Podcast appearances and mentions of feross aboukhadijeh

  • 35PODCASTS
  • 88EPISODES
  • 52mAVG DURATION
  • 1MONTHLY NEW EPISODE
  • Jul 21, 2024LATEST

POPULARITY

20172018201920202021202220232024


Best podcasts about feross aboukhadijeh

Latest podcast episodes about feross aboukhadijeh

Risky Business News
Sponsored: Socket CEO Feross Aboukhadijeh on how tracking vulnerabilities isn't enough for open source repositories

Risky Business News

Play Episode Listen Later Jul 21, 2024 14:42


In this Risky Business News sponsored interview, Tom Uren talks to Feross Aboukhadijeh, CEO and Founder of Socket about how open source repositories are riddled with horrible software. Feross explains why it makes a difference if a package is vulnerable, malicious or just unwanted and how current transparency mechanisms such as CVEs and the NVD just aren't suitable for the challenge of open source repositories.

a16z
Cybersecurity's Past, Present, and AI-Driven Future

a16z

Play Episode Listen Later Jun 26, 2024 43:43


Is it time to hand over cybersecurity to machines amidst the exponential rise in cyber threats and breaches?We trace the evolution of cybersecurity from minimal measures in 1995 to today's overwhelmed DevSecOps. Travis McPeak, CEO and Co-founder of Resourcely, kicks off our discussion by discussing the historical shifts in the industry. Kevin Tian, CEO and Founder of Doppel, highlights the rise of AI-driven threats and deepfake campaigns. Feross Aboukhadijeh, CEO and Founder of Socket, provides insights into sophisticated attacks like the XZ Utils incident. Andrej Safundzic, CEO and Founder of Lumos, discusses the future of autonomous security systems and their impact on startups.Recorded at a16z's Campfire Sessions, these top security experts share the real challenges they face and emphasize the need for a new approach. Resources: Find Travis McPeak on Twitter: https://x.com/travismcpeakFind Kevin Tian on Twitter: https://twitter.com/kevintian00Find Feross Aboukhadijeh on Twitter: https://x.com/ferossFind Andrej Safundzic on Twitter: https://x.com/andrejsafundzic Stay Updated: Find a16z on Twitter: https://twitter.com/a16zFind a16z on LinkedIn: https://www.linkedin.com/company/a16zSubscribe on your favorite podcast app: https://a16z.simplecast.com/Follow our host: https://twitter.com/stephsmithioPlease note that the content here is for informational purposes only; should NOT be taken as legal, business, tax, or investment advice or be used to evaluate any investment or security; and is not directed at any investors or potential investors in any a16z fund. a16z and its affiliates may maintain investments in the companies discussed. For more details please see a16z.com/disclosures. 

Legacy Code Rocks
Quality-Check of External Dependencies with Feross Aboukhadijeh

Legacy Code Rocks

Play Episode Listen Later Jun 5, 2024 45:41


Many of the largest companies rely on third-party code to run critical parts of their software. However, there's often little focus on ensuring the quality of these external dependencies. Today we speak with Feross Aboukhadijeh, CEO and founder of Socket, a developer-first security platform. Socket helps developers and security teams release software faster and reduce time spent on security busywork. Feross is also a lecturer at Stanford, where he teaches CS233 Web Security. We discuss why the quality of third-party dependencies matters, when to start addressing this issue, how to handle unmaintained dependencies, and what tools are available for managing third-party dependencies. After listening to the episode, be sure to visit the Socket website, connect with Feross on Twitter, and check out his personal website. Mentioned in this episode: Socket at https://socket.dev/  Feross on X at https://x.com/feross  Feross website at: https://feross.org/ 

AI + a16z
Securing the Software Supply Chain with LLMs

AI + a16z

Play Episode Listen Later May 3, 2024 38:57


Socket Founder and CEO Feross Aboukhadijeh joins a16z's Joel de la Garza and Derrick Harris to discuss the open-source software supply chain. Feross and Joel share their thoughts and insights on topics ranging from the recent XZutils attack to how large language models can help overcome understaffed security teams and overwhelmed developers. Despite some increasingly sophisticated attacks making headlines and compromising countless systems, they're optimistic that LLMs, in particular, could be a turning point for security blue teams. As Feross sums up one possibility:"The way we think about gen AI on the defensive side is that it's not as good as a human looking at the code, but it's something. . . . Our challenge is that we want to scan all the open source code that exists out there. That is not something you can pay humans to do. That is not scalable at all. But, with the right techniques, with the right pre-filtering stages, you can actually put a lot of that stuff through LLMs and out the other side will pop a list of of risky packages."And then that's a much smaller number that you can have humans take a look at. And so we're using it as a tool . . . to find the needle in the haystack, what is worth looking at. It's not perfect, but it can help cut down on the noise and it can even make this problem tractable, which previously wasn't even tractable."More about Socket and  cybersecurity:SocketInvesting in SocketHiring a CISOFollow everyone :Feross AboukhadijehJoel de la GarzaDerrick Harris Check out everything a16z is doing with artificial intelligence here, including articles, projects, and more podcasts.

Risky Business News
Sponsored: Open source software's increasing vulnerability

Risky Business News

Play Episode Listen Later Apr 28, 2024 18:48


In this Risky Business News sponsored interview, Tom Uren talks to CEO and founder of Socket, Feross Aboukhadijeh about the open source software and supply chain security. Feross says the software ecosystem has evolved in ways that make it more vulnerable to trust-based attacks (such as seen in XZ Utils) and discusses what can be done to defend against this type of supply chain subversion.

Chinchilla Squeaks
Software supply chain security with Socket.dev

Chinchilla Squeaks

Play Episode Listen Later Apr 4, 2024 33:07


I speak with Feross Aboukhadijeh of Socket.dev about their smarter and more considered solution for securing software supply chains.

Risky Business
Risky Business #736 -- Azure misconfigurations are 2024's looming threat

Risky Business

Play Episode Listen Later Feb 14, 2024 53:18


In this week's show Patrick Gray and Adam Boileau discuss the week's security news. They talk about: Somehow there are still more Ivanti and Fortinet exploits Volt Typhoon have been at it for years Starlink in Ukraine gets complicated Canadians hate poor Flipper Much, much more… In this week's sponsor interview Feross Aboukhadijeh from Socket joins the show to talk about the sheer volume of malicious packages being committed to code repositories and why older SCA tools aren't well equipped to deal with them. Show notes Microsoft Azure customers hit by phishing, account takeover attacks | Cybersecurity Dive Ivanti publishes urgent warning about new vulnerability How is Pulse Secure Formed Attackers hit more networking gear, this time a critical Fortinet CVE | Cybersecurity Dive End Of General Availability of the free vSphere Hypervisor (ESXi 7.x and 8.x) (2107518) Coker: ONCD is studying ‘liability regimes' for software flaws Chinese hackers spent 5 years in US infrastructure, ready to attack CISA, FBI warn of China-linked hackers pre-positioning for ‘destructive cyberattacks against US critical infrastructure' Russia using Starlink Canada declares Flipper Zero public enemy No. 1 in car-theft crackdown | Ars Technica Health insurance data breach affects nearly half of France's population, privacy regulator warns Hackers attack 25 Romanian hospitals Catalin on the Rhysider ransomware decrypter going public A password manager LastPass calls “fraudulent” booted from App Store | Ars Technica From Cybercrime Saul Goodman to the Russian GRU – Krebs on Security

Risky Business
Risky Business #736 -- Azure misconfigurations are 2024's looming threat

Risky Business

Play Episode Listen Later Feb 14, 2024


In this week's show Patrick Gray and Adam Boileau discuss the week's security news. They talk about: Somehow there are still more Ivanti and Fortinet exploits Volt Typhoon have been at it for years Starlink in Ukraine gets complicated Canadians hate poor Flipper Much, much more… In this week's sponsor interview Feross Aboukhadijeh from Socket joins the show to talk about the sheer volume of malicious packages being committed to code repositories and why older SCA tools aren't well equipped to deal with them. Show notes Microsoft Azure customers hit by phishing, account takeover attacks | Cybersecurity Dive Ivanti publishes urgent warning about new vulnerability How is Pulse Secure Formed Attackers hit more networking gear, this time a critical Fortinet CVE | Cybersecurity Dive End Of General Availability of the free vSphere Hypervisor (ESXi 7.x and 8.x) (2107518) Coker: ONCD is studying ‘liability regimes' for software flaws Chinese hackers spent 5 years in US infrastructure, ready to attack CISA, FBI warn of China-linked hackers pre-positioning for ‘destructive cyberattacks against US critical infrastructure' Russia using Starlink Canada declares Flipper Zero public enemy No. 1 in car-theft crackdown | Ars Technica Health insurance data breach affects nearly half of France's population, privacy regulator warns Hackers attack 25 Romanian hospitals Catalin on the Rhysider ransomware decrypter going public A password manager LastPass calls “fraudulent” booted from App Store | Ars Technica From Cybercrime Saul Goodman to the Russian GRU – Krebs on Security

The Security Podcast of Silicon Valley
Feross Aboukhadijeh, Founder and CEO of Socket.dev, a startup improving security and privacy on the web

The Security Podcast of Silicon Valley

Play Episode Listen Later Feb 1, 2024 53:40


In this episode of The Security Podcast of Silicon Valley, host Jon McLachlan of YSecurity.io invites Feross Aboukhadijeh, Founder and CEO of Socket.dev, a supply-chain cybersecurity company, to share his compelling journey as he tackles some of the most pressing challenges in software development security. Feross, a Stanford graduate and former intern at Intel, Facebook, and Quora, shares his journey from developing PeerCDN, a pioneering peer-to-peer content network, to his current venture, Socket.dev. Discover how Socket.dev is addressing critical software supply chain vulnerabilities by utilizing innovative technologies, including heuristic analysis and the latest LLMs. This episode offers valuable insights into the evolving cybersecurity landscape and Feross's unique approach to tackling some of the most pressing challenges in software development security. Join us for a captivating discussion that's a must-listen for anyone interested in the future of cybersecurity.

devtools.fm
Feross Aboukhadijeh - Socket

devtools.fm

Play Episode Listen Later Jan 16, 2024 68:11


This week we talk to the open source legend Feross Aboukhadijeh about his journey into open source, the challenges of open source funding, and his new company Socket.Socket is a tool that aims to make OSS security level up by providing a way to audit your dependencies for security vulnerabilities.They are able to detect much more complex vulnerabilities than the current tools on the market by using a combination of static analysis, dynamic analysis, and even some LLMs!Come get scared with us as we delve into the world of open source security. - https://feross.org/ - https://github.com/feross - https://twitter.com/feross - https://twitter.com/SocketSecurity - https://socket.dev/ Episode sponsored By Raycast (https://www.raycast.com/)Become a paid subscriber our patreon, spotify, or apple podcasts for the full episode. - https://www.patreon.com/devtoolsfm - https://podcasters.spotify.com/pod/show/devtoolsfm/subscribe - https://podcasts.apple.com/us/podcast/devtools-fm/id1566647758 - https://www.youtube.com/@devtoolsfm/membership

The Changelog
The I in LLM stands for intelligence

The Changelog

Play Episode Listen Later Jan 8, 2024 8:19 Transcription Available


Daniel Stenberg is frustrated with the state of AI tooling for finding security bugs, Brian Birtles is surprised by weird things engineers believe about web dev, Feross Aboukhadijeh details the fallout from a nasty npm prank, Rob Pike shares what he thinks they got right and wrong with Go & Gavin Howard writes up why he believes “all code is tech debt” is all wrong.

Changelog News
The I in LLM stands for intelligence

Changelog News

Play Episode Listen Later Jan 8, 2024 8:19 Transcription Available


Daniel Stenberg is frustrated with the state of AI tooling for finding security bugs, Brian Birtles is surprised by weird things engineers believe about web dev, Feross Aboukhadijeh details the fallout from a nasty npm prank, Rob Pike shares what he thinks they got right and wrong with Go & Gavin Howard writes up why he believes “all code is tech debt” is all wrong.

Changelog Master Feed
The I in LLM stands for intelligence (Changelog News #76)

Changelog Master Feed

Play Episode Listen Later Jan 8, 2024 8:19 Transcription Available


Daniel Stenberg is frustrated with the state of AI tooling for finding security bugs, Brian Birtles is surprised by weird things engineers believe about web dev, Feross Aboukhadijeh details the fallout from a nasty npm prank, Rob Pike shares what he thinks they got right and wrong with Go & Gavin Howard writes up why he believes “all code is tech debt” is all wrong.

Decipher Security Podcast
Feross Aboukhadijeh

Decipher Security Podcast

Play Episode Listen Later Dec 19, 2023 36:36


Feross Aboukhadijeh, founder and CEO of Socket, joins Dennis Fisher to talk about the challenges of securing open-source projects, supply chain security, and the fragility of the open-source software ecosystem. 

Syntax - Tasty Web Development Treats
705: Is Running Random Code From npm Safe? With Feross Aboukhadijeh

Syntax - Tasty Web Development Treats

Play Episode Listen Later Dec 15, 2023 67:17 Very Popular


In this Supper Club episode of Syntax, Wes and Scott talk with Feross Aboukhadijeh about his work on Socket which helps to make sure the code you get from npm is safe and secure. They also touch on his work on Wormhole and Web Torrent. Show Notes 00:30 Welcome 00:57 Who is Feross Aboukhadijeh? 01:33 What is Socket? [Socket.dev](https://socket.dev dominictarr (Dominic Tarr) pull-stream/pull-stream: minimal streams 03:59 Introducing AI package summaries Example of the AI summaries Introducing AI Package Summaries 07:04 Is Socket's focus on visibility of a open source project? 10:01 What was the inspiration for Socket? Introducing “safe npm”, a Socket npm Wrapper - Socket 16:22 How does Socket detect possible security issues? Removed packages event-source-polyfill protestware attack john wick spam attack 18:55 How many projects are you injesting for Socket to scan? 26:00 What kinds of things are people trying to inject in code? CS253 Web Security 29:54 How do I hook Socket up to my project or GitHub? 32:08 Do we still need to use shrink wrap? 36:34 How did you implement the torrent spec in JavaScript for WebTorrent? WebTorrent Desktop WebTorrent FAQ 43:11 Why did you build Wormhole? Wormhole 47:33 How expensive is it to maintain Wormhole? Riverside.fm - Record Podcasts And Videos From Anywhere 50:37 What do you think of decentralized code repos? Radicle Project Fugu Fugu Tracker 54:29 Understanding passkeys 56:15 Supper Club questions GitHub Theme - Visual Studio Marketplace Web Serial API - Web APIs | MDN 01:03:04 Sick Picks Sick Picks Harry Potter audio books Shameless Plugs ChatGPT Hit us up on Socials! Syntax: X Instagram Tiktok LinkedIn Threads Wes: X Instagram Tiktok LinkedIn Threads Scott: X Instagram Tiktok LinkedIn Threads

JS Party
The massive bug at the heart of npm

JS Party

Play Episode Listen Later Jul 7, 2023 63:03


Darcy Clarke, former GitHub Staff Engineering Manager and founder of vlt, joins us to discuss a major bug in the npm ecosystem that he recently disclosed. We cover the bug's timeline, nuances, and impact, all while setting some important context on npm packages, clients, and registries. Tune in to learn how to protect your codebase and gain a deeper understanding of this crucial part of the JavaScript ecosystem.

Changelog Master Feed
The massive bug at the heart of npm (JS Party #282)

Changelog Master Feed

Play Episode Listen Later Jul 7, 2023 63:03 Transcription Available


Darcy Clarke, former GitHub Staff Engineering Manager and founder of vlt, joins us to discuss a major bug in the npm ecosystem that he recently disclosed. We cover the bug's timeline, nuances, and impact, all while setting some important context on npm packages, clients, and registries. Tune in to learn how to protect your codebase and gain a deeper understanding of this crucial part of the JavaScript ecosystem.

Software Engineering Daily
Software Supply Chain with Feross Aboukhadijeh

Software Engineering Daily

Play Episode Listen Later May 16, 2023 44:16


The software supply chain refers to the process of creating and distributing software products. This includes all of the steps involved in creating, testing, packaging, and delivering software to end-users or customers. Socket is a new security company that can protect your most critical apps from supply chain attacks. They are taking an entirely new The post Software Supply Chain with Feross Aboukhadijeh appeared first on Software Engineering Daily.

Security – Software Engineering Daily
Software Supply Chain with Feross Aboukhadijeh

Security – Software Engineering Daily

Play Episode Listen Later May 16, 2023 38:32


The software supply chain refers to the process of creating and distributing software products. This includes all of the steps involved in creating, testing, packaging, and delivering software to end-users or customers. Socket is a new security company that can protect your most critical apps from supply chain attacks. They are taking an entirely new The post Software Supply Chain with Feross Aboukhadijeh appeared first on Software Engineering Daily.

Podcast – Software Engineering Daily
Software Supply Chain with Feross Aboukhadijeh

Podcast – Software Engineering Daily

Play Episode Listen Later May 16, 2023 38:32


The software supply chain refers to the process of creating and distributing software products. This includes all of the steps involved in creating, testing, packaging, and delivering software to end-users or customers. Socket is a new security company that can protect your most critical apps from supply chain attacks. They are taking an entirely new The post Software Supply Chain with Feross Aboukhadijeh appeared first on Software Engineering Daily.

JS Party
Making "safe npm"

JS Party

Play Episode Listen Later Apr 21, 2023 62:06 Transcription Available


Feross and his team at Socket recently shipped a wrapper library for the ubiquitous npm package manager's command-line interface that brings enhanced security when you need it most: before executing any code Bradly Farias lead this effort, so Jerod & Chris invited him on the show to learn all about it.

Changelog Master Feed
Making "safe npm" (JS Party #272)

Changelog Master Feed

Play Episode Listen Later Apr 21, 2023 62:06 Transcription Available


Feross and his team at Socket recently shipped a wrapper library for the ubiquitous npm package manager's command-line interface that brings enhanced security when you need it most: before executing any code Bradly Farias lead this effort, so Jerod & Chris invited him on the show to learn all about it.

JS Party
New Year's Party

JS Party

Play Episode Listen Later Jan 6, 2023 77:49 Transcription Available


It's our 4th annual New Year's party! Jerod & the gang review our (failed) resolutions from last year, discuss what's trending in the web world, make a few predictions of our own & even set some new (probably failed) resolutions for this year.

Changelog Master Feed
New Year's Party

Changelog Master Feed

Play Episode Listen Later Jan 6, 2023 77:49


It's our 4th annual New Year's party! Jerod & the gang review our (failed) resolutions from last year, discuss what's trending in the web world, make a few predictions of our own & even set some new (probably failed) resolutions for this year.

Real Talk JavaScript
Episode 214: Securing Your Web Apps and Source Code with Feross Aboukhadijeh

Real Talk JavaScript

Play Episode Listen Later Dec 15, 2022 46:04


Recording date: 12/1/2022John Papa @John_PapaWard Bell @WardBellDan Wahlin @DanWahlinCraig Shoemaker @craigshoemakerFeross Aboukhadijeh @FerossBrought to you byAG GridIdeaBladeResources:Feross Aboukhadijeh's websiteFeross Aboukhadijeh's GitHubLog4jThe Federal Trade Commission's (FTC) note on Log4jSocket – Secure your JavaScript supply chainWhat's really going on in your node_modules folder?Vulnerability scanning isn't enough to protect your appAuditing npm packages for security vulnerabilitiesGitHub DependabotList of package security issues that Socket detectsList of npm packages that have been removed from npm for security reasonsFeross's Web Security class at Stanford UniversityDarknet DiariesDEFCON conferenceHave I Been Pwned?Troy Hunt1% of CMS-Powered Sites Expose Their Database PasswordsTimejumps00:44 World Cup welcome02:08 Security in applications03:20 Guest introduction04:41 Why should you worry about your software supply chain?07:41 Sponsor: Ag Grid08:50 What's the attack vector like and what's the threat?15:54 Depending on dependancies to find security issues22:16 Sponsor: IdeaBlade23:13 Make it easy to do the right thing29:16 What was log4j?33:45 How does Socket work?34:36 Final thoughtsPodcast editing on this episode done by Chris Enns of Lemon Productions.

The Changelog
A new batch of web frameworks emerge!

The Changelog

Play Episode Listen Later Oct 7, 2022 94:58 Very Popular


This week we're talking fresh, faster, and new web frameworks by way of JS Party. Yes, today's show is a web framework sampler because a new batch of web frameworks have emerged. There's always something new happening in the front-end world and JS Party does an amazing job of keeping us up to date. So…what's fresh, faster, and new? The first segment of the show focuses on Deno's Fresh new web framework. Luca Casonato joins Jerod & Feross to talk about Fresh – a next generation web framework, built for speed, reliability, and simplicity. In segment two, AngularJS creator Miško Hevery joins Jerod and KBall to talk about Qwik. He says Qwik is a fundamental rethinking of how a web application should work. And he's attempting to convince Jerod & KBall that the implications of that are BIG. In the last segment, Amal talks with Fred Schott about Astro 1.0. They go deep on how Astro is built to pull content from anywhere and serve it fast with their next-gen island architecture. Plus there's an 8 minute bonus for our ++ subscribers (changelog.com/++). Fred Schott explains Astro Islands and how Astro extracts your UI into smaller, isolated components on the page, and the unused JavaScript gets replaced with lightweight HTML — leading to faster loads and time-to-interactive.

Changelog Master Feed
A new batch of web frameworks emerge! (The Changelog #509)

Changelog Master Feed

Play Episode Listen Later Oct 7, 2022 94:58


This week we're talking fresh, faster, and new web frameworks by way of JS Party. Yes, today's show is a web framework sampler because a new batch of web frameworks have emerged. There's always something new happening in the front-end world and JS Party does an amazing job of keeping us up to date. So…what's fresh, faster, and new? The first segment of the show focuses on Deno's Fresh new web framework. Luca Casonato joins Jerod & Feross to talk about Fresh – a next generation web framework, built for speed, reliability, and simplicity. In segment two, AngularJS creator Miško Hevery joins Jerod and KBall to talk about Qwik. He says Qwik is a fundamental rethinking of how a web application should work. And he's attempting to convince Jerod & KBall that the implications of that are BIG. In the last segment, Amal talks with Fred Schott about Astro 1.0. They go deep on how Astro is built to pull content from anywhere and serve it fast with their next-gen island architecture. Plus there's an 8 minute bonus for our ++ subscribers (changelog.com/++). Fred Schott explains Astro Islands and how Astro extracts your UI into smaller, isolated components on the page, and the unused JavaScript gets replaced with lightweight HTML — leading to faster loads and time-to-interactive.

ShopTalk » Podcast Feed
524: Package Security with Feross Aboukhadijeh from Socket

ShopTalk » Podcast Feed

Play Episode Listen Later Jul 18, 2022 60:39


Feross Aboukhadijeh talks with us about web security, what Socket aims to help with, how Socket compares to Depandabot or Sync, how they analyze all the data for Socket, and what things developers should be thinking about with regards to security in their apps.

JS Party
Deno's Fresh new web framework

JS Party

Play Episode Listen Later Jul 15, 2022 47:47 Transcription Available


Deno team member Luca Casonato joins Jerod & Feross to tell us about Fresh – a next generation web framework, built for speed, reliability, and simplicity.

Changelog Master Feed
Deno's Fresh new web framework (JS Party #234)

Changelog Master Feed

Play Episode Listen Later Jul 15, 2022 47:47 Transcription Available


Deno team member Luca Casonato joins Jerod & Feross to tell us about Fresh – a next generation web framework, built for speed, reliability, and simplicity.

Console DevTools
Security & Software Supply Chain, with Feross Aboukhadijeh (Socket) - S03E05

Console DevTools

Play Episode Listen Later Jul 7, 2022 31:46


In this episode we speak to Feross Aboukhadijeh, CEO of Socket.dev, a software supply chain security company. We discuss the risks of using third party dependencies, how JS and NPM could improve their approach to security, whether trust in open source is eroding, and how to improve the overall security posture of your application. About Feross AboukhadijehFeross is the founder and CEO of Socket, where he's working on a new approach to open source supply chain security. Feross is the author and maintainer of WebTorrent, StandardJS, and 100s of other open source projects which are downloaded 500+ million times per month. Feross is a lecturer at Stanford University where he teaches CS 253 Web Security. Socket, the company Feross started, is auditing every package on npm to detect suspicious changes and block software supply chain attacks. Hundreds of companies use Socket to protect their software applications and critical services from malware and security threats originating in open source code.Other things mentioned:SocketWebTorrentStandard JSnpmJSTypescriptPrettierDependabotMacBook Pro M1Studio displayLogitech mouseLet us know what you think on Twitter:https://twitter.com/consoledotdevhttps://twitter.com/davidmyttonhttps://twitter.com/ferossOr by email: hello@console.devAbout ConsoleConsole is the place developers go to find the best tools. Our weekly newsletter picks out the most interesting tools and new releases. We keep track of everything - dev tools, devops, cloud, and APIs - so you don't have to. Sign up for free at: https://console.devRecorded: 2022-04-06.

JAMstack Radio
Ep. #101, Supply Chain Security with Feross Aboukhadijeh of Socket

JAMstack Radio

Play Episode Listen Later May 19, 2022 34:18


In episode 101 of JAMstack Radio, Brian speaks with Feross Aboukhadijeh of Socket. Together they unpack what software teams can do to increase awareness of supply chain vulnerabilities, as well as good habits and tools for keeping npm packages properly updated.

Heavybit Podcast Network: Master Feed
Ep. #101, Supply Chain Security with Feross Aboukhadijeh of Socket

Heavybit Podcast Network: Master Feed

Play Episode Listen Later May 19, 2022 34:18


In episode 101 of JAMstack Radio, Brian speaks with Feross Aboukhadijeh of Socket. Together they unpack what software teams can do to increase awareness of supply chain vulnerabilities, as well as good habits and tools for keeping npm packages properly updated.

JS Party
Nick's big rewrite

JS Party

Play Episode Listen Later Apr 29, 2022 50:56 Transcription Available


Nick rewrote our JS Danger game board app from Dojo to React for his talk at React Global Online Summit about componentizing application state with React and XState. On this episode Jerod, KBall, and Feross chat with Nick about the entire process and what he learned along the way. Oh, we also play an epic round of Pro Tip Time!

Changelog Master Feed
Nick's big rewrite (JS Party #223)

Changelog Master Feed

Play Episode Listen Later Apr 29, 2022 50:56 Transcription Available


Nick rewrote our JS Danger game board app from Dojo to React for his talk at React Global Online Summit about componentizing application state with React and XState. On this episode Jerod, KBall, and Feross chat with Nick about the entire process and what he learned along the way. Oh, we also play an epic round of Pro Tip Time!

Software Engineering Daily
JavaScript Supply Chain with Feross Aboukhadijeh

Software Engineering Daily

Play Episode Listen Later Apr 23, 2022 45:18 Very Popular


The JavaScript supply chain includes numerous vulnerabilities due to its expansive nature and the long dependency chains. Socket is a new security company that can protect your most critical apps from supply chain attacks. They are taking an entirely new approach to one of the hardest problems in security in a stagnant part of the The post JavaScript Supply Chain with Feross Aboukhadijeh appeared first on Software Engineering Daily.

JavaScript – Software Engineering Daily
JavaScript Supply Chain with Feross Aboukhadijeh

JavaScript – Software Engineering Daily

Play Episode Listen Later Apr 23, 2022 45:18


The JavaScript supply chain includes numerous vulnerabilities due to its expansive nature and the long dependency chains. Socket is a new security company that can protect your most critical apps from supply chain attacks. They are taking an entirely new approach to one of the hardest problems in security in a stagnant part of the The post JavaScript Supply Chain with Feross Aboukhadijeh appeared first on Software Engineering Daily.

Security – Software Engineering Daily
JavaScript Supply Chain with Feross Aboukhadijeh

Security – Software Engineering Daily

Play Episode Listen Later Apr 23, 2022 45:18


The JavaScript supply chain includes numerous vulnerabilities due to its expansive nature and the long dependency chains. Socket is a new security company that can protect your most critical apps from supply chain attacks. They are taking an entirely new approach to one of the hardest problems in security in a stagnant part of the The post JavaScript Supply Chain with Feross Aboukhadijeh appeared first on Software Engineering Daily.

Podcast – Software Engineering Daily
JavaScript Supply Chain with Feross Aboukhadijeh

Podcast – Software Engineering Daily

Play Episode Listen Later Apr 23, 2022 52:36


The JavaScript supply chain includes numerous vulnerabilities due to its expansive nature and the long dependency chains. Socket is a new security company that can protect your most critical apps from supply chain attacks. They are taking an entirely new approach to one of the hardest problems in security in a stagnant part of the The post JavaScript Supply Chain with Feross Aboukhadijeh appeared first on Software Engineering Daily.

JS Party
This is JS Party!

JS Party

Play Episode Listen Later Apr 13, 2022 1:30


JS Party is a weekly celebration of JavaScript and the web so fun is at the heart of every episode. We play games like Frontend Feud… (clip from episode #192) Discuss and analyze the news… (clip from episode #213) Explain technical concepts to each other like we're 5… (clip from episode #195) Debate hot topics like should websites work without JS? (clip from episode #87) Interiew amazing devs like Rich Harris and Una Kravets… (clip from episode #167) This is JS Party! Listen and subscribe today. We'd love to have you with us.

Changelog Master Feed
This is JS Party! (JS Party)

Changelog Master Feed

Play Episode Listen Later Apr 13, 2022 1:30


JS Party is a weekly celebration of JavaScript and the web so fun is at the heart of every episode. We play games like Frontend Feud… (clip from episode #192) Discuss and analyze the news… (clip from episode #213) Explain technical concepts to each other like we're 5… (clip from episode #195) Debate hot topics like should websites work without JS? (clip from episode #87) Interiew amazing devs like Rich Harris and Una Kravets… (clip from episode #167) This is JS Party! Listen and subscribe today. We'd love to have you with us.

JS Party
Making moves on supply chain security

JS Party

Play Episode Listen Later Apr 1, 2022 63:51 Transcription Available


Feross has been working on something big. He joins Chris and Nick, along with guests Bret Comnes and Mik Lysenko to discuss Socket, what it is, and its focus on the security of the JavaScript supply chain.

Changelog Master Feed
Making moves on supply chain security (JS Party #219)

Changelog Master Feed

Play Episode Listen Later Apr 1, 2022 63:51 Transcription Available


Feross has been working on something big. He joins Chris and Nick, along with guests Bret Comnes and Mik Lysenko to discuss Socket, what it is, and its focus on the security of the JavaScript supply chain.

PodRocket - A web development podcast from LogRocket
Open-source supply chain security with Feross Aboukhadijeh

PodRocket - A web development podcast from LogRocket

Play Episode Listen Later Mar 22, 2022 44:08


Feross Aboukhadijeh is the creator of WebTorrent, StandardJS, and Wormhole. We talked to Feross about Wormhole back in June and he joins us now to talk about Socket.dev, a new security company that can protect your most critical apps from supply chain attacks. Links https://twitter.com/feross https://socket.dev https://socket.dev/npm/category/removed https://socketdev.notion.site/Join-the-Socket-Team https://webtorrent.io https://standardjs.com https://wormhole.app https://podrocket.logrocket.com/wormhole Review us Reviews are what help us grow and tailor our content to what you want to hear. Give us a review here (https://ratethispodcast.com/podrocket). Contact us https://podrocket.logrocket.com/contact-us @PodRocketpod (https://twitter.com/PodRocketpod) What does LogRocket do? LogRocket combines frontend monitoring, product analytics, and session replay to help software teams deliver the ideal product experience. Try LogRocket for free today. (https://logrocket.com/signup/?pdr) Special Guest: Feross Aboukhadijeh.

All JavaScript Podcasts by Devchat.tv
Supply Chain Security - Part 2 - JSJ 525

All JavaScript Podcasts by Devchat.tv

Play Episode Listen Later Mar 15, 2022 84:10


There's always more to learn about security, especially nowadays. In this episode, the Jabberers continue their conversation with Feross Aboukhadijeh about supply chain security. You can never be too careful! (Well…maybe.) “The most important thing you can do is have a mindset shift around dependencies.” _ _- Feross Aboukhadijeh In This Episode 1) How the BEST way to keep your security tight is NOT done on the computer 2) Why we're seeing a trend toward THESE kinds of packages in 2022 3) What you NEED to know about dependencies and their expiration dates Sponsors Top End Devs (https://topenddevs.com/) Raygun | Click here to get started on your free 14-day trial (https://raygun.com/?utm_medium=podcast&utm_source=jsjabber&utm_campaign=devchat&utm_content=homepage) Coaching | Top End Devs (https://topenddevs.com/coaching) Picks AJ- Download - The Go Programming Language (https://go.dev/dl/) AJ- xtz - npm (https://www.npmjs.com/package/xtz) Follow CoolAJ86 Live Streams: YouTube: https://youtube.com/coolaj86 Twitch: https://twitch.tv/coolaj86 Follow Beyond Code: YouTube: https://www.youtube.com/channel/UC2KJHARTj6KRpKzLU1sVxBA Twitter: https://twitter.com/@_beyondcode Charles- Pandemic | Board Game | BoardGameGeek (https://boardgamegeek.com/boardgame/30549/pandemic) Charles- Meetups | Top End Devs (https://topenddevs.com/meetups) Charles- Get involved with your local community Dan- Uprooted by Naomi Novik (https://www.goodreads.com/en/book/show/22544764-uprooted) Dan- Interview with Senior JS Developer in 2022 (https://www.youtube.com/watch?v=Uo3cL4nrGOk) Feross- Socket (https://socket.dev/) Feross- Wormhole (https://wormhole.app/) Feross- Chakra UI (https://chakra-ui.com/) Steve- This Unicorn Changed the Way I Poop - #SquattyPotty (https://www.youtube.com/watch?v=YbYWhdLO43Q) Steve- Girls Don't Poop - PooPourri.com (https://www.youtube.com/watch?v=ZKLnhuzh9uY) Steve- Twitter: Dad Jokes ( @Dadsaysjokes ) (https://twitter.com/Dadsaysjokes) Special Guest: Feross Aboukhadijeh.

JavaScript Jabber
Supply Chain Security - Part 2 - JSJ 525

JavaScript Jabber

Play Episode Listen Later Mar 15, 2022 84:10


There's always more to learn about security, especially nowadays. In this episode, the Jabberers continue their conversation with Feross Aboukhadijeh about supply chain security. You can never be too careful! (Well…maybe.) “The most important thing you can do is have a mindset shift around dependencies.” _ _- Feross Aboukhadijeh In This Episode 1) How the BEST way to keep your security tight is NOT done on the computer 2) Why we're seeing a trend toward THESE kinds of packages in 2022 3) What you NEED to know about dependencies and their expiration dates Sponsors Top End Devs (https://topenddevs.com/) Raygun | Click here to get started on your free 14-day trial (https://raygun.com/?utm_medium=podcast&utm_source=jsjabber&utm_campaign=devchat&utm_content=homepage) Coaching | Top End Devs (https://topenddevs.com/coaching) Picks AJ- Download - The Go Programming Language (https://go.dev/dl/) AJ- xtz - npm (https://www.npmjs.com/package/xtz) Follow CoolAJ86 Live Streams: YouTube: https://youtube.com/coolaj86 Twitch: https://twitch.tv/coolaj86 Follow Beyond Code: YouTube: https://www.youtube.com/channel/UC2KJHARTj6KRpKzLU1sVxBA Twitter: https://twitter.com/@_beyondcode Charles- Pandemic | Board Game | BoardGameGeek (https://boardgamegeek.com/boardgame/30549/pandemic) Charles- Meetups | Top End Devs (https://topenddevs.com/meetups) Charles- Get involved with your local community Dan- Uprooted by Naomi Novik (https://www.goodreads.com/en/book/show/22544764-uprooted) Dan- Interview with Senior JS Developer in 2022 (https://www.youtube.com/watch?v=Uo3cL4nrGOk) Feross- Socket (https://socket.dev/) Feross- Wormhole (https://wormhole.app/) Feross- Chakra UI (https://chakra-ui.com/) Steve- This Unicorn Changed the Way I Poop - #SquattyPotty (https://www.youtube.com/watch?v=YbYWhdLO43Q) Steve- Girls Don't Poop - PooPourri.com (https://www.youtube.com/watch?v=ZKLnhuzh9uY) Steve- Twitter: Dad Jokes ( @Dadsaysjokes ) (https://twitter.com/Dadsaysjokes) Special Guest: Feross Aboukhadijeh.

All JavaScript Podcasts by Devchat.tv
Supply Chain Security - Part 1 - JSJ 524

All JavaScript Podcasts by Devchat.tv

Play Episode Listen Later Mar 8, 2022 75:47


Malware attacks are scary, so preparation is keys. In this episode, the Jabberers talk with Feross Aboukhadijeh, a developer who's redefining malware detection to help you prepare for the next assault. “It's awesome that such small teams can make complex code, but it's not enough to just scan for vulnerabilities.” -Feross Aboukhadijeh In This Episode 1) This SCARY trend in supple chain malware attacks (and how to prepare) 2) Why tools like Socket are VERY different from common malware detection 3) How companies in 2022 are addressing their security (and what they're looking for in developers to help them) Sponsors Top End Devs (https://topenddevs.com/) Coaching | Top End Devs (https://topenddevs.com/coaching) Links Socket – protect your OSS supply chain (https://socket.dev/) Feross's Talk at CascadiaJS 2021 “It's a Jungle Out There! – Open Source Supply Chain Attacks” (https://www.youtube.com/watch?v=Cl7WVN4168M) Picks Aimee- Kubernetes Chaos Engineering Aimee- Normatec 2.0 Pro Legs | Hyperice (https://hyperice.com/products/normatec-2-pro-legs/) AJ- Socket (https://socket.dev/) AJ- Bundlephobia (https://bundlephobia.com/) AJ- NPMGraph (https://npmgraph.js.org/) Follow CoolAJ86 Live Streams: YouTube: https://youtube.com/coolaj86 Twitch: https://twitch.tv/coolaj86 Follow Beyond Code: YouTube: https://www.youtube.com/channel/UC2KJHARTj6KRpKzLU1sVxBA Twitter: https://twitter.com/@_beyondcode Charles- 7 Wonders Board Game (https://amzn.to/3IU78by) Charles- Airmeet (https://www.airmeet.com/) Charles- Events | Top End Devs (https://topenddevs.com/events) Feross- Node.js Fetch Feross- Darknet Diaries – True stories from the dark side of the Internet (https://darknetdiaries.com/) Feross- Risky Business news recap Steve- passWORDLE (https://rsk0315.github.io/playground/passwordle.html) Special Guest: Feross Aboukhadijeh.

JavaScript Jabber
Supply Chain Security - Part 1 - JSJ 524

JavaScript Jabber

Play Episode Listen Later Mar 8, 2022 75:47


Malware attacks are scary, so preparation is keys. In this episode, the Jabberers talk with Feross Aboukhadijeh, a developer who's redefining malware detection to help you prepare for the next assault. “It's awesome that such small teams can make complex code, but it's not enough to just scan for vulnerabilities.” -Feross Aboukhadijeh In This Episode 1) This SCARY trend in supple chain malware attacks (and how to prepare) 2) Why tools like Socket are VERY different from common malware detection 3) How companies in 2022 are addressing their security (and what they're looking for in developers to help them) Sponsors Top End Devs (https://topenddevs.com/) Coaching | Top End Devs (https://topenddevs.com/coaching) Links Socket – protect your OSS supply chain (https://socket.dev/) Feross's Talk at CascadiaJS 2021 “It's a Jungle Out There! – Open Source Supply Chain Attacks” (https://www.youtube.com/watch?v=Cl7WVN4168M) Picks Aimee- Kubernetes Chaos Engineering Aimee- Normatec 2.0 Pro Legs | Hyperice (https://hyperice.com/products/normatec-2-pro-legs/) AJ- Socket (https://socket.dev/) AJ- Bundlephobia (https://bundlephobia.com/) AJ- NPMGraph (https://npmgraph.js.org/) Follow CoolAJ86 Live Streams: YouTube: https://youtube.com/coolaj86 Twitch: https://twitch.tv/coolaj86 Follow Beyond Code: YouTube: https://www.youtube.com/channel/UC2KJHARTj6KRpKzLU1sVxBA Twitter: https://twitter.com/@_beyondcode Charles- 7 Wonders Board Game (https://amzn.to/3IU78by) Charles- Airmeet (https://www.airmeet.com/) Charles- Events | Top End Devs (https://topenddevs.com/events) Feross- Node.js Fetch Feross- Darknet Diaries – True stories from the dark side of the Internet (https://darknetdiaries.com/) Feross- Risky Business news recap Steve- passWORDLE (https://rsk0315.github.io/playground/passwordle.html) Special Guest: Feross Aboukhadijeh.

Changelog Master Feed
Securing the open source supply chain (The Changelog #482)

Changelog Master Feed

Play Episode Listen Later Mar 1, 2022 88:21 Transcription Available


This week we're joined by the “mad scientist” himself, Feross Aboukhadijeh…and we're talking about the launch of Socket — the next big thing in the fight to secure and protect the open source supply chain. While working on the frontlines of open source, Feross and team have witnessed firsthand how supply chain attacks have swept across the software community and have damaged the trust in open source. Socket turns the problem of securing open source software on its head, and asks…“What if we assume all open source may be malicious?” So, they built a system that proactively detects indicators of compromised open source packages and brings awareness to teams in real-time. We cover the whys, the hows, and what's next for this ambitious and very much needed project.

The Changelog
Securing the open source supply chain

The Changelog

Play Episode Listen Later Mar 1, 2022 88:21 Transcription Available


This week we're joined by the “mad scientist” himself, Feross Aboukhadijeh…and we're talking about the launch of Socket — the next big thing in the fight to secure and protect the open source supply chain. While working on the frontlines of open source, Feross and team have witnessed firsthand how supply chain attacks have swept across the software community and have damaged the trust in open source. Socket turns the problem of securing open source software on its head, and asks…“What if we assume all open source may be malicious?” So, they built a system that proactively detects indicators of compromised open source packages and brings awareness to teams in real-time. We cover the whys, the hows, and what's next for this ambitious and very much needed project.

Changelog Master Feed
What's in your package.json? (JS Party #210)

Changelog Master Feed

Play Episode Listen Later Jan 29, 2022 69:25 Transcription Available


Tobie Langel, Open source strategist and Principal at UnlockOpen, joins Chris, Feross, and Amal to discuss recent widespread incidents affecting the JavaScript community (and breaking CI builds) around the globe. Two widely used npm libraries were self-sabotaged by their single maintainer, yet again, highlighting the many gaps in our OSS supply chain security, sustainability and overall practices. We explore all these topics and solution on what our ecosystem needs to be more resilient to these types of attacks in the future.

JS Party
What's in your package.json?

JS Party

Play Episode Listen Later Jan 29, 2022 69:25 Transcription Available


Tobie Langel, Open source strategist and Principal at UnlockOpen, joins Chris, Feross, and Amal to discuss recent widespread incidents affecting the JavaScript community (and breaking CI builds) around the globe. Two widely used npm libraries were self-sabotaged by their single maintainer, yet again, highlighting the many gaps in our OSS supply chain security, sustainability and overall practices. We explore all these topics and solution on what our ecosystem needs to be more resilient to these types of attacks in the future.

JS Party
Best of the fest! Volume 1

JS Party

Play Episode Listen Later Nov 5, 2021 56:48 Transcription Available


JS Party listeners and panelists celebrate our favorite moments from the past 100 episodes! You'll hear from over 20 of your favorite voices across 14 episodes. We also share some behind-the-scenes and read/hear from listeners! Here's to the last 200 episodes, and the next 200 as well.

Changelog Master Feed
Best of the fest! Volume 1 (JS Party #200)

Changelog Master Feed

Play Episode Listen Later Nov 5, 2021 56:48 Transcription Available


JS Party listeners and panelists celebrate our favorite moments from the past 100 episodes! You'll hear from over 20 of your favorite voices across 14 episodes. We also share some behind-the-scenes and read/hear from listeners! Here's to the last 200 episodes, and the next 200 as well.

The Runtime
008 - Feross Aboukhadijeh on Wormhole

The Runtime

Play Episode Listen Later Aug 13, 2021 41:09


Rafael is joined by Feross Aboukhadijeh, the author and maintainer of WebTorrent, StandardJS, and hundreds of other open source projects, to talk about his new file-sending app, Wormhole. Feross gets into the weeds about encryption and threat models, and talks about some of the complexities around creating a simple interface accross many different devices and browsers. Links to things mentioned in the episode: - Wormhole: https://wormhole.app/ - Wormhole Roadmap: https://wormhole.app/roadmap - Wormhole Discord Server: https://discord.gg/de6FscsK5Z - Chakra UI: https://chakra-ui.com - Paul Frazee: https://twitter.com/pfrazee - Socket.dev: https://socket.dev/

The Runtime
008 - Feross Aboukhadijeh on Wormhole

The Runtime

Play Episode Listen Later Aug 13, 2021 41:09


Rafael is joined by Feross Aboukhadijeh, the author and maintainer of WebTorrent, StandardJS, and hundreds of other open source projects, to talk about his new file-sending app, Wormhole. Feross gets into the weeds about encryption and threat models, and talks about some of the complexities around creating a simple interface accross many different devices and browsers. Links to things mentioned in the episode: - Wormhole: https://wormhole.app/ - Wormhole Roadmap: https://wormhole.app/roadmap - Wormhole Discord Server: https://discord.gg/de6FscsK5Z - Chakra UI: https://chakra-ui.com - Paul Frazee: https://twitter.com/pfrazee - Socket.dev: https://socket.dev/

JS Party
Into the Wormhole

JS Party

Play Episode Listen Later Jul 23, 2021 72:05 Transcription Available


Feross is back with a brand new web app for us to pick apart! Wormhole is the fastest way to send files on the internet and we want to know why he built it, how it works, and what crazy hacks he invented along the way.

Changelog Master Feed
Into the Wormhole (JS Party #185)

Changelog Master Feed

Play Episode Listen Later Jul 23, 2021 72:05 Transcription Available


Feross is back with a brand new web app for us to pick apart! Wormhole is the fastest way to send files on the internet and we want to know why he built it, how it works, and what crazy hacks he invented along the way.

Changelog Master Feed
Of spiders and monkeys (JS Party #180)

Changelog Master Feed

Play Episode Listen Later Jun 18, 2021 70:19 Transcription Available


Yulia Startsev from Mozilla's SpiderMonkey team joins Jerod & Feross to talk compilers, going back to get your Master's, making decisions as a group, process of shepherding a feature through TC39, how Firefox actually works, and LavaMoats. Yes, LavaMoats.

JS Party
Of spiders and monkeys

JS Party

Play Episode Listen Later Jun 18, 2021 70:19 Transcription Available


Yulia Startsev from Mozilla's SpiderMonkey team joins Jerod & Feross to talk compilers, going back to get your Master's, making decisions as a group, process of shepherding a feature through TC39, how Firefox actually works, and LavaMoats. Yes, LavaMoats.

PodRocket - A web development podcast from LogRocket
How to use Wormhole for simple, private file sharing with Feross Aboukhadijeh

PodRocket - A web development podcast from LogRocket

Play Episode Listen Later Jun 15, 2021 29:00


In this episode, Ben interviews Feross Aboukhadijeh about Wormhole. Wormhole is a file sending tool that lets you quickly share files with end-to-end encryption and a link that automatically expires. So you can keep what you share private and make sure your stuff doesn't stay online forever. Links https://twitter.com/feross (https://twitter.com/feross) https://feross.org (https://feross.org) https://wormhole.app (https://wormhole.app) https://medium.com/s/silicon-satire/i-peeked-into-my-node-modules-directory-and-you-wont-believe-what-happened-next (https://medium.com/s/silicon-satire/i-peeked-into-my-node-modules-directory-and-you-wont-believe-what-happened-next-b89f63d21558) https://www.npmjs.com/package/wormhole-crypto (https://www.npmjs.com/package/wormhole-crypto) https://socket.dev (https://socket.dev) Contact us https://podrocket.logrocket.com/contact-us (https://podrocket.logrocket.com/contact-us) @PodRocketpod (https://twitter.com/PodRocketpod) What does LogRocket do? LogRocket combines frontend monitoring, product analytics, and session replay to help software teams deliver the ideal product experience. Try LogRocket for free today (https://logrocket.com/signup/?pdr). Special Guest: Feross Aboukhadijeh.

JS Party
This is ReScript

JS Party

Play Episode Listen Later May 14, 2021 59:24 Transcription Available


Ever wanted a language like JavaScript, but without the warts, with a great type system, and with a lean build toolchain that doesn’t waste your time? Patrick Ecker from the ReScript Association sits down with Jerod and Feross to tell us all about this “JavaScript-like language you have been waiting for”.

Changelog Master Feed
This is ReScript (JS Party #175)

Changelog Master Feed

Play Episode Listen Later May 14, 2021 59:24 Transcription Available


Ever wanted a language like JavaScript, but without the warts, with a great type system, and with a lean build toolchain that doesn’t waste your time? Patrick Ecker from the ReScript Association sits down with Jerod and Feross to tell us all about this “JavaScript-like language you have been waiting for”.

Changelog Master Feed
Blasting off with Apollo

Changelog Master Feed

Play Episode Listen Later Apr 30, 2021 47:32 Transcription Available


KBall, Amal, and Feross are joined by special guest Jenn Creighton to talk about all things Apollo. How does Apollo fit into the GraphQL ecosystem, what’s the next big thing, and when would you choose to use it?

JS Party
Blasting off with Apollo

JS Party

Play Episode Listen Later Apr 30, 2021 47:32 Transcription Available


KBall, Amal, and Feross are joined by special guest Jenn Creighton to talk about all things Apollo. How does Apollo fit into the GraphQL ecosystem, what’s the next big thing, and when would you choose to use it?

Changelog Master Feed
Less JavaScript more HTMX (JS Party #171)

Changelog Master Feed

Play Episode Listen Later Apr 16, 2021 69:24 Transcription Available


Jerod & Feross learn all about htmx (a pragmatic approach to web frontends) and _hyperscript (an experimental scripting language inspired by HyperTalk) with special guest Carson from Big Sky Software. Thanks to Rajasegar Chandran for requesting this episode!

JS Party
Less JavaScript more HTMX

JS Party

Play Episode Listen Later Apr 16, 2021 69:24 Transcription Available


Jerod & Feross learn all about htmx (a pragmatic approach to web frontends) and _hyperscript (an experimental scripting language inspired by HyperTalk) with special guest Carson from Big Sky Software. Thanks to Rajasegar Chandran for requesting this episode!

Coding in the Wild
#2: Coding in Open Source with Feross Aboukhadijeh

Coding in the Wild

Play Episode Listen Later Feb 7, 2020 22:02


In this episode on Coding in Open Source, we interview Feross Aboukhadijeh about his innovative projects and experience with open source software. Feross is an entrepreneur, programmer, open source author, and mad scientist who will tell you, "It's possible to make a profit and share your code with the world!"

The Changelog
Maintainer spotlight! Feross Aboukhadijeh

The Changelog

Play Episode Listen Later Aug 29, 2019 64:13 Transcription Available


In this episode we’re shining our maintainer spotlight on Feross Aboukhadijeh. Feross is the creator and maintainer of 100’s of open source projects which have been downloaded 100’s of million of times each month — projects like StandardJS, BitMidi, and WebTorrent to name a few. This episode with Feross continues our maintainer spotlight series where we dig deep into the life of an open source software maintainer. We’re producing this series in partnership with Tidelift. Huge thanks to Tidelift for making this series possible.

Changelog Master Feed
Maintainer spotlight! Feross Aboukhadijeh (The Changelog #359)

Changelog Master Feed

Play Episode Listen Later Aug 29, 2019 64:13 Transcription Available


In this episode we’re shining our maintainer spotlight on Feross Aboukhadijeh. Feross is the creator and maintainer of 100’s of open source projects which have been downloaded 100’s of million of times each month — projects like StandardJS, BitMidi, and WebTorrent to name a few. This episode with Feross continues our maintainer spotlight series where we dig deep into the life of an open source software maintainer. We’re producing this series in partnership with Tidelift. Huge thanks to Tidelift for making this series possible.

JS Party
Cool, depending on your definition of cool

JS Party

Play Episode Listen Later May 7, 2018 54:24 Transcription Available


Feross Aboukhadijeh, Suz Hinton, Nick Nisi, and Alex Sexton get weird this week talking about their favorite old and weird HTML tags, web APIs that do or don’t require permission, and their favorite weird websites.

Changelog Master Feed
Cool, depending on your definition of cool (JS Party #24)

Changelog Master Feed

Play Episode Listen Later May 7, 2018 54:24 Transcription Available


Feross Aboukhadijeh, Suz Hinton, Nick Nisi, and Alex Sexton get weird this week talking about their favorite old and weird HTML tags, web APIs that do or don’t require permission, and their favorite weird websites.

JS Party
Oh, the places JS will go

JS Party

Play Episode Listen Later Apr 13, 2018 54:47 Transcription Available


Jerod Santo, Suz Hinton, Feross Aboukhadijeh, and Kevin Ball talk about awesome things being done with JavaScript like WebUSB, WebTorrent, and DSLs.

Changelog Master Feed
Oh, the places JS will go (JS Party #21)

Changelog Master Feed

Play Episode Listen Later Apr 13, 2018 54:47 Transcription Available


Jerod Santo, Suz Hinton, Feross Aboukhadijeh, and Kevin Ball talk about awesome things being done with JavaScript like WebUSB, WebTorrent, and DSLs.

My JavaScript Story
MJS #032 Feross Aboukhadijeh

My JavaScript Story

Play Episode Listen Later Aug 30, 2017 29:20


MJS 032: Feross Aboukhadijeh Today's episode is a My JavaScript Story with Feross Aboukhadijeh. Feross talked about his contributions to the JavaScript community to the decentralized web. Listen to learn more about Mike! [01:00] – Introduction to Feross Aboukhadijeh Feross was on episode 155 and he talked about Webtorrent. It was 2 years ago. [01:35] – How did you get into programming? Toddler Feross has always been interested in computers and technology. His mom told him a story about how when he was a toddler, he was always watching people whenever they’re using technology – the television, the microwave, or the VCR. She said that he’s trying to imitate what he saw. HTML and Web proxies According to Feross, he became seriously interested when he was in middle school when he learned about HTML and wanted to make a personal site. In high school, there was this class that you could take. It’s a tech team where they went around and fixed teachers’ computers because they were understaffed. Some of the computers have administrator privileges turned on for the student accounts as well because some of the software that was required for certain classes needed it. The computers always had viruses on them because people would install first-person shooters and play during class time. They actually have school-wide filtering system so students can’t access certain sites. One of the categories they blocked was downloading sites. In order to even do their job, they have to figure out web proxies to get around the filters. He ended up setting up one of those on his own server. First website Feross’ real programming experience was PHP. It was in his junior year of high school. He bought a book in Barnes & Noble about PHP and MySQL. He wanted to build a site to host his favorite flash animations. That project was a database-driven website where people can segment their flash animations and soundboards, prank phone calls, and other internet humor. The site was called freetoflash. That was the first website that he built. [07:10] – How did you get into JavaScript? Feross thinks JavaScript is one of those languages that you don’t actually really bother to sit down and learn. There weren’t any good resources. According to him, He really didn’t know JavaScript until he started a company right after he graduated from college. He started taking JavaScript seriously because he was learning Node.js and realized that you can build real things from it. The start-up is called PeerCDN. They’re trying to make a content delivery network that would work in the browser using WebRTC. The idea is you would add a script tag to your website and then we would try to find other people visiting your site that already has the content that you want, you’ll fetch it from them over a peer-to-peer connection to save on your hosting build to reduce your CDN bill. That was a big Node application. It also has intense front-end component. He started learning about NPM, how you build things with microservices, and how do you deploy a JavaScript application. That was in 2013. [09:35] – Webtorrent Feross has been trying to transition Webtorrent into a distributed contribution model. It’s always been something that he would give out commit rights. If someone makes a good contribution, he’ll just add them to the Github for it. He recently made it into an organization on Github. He’s hoping to make it something that’s not completely dependent on him in order for it to continue existing. He’s going to be involved with it for the foreseeable future but he’s also trying to do new projects as well besides that. The good news is Webtorrent is mostly done in some sense. It works well. There are bugs. But if you use Webtorrent, especially if you use the desktop application to torrent things, it’s really polished and works nicely. Picks Feross Aboukhadijeh Decentralized web Dat Project Beaker Project IPFS Secure Scuttlebutt Patchwork Brave Twitter: @WebTorrentApp Twitter: @feross Charles Max Wood Let’s Encrypt Digital Ocean

All JavaScript Podcasts by Devchat.tv
MJS #032 Feross Aboukhadijeh

All JavaScript Podcasts by Devchat.tv

Play Episode Listen Later Aug 30, 2017 29:20


MJS 032: Feross Aboukhadijeh Today's episode is a My JavaScript Story with Feross Aboukhadijeh. Feross talked about his contributions to the JavaScript community to the decentralized web. Listen to learn more about Mike! [01:00] – Introduction to Feross Aboukhadijeh Feross was on episode 155 and he talked about Webtorrent. It was 2 years ago. [01:35] – How did you get into programming? Toddler Feross has always been interested in computers and technology. His mom told him a story about how when he was a toddler, he was always watching people whenever they’re using technology – the television, the microwave, or the VCR. She said that he’s trying to imitate what he saw. HTML and Web proxies According to Feross, he became seriously interested when he was in middle school when he learned about HTML and wanted to make a personal site. In high school, there was this class that you could take. It’s a tech team where they went around and fixed teachers’ computers because they were understaffed. Some of the computers have administrator privileges turned on for the student accounts as well because some of the software that was required for certain classes needed it. The computers always had viruses on them because people would install first-person shooters and play during class time. They actually have school-wide filtering system so students can’t access certain sites. One of the categories they blocked was downloading sites. In order to even do their job, they have to figure out web proxies to get around the filters. He ended up setting up one of those on his own server. First website Feross’ real programming experience was PHP. It was in his junior year of high school. He bought a book in Barnes & Noble about PHP and MySQL. He wanted to build a site to host his favorite flash animations. That project was a database-driven website where people can segment their flash animations and soundboards, prank phone calls, and other internet humor. The site was called freetoflash. That was the first website that he built. [07:10] – How did you get into JavaScript? Feross thinks JavaScript is one of those languages that you don’t actually really bother to sit down and learn. There weren’t any good resources. According to him, He really didn’t know JavaScript until he started a company right after he graduated from college. He started taking JavaScript seriously because he was learning Node.js and realized that you can build real things from it. The start-up is called PeerCDN. They’re trying to make a content delivery network that would work in the browser using WebRTC. The idea is you would add a script tag to your website and then we would try to find other people visiting your site that already has the content that you want, you’ll fetch it from them over a peer-to-peer connection to save on your hosting build to reduce your CDN bill. That was a big Node application. It also has intense front-end component. He started learning about NPM, how you build things with microservices, and how do you deploy a JavaScript application. That was in 2013. [09:35] – Webtorrent Feross has been trying to transition Webtorrent into a distributed contribution model. It’s always been something that he would give out commit rights. If someone makes a good contribution, he’ll just add them to the Github for it. He recently made it into an organization on Github. He’s hoping to make it something that’s not completely dependent on him in order for it to continue existing. He’s going to be involved with it for the foreseeable future but he’s also trying to do new projects as well besides that. The good news is Webtorrent is mostly done in some sense. It works well. There are bugs. But if you use Webtorrent, especially if you use the desktop application to torrent things, it’s really polished and works nicely. Picks Feross Aboukhadijeh Decentralized web Dat Project Beaker Project IPFS Secure Scuttlebutt Patchwork Brave Twitter: @WebTorrentApp Twitter: @feross Charles Max Wood Let’s Encrypt Digital Ocean

Devchat.tv Master Feed
MJS #032 Feross Aboukhadijeh

Devchat.tv Master Feed

Play Episode Listen Later Aug 30, 2017 29:20


MJS 032: Feross Aboukhadijeh Today's episode is a My JavaScript Story with Feross Aboukhadijeh. Feross talked about his contributions to the JavaScript community to the decentralized web. Listen to learn more about Mike! [01:00] – Introduction to Feross Aboukhadijeh Feross was on episode 155 and he talked about Webtorrent. It was 2 years ago. [01:35] – How did you get into programming? Toddler Feross has always been interested in computers and technology. His mom told him a story about how when he was a toddler, he was always watching people whenever they’re using technology – the television, the microwave, or the VCR. She said that he’s trying to imitate what he saw. HTML and Web proxies According to Feross, he became seriously interested when he was in middle school when he learned about HTML and wanted to make a personal site. In high school, there was this class that you could take. It’s a tech team where they went around and fixed teachers’ computers because they were understaffed. Some of the computers have administrator privileges turned on for the student accounts as well because some of the software that was required for certain classes needed it. The computers always had viruses on them because people would install first-person shooters and play during class time. They actually have school-wide filtering system so students can’t access certain sites. One of the categories they blocked was downloading sites. In order to even do their job, they have to figure out web proxies to get around the filters. He ended up setting up one of those on his own server. First website Feross’ real programming experience was PHP. It was in his junior year of high school. He bought a book in Barnes & Noble about PHP and MySQL. He wanted to build a site to host his favorite flash animations. That project was a database-driven website where people can segment their flash animations and soundboards, prank phone calls, and other internet humor. The site was called freetoflash. That was the first website that he built. [07:10] – How did you get into JavaScript? Feross thinks JavaScript is one of those languages that you don’t actually really bother to sit down and learn. There weren’t any good resources. According to him, He really didn’t know JavaScript until he started a company right after he graduated from college. He started taking JavaScript seriously because he was learning Node.js and realized that you can build real things from it. The start-up is called PeerCDN. They’re trying to make a content delivery network that would work in the browser using WebRTC. The idea is you would add a script tag to your website and then we would try to find other people visiting your site that already has the content that you want, you’ll fetch it from them over a peer-to-peer connection to save on your hosting build to reduce your CDN bill. That was a big Node application. It also has intense front-end component. He started learning about NPM, how you build things with microservices, and how do you deploy a JavaScript application. That was in 2013. [09:35] – Webtorrent Feross has been trying to transition Webtorrent into a distributed contribution model. It’s always been something that he would give out commit rights. If someone makes a good contribution, he’ll just add them to the Github for it. He recently made it into an organization on Github. He’s hoping to make it something that’s not completely dependent on him in order for it to continue existing. He’s going to be involved with it for the foreseeable future but he’s also trying to do new projects as well besides that. The good news is Webtorrent is mostly done in some sense. It works well. There are bugs. But if you use Webtorrent, especially if you use the desktop application to torrent things, it’s really polished and works nicely. Picks Feross Aboukhadijeh Decentralized web Dat Project Beaker Project IPFS Secure Scuttlebutt Patchwork Brave Twitter: @WebTorrentApp Twitter: @feross Charles Max Wood Let’s Encrypt Digital Ocean

Demuxed
Ep. #5, WebTorrent: Bringing BitTorrent to the Web

Demuxed

Play Episode Listen Later Jul 6, 2017 49:17


In the latest episode of Demuxed, Matt, Steve and Phil are joined by Feross Aboukhadijeh and John Hiesey for a discussion on WebTorrent. The post Ep. #5, WebTorrent: Bringing BitTorrent to the Web appeared first on Heavybit.

Demuxed
Ep. #5, WebTorrent: Bringing BitTorrent to the Web

Demuxed

Play Episode Listen Later Jul 6, 2017 49:17


In the latest episode of Demuxed, Matt, Steve and Phil are joined by Feross Aboukhadijeh and John Hiesey for a discussion on WebTorrent.

Changelog Master Feed
Mad Science, WebTorrent, WebRTC (The Changelog #227)

Changelog Master Feed

Play Episode Listen Later Nov 11, 2016 81:57 Transcription Available


Feross Aboukhadijeh joined the show this week to talk with us about his backstory, passive income, WebTorrent, WebRTC, Electron and the ins and outs of packaging apps for all platforms.

The Changelog
Mad Science, WebTorrent, WebRTC

The Changelog

Play Episode Listen Later Nov 11, 2016 81:57 Transcription Available


Feross Aboukhadijeh joined the show this week to talk with us about his backstory, passive income, WebTorrent, WebRTC, Electron and the ins and outs of packaging apps for all platforms.

NodeUp
104 - 1:1 w/ Feross Aboukhadijeh

NodeUp

Play Episode Listen Later Jul 15, 2016 68:41


Hackers – Software Engineering Daily
WebTorrent with Feross Aboukhadijeh

Hackers – Software Engineering Daily

Play Episode Listen Later Jan 14, 2016 58:49


“The BitTorrent DHT is an amazing engineering feat and one of the coolest ideas in computer science, I think, because it works without any central coordination.” Continue reading… The post WebTorrent with Feross Aboukhadijeh appeared first on Software Engineering Daily.

The iPhreaks Show
129 iPS WebRTC

The iPhreaks Show

Play Episode Listen Later Nov 19, 2015 30:46


01:08 - WebRTC 03:23 - Advantages 04:51 - Approaching WebRTC Bowser Pristine IO: Build iOS AppRTC iOS AppRTC Deep Dive (Pt. 1) webrtc-build-scripts AppRTC on CocoaPods openTalk API OpenTok Developer Center 08:24 - Use Cases and Gotchas PodClear Zencastr ICE Candidates Explanation Thomas Gorissen: jQuery for WebRTC @ JS Remote Conf 2015 JavaScript Jabber Episode #155: Webtorrent with Feross Aboukhadijeh 15:51 - Capturing and Collecting Data 18:35 - Handling Errors 20:31 - Encryption 22:35 - Alternatives to WebRTC Picks Observable-Swift (Andrew) CocoaHeads-SLC-Presentations (Andrew) Karma (Alondo) Eden Twig Tea (Jaim) iphreakstopics (Chuck) Geek Toys (Chuck) ThinkGeek (Chuck) Sonic Screwdriver (Chuck)

Devchat.tv Master Feed
129 iPS WebRTC

Devchat.tv Master Feed

Play Episode Listen Later Nov 19, 2015 30:46


01:08 - WebRTC 03:23 - Advantages 04:51 - Approaching WebRTC Bowser Pristine IO: Build iOS AppRTC iOS AppRTC Deep Dive (Pt. 1) webrtc-build-scripts AppRTC on CocoaPods openTalk API OpenTok Developer Center 08:24 - Use Cases and Gotchas PodClear Zencastr ICE Candidates Explanation Thomas Gorissen: jQuery for WebRTC @ JS Remote Conf 2015 JavaScript Jabber Episode #155: Webtorrent with Feross Aboukhadijeh 15:51 - Capturing and Collecting Data 18:35 - Handling Errors 20:31 - Encryption 22:35 - Alternatives to WebRTC Picks Observable-Swift (Andrew) CocoaHeads-SLC-Presentations (Andrew) Karma (Alondo) Eden Twig Tea (Jaim) iphreakstopics (Chuck) Geek Toys (Chuck) ThinkGeek (Chuck) Sonic Screwdriver (Chuck)

All JavaScript Podcasts by Devchat.tv
155 JSJ Webtorrent with Feross Aboukhadijeh

All JavaScript Podcasts by Devchat.tv

Play Episode Listen Later Apr 16, 2015 47:40


Support our Teespring campaign! Get your JavaScript Jabber unisex t-shirts, hoodies, ladies’-sized, and long-sleeve tees! 02:01 - Feross Aboukhadijeh Introduction Twitter GitHub Blog 02:39 - Peer-to-Peer Background, Content Delivery Networks (CDNs) WebRTC PeerCDN BitTorrent 09:43 - The BitTorrent Protocol and Hypertext Transfer Protocol (HTTP) [YouTube] Feross Aboukhadijeh: WebTorrent (JSConf.Asia 2014) Distributed Hash Table (DHT) 13:08 - WebTorrent = BitTorrent over WebRTC Transmission Control Protocol (TCP) The User Datagram Protocol (UDP) Session Traversal Utilities for NAT (STUN) 17:22 - Where Do Original Files Come From? Tracker Servers BitTorrent Enhancement Proposal (BEP) 21:23 - Opposition 27:26 - Where is WebTorrent Going? (Use Cases) Instant.io [GitHub] instant.io 29:52 - Live Broadcasts 31:12 - Progression of BitTorrent Over Time Technical Decentralization 35:03 - Same-Origin Policy 36:33 - Firefox Hello Picks January 12th, 2016: Goodbye IE8 and IE9! (Dave) js-must-watch (Aimee) Headspace (Aimee) Popcorn Time (AJ) Steelheart (The Reckoners) by Brandon Sanderson (Chuck) Teespring (Chuck) Loop Drop by Matt McKegg (Feross) SceneVR by Ben Nolan (Feross) WebTorrent (Feross) node-nat-upnp (AJ) node-nat-pmp (AJ) simple-peer (Feross)

JavaScript Jabber
155 JSJ Webtorrent with Feross Aboukhadijeh

JavaScript Jabber

Play Episode Listen Later Apr 16, 2015 47:40


Support our Teespring campaign! Get your JavaScript Jabber unisex t-shirts, hoodies, ladies’-sized, and long-sleeve tees! 02:01 - Feross Aboukhadijeh Introduction Twitter GitHub Blog 02:39 - Peer-to-Peer Background, Content Delivery Networks (CDNs) WebRTC PeerCDN BitTorrent 09:43 - The BitTorrent Protocol and Hypertext Transfer Protocol (HTTP) [YouTube] Feross Aboukhadijeh: WebTorrent (JSConf.Asia 2014) Distributed Hash Table (DHT) 13:08 - WebTorrent = BitTorrent over WebRTC Transmission Control Protocol (TCP) The User Datagram Protocol (UDP) Session Traversal Utilities for NAT (STUN) 17:22 - Where Do Original Files Come From? Tracker Servers BitTorrent Enhancement Proposal (BEP) 21:23 - Opposition 27:26 - Where is WebTorrent Going? (Use Cases) Instant.io [GitHub] instant.io 29:52 - Live Broadcasts 31:12 - Progression of BitTorrent Over Time Technical Decentralization 35:03 - Same-Origin Policy 36:33 - Firefox Hello Picks January 12th, 2016: Goodbye IE8 and IE9! (Dave) js-must-watch (Aimee) Headspace (Aimee) Popcorn Time (AJ) Steelheart (The Reckoners) by Brandon Sanderson (Chuck) Teespring (Chuck) Loop Drop by Matt McKegg (Feross) SceneVR by Ben Nolan (Feross) WebTorrent (Feross) node-nat-upnp (AJ) node-nat-pmp (AJ) simple-peer (Feross)

Devchat.tv Master Feed
155 JSJ Webtorrent with Feross Aboukhadijeh

Devchat.tv Master Feed

Play Episode Listen Later Apr 16, 2015 47:40


Support our Teespring campaign! Get your JavaScript Jabber unisex t-shirts, hoodies, ladies’-sized, and long-sleeve tees! 02:01 - Feross Aboukhadijeh Introduction Twitter GitHub Blog 02:39 - Peer-to-Peer Background, Content Delivery Networks (CDNs) WebRTC PeerCDN BitTorrent 09:43 - The BitTorrent Protocol and Hypertext Transfer Protocol (HTTP) [YouTube] Feross Aboukhadijeh: WebTorrent (JSConf.Asia 2014) Distributed Hash Table (DHT) 13:08 - WebTorrent = BitTorrent over WebRTC Transmission Control Protocol (TCP) The User Datagram Protocol (UDP) Session Traversal Utilities for NAT (STUN) 17:22 - Where Do Original Files Come From? Tracker Servers BitTorrent Enhancement Proposal (BEP) 21:23 - Opposition 27:26 - Where is WebTorrent Going? (Use Cases) Instant.io [GitHub] instant.io 29:52 - Live Broadcasts 31:12 - Progression of BitTorrent Over Time Technical Decentralization 35:03 - Same-Origin Policy 36:33 - Firefox Hello Picks January 12th, 2016: Goodbye IE8 and IE9! (Dave) js-must-watch (Aimee) Headspace (Aimee) Popcorn Time (AJ) Steelheart (The Reckoners) by Brandon Sanderson (Chuck) Teespring (Chuck) Loop Drop by Matt McKegg (Feross) SceneVR by Ben Nolan (Feross) WebTorrent (Feross) node-nat-upnp (AJ) node-nat-pmp (AJ) simple-peer (Feross)