panel of experts to discuss the State of the Market. Corey Scott from Annie-Mac Mortgage and Donna Galluzzo and Kat Azimi from the Mateja Group discuss what's happening in the real estate market for buyers and sellers and what has changed recently. The group discusses the current market conditions, what is working in this market, and what to expect as we move forward.
We kick off a new go-round with a New to Two from Nicole, the 2016 film Midnight Special. This under-the-radar science fiction road movie is an unfolding mystery involving a cult, secret government transmissions, a child with inexplicable powers, and quietly powerful acting performances all the way around. What did David and guest Corey Scott think? Email the show at hi@mgrpodcast.com. Find us online by heading over to mgrpodcast.com. Help shape the show by voting during You Did This to Us polls every 5 weeks on youdidthistous.com and social media! Movie-Go-Round is hosted by Nicole Davis, David Luzader, and Brett Stewart. The show is edited by Brett Stewart and Nicole Davis. Our theme, "The Show Must Be Go," is by Kevin MacLeod and is used under license to Tilting Windmill Studios. Movie-Go-Round is hosted on Pinecast. Get 40% off your first 4 months using code r-7ca2df.
Lament orients our hearts back to God, where we find joy, and He desires to use us to help others come back to Him. Sermon from Corey Scott, worship minister.
This week Jeff & Harrison are joined by a panel of experts to discuss the State of the Market. Corey Scott from Annie-Mac Mortgage and Donna Galluzzo and Kat Azimi from the Mateja Group discuss what's happening in the real estate market for buyers and sellers and what has changed recently. The group discusses the current market conditions, what is working in this market, and what to expect as we move forward.
Writer, podcaster, and genuinely great dude Corey Scott sits down with Phil to talk about their newly released collaboration Nictitate... but if you know these 2, you can already guess that they get off track almost immediately. They talk about writing, art, insecurities, motivations, algorithms vs LiveJournal and Space Camp. Nictitate (print) Nictitate (download) Captain Temerity Levi Krauss Erin O'Kelly (Hag Attack) Achewillow
Corey Scott sits down with David Lillis to discuss the current political climate.
This week Jeff & Harrison are joined by a panel of experts to discuss the State of the Market. Corey Scott from Annie-Mac Mortgage and Donna Galluzzo and Kat Azimi from the Mateja Group discuss what's happening in the real estate market for buyers and sellers. The group discusses the current market conditions, what is working in this market, and what to expect as we move forward.
This week, Corey Scott joins the show to talk about his first time every watching The 13th Warrior. Did he like it? How does it stack up to other adaptations of Beowulf? And is it deserving of the poor reception it got upon release? Thanks go out to Audie Norman (@OddlyNormalOne) for the album art. Outro music "In Pursuit" provided by Purple-Planet.net
This week, Corey Scott joins the show to talk about his first time every watching The 13th Warrior. Did he like it? How does it stack up to other adaptations of Beowulf? And is it deserving of the poor reception it got upon release? Thanks go out to Audie Norman (@OddlyNormalOne) for the album art. Outro music “In Pursuit” provided by Purple-Planet.net
Happy Mother's Day! This week Jeff & Harrison speak with Corey Scott from Annie-Mac Mortgage. We discuss the latest on interest rates, what to expect in the mortgage market, and some exciting new programs to help home buyers be more competitive. The conversation covers what's happening around town and an update on the latest news and trends in the real estate market. To learn about the programs Annie-Mac offers, connect with Corey here: https://csteam.annie-mac.com/
About ScottCloud security historian.Developed flaws.cloud, CloudMapper, and Parliament.Founding team for fwd:cloudsecLinks: Block: https://block.xyz/ Twitter: https://twitter.com/0xdabbad00 TranscriptAnnouncer: Hello, and welcome to Screaming in the Cloud with your host, Chief Cloud Economist at The Duckbill Group, Corey Quinn. This weekly show features conversations with people doing interesting work in the world of cloud, thoughtful commentary on the state of the technical world, and ridiculous titles for which Corey refuses to apologize. This is Screaming in the Cloud.Corey: This episode is sponsored in part by our friends at Vultr. Optimized cloud compute plans have landed at Vultr to deliver lightning fast processing power, courtesy of third gen AMD EPYC processors without the IO, or hardware limitations, of a traditional multi-tenant cloud server. Starting at just 28 bucks a month, users can deploy general purpose, CPU, memory, or storage optimized cloud instances in more than 20 locations across five continents. Without looking, I know that once again, Antarctica has gotten the short end of the stick. Launch your Vultr optimized compute instance in 60 seconds or less on your choice of included operating systems, or bring your own. It's time to ditch convoluted and unpredictable giant tech company billing practices, and say goodbye to noisy neighbors and egregious egress forever. Vultr delivers the power of the cloud with none of the bloat. "Screaming in the Cloud" listeners can try Vultr for free today with a $150 in credit when they visit getvultr.com/screaming. That's G E T V U L T R.com/screaming. My thanks to them for sponsoring this ridiculous podcast.Corey: Couchbase Capella Database-as-a-Service is flexible, full-featured and fully managed with built in access via key-value, SQL, and full-text search. Flexible JSON documents aligned to your applications and workloads. Build faster with blazing fast in-memory performance and automated replication and scaling while reducing cost. Capella has the best price performance of any fully managed document database. Visit couchbase.com/screaminginthecloud to try Capella today for free and be up and running in three minutes with no credit card required. Couchbase Capella: make your data sing.Corey: Welcome to Screaming in the Cloud, I'm Corey Quinn. I am joined by a returning guest with a bit of a different job. Scott Piper was formerly an independent security researcher—basically the independent security researcher in the AWS space—but now he's a Principal Engineer over at Block. Scott, welcome back.Scott: Thanks for having me, again, Corey.Corey: So, you've taken a corporate job, and when that happened, I have to confess, I was slightly discouraged because oh, now it's going to be like one of those stories of when someone you know goes to work at Apple because no one knows anyone at Apple; we just used to know people who went there and then we kind of lost touch because it's a very insular thing. Not the Block slash Square slash whatever they're calling themselves this week has that reputation. But InfoSec is always a very nuanced space and companies that have large footprints and, you know, handle financial transaction processing generally don't encourage loud voices that attract attention around anything that isn't directly aligned with the core mission of the company. But you're still as public and prolific as ever. Was that a difficult balance for you to strike?Scott: So, when I was considering employment options, that was something that I made clear to any companies that I was talking to, that this is something that probably will and should continue because a lot of my value to these companies is because I'm able to have discussions, able to impact change because of that public persona. So yeah, so I think that it was something that they were aware of, and a risk that they took. [laugh]. But yeah, it's been useful.Corey: This is the sort of conversation I would have expected to have with, “Yeah, things seem to be continuing the same, and I haven't rocked any boats, yet and they haven't fired me, knock on wood.” Except that recently you've launched yet something else that I am personally a fan of. Now, before we get into the specifics of what it is you're up to these days, I should call out that since your last appearance on this show, I have really leaned into the Thursday newsletter podcast duo of Last Week in AWS: Security Edition. Rounding up what happened the previous week—yes, it was the previous week, and it comes out on Thursdays—because, you know, timing and publication, things are hard, computers, you know how it is—aimed at a target audience that is very much not you: People who have to care about security, but are not immersed in the space. It's a, “All right, what now? What do I have to pay attention to?”Because there's a lot of noise in this space, there's a lot of vendor-captured stuff out there. There's very little that is for people who work in security but don't have the word security anywhere near their job title. And I have to confess that one of my easy shortcuts is, “Oh, it's a pretty thin issue this week,” which is not inherently a bad thing, let's be clear, it's not yay, the three things you need to care about in security then eight more of filler; that's not what we're about. But I always want to make sure I didn't miss something meaningful, and one of my default publication steps is, “What's Scott been tweeting about this week?” Just to make sure that I didn't miss something that I really should be talking about.And every single time I pull up your Twitter feed, I find myself learning something, whether it's a new concept, or whether it is a nuance on an existing thing I was already aware of. So first, thank you for all the work that you do as a member of the community, despite having a, “Regular corporate job,” quote-unquote, you're still very present. It's appreciated.Scott: Thank you. Yeah. And I mean, that newsletter is great for people that don't want to be spending multiple hours per day trolling through Twitter and reading that. So, it provides, also, something great for the community to not have to spend all that time on Twitter like I do [laugh], unfortunately.Corey: It also strives—sort of—to be something approaching an upbeat position of not quite as cynical and sarcastic as the Monday issue. I try to be not just this is the thing that happened, but go a little bit into and this is why it matters. This is how to think about it. This thing that Amazon put out is nonsense, however, here's the kernel hidden within it that might lead to something, such as thinking about how you do sign-on, or how to think about protecting MFA devices, or stuff like that you normally care about a lot right after you really should have cared about it but didn't at all. So, it's just the idea of aiming in a slightly different audience.Scott: Yeah definitely. And it provides value that it does, it takes some delay so that you can read what everybody has written, how they've responded to the different news outtakes, you're not just including the hot takes. For example, as of this morning, there's a certain incident with an authentication provider, and it's not really clear if there was actually a breach or not. And so it's valuable to take a moment to understand what happened, get all the voices to have expressed their points, so you can summarize those issues.Corey: An internal term that we've used to describe the position here is that I am prolific but I also have things to do as a part of my job that do not involve sitting there hitting refresh on Twitter like mad all the time. The idea is to have the best take not the first take—Scott: Exactly.Corey: And if that means that I lose a bunch of eyeballs and early ad impressions in the middle of the night and whatnot, well, great. I don't sell ad impressions anyway, so what does it matter? It winds up lending itself to a more thoughtful analysis of figuring out, in the sober light of day, is this a nothing-burger or is this enormous? With that SSO issue that you're alluding to—[cough] Okta—sorry, something caught in my throat there—very clearly, something is going on, but if I had written next week's newsletter last night while it was still very unclear, it would have been a very different tone than the one that I would have written this morning after their public statement, and even still a certainly different tone that it would take a couple of days once more information is almost certain to come to light. And that is something that is, I think, underappreciated in certainly on Twitter, where an old tweet—there's nothing worse than an old tweet unless you're using it to drag someone for something—that, “Well, we have different perspectives on that nowadays. It's not 2018 anymore.” Right. Okay, cool.Scott: Yep. [laugh].Corey: But something that you've done has been a bit of a pivot lately. Historically, you have been right there in my sweet spot of needling cloud providers for their transgressions in various ways. Cool, right there with you. We could co-author a book on the subject. But lately, you've started a community list of [IMSDv2 00:07:04] abuses.Now, first, we should talk about what IMSDv2 is. It's the name that it clearly came from Amazon because that's a name only a cloud provider bad at naming things could possibly love. What is it?Scott: So, it's the Instance Metadata Service, Version Two. If there's a version two, you can imagine there was a version one at some point. And the version two—Corey: And there's a version two because Amazon prod—the first one was terrible, but they don't turn anything off, ever, so this is the way and the light and the future; we're going to leave that old thing around until your great-grandchild dies of old age.Scott: Exactly, yeah. So, when EC2s first came out, and IAM roles first came out, you wanted to give your EC2s the ability to use AWS privileges, so this is how those EC2s are getting access to their credentials that they can use. And the way in which this was originally done was there's this magic IP address, this 169.254.169.254 IP address, which is very important for security on AWS because if anything can access that magic IP address from an EC2 instance, you can steal their credentials of that EC2, and therefore basically become that EC2 instance, in terms of what it can do in the AWS environment.And so in 2019, there was a large breach of Capital One that was related to this. And so as a result of that—I think that AWS probably had this new version, probably, in the works for a while, but I think that motivated their faster release of this new version, and so IMDSv2 changed how you would obtain these credentials. So, you basically—instead of making a single GET request to this IP address, now you had to make multiple requests, they were now PUT request instead of a GET request, there was a challenge and response, there's the hop limit. So, there's all these various things that are going to make it harder and basically mitigate a lot of the different types of vulnerabilities that previously would be used in order to obtain these credentials. The problem, though, is that IMDSv1 still exists on EC2s, unless you as a customer are enforcing IMDSv2.And so, in order to do this in a large environment, it's difficult—theoretically, it's a simple thing; all you should have to do is update your SDK and now you're able to make use of the latest version. And if you're using any version of the SDK that was released in the past over two years, you already should be using IMDSv2 there, but you have to enforce it. And so that's where the problem is. And what was most problematic to me is now that I work for a company, we have run into the problem that there are some vendor solutions that we use that weren't allowing us to enforce IMDSv2 across all of our different accounts. And this is something I've heard from a number of other customers as well.And so I decided to create this list with vendors that I've had to deal with, vendors that other customers have had to deal with, in order to basically try and solve this problem once and for all. It's been multiple years now and a lot of these vendors, unfortunately, were also security vendors. And so that makes the conversation a little bit easier, to basically put them on this wall-of-shame and say, “You're a security vendor and you're not allowing your customers to enforce best practices of security.”Corey: I want to call on a couple of things around that. Originally the metadata service was used for a number of other things—still is—beyond credentials. It is not the credential service as envisioned by a lot of folks. The way that—also we'll find those credentials empty until there's an EC2 instance role, and those credentials will both be scoped what that instance does and automatically rotated in the fullness of time so they're not long-lived credentials that once you have them, they will last forever. This is, of course, a best practice and something you should be leveraging, but scope those credentials down, or you wind up with one of the ways that was chained together in the Capital One breach a few years ago.It's also worth noting that service would have been more useful earlier in time with a few functions. For example, you can use the metadata service to retrieve the instance tags about the EC2 instance. When I requested it in 2015, it was not possible. But they had released it in January of this year, 2022, long after we have all come up with workarounds for this, where we could have used that to set the hostname internally on the system, if you're looking for something basic and easy. It would have been something then you could have used to automatically self-register with DNS without having to jump through a whole bunch of hoops to do it manually.And you look at this, and it's wow, that's a whole lot of crappy tooling I can just throw into the trash heap of history you don't need anymore. But the IMSDv2, you're right, makes it a lot harder, there has to be a conversation, not just something you can sort of bankshot something off of to get access to it. And it's a terrific mitigation. What I've liked about your list of more or less shaming companies for doing this is, on the one hand, you have companies who take themselves off of the list as soon as it's up there. It's, “Oh, we love when people talk about us. Wait, what's that? They're saying something unkind? On the internet?” And they'll fix it, which honestly is better than I expected.And then every once in a while you'll see something that's horrifying of, “Oh, yeah, we're not vulnerable to that at all because we tell you to create permanent long-lived credentials, store them on disk and we'll use those instead.” And it's… that is, like, guaranteeing that no one is going to break down your door by making your walls out of tissue paper. Don't do that. Like, that has gone so far around the band that has come back around again. So, hopefully that got fixed.Scott: And I think you pointed out a couple of things I want to talk about with this is that, one, it has actually been very successful in terms of getting large vendors to make changes. Currently, of the seven vendors that have ever been listed there, are three of them have already made fixes and have been removed from the list. And the list has only been up for about a month. And so, in terms of getting enterprise solution vendors to make changes within, like, just a few weeks is very surprising to me. And these are things that people have been asking for for years now, and so it had motivated them a lot there.And the other thing that I want to point out is people have looked at the success that it's had and considered maybe we should make wall-of-shame lists, for all the things that we want. And I want to point out that there are some things about this problem, the IMDSv2 specifically, that make it work for having this wall-of-shame list like this. One of them is that not supporting or not allowing customers to enforce IMDSv2 is basically always bad. There is not a use case where you can make a claim—Corey: There is no nuance where that, in this case, is the thing to do, like having an open S3 bucket: There are use cases where that is very much something you want to do, but it's the uncommon case.Scott: Exactly. That I think is an important thing. Another thing is it's not just putting up a list, you know, like that is what people are seeing publicly, but behind the scenes, there's a lot of other things that are happening. One, I am communicating with various customers, customers that are reporting this issue to me, in order to try to better understand what's happening there, so that I can then relay that information to the company. So, I'm not just putting up the list; I'm also, behind the scenes, having conversations with these different companies to try to get timelines from them, to try to make sure that they are aware of the problem, they are aware that they're on this list, how to get off the list. So, there's that conversation happening.There's also the conversation that I'm happening with AWS in order to make various requests that AWS improve this for customers, to make this easier. And this is something that is public on that repo. I have my list of requests to AWS so that people can relay that to their own TAMs at AWS to basically say these are things we want as well. And so this includes things like, “I want an AWS account to have the ability to default to always be enforcing IMDSv2.” You know, so as an example, when you create an EC2 through the web console—which people can say, oh, you should always be using Infrastructure as Code; the reality is many folks are using the web console to create EC2s to do other changes.And when you create an EC2 in the web console, by default, it's going to allow IMDSv1 still. And so my request to AWS is, you should allow me to just default enforce IMDSv2. Also, the web console does not give you visibility into which EC2s are enforcing it and which ones are not. And also, you do not have the ability in the web console to enforce it. You cannot click on an EC2 and say, “Please enforce it now.”So, it's all these various, like, minor changes that I'm requesting AWS to do.Corey: It has to be done at instance creation time.Scott: Exactly. And so there is an API that you can make in order to change it afterwards, but that's only an API so you have to use the CLI or some other mechanism; you can't do it in the web console. But the other thing that I'm requesting AWS do is if security is a priority for AWS and they have all these other partners that are security companies, that they should be requiring their partners to also be enforcing this in their various products. So, if a partner is basically not allowing your AWS customers to enforce security best practices, then perhaps that partnership should be revoked in some way. And so that's a more aggressive thing that I'm asking AWS to do, but I think is reasonable.Corey: I'd also like them to get all of their own first-party services to support this, too.Scott: That's true as well. So, AWS is currently on the list. And so, they have one service, Data Pipelines, which if you are an AWS customer and you are using that service, you are not going to be able to enforce IMDSv2 in your environment. So, AWS themselves, unfortunately, is not allowing customers to enforce this. And then AWS themselves in their own production servers, we have seen indications that they do not enforce IMDSv2 on their own production servers.So, the best practice that they are telling customers to follow, they unfortunately are not following it themselves. And so the way in which we saw this was Orca is a security company that ended up finding this issue with AWS—and there's a lot of questions in terms of what all exactly they found—but they had this post that they called “Breaking Formation” in which they were somehow able to find—basically exploit to some degree—and again, it's unclear exactly what they were able to exploit here—but they were able to exploit AWS production servers that are responsible for the CloudFormation service. And in their blog post, they had a screenshot which showed that those production servers are not enforcing IMDSv2. And so AWS themselves is struggling with this as well, as are many customers. So, it's something that, you know, I put together this list of requests in hopes that AWS can make it easier for not only customers but also themselves to be able to enforce it.Corey: There are a lot of different things that we wish companies did differently, particularly if that company is AWS. Why is this the particular windmill that you've decided to tilt at given—let's say—it's not exactly slim pickins out there as far as changes that we wish companies would make? Obviously, you mentioned at one point, there is no drawback to enabling this, but a lot could be said for other aspects as well. Why is this one so important?Scott: So, in part, I personally have some, I guess, history with this [laugh], basically, IMDSv2, and so we can discuss this. This is back when Capital One had their breach in 2019, there was this Senator, Senator Ron Wyden, who sent this email over to AWS, to Steve Schmidt, who was the CISO at the time there and still is the CISO, and he basically—Corey: Now, he's head of security for all of Amazon.Scott: Yeah, yeah.Corey: CJ is now the AWS CISO. And he has the good sense to hide.Scott: Yeah. [laugh]. So, at the time, this Senator Ron Wyden had send over this email—and obviously it's not Senator Ron Wyden himself, you know, it's one of his, like, technical people on staff that is able to give him this information—and he sends this email to AWS saying, “Hey, this metadata service played a role in this very significant breach. Why hasn't this been fixed?” And Steve Schmidt responded, and because it's communications between a senator, I guess it has to become public.So, Steve Schmidt responds, saying that, “Hey, we never knew that this was an issue before,” is essentially what he responds with. And that irked me because I had reported this to AWS previously, as had many other people. So, there was a conference presentation by this guy Andrés Riancho at BlackHat, I believe in 2014, and he had presented previously in 2013, so it was a known issue; it had been around for a while. But I took the time to actually report it to AWS Security. So, I went through the correct channel of making sure that AWS was aware of a security concern, as a security researcher—so reporting it through that correct channel there—and provided Senator Ron Wyden with all this information.And so, then he then requested that the FTC begin a federal investigation into AWS, related to basically not following the best practices that security researchers have recommended. So, that was, kind of like, my early, I guess, involvement with this issue. So, it's something that I've been interested in for a while to make sure that this is resolved completely at some point.Corey: This episode is sponsored by our friends at Oracle Cloud. Counting the pennies, but still dreaming of deploying apps instead of “Hello, World” demos? Allow me to introduce you to Oracle's Always Free tier. It provides over 20 free services and infrastructure, networking, databases, observability, management, and security. And—let me be clear here—it's actually free. There's no surprise billing until you intentionally and proactively upgrade your account. This means you can provision a virtual machine instance or spin up an autonomous database that manages itself, all while gaining the networking, load balancing, and storage resources that somehow never quite make it into most free tiers needed to support the application that you want to build. With Always Free, you can do things like run small-scale applications or do proof-of-concept testing without spending a dime. You know that I always like to put asterisks next to the word free? This is actually free, no asterisk. Start now. Visit snark.cloud/oci-free that's snark.cloud/oci-free.Corey: It's always fun watching where people come from, as far as the security problems that they call out. There was, I believe in the cloud security forum Slack, a thread of recently about what security issues are top-of-mind and that should be fixed as a baseline expectation. In fact, let me dig it out because that is one of those things that I think is well worth having the conversation properly on this.Good examples of risky, insecure defaults in AWS. And people are talking about IMDSv1, and they're talking about all kinds of other in-depth things, and my contribution to it was, “If I go and I spin up an AWS account, until I go out of my way, I'm operating as root in that account. That seems bad.” And a few responses to that were oh, the basically facepalming, “Oh, of course.” I wish that there were an easy way to get AWS SSO as the default because it is the right answer for so many different things. It solves so many painful problems that otherwise you're going to wind up stuck with.And this stuff is hard and confusing; when people are starting out with this for the first time, they're not approaching this from, “All right, how do I be extremely secure?” They want to get some work done. For fun a year ago, I spun up a test account—unattached to any organization—and because account aliases are globally unique, I somehow came up with the account ‘shitposting' because that's pretty much what I use it for. The actual reason I wanted that was I wanted something completely unattached from any other account that I could easily take screenshots from at any point, and the worst case scenario is okay, I've exposed some credential of my own in an account that has no privileged access to anything; I just have to apologize for all the Bitcoin mining now. And honestly, I think AWS would love that marketing campaign; they'd see my face on a billboard looking horrified. It'll be great.But I turned on every security service as I went because, of course, security is the most important thing. And there were so many to turn on, and the bill was approaching 50 bucks a month for an empty account. And it's. It starts to feel a little weird and more than a little wrong.Scott: [laugh]. Yeah, my personal concern in terms of default security features is really that problem of the cost controls, I think that that still is a big issue that AWS does not have cost controls such that when a student wants to try and use AWS for the very first time and somehow they spin up large EC2 instance, or they just you know, end up creating an access key and that access key gets leaked and somehow their account gets compromised and used for Bitcoin mining, now they're stuck with that large AWS bill. For a student who has no budget, is in debt, and now is suddenly being, you know, hit with multiple thousands of dollars on their bill, that I think is very problematic, and that is something that I wish AWS would change as a default is basically, if you are creating AWS account for the very first time, have some type of—I don't know how this would look, but maybe just be able to say, like, I don't ever want this AWS account to spend more than $100 per month, and I'm okay if you end up destroying all my data in the account because I have no money and money is more important to me than whatever data I may store in here.Corey: Make an answer to that question mandatory, just as putting a credit card in is mandatory. Because there are two extremes here. It's more or less the same problem of AWS not knowing who its customers are beyond an AWS account, but there's a spectrum somewhere between I'm a student who wants to learn how the cloud works, and my approach to security is very much the same. Don't let randos spin up resources in my account, and I don't ever want to be charged. If that means you turn off my “Hello World” blog post, okay, great.On the other end, it's this is Netflix. And this is our, you know, eight-millionth account that we're spending up to do a thing and what do you mean you're applying service quotas to it? I thought we had an understanding?—everything is a service quota, let's be clear—Scott: Yep.Corey: —or a company that's about to run a Superbowl ad. Yeah, there's going to be a lot of traffic there. Don't touch it. Just make it work. We don't care what it costs.Understanding where you fall on the cost perspective—as well as a security point of view of, “We're a bank, which means forget security best practices, we have compliance obligations that cannot be altered in this account and here's what they are.” There has to be a way that is easy and approachable for people to wind up moving that slider to whatever position best represents them. Because there are accounts where I never want to be charged a thing. And that's an important thing because—and I've been talking about this for a while because I'm convinced it's a matter of time—that poor kid who wound up trading on margin at Robinhood, woke up saw that he was seven-hundred-and-some-odd grand in debt and killed himself. When it all settled out, I think he turned something like a $30,000 profit when all was said and done, which just serves to make it worse.I can see a scenario in which that happens, and part of the contributors to it are that we used to see that the surprise bill for compromised accounts was 10, 15, 20 grand. Now, they're 70 to 90 because there are more regions, more services to run containers—because of course there are—and the payoff is such that the people exploiting this have gotten very practiced and very operationalized at spinning up those resources quickly, and they cost a lot very quickly. I mean, the third use case that they're not aiming at yet is people like me, where it's, oh, you have a free account that sandboxed; I want to get the high score on the free tier because all their fraud is attuned to you making money. With me, it's nope, just going to run up the store to embarrass Amazon. That's not a common exploit vector, but I'm very much here.Scott: [laugh]. Yep. And that also is the thing though: The Denial of Wallet attack is also a concern on AWS, as well, where you've written a blog post about this, how if you are able to make use of data transfer in different ways, you can run up very high multi-million dollar bills in people's AWS accounts and even AWS's own protections and defenses against trying to look for cost spikes and things like that is delayed by multiple hours. And so you can still end up spending a lot of money in people's accounts, or one thing that's wild is an S3 object locking; that feature, the whole purpose behind it is to ensure data can never be deleted. It exists for various compliance reasons, so even AWS themselves cannot delete certain data.So, if an attacker is able to abuse that functionality in somebody's account, they can end up locking data such that for the next 100 years, it can never be deleted and you're going to have to pay for that for the next 100 years inside your account. The only way of not paying for that anymore is to move everything that you have in an AWS account to a new account, and then ask AWS to delete that account, which is not going to be reasonable under most circumstances.Corey: Yeah, alternatively, it's one of those scenarios where well, the only other option is to start physically ripping hard drives out of racks in a bunch of different data centers. It's wild to me. It's such an attack surface that honestly I believe for the longest time that AWS Security is otherworldly good. And as we start seeing from these breaches, no, what really is otherworldly good is their ability to apply pressure to people not to go public with things they discover that they then wind up keeping quiet because once this whole Orca stuff came out, we started digging, and Aidan Steele found some stuff where you could just get unfiltered, raw outputs of CloudTrail events by setting up a couple of rules in weird ways.And that was a giant problem, and it was never disclosed publicly. I don't know if any of my events were impacted; I can't trust that they would have told me if they were. And for the first time, I'm looking at things like confidential computing, which are designed around well, what if you don't trust your cloud provider? Historically, I guess I was naive because my approach was, “Well, then you shouldn't be using the cloud.” Now it's, “Well, that's actually kind of a good point.”Because it's not that I don't trust my cloud provider to necessarily do what they're telling me. I just don't trust them to tell me what they're doing. And that's part of it. The, “Well, we found an issue, but you can't prove we had an issue, so we're going to say nothing.” And when it comes to light—because it always does—it erodes trust in a big way. And trust is everything in cloud.Scott: Yeah. And so with some of the breaches that have come out, I created another GitHub repo to start tracking all the different security incidents that I could find for the three cloud providers, Azure, GCP, and AWS. And so on there, I started listing not only some of the blog posts from security companies that had been able to exploit vulnerabilities in the cloud providers, but also just anything else that I felt was a security mistake in some way. And so there's a number of things I tried to avoid on there. Like, I tried to avoid listing something that's kind of like a business decision, for example, services that get released that don't have CloudTrail support. That's a security concern to me, but that's kind of a business decision that they decided to release a service before it supported all that functionality.So, I tried to start listing off all those different things in order to also keep track of you know, is there a security provider that's worse than the others? Are there any type of common patterns that I can see? And so I tried to look through some of those different things. And that's been interesting because also I really only focus on AWS, and so I haven't really known what all has been happening with GCP and Azure. And that was interesting because there's been two issues that have happened on AWS where the exact same issue happened on the other cloud providers. And so that tells me, that's concerning to me because that tells me tht—Corey: Because those are not discovered at the same time let's be clear.Scott: Yeah. These were, like, over a year apart. And so basically, somebody had found something on GCP, and then a year-plus later, somebody else found the exact same issue on AWS. And then similarly, there was an issue with Azure and then a year-plus later, same issue on AWS. And that's concerning because that tells me that AWS may not be monitoring what are the security issues that are impacting other cloud providers, and therefore checking whether or not they happen to themselves?That's something that you would expect a mature security team to be doing is to be monitoring what are public incidents that are happening to my competitors, and am I impacted similarly? Or what can I do to try and identify those issues, fix them, make sure they never happen? All those types of steps in terms of security maturity. And that's something that then I'm a little concerned of that we've seen those issues happen before. There's also, on AWS specifically, they have had a number of issues related to their IAM-managed policies that keep cropping up.And so they have had a number of incidents where they were releasing policies that shouldn't have been released in some way. And that's concerning that showed that they don't really have a change management process that you would expect. Usually, you would expect a company to be having GitHub PRs and approval processes and things like that, in order to make sure that there's a second set of eyes on something before it gets released.Corey: Particularly things of this level of sensitivity. This is not—like, I was making fun of them a day or two ago for having broken the copyright footer and not updating them since 2020 because instead of the ‘copyright' symbol, they used an ‘at' symbol. Minor stuff, but like that's fun to needle people about, but it doesn't actually matter for anything.Scott: Yeah.Corey: Security matters and mistakes show.Scott: Yeah. And so there had been some examples where they released a policy that was called, like, ‘cheese puffs something' and it's like, okay, that's clearly, like, an internal service of some sort. But I'd called them out and, like, I'd sent an email to AWS Security being like, “Hey, you need to make sure that you have change management processes on your IAM policies because one day you're going to do something that is bad.” And one day they did. They made a change to the read-only access policy, and that basically—they removed every single privilege, somebody had ended up, you know, internally, removed every single privileges to the read-only access policy and replaced it with a whole bunch of write privileges for, I think, the Cassandra service.And so, that was like, clearly they've made a mistake that they should have made sure they were correcting because you know, they had these previous incidents. Another kind of similar one was in December, there was a support policy where they had added S3 GetObject to that policy, and that was concerning in terms of have they just given all of their support employees access to everybody's content in their S3 buckets? And so AWS made some statements saying that there were other controls in place there so it wouldn't have been possible. But it's those types of things that [crosstalk 00:33:17]—Corey: Originally, those statements were made on Twitter, let's be clear here.Scott: Yes. Yeah. [laugh].Corey: And I feel like there's a—while I deeply appreciate how accessible a lot of their senior people are, I cannot point the executive leadership team at a client to some tweets that someone made. That is not a public statement of record that works on this.Scott: Exactly.Corey: They're learning. We'll get there sooner or later, I presume. I want to thank you for taking the time to speak with me, as always, I'll throw links to these repos into the [show notes 00:33:46], but if they want to know more what you have to say, where's the best place to find you?Scott: So, my Twitter, which, unfortunately, is a handle written in hex, but it's—‘dabbadoo' is how you would pronounce it, but it's probably easiest to see a link for it. So, that's probably the main place to look for me.Corey: That's why my old Twitter handle was my amateur radio callsign. I don't use that one anymore. It's just easier. And I think that's the right answer. Besides, given what you do, it's easy enough if people want your attention. They screw up badly enough, you'll come to them.Scott: Yep. [laugh].Corey: Scott, I really appreciate your time. Thanks again.Scott: Thank you.Corey: Scott Piper, Principal Engineer at Block and, more or less, roving security troubadour for lack of a better term. I'm Cloud Economist Corey Quinn, and this is Screaming in the Cloud. If you've enjoyed this podcast, please leave a five-star review on your podcast platform of choice, whereas if you've hated this podcast, please leave a five-star review on your podcast platform of choice or a comment on the YouTubes saying that this episode is completely invalid because you wind up using the old version of the metadata service and you've never had a problem. That you know of.Corey: If your AWS bill keeps rising and your blood pressure is doing the same, then you need The Duckbill Group. We help companies fix their AWS bill by making it smaller and less horrifying. The Duckbill Group works for you, not AWS. We tailor recommendations to your business and we get to the point. Visit duckbillgroup.com to get started.Announcer: This has been a HumblePod production. Stay humble.
TUESDAY! We are blessed to have the ladies from the podcast Say Bible (@thesaybible) with us today. This is a kardashian podcast run by two insanely funny brilliant women Kathleen Lee and Natalie Franklin (who also runs NorisBlackBook account). Go subscribe to their podcast asap! We talk all things Kardashian but we take so many pop culture detours along the way. One of my favorite convos i've had. Really fun. Hope you guys dig it! Also, So Bad It's Good has merch now! Go to www.sobaditsgoodmerch.com to order yours TODAY! Also, So Bad It's Good has a voicemail now! 323-425-9542. Pleas feel free to call with your thoughts! If you do you are giving me full permission to use on the show! Also, I'm on CAMEO. I'll be filming in Dorit's Room so sign up today at cameo.com and search Ryan Bailey! Have a great week guys! -Start a new healthy habit today. Visit seed.com/SOBAD and use code SOBAD to redeem 20% off your first month of Seed's Daily Synbiotic. That's seed.com/SOBAD and use code SOBAD. Remember to subscribe and join me Monday thru Thursday for interviews with podcasters and reality stars, show recaps, Garth and Justin, Bill and Becky Bailey and so much more!! Plus, tell your friends. I, honestly, think there is something for everyone in these pods. The more the merrier! ALSO GO CHECK OUT THE PATREON patreon.com/sobaditsgood. Support what we are doing here. THANK YOUUUUUUU!!!!! If you're enjoying the insane amount of blood, sweat and literal tears of this pod consider telling a friend or rating us 5 stars on iTunes! Special shoutout to Maritza Lopez (Insta: @maritza.gif) for all of her insanely hard work creating these beautiful pieces of art on my instagram and patreon page!! Time Stamps are below. Use them. They are your friend. This pod isn't meant to be digested all at once! Contact me on Insta if you need me to send them to you if you can't find them! 2:45-Show Notes/Shame Spiral/Will Smith statement 24:30-Natalie Franklin and Kathleen Lee from Say Bible! Instagram: @sobaditsgoodwithryanbailey, @ryanbailey25 Twitter:@ryanabailey25 TIKTOK @sobaditsgoodwithryanb Learn more about your ad-choices at https://www.iheartpodcastnetwork.com
This week Jeff & Danni speak with Corey Scott from AnnieMac Mortgage about current mortgage rates and their impact on home affordability. They also respond to your questions, share insights on For Sale by Owner and what's happening around town.
This week Jeff & Danni speak with Corey Scott from AnnieMac Mortgage about current mortgage rates and their impact on both buyers and sellers in today's market. They also respond to your questions, share some tips for saving on your electric bill and provide updates on events happening around town.
Corey Scott is a Internal Communications Specialist, an Education Enthusiast, and driven to help prepare new SPED Teachers for their First Day in the Classroom. Corey shares his educational journey and his teaching experience where he decided he was not willing to continue in the system. Corey transitioned out of the classroom into the private sector. He also created Day One Teacher Course that prepares new, inexperienced Special Education Teachers for their first day in the classroom. Learn more at dayoneteacher.co The Disrupt Education Podcast is a proud member of The EdUp Experience Podcast Network #rebelteachernetwork Check out our sponsors below eLearning Partners Need help starting your eLearning courses or training? Get INSTANT access to the FREE MasterClass: “Create and Launch a Successful eLearning Program, Online Course, or Virtual Training” where you will learn the biggest mistake most people make with eLearning, the #1 reason most eLearning programs fail, the 3 Pillars to create extraordinary value for your learners every time, and much more! Hit the link and get instant access to the free MasterClass today —> https://www.e-learningpartners.com/a/2147499455/SH7oznjY spikeview You are more than a grade and test score. Colleges, internships, jobs, any opportunity needs to see that! Head to www.spikeview.com and build your portfolio for FREE and start heading towards your dreams today! --- Support this podcast: https://anchor.fm/disrupt-educ/support
The growing demand for the use of sustainable agriculture practices has created an opportunity to build a revenue stream through carbon credits. In this podcast, Corey Scott from Truterra offers the basics on what carbon credits are, how producers can take advantage of carbon credit opportunities and what the future holds.
Today's Advent Devotional was written by Corey Scott. Read the devotions online at https://www.northsidechristianchurch.net/advent-2021/.
About ScottScott first typed ‘docker run' in 2013 and hasn't looked back. He's been with Docker since 2014 in a variety of leadership roles and currently serves as CEO. His experience previous to Docker includes Sun Microsystems, Puppet, Netscape, Cisco, and Loudcloud (parent of Opsware). When not fussing with computers he spends time with his three kids fussing with computers.Links: Docker: https://www.docker.com Twitter: https://twitter.com/scottcjohnston TranscriptAnnouncer: Hello, and welcome to Screaming in the Cloud with your host, Chief Cloud Economist at The Duckbill Group, Corey Quinn. This weekly show features conversations with people doing interesting work in the world of cloud, thoughtful commentary on the state of the technical world, and ridiculous titles for which Corey refuses to apologize. This is Screaming in the Cloud.Corey: This episode is sponsored in part by Liquibase. If you're anything like me, you've screwed up the database part of a deployment so severely that you've been banned from touching every anything that remotely sounds like SQL, at at least three different companies. We've mostly got code deployments solved for, but when it comes to databases we basically rely on desperate hope, with a roll back plan of keeping our resumes up to date. It doesn't have to be that way. Meet Liquibase. It is both an open source project and a commercial offering. Liquibase lets you track, modify, and automate database schema changes across almost any database, with guardrails to ensure you'll still have a company left after you deploy the change. No matter where your database lives, Liquibase can help you solve your database deployment issues. Check them out today at liquibase.com. Offer does not apply to Route 53.Corey: This episode is sponsored in part by something new. Cloud Academy is a training platform built on two primary goals. Having the highest quality content in tech and cloud skills, and building a good community the is rich and full of IT and engineering professionals. You wouldn't think those things go together, but sometimes they do. Its both useful for individuals and large enterprises, but here's what makes it new. I don't use that term lightly. Cloud Academy invites you to showcase just how good your AWS skills are. For the next four weeks you'll have a chance to prove yourself. Compete in four unique lab challenges, where they'll be awarding more than $2000 in cash and prizes. I'm not kidding, first place is a thousand bucks. Pre-register for the first challenge now, one that I picked out myself on Amazon SNS image resizing, by visiting cloudacademy.com/corey. C-O-R-E-Y. That's cloudacademy.com/corey. We're gonna have some fun with this one!Corey: Welcome to Screaming in the Cloud. I'm Corey Quinn. Once upon a time, I started my public speaking career as a traveling contract trainer for Puppet; I've talked about this before. And during that time, I encountered someone who worked there as an exec, Scott Johnston, who sat down, talked to me about how I viewed things, and then almost immediately went to go work at Docker instead. Today's promoted episode brings Scott on to the show. Scott, you fled to get away from me, became the CEO of Docker over the past, oh what is it, seven years now. You're still standing there, and I'm not making fun of Docker quite the way that I used to. First, thanks for joining me.Scott: Great to be here, Corey. Thanks for the invitation. I'm not sure I was fleeing you, but we can recover that one at another time.Corey: Oh, absolutely. In that era, one of my first talks that I started giving that anyone really paid any attention to was called, “Heresy in the Church of Docker,” where I listed about 10 to 13 different things that Docker didn't seem to have answers for, like network separation, security, audit logging, et cetera, et cetera. And it was a fun talk that I used to basically learn how to speak publicly without crying before and after the talk. And in time, it wound up aging out as these problems got addressed, but what surprised me at the time was how receptive the Docker community was to the idea of a talk that wound up effectively criticizing something that for, well, a number of them it felt a lot of the time like it wasn't that far from a religion; it was very hype-driven: “Docker, Docker, Docker” was a recurring joke. Docker has changed a lot. The burning question that I think I want to start this off with is that it's 2021; what is Docker? Is it a technology? Is it a company? Is it a religion? Is it a community? What is Docker?Scott: Yes. I mean that sincerely. Often, the first awareness or the first introduction that newcomers have is in fact the community, before they get their hands on the product, before they learn that there's a company behind the product is they have a colleague who is, either through a Zoom or sitting next to them in some places, or in a coffee shop, and says, “Hey, you got to try this thing called Docker.” And they lean over—either virtually or physically—and look at the laptop of their friend who's promoting Docker, and they see a magical experience. And that is the introduction of so many of our community members, having spoken with them and heard their own kind of journeys.And so that leads to like, “Okay, so why the excitement? Why did the friend lean over to the other friend and introduce?” It's because the tools that Docker provides just helps devs get their app built and shipping faster, more securely, with choice, without being tied into any particular runtime, any particular infrastructure. And that combination has proven to be a breakthrough dopamine hit to developers since the very beginning, since 2013, when Docker is open-source.Corey: It feels like originally, the breakthrough of Docker, that people will say, “Oh, containers aren't new. We've had that going back to LPARs on mainframes.” Yes, I'm aware, but suddenly, it became easy to work with and didn't take tremendous effort to get unified environments. It was cynically observed at the time by lots of folks smarter than I am, that the big breakthrough Docker had was how to make my MacBook look a lot more like a Linux server in production. And we talk about breaking down silos between ops and dev, but in many ways, this just meant that the silo became increasingly irrelevant because, “Works on my machine” was no longer a problem.“Well, you better back up your email because your laptop's about to go into production in that case.” Containers made it easier and that was a big deal. It seems, on some level, like there was a foray where Docker the company was moving into the world of, “Okay, now we're going to run a lot of these containers in production for you, et cetera.” It really feels like recently, the company as a whole and the strategy has turned towards getting back to its roots of solving developer problems and positioning itself as a developer tool. Is that a fair characterization?Scott: A hundred percent. That's very intentional, as well. We certainly had good products, and great customers, and we're solving problems for customers on the ops side, I'll call it, but when we stood back—this is around 2019—and said, “Where's the real… joy?” For lack of a better word, “Where's the real joy from a community standpoint, from a product experience standpoint, from a what do we do different and better and more capable than anyone else in the ecosystem?” It was that developer experience. And so the reset that you're referring to in November 2019, was to give us the freedom to go back and just focus the entire company's efforts on the needs of developers without any other distractions from a revenue, customer, channel, so on and so forth.Corey: So, we knew this was going to come up in the conversation, but as of a couple of weeks ago—as of the time of this recording—you announced a somewhat, well, let's say controversial change in how the pricing and licensing works. Now, as of—taking effect at the end of this year—the end of January, rather, of next year—Docker Desktop is free for folks to use for individual use, and that's fine, and for corporate use, Docker Desktop also remains free until you are a large company defined by ten million in revenue a year and/or 250 employees or more. And that was interesting and I don't think I'd seen that type of requirement placed before on what was largely an open-source project that's now a developer tool. I believe there are closed-source aspects of it as well for the desktop experience, but please don't quote me on that; I'm not here to play internet lawyer engineer. But at that point, the internet was predictably upset about this because it is easy to yell about any change that is coming, regardless.I was less interested in that than I am in what the reception has been from your corporate customers because, let's be clear, users are important, community is important, but goodwill will not put food on the table past a certain point. There has to be a way to make a company sustainable, there has to be a recurring revenue model. I realize that you know this, but I'm sure there are people listening to this who are working in development somewhere who are, “Wait, you mean I need to add more value than I cost?” It was a hard revelation for [laugh] me back when I had been in the industry a few years—Scott: [laugh]. Sure.Corey: —and I'm still struggling with that—Scott: Sure.Corey: Some days.Scott: You and me both. [laugh].Corey: So, what has the reaction been from folks who have better channels of communicating with you folks than angry Twitter threads?Scott: Yeah. Create surface area for a discussion, Corey. Let's back up and talk on a couple points that you hit along the way there. One is, “What is Docker Desktop?” Docker Desktop is not just Docker Engine.Docker Desktop is a way in which we take Docker Engine, Compose, Kubernetes, all important tools for developers building modern apps—Docker Build, so on and so forth—and we provide an integrated engineered product that is engineered for the native environments of Mac and Windows, and soon Linux. And so we make it super easy to get the container runtime, Kubernetes stack, the networking, the CLI, Compose, we make it super easy just to get that up and running and configured with smart defaults, secured, hardened, and importantly updated. So, any vulnerabilities patched and so on and so forth. The point is, it's a product that is based on—to your comments—upstream open-source technologies, but it is an engineered commercial product—Docker Desktop is.Corey: Docker Desktop is a fantastic tool; I use it myself. I could make a bunch of snide comments that on Mac, it's basically there to make sure the fans are still working on the laptop, but again, computers are hard. I get that. It's incredibly handy to have a graphical control panel. It turns out that I don't pretend to understand those people, but some folks apparently believe that there are better user interfaces than text and an 80-character-wide terminal window. I don't pretend to get those people, but not everyone has the joy of being a Linux admin for far too long. So, I get it, making it more accessible, making it easy, is absolutely worth using.Scott: That's right.Corey: It's not a hard requirement to run it on a laptop-style environment or developer workstation, but it makes it really convenient.Scott: Before Docker desktop, one had to install a hypervisor, install a Linux VM, install Docker Engine on that Linux VM, bridge between the VM and the local CLI on the native desktop—like, lots of setup and maintenance and tricky stuff that can go wrong. Trust me how many times I stubbed my own toes on putting that together. And so Docker Desktop is designed to take all of that setup nonsense overhead away and just let the developer focus on the app. That's what the product is, and just talking about where it came from, and how it uses these other upstream technologies. Yes, and so we made a move on August 31, as you noted, and the motivation was the following: one is, we started seeing large organizations using Docker Desktop at scale.When I say ‘at scale,' not one or two or ten developers; like, hundreds and thousands of developers. And they were clamoring for capabilities to help them manage those developer environments at scale. Second is, we saw them getting a lot of benefit in terms of productivity, and choice, and security from using Docker Desktop, and so we stood back and said, “Look, for us to scale our business, we're at 10-plus million monthly active developers today. We know there's 45 million developers coming in this decade; how do we keep scaling while giving a free experience, but still making sure we can fund our engineers and deliver features and additional value?” We looked at other projects, Corey.The first thing we did is we looked outside our four walls, said, “How have other projects with free and open-source components navigated these waters?” And so the thresholds that you just mentioned, the 250 employees and the ten million revenue, were actually thresholds that we saw others put in place to draw lines between what is available completely for free and what is available for those users that now need to purchase subscription if they're using it to create value for their organizations. And we're very explicit about that. You could be using Docker for training, you could be using Docker for eval in those large organizations; we're not going to chase you or be looking to you to step up to a subscription. However, if you're using Docker Desktop in those environments, to build applications that run your business or that are creating value for your customers, then purchasing a subscription is a way for us to continue to invest in a product that the ecosystem clearly loves and is getting a lot of value out of. And so, that was again, the premise of this change. So, now to the root of your question is, so what's the reaction? We're very, very pleased. First off, yes, there were some angry voices out there.Corey: Yeah. And I want to be clear, I'm not trivializing people who feel upset.Scott: No.Corey: When you're suddenly using a thing that is free and discovering that, well, now you have to pay money for it, people are not generally going to be happy about that.Scott: No.Corey: When people are viewed themselves as part of the community, of contributing to what they saw as a technical revolution or a scrappy underdog and suddenly they find themselves not being included in some way, shape or form, it's natural to be upset, I don't want to trivialize—Scott: Not at all.Corey: People's warm feelings toward Docker. It was a big part of a lot of folks' personality, for better or worse, [laugh] for a few years in there. But the company needs to be sustainable, so what I'm really interested in is what has that reaction been from folks who are, for better or worse, “Yes, yes, we love Docker, but I don't get to sign $100,000 deals because I just really like the company I'm paying the money to. There has to be business value attached to that.”Scott: That's right. That's right. And to your point, we're not trivializing either the reaction by the community, it was encouraging to see many community members got right away what we're doing, they saw that still, a majority of them can continue using Docker for free under the Docker Personal subscription, and that was also intentional. And you saw on the internet and on Twitter and other social media, you saw them come and support the company's moves. And despite some angry voices in there, there was overwhelmingly positive.So, to your question, though, since August 31, we've been overwhelmed, actually, by the positive response from businesses that use Docker Desktop to build applications and run their businesses. And when I say overwhelmed, we were tracking—because Docker Desktop has a phone-home capability—we had a rough idea of what the baseline usage of Docker Desktops were out there. Well, it turns out, in some cases, there are ten times as many Docker Desktops inside organizations. And the average seems to be settling in around three times to four times as many. And we are already closing business, Corey.In 12 business days, we have companies come through, say, “Yes, our developers use this product. Yes, it's a valuable product. We're happy to talk to a salesperson and give you over to procurement, and here we go.” So, you and I both been around long enough to know, like 12 working days to have a signed agreement with an enterprise agreement is unheard of.Corey: Yeah, but let's be very clear here, on The Duckbill Group's side of things where I do consulting projects, I sell projects to companies that are, “Great, this project will take, I don't know, four to six weeks, whatever it happens to be, and, yeah, you're going to turn a profit on this project in about the first four hours of the engagement.” It is basically push button and you will receive more money in your budget than you had when you started, and that is probably the easiest possible enterprise sale, and it still takes 60 to 90 days most of the time to close deals.Scott: That's right.Corey: Trying to get a procurement deal for software through enterprise procurement processes is one of those things when people say, “Okay, we're going to have a signature in Q3,” you have to clarify what year they're talking about. So, 12 days is unheard of.Scott: [laugh]. Yep. So, we've been very encouraged by that. And I'll just give you a rough numbers: the overall response is ten times our baseline expectations, which is why—maybe unanticipated question, or you going to ask it soon—we came back within two weeks—because we could see this curve hit right away on the 31st of August—we came back and said, “Great.” Now, that we have the confidence that the community and businesses are willing to support us and invest in our sustainability, invest in the sustainable, scalable Docker, we came and we accelerated—pulled forward—items in our roadmap for developers using Docker Desktop, both for Docker Personal, for free in the community, as well as the subscribers.So, things like Docker Desktop for Linux, right? Docker Desktop for Mac, Docker Desktop for Windows has been out there about five years, as I said. We have heard Docker Desktop for Linux rise in demand over those years because if you're managing a large number of developers, you want a consistent environment across all the developers, whether they're using Linux, Mac, or Windows desktops. So, Docker Desktop for Linux will give them that consistency across their entire development environment. That was the number two most requested feature on our public roadmap in the last year, and again, with the positive response, we're now able to confidently invest in that. We're hiring more engineers than planned, we're pulling that forward in the roadmap to show that yes, we are about growing and growing sustainably, and now that the environment and businesses are supporting us, we're happy to double down and create more value.Corey: My big fear when the change was announced was the uncertainty inherent to it. Because if there's one thing that big companies don't like, it's uncertainty because uncertainty equates to risk in their mind. And a lot of other software out there—and yes, Oracle Databases I am looking at you—have a historical track record of, “Okay, great. We have audit rights to inspect your environment, and then when we wind up coming in, we always find that there have been licensing shortfalls,” because people don't know how far things spread internally, as well as, honestly, it's accounting for this stuff in large, complex organizations is a difficult thing. And then there are massive fines at stake, and then there's this whole debate back and forth.Companies view contracts as if every company behaves like that when it comes down to per-seat licensing and the rest. My fear was that that risk avoidance in large companies would have potentially made installing Docker Desktop in their environment suddenly a non-starter across the board, almost to the point of being something that you would discipline employees for, which is not great. And it seems from your response, that has not been a widespread reaction. Yes of course, there's always going to be some weird company somewhere that does draconian things that we don't see, but the fact that you're not sitting here, telling me that you've been taking a beating from this from your enterprise buyers, tells me you're onto something.Scott: I think that's right, Corey. And as you might expect, the folks that don't reach out are silent, and so we don't see folks who don't reach out to us. But because so many have reached out to us so positively, and basically quickly gone right to a conversation with procurement versus any sort of back-and-forth or questions and such, tells us we are on the right track. The other thing, just to be really clear is, we did work on this before the August 31 announcement as well—this being how do we approach licensing and compliance and such—and we found that 80% of organizations, 80% of businesses want to be in compliance, they have a—not just want to be in compliance, but they have a history of being in compliance, regardless of the enforcement mechanism and whatnot. And so that gave us confidence to say, “Hey, we're going to trust our users. We're going to say, ‘grace period ends on January 31.'”But we're not shutting down functionality, we're not sending in legal [laugh] activity, we're not putting any sort of strictures on the product functionality because we have found most people love the product, love what it does for them, and want to see the company continue to innovate and deliver great features. And so okay, you might say, “Well, doesn't that 20% represent opportunity?” Yeah. You know, it does, but it's a big ecosystem. The 80% is giving us a great boost and we're already starting to plow that into new investment. And let's just start there; let's start there and grow from there.This episode is sponsored by our friends at Oracle Cloud. Counting the pennies, but still dreaming of deploying apps instead of "Hello, World" demos? Allow me to introduce you to Oracle's Always Free tier. It provides over 20 free services and infrastructure, networking databases, observability, management, and security.And - let me be clear here - it's actually free. There's no surprise billing until you intentionally and proactively upgrade your account. This means you can provision a virtual machine instance or spin up an autonomous database that manages itself all while gaining the networking load, balancing and storage resources that somehow never quite make it into most free tiers needed to support the application that you want to build.With Always Free you can do things like run small scale applications, or do proof of concept testing without spending a dime. You know that I always like to put asterisks next to the word free. This is actually free. No asterisk. Start now. Visit https://snark.cloud/oci-free that's https://snark.cloud/oci-free.Corey: I also have a hard time imagining that you and your leadership team would be short-sighted enough to say, “Okay, that”—even 20% of companies that are willing to act dishonestly around stuff like that seems awfully high to me, but assuming it's accurate, would tracking down that missing 20% be worth setting fire to the tremendous amount of goodwill that Docker still very much enjoys? I have a hard time picturing any analysis where that's even a question other than something you set up to make fun of.Scott: [laugh]. No, that's exactly right Corey, it wouldn't be worth it which is why again, we came out of the gate with like, we're going to trust our users. They love the community, they love the product, they want to support us—most of them want to support us—and, you know, when you have most, you're never going to get a hundred percent. So, we got most and we're off to a good start, by all accounts. And look, a lot of folks too sometimes will be right in that gray middle where you let them know that they're getting away with something they're like, “All right, you caught me.”We've seen that behavior before. And so, we can see all this activity out there and we can see if folks have a license or compliance or not, and sometimes just a little tap on the shoulder said, “Hey, did you know that you might be paying for that?” We've seen most folks at the time say, “Ah, okay. You caught me. Happy to talk to procurement.”So, this does not have to be heavy-handed as you said, it does not have to put at risk the goodwill of the 80%. And we don't have to get a hundred percent to have a great successful business and continuing successful community.Corey: Yeah. I'll also point out that, by my reading of your terms and conditions and how you've specified this—I mean, this is not something I've asked you about, so this could turn into a really awkward conversation but I'm going to roll with it anyway, it explicitly states that it is and will remain free for personal development.Scott: That is correct.Corey: When you're looking at employees who work at giant companies and have sloppy ‘bring your own device' controls around these things, all right, they have it installed on their work machine because in their spare time, they're building an app somewhere, they're not going to get a nasty gram, and they're not exposing their company to liability by doing that?Scott: That is exactly correct. And moreover, just keep looking at those use cases, if the company is using it for internal training or if the company is using it to evaluate someone else's technology, someone else's software, all those cases are outside the pay-for subscription. And so we believe it's quite generous in allowing of trials and tests and use cases that make it accessible and easy to try, easy to use, and it's just in the case where if you're a large organization and your developers are using it to build applications for your business and for your customers, thus you're getting a lot of value using the product, we're asking you to share that value with us so we can continue to invest in the product.Corey: And I think that's a reasonable expectation. The challenge that Docker seems to have had for a while has been that the interesting breakthrough, revelatory stuff that you folks did was all open-source. It was a technology that was incredibly inspired in a bunch of different ways. I am, I guess, mature enough to admit that my take that, “Oh, Docker is terrible”—which was never actually my take—was a little short-sighted. I'm very good at getting things wrong across the board, and that is no exception.I also said virtualization was a flash in the pan and look how that worked out. I was very anti-cloud, et cetera, et cetera. Times change, people change, and doubling down on being wrong gains you nothing. But the question that was always afterwards what is the monetization strategy? Because it's not something you can give away for free and make it up in volume?Even VC money doesn't quite work like that forever, so there's a—the question is, what is the monetization strategy that doesn't leave people either resenting you because, “Remember that thing that used to be free isn't anymore? Doesn't it suck to be you?” And is still accessible as broadly as you are, given the sheer breadth and diversity of your community? Like I can make bones about the fact that ten million in revenue and 250 employees are either worlds apart, or the wrong numbers, or whatever it is, but it's not going to be some student somewhere sitting someplace where their ramen budget is at risk because they have to spend $5 a month or whatever it is to have this thing. It doesn't apply to them.And this feels like, unorthodox though it certainly is, it's not something to be upset about in any meaningful sense. The people that I think would actually be upset and have standing to be upset about this are the enterprise buyers, and you're hearing from them in what is certainly—because I will hear it if not—that this is something they're happy about. They are thrilled to work with you going forward. And I think it makes sense. Even when I was doing stuff as an independent consultant, before I formalized the creation of The Duckbill Group and started hiring people, my policy was always to not use the free tier of things, even if I fit into them because I would much rather personally be a paying customer, which elevates the, I guess, how well my complaints are received.Because I'm a free user, I'm just another voice on Twitter; albeit a loud one and incredibly sarcastic one at times. But if I'm a paying customer, suddenly the entire tenor of that conversation changes, and I think there's value to that. I've always had the philosophy of you pay for the things you use to make money. And that—again, that is something that's easy for me to say now. Back when I was in crippling debt in my 20s, I assure you, it was not, but I still made the effort for things that I use to make a living.Scott: Yeah.Corey: And I think that philosophy is directionally correct.Scott: No, I appreciate that. There's a lot of good threads in there. Maybe just going way back, Docker stands on the shoulders of giants. There was a lot of work with container tech in the Linux kernel, and you and I were talking before about it goes back to LPAR on IBMs, and you know, BS—Berkeley's—Corey: BSD jails and chroots on Linux. Yeah.Scott: Chroot, right? I mean, Bill Joy, putting chroot in—Corey: And Tupperware parties, I'm sure. Yeah.Scott: Right. And all credit to Solomon Hykes, Docker's founder, who took a lot of good up and coming tech—largely on the ops side and in Linux kernel—took the primitives from Git and combined that with immutable copy-on-write file system and put those three together into a really magical combination that simplified all this complexity of dependency management and portability of images across different systems. And so in some sense, that was the magic of standing on these giant shoulders but seeing how these three different waves of innovation or three different flows of innovation could come together to a great user experience. So, also then moving forward, I wouldn't say they're happy, just to make sure you don't get inbound, angry emails—the enterprise buyers—but they do recognize the value of the product, they think the economics are fair and straight ahead, and to your point about having a commercial relationship versus free or non-existing relationship, they're seeing that, “Oh, okay, now I have insight into the roadmap. Now, I can prioritize my requirements that my devs have been asking for. Now, I can double-down on the secure supply chain issues, which I've been trying to get in front of for years.”So, it gives them an avenue that now, much different than a free user as you observed, it's a commercial relationship where it's two way street versus, “Okay, we're just going to use this free stuff and we don't have much of a say because it's free, and so on and so forth.” So, I think it's been an eye-opener for both the company but also for the businesses. There is a lot of value in a commercial relationship beyond just okay, we're going to invest in new features and new value for developers.Corey: The challenge has always been how do you turn something that is widely beloved, that is effectively an open-source company, into money? There have been a whole bunch of questions about this, and it seems that the consensus that has emerged is that a number of people for a long time mistook open-source for a business model instead of a strategy, and it's very much not. And a lot of companies are attempting to rectify that with weird license changes where, “Oh, you're not allowed to take our code and build a service out of it if you're a cloud provider.” Amazon's product strategy is, of course, “Yes,” so of course, there's always going to be something coming out of AWS that is poorly documented, has a ridiculous name, and purports to do the same thing for way less money, except magically you pay them by the hour. I digress.Scott: No, it's a great surface area, and you're right I completely didn't answer that question. [laugh]. So—Corey: No, it's fair. It's—Scott: Glad you brought it back up.Corey: —a hard problem. It's easy to sit here and say, “Well, what I think they should do”—but all of those solutions fall apart under ten seconds of scrutiny.Scott: Super, super hard problem which, to be fair, we as a team and a community wrestled with for years. But here's where we landed, Corey. The short version is that you can still have lots of great upstream open-source technologies, and you'll have an early adopter community that loves those, use those, gets a lot of progress running fast and far with those, but we've found that the vast majority of the market doesn't want to spend its time cobbling together bits and bytes of open-source tech, and maintaining it, and patching it, and, and, and. And so what we're offering is an engineered product that takes the upstream but then adds a lot of value—we would say—to make it an engineered, easy to use, easy to configure, upgraded, secure, so on and so forth. And the convenience of that versus having to cobble together your own environment from upstream has proved to be what folks are willing to pay for. So, it's the classic kind of paying for time and convenience versus not.And so that is one dimension. And the other dimension, which you already referenced a little bit with AWS is that we have SaaS; we have a SaaS product in Docker Hub, which is providing a hosted registry with quality content that users know is updated not less than every 30 days, that is patched and maintained by us. And so those are examples of, in some sense, consumption [unintelligible 00:27:53]. So, we're using open-source to build this SaaS service, but the service that users receive, they're willing to pay for because they're not having to patch the Mongo upstream, they're not having to roll the image themselves, they're not having to watch the CVEs and scramble when everything comes out. When there's a CVE out in our upstream, our official images are patched no less than 24 hours later and typically within hours.That's an example of a service, but all based on upstream open-source tech that for the vast majority of uses are free. If you're consuming a lot of that, then there's a subscription that kicks in there as well. But we're giving you value in exchange for you having to spend your time, your engineers, managing all that that I just walked through. So, those are the two avenues that we found that are working well, that seem to be a fair trade and fair balance with the community and the rest of the ecosystem.Corey: I think the hardest part for a lot of folks is embracing change. And I have encountered this my entire career where I started off doing large-scale email systems administration, and hey, turns out that's not really a thing anymore. And I used to be deep in the bowels of Postfix, for example. I'm referenced in the SVN history of Postfix, once upon a time, just for helping with documentation and finding weird corner cases because I'm really good at breaking things by accident. And I viewed it as part of my identity.And times have changed and moved on; I don't run Postfix myself for anything anymore. I haven't touched it in years. Docker is still there and it's still something that people are actively using basically everywhere. And there's a sense of ownership and identity for especially early adopters who glom on to it because it is such a better way of doing some things that it is almost incomprehensible that we used to do it any other way. That's transformation.That's something awesome. But people want to pretend that we're still living in that era where technology has not advanced. The miraculous breakthrough in 2013 is today's de rigueur type of environment where this is just, “Oh, yeah. Of course you're using Docker.” If you're not, people look at you somewhat strangely.It's like, “Oh, I'm using serverless.” “Okay, but you can still build that in Docker containers. Why aren't you doing that?” It's like, “Oh, I don't believe in running anything that doesn't make me pay AWS by the second.” So okay, great. People are going to have opinions on this stuff. But time marches on and whatever we wish the industry would do, it's going to make its own decisions and march forward. There's very little any of us can do to change that.Scott: That's right. Look, it was a single container back in 2013, 2014, right? And now what we're seeing—and you kind of went there—is we're separating the implementation of service from the service. So, the service could be implemented with a container, could be a serverless function, could be a hosted XYZ as a service on some cloud, but what developers want to do is—what they're moving towards is, assemble your application based on services regardless of the how. You know, is that how a local container? To your point, you can roll a local serverless function now in an OCI image, and push it to Amazon.Corey: Oh, yeah. It's one of that now 34 ways I found to run containers on AWS.Scott: [laugh]. You can also, in Compose, abstract all that complexity away. Compose could have three services in it. One of those services is a local container, one of those services might be a local serverless function that you're running to test, and one of those services could be a mock to a Database as a Service on a cloud. And so that's where we are.We've gone beyond the single-container Docker run, which is still incredibly powerful but now we're starting to uplevel to applications that consist of multiple services. And where do those services run? Increasingly, developers do not need to care. And we see that as our mission is continue to give that type of power to developers to abstract out the how, extract out the infrastructure so they can just focus on building their app.Corey: Scott, I want to thank you so much for taking the time to speak with me. If people want to learn more—and that could mean finding out your opinions on things, potentially yelling at you about pricing changes, more interestingly, buying licenses for their large companies to run this stuff, and even theoretically, since you alluded to it a few minutes ago, look into working at Docker—where can they find you?Scott: No, thanks, Corey. And thank you for the time to discuss and look back over both years, but also zoom in on the present day. So, www.docker.com; you can find any and all what we just walked through. They're more than happy to yell at me on Twitters at @scottcjohnston, and we have a public roadmap that is in GitHub. I'm not going to put the URL here, but you can find it very easily. So, we love hearing from our community, we love engaging with them, we love going back and forth. And it's a big community; jump in, the waters warm, very welcoming, love to have you.Corey: And we'll of course, but links to that in the [show notes. 00:32:28] Thank you so much for your time. I really do appreciate it.Scott: Thank you, Corey. Right back at you.Corey: Scott Johnston, CEO of Docker. I'm Cloud Economist Corey Quinn and this is Screaming in the Cloud. If you've enjoyed this podcast, please leave a five-star review on your podcast platform of choice, whereas if you've hated this podcast, please leave a five-star review on your podcast platform of choice, along with a comment telling me that Docker isn't interested in at all because here's how to do exactly what Docker does in LPARs on your mainframe until the AWS/400 comes to [unintelligible 00:33:02].Scott: [laugh].Corey: If your AWS bill keeps rising and your blood pressure is doing the same, then you need The Duckbill Group. We help companies fix their AWS bill by making it smaller and less horrifying. The Duckbill Group works for you, not AWS. We tailor recommendations to your business and we get to the point. Visit duckbillgroup.com to get started.Announcer: This has been a HumblePod production. Stay humble.
We did this quick episode to address some of the feedback we've gotten about our coverage of the Evil Dead franchise. The incredible Corey Scott sends us a DM about the parallels between Ash and Marty McFly, then we throw it to podcast producer extraordinaire Hammond Chamberlain who drops some knowledge on us about Sam Raimi, his work on The Evil Dead and beyond, what we got right, what we got wrong, and his souvenir skull from Army of Darkness. Corey and Hammond are a great representation of the kind of awesome community we have around our show and we couldn't be more thankful for them. Also, check out Song of the Sandman by J-F Dubeau wherever you get books!
Corey Scott sits in as the moderator as David Lillis and Todd Schleiger debate over the current political climate.
You are on the road to this year's Respond Worship Retreat and we have some musings for you to consider on your way! Corey Scott helps prepare our hearts and minds as we enter in to the concept of PAUSE for the weekend.
Welcome to "Just A Thought," a new approach to the way Respond Worship Podcast seeks to resource Worship Ministries operating at a busy pace. Our thought for today comes from Corey Scott, speaking into how confirmation is just as good as new information.
Welcome to "Just A Thought," a new approach to the way Respond Worship Podcast seeks to resource Worship Ministries operating at a busy pace. Our thought for today comes from Corey Scott, discussing the difference between acting and reacting when things "hit the fan."
We continue the week of joy, our fourth week of Advent, with a devotional from Corey Scott. Today's Scripture reading comes from Psalm 43 and John 1:1-14. About our Advent Devotion Series Each day of Advent we will be sharing a short devotion written by a member of our Northside church family. These devotions will be focused on the themes of hope, joy, love, peace and light. Over the next several weeks, you will be guided to recall what God has already done for you in Jesus Christ, as well as look forward to what He will continue to do in you and through you. Read our digital Advent Devotion Guide here >>
Today marks the start of the Advent season. Each day of Advent we will be sharing a short devotion written by a member of our Northside church family. These devotions will be focused on the themes of hope, joy, love, peace and light. Over the next several weeks, you will be guided to recall what God has already done for you in Jesus Christ, as well as look forward to what He will continue to do in you and through you. Today's devotional thought comes from Corey Scott.
Welcome to "Just A Thought," a new approach to the way Respond Worship Podcast seeks to resource Worship Ministries at a busy pace. Corey Scott is back with another thought explaining the difference between being sent and being taught.
Welcome to "Just A Thought," a new approach to the way Respond Worship Podcast seeks to resource Worship Ministries at a busy pace. Corey Scott is back with some thoughts that will help us to not become scarecrows on stage.
What is your favorite TV show of all time? Maybe “Breaking Bad”, “Seinfeld”, or “The Walking Dead”? Well, If you haven’t seen “The Wire”…what have you been doing with your life?! One of the great lines from that epic series is the title of this episode, and is particularly relevant to the Data King of the Oil and Gas industry, Barry Barksdale. Barry breaks down the differences between what it means to run a Data Company in 1990 vs 2020, how to KEEP your customers while adapting to rapidly changing technology and industry landscapes, and spending summers with his family on Nantucket. Barry also reminds us of just how small of an industry this is, as former podcast guests Corey Scott and Kevin Decker get shoutouts. A fun episode with yet another industry legend. The post “You Come at the King, You Best Not Miss” with Barry Barksdale on Tripping Over the Barrel appeared first on Digital Wildcatters.
Welcome to "Just A Thought," a new approach to the way Respond Worship Podcast seeks to resource Worship Ministries at a busy pace. Corey Scott is back with another thought today, explaining the difference between a line check mentality and a sound check mentality.
Welcome to another episode of "Just A Thought," a new approach to the way Respond Worship Podcast seeks to resource Worship Ministries at a busy pace. Corey Scott brings us another thought today, challenging us to allow our worship to be a welcoming invitation.
9.16.20 – Corey Scott of MakeUp2Go – Toast of the Town AWESOME SHOW THIS WEEK: In continuing our discussion about women-owned businesses, we will have our friend and personality powerhouse, Corey Scott of MakeUp2Go with [...]
Welcome to the first installment of "Just A Thought," a new approach to the way Respond Worship Podcast seeks to resource Worship Ministries at a busy pace. Corey Scott brings us our thought for today, reminding us that God is always working, even when we don't see Him doing so. Let's listen in.
Corey Scott will open up about his organization THE CREED GROUP and the tragedy that led him on his path and to be a leader not only in his community but also as a advocate for mental health. --- Send in a voice message: https://anchor.fm/april-stephens/message Support this podcast: https://anchor.fm/april-stephens/support
Episode 22 features Corey Scott of Corey Scott Law in Indianapolis, Indiana. During this episode we discuss the intersection of Life and Law the importance of obtaining legal knowledge and more. Thanks for listening! --- Support this podcast: https://anchor.fm/sedric-warren/support
In this episode of the podcast, I'm accompanied by 3 of Atlanta's newest rappers, Corey Scott, Tweety and DubbleX. We sit down and talk about their start and where they want to be, we also talk about upcoming projects and enjoy a simplified conversation. Towards the end we get to enjoy some of Tweety's lyricism with an on the spot freestyle. Enjoy! Follow them here: CZR DubbleX Instagram @dubblex https://www.instagram.com/dubblex/ Twitter @czrrxx https://twitter.com/czrrxx Youtube @czr Xx https://www.youtube.com/channel/UC5NQOjfpgZJQ_X9nkzuC1BA Apple Music https://music.apple.com/us/artist/czr-dubblex/1460438578 Spotify https://open.spotify.com/artist/6sqwxcGcEAzpyQSz3TRlWm?autoplay=true&v=A Corey Scott Instagram @1coreyscott https://www.instagram.com/1coreyscott/?hl=en Youtube https://www.youtube.com/channel/UC9ZMIYdHpjQT_AsG8FU_3NQ Apple Music https://music.apple.com/us/artist/corey-scott/1394366761 Spotify https://open.spotify.com/artist/5ZsdnY5UH4wupAlWjHrNQO Tweety Instagram @tweety.3000 https://www.instagram.com/tweety.3000/?hl=en Sound Cloud https://soundcloud.com/tweeety99 --- This episode is sponsored by · Anchor: The easiest way to make a podcast. https://anchor.fm/app
The defense continues to lay out its case in the war crimes trial of a San Diego-based Navy SEAL. Edward R Gallagher stands accused of killing a wounded ISIS fighter in Iraq by stabbing him in the neck, as well as shooting at civilians multiple times. He has denied all charges and pleaded not guilty. Yesterday, the Navy Announced that Corey Scott -- the man who says he killed the ISIS fighter by asphyxiation after the stabbing -- may be charged with perjury. And today, more witnesses offer different stories as to what happened in the Mosul sniper towers.
After spending 25 years in the Army with over 17 years as a Sergeant Major, Jason Beighley has quite a decorated career in the military. We are fortunate enough to spend some time talking with him about a myriad of topics including how basic training has fallen by the wasteside, how the length of this current war has led to cultural problems, working in special operations as a profession, dispelling the notion that special forces are renegades, the challenges of transitioning out of the military and leaving "the guys" behind, and superiors treating their subordinates as equals and the effect that has within the ranks. Jack and Dennis open the show by discussing the ongoing Eddie Gallagher trial with the testimony from Corey Scott claiming he killed the ISIS member that Gallagher stands trial for murdering. The guys also talk about how the lack of accountability can promote some unusual behavior amongst military members. Be sure to leave us a review on Apple Podcast, let us know what you think of the show and purchase Jack's book "Murphy's Law" where you can find wherever books are sold. Learn more about your ad-choices at https://news.iheart.com/podcast-advertisers
A key witness in the Navy SEAL court-martial trial said he, not Chief Edward Gallagher, killed a wounded Isis fighter in Iraq in 2017, testimony which appears to up-end the prosecution's main claim in a nationally-watched murder and attempted murder case. Corey Scott, a first class petty officer, testified that he was there and saw Gallagher stab the wounded ISIS fighter in the neck but, he said, he killed the fighter afterward. Scott said he used his thumb to cover the breathing tube that had been inserted to help the fighter breathe and he watched the man die. He said he did it to spare the fighter from being tortured later by members of the Iraqi Emergency Response Division, who also were fighting ISIS.
In this You Did This to Us, we brought in fellow podcaster and mellow raconteur Corey Scott to suffer along with us. We all watched Sucker Punch, Zack Snyder's "girl power" movie that exploits the women in the cast while telling the audience that exploiting women is bad. Most of the film is a fantasy within a fantasy -- does this make the movie more interesting? Does the Extended Edition make any more sense? Why is Babydoll wearing false eyelashes to bed? What is Jon Hamm doing here? Want to easily find links to everything we talk about at the end of the program? Head on over to social.mgrpodcast.com. Remember, you can vote on You Did This to Us polls every 5 weeks if you're following us on social media. Don't miss your chance to subject us to things like Sucker Punch! Email the show at hi@mgrpodcast.com. Let us know if you love or hate Sucker Punch! Next week's pick is New to Two round. It's David's turn to pick this theme and he's picked the 2009 film The Informant.Head on over to TiltingWindmillStudios.com for more podcast episodes, columns, and more!
On the Season 2 finale, the guys bring back regular guest, Corey Scott for a jam-packed episode full of talking shit about aliens, philosophy, and God knows what else. We hope you all enjoy! Follow us on IG: @westcoastwiseguys Happy Holidays!
Technology is the future for every industry in the world, and the oil and gas industry is no different. On today's episode, Corey Scott, and Phil talk about how EnergyLink helps operators and royalty partners get paid faster with fewer disputes and simplifying the communication by looking at the data. Here are some of the things you can look forward to in this episode: Find out how RedDog systems got its name Hear how developers actually develop software for the industry Find out how to use EnergyLink to get paid faster by your partners with fewer disputes Find out where data exchange is going in the future How automation is changing the landscape for oil and gas businesses no matter the market conditions Get the inside scoop to what's next for EnergyLink and its customers Dive into this episode that will change how you think about technology in your business. Connect with Corey Scott and Red Dog Systems, Inc. Corey Scott currently serves as the U.S Sales Director at Red Dog Systems, Inc., a Calgary based software company that provides cloud-based solutions to customers involved in Joint Interest Billing, Revenue accounting and Owner Relations. Prior to joining Red Dog Systems in 2008, Corey worked at ConocoPhillips, helping to implement and manage the company's Joint Venture accounting software products. He is a graduate of Oklahoma State University, where he received his Bachelors Degree in Finance. Website: www.energylink.com LinkedIn: www.linkedin.com/company/red-dog-systems-inc. Grab the CEO Toolkit: 120+ Tools, Favorites & Freebies to scale your oil & gas business no matter what the industry looks like for free! [activecampaign form=106]
On the season finale of Hollywood Hustle, the guys sit down with the multi-talented producer, musician, and model Corey Scott to talk collaboration, the concepts of heaven and hell, the Bachelor, and much more! Get ready for Season 2!
Tom and Jordan sit down with musician/producer Corey Scott.
You are listening to the Respond Worship Podcast, a podcast designed to inspire, instruct, and ignite a community of worship teams. We will be diving further into the mind of Corey Scott to hear about his years of ministry experience pastoring others to worship.
Dan and Jack are joined by fellow podcaster Corey Scott of Podcast of Terror and ElseNerds to take your 90s topics, veer off into other topics, and Jack's live reaction to the new Doctor Who casting. The Topics: That 70s Show, Bill Nye the Science Guy Visit us at: weepodcast.com Discuss at: www.reddit.com/r/worstepisodeever Support Us at: www.patreon.com/weestudios Shop through: amazon.weepodcast.com Newsletter at: newsletter.weepodcast.com
This minute begins with a hand sticking out of a car and ends with Ricky yelling that people are at his house. In this minute we discuss what legal trouble Ray and Art will be in, Corey Feldman doing his own stunts and the return of Walter. We also discuss Corey Scott. https://archive.org/download/Min83/min%2083.mp3
Dave is gone on this episode, but Matt brings in his co-host from the Podcast of Terror, Corey Scott, to The post Glitch in the Matrix and Doll Island – Weird World Weekly #80 appeared first on Galactic Netcasts.
Host of the Podcast of Terror and ElseNerds, Corey Scott, spends sixty minutes with Jack (and Jack?) to talk about two iconic 90s topics, with a lot of David Lynch, video games based on television shows, and The Flintsones. The Topics: Twin Peaks, Jurassic Park Visit us at: 90spercentile.wordpress.com and weepodcast.com Discuss at: www.reddit.com/r/worstepisodeever Support us at: amazon.weepodcast.com
Welcome to Trash Entertainments first published podomatic presenting you Dirty Disco .vl 1 exclusively mixed by Coookz aka Corey Scott. Coookz is starting to earn himself a reputation securing a residency at the notorious Fishbowl Saturdays + Every fortnight at Wah Wah Thursdays. Coookz is part of Trash Entertainment upcoming talent and is taking Melbourne by storm. Coookz Soundcloud - http://soundcloud.com/coookz Trash Entertainment Page - http://www.facebook.com/pages/Trash-Entertainment/242489965777289 Coookz DJ page - http://www.facebook.com/coookz.dj Trash Entertainment | Dirty Disco Monthly Volumes | Coookz
© 2020-2025 Ivy Podcast Discovery LLC
