Podcasts about GitHub

Share on
Share on Facebook
Share on Twitter
Share on Reddit
Share on LinkedIn
Copy link to clipboard

Hosting service for software projects using Git

  • 2,299PODCASTS
  • 13,278EPISODES
  • 37mAVG DURATION
  • 3DAILY NEW EPISODES
  • Jul 3, 2022LATEST
GitHub

POPULARITY

20122013201420152016201720182019202020212022



    Best podcasts about GitHub

    Show all podcasts related to github

    Latest podcast episodes about GitHub

    Flirting with Models
    Kai Wu - Mining Unstructured Data for the Intangible (S5E6)

    Flirting with Models

    Play Episode Listen Later Jul 3, 2022 49:51


    My guest in this episode is Kai Wu, CEO and founder of Sparkline Capital. Kai is a pioneer in the measurement of intangible value.  Using machine learning, he tackles unstructured data sources like patent filings, earnings transcripts, LinkedIn network connections, and GitHub code repositories to try to measure value across the four key pillars of Brand, Intellectual Property, Network, and Human Capital. We discuss why intangibles are important, how they differ from the traditional factor zoo, the opportunities and risks of unstructured data, and how even big data can have small data problems within it. Finally, we discuss Kai's most recent applications of his research to the world of crypto. Please enjoy my conversation with Kai Wu.

    Foundations of Amateur Radio
    Defining a standard on Contest Scoring

    Foundations of Amateur Radio

    Play Episode Listen Later Jul 2, 2022 6:22


    Foundations of Amateur Radio Not a weekend goes by without an amateur radio contest or six, each with its own objectives, audience, times, rules, exchanges and scores. When you get bitten by the contesting bug, you'll quickly graduate from using pen and paper to keyboard and screen. That process comes with the inevitable selection of software suitable to both run on your shack computer and log your particular contest since as you'll discover, not all software knows about all contests or runs on every computer. When you eventually do arrive at a working solution, you'll reap the rewards of using technology. Contesting software can help in many different ways. From logging your operating frequency and mode to tracking where other stations are active and it doesn't stop there. Type in a partial callsign and your software can suggest which ones it might be. Log a contact and you'll see if your contact is valid within the rules or not. Software can track your activity level and warn if you're exceeding any contest time limits. It can keep track of multipliers and the impact on your total score and at the end of a contest, contesting software can help with submitting your log. After you've done this for a while, you'll notice that contest rules and scoring change over time. That brings with it the possibility of your software using old and invalid rules for validation, scoring and other contesting requirements. In most cases, software is updated manually by the author to implement the latest rules. This means that authors are required to keep up to date with the rules for all of the contests that their software supports, let alone add new contests. There are a few applications that support the idea of a contest definition which suggests the ability for anyone to define contesting rules to use them within the application. Unfortunately their functionality is strictly limited and they are not sufficient to define every contest rule that is in use today. Sadly, flexible as they might seem, they're neither universal nor compatible with each other. One definition, written by one amateur, for one application, cannot be used anywhere else, never mind trying to determine what the latest version is. I strongly believe that we need a shared open standard that can serve contest organisers, contest software developers and contest participants. Before I elaborate, I will be explicit in pointing out that the intent is to standardise in a way that makes it possible to document all past, current and future contests and in doing so, provide a collaborative way to share contesting rules between organisers, software developers and contesters, not to mention awards committees and amateur associations. So, if such a contest rule standard were to exist, what would it look like? Until now, the approach has been to create a list of keywords and values that deal with particular types of rules, things like band start and stop, zone score, valid prefixes, power level, exchange, etc. The result is a growing but always incomplete list of keywords with no means to define any logic. At the moment, all the contesting applications manage any scoring logic internally, requiring that it's updated when any of the rules change. Not only that, the contest organiser has no insight into the mechanism and no means to validate the process. As a contest organiser, scoring hundreds if not thousands of logs is a whole different challenge. Many contests do this manually, rely on someone else's software, or if the contest is popular enough, write their own code to manage the process. All this effort creates a disconnect between the contester, the organiser and the contest software developers, each using their own definition of the rules of any particular contest. A different approach might be to implement specific rules in a universal programming language like say JavaScript, and use those to manage the scoring and validation logic specific to each contest. For example, you might define a function that returns the starting and ending time for a contest which gives you a mechanism to detect if the contest is happening right now. A contester could use it to determine when the contest starts and ends, but the same definition could be used by the organiser to determine if a submitted log entry is for a valid time. Another might be a function that uses a callsign to determine if it attracts points or not and if it does, how many. Contesting software might use it to change the colour of the screen to indicate an invalid entry, but an organiser might use it to exclude a contact from a log. You could have a function to determine if the exchange is valid, or what the next exchange number is, or if the frequency on which the radio is currently tuned to is allowed for a contest. You could combine some of these simple rules to determine, for example, if the frequency the radio is on is the same or different since the last contact and if that's permitted or not within the rules. As long as the framework in which this standard is defined is extensible, any contest could be defined in this way. If it's written well, contest organisers might be able to write their own rules using this standard and everyone can use the same rules for their own needs. You might recall that I've spoken about aspects of this problem before and at the time I suggested that an amateur radio standards body would be helpful. Failing that there's nothing stopping a few people collaborating in a discussion about how this might be implemented. As an IT professional outside my shack I have some ideas on what's needed and what could give the whole amateur community something useful, but unsurprisingly, I don't know everything. Working together as contesters we might come up with a better result. As a starting point, I've created a repository on GitHub called "amateur-contesting-standard" to start a conversation about this scheme and I would love to read your thoughts and see your ideas on how this might be achieved. If you'd like to get in touch, send an email to cq@vk6flab.com or find my callsign on Twitter and GitHub. I'm Onno VK6FLAB

    TechCrunch
    Daily Crunch 07/02/22

    TechCrunch

    Play Episode Listen Later Jul 2, 2022 4:14


    Open source developers urged to ditch GitHub following Copilot launch; Reddit acquires natural language processing company MeaningCloud; FTX US deal with troubled crypto lender BlockFi floats acquisition with ‘up to' $240M purchase price

    Sustain
    Episode 127: GitHub Maintainer Month with Marie Kochsiek of drip and Hélène Martin of ODK

    Sustain

    Play Episode Listen Later Jun 30, 2022 39:55


    Guest Marie Kochsiek | Hélène Martin Panelists Richard Littauer Show Notes Hello and welcome to a special episode of Sustain/GitHub Maintainer Month, which is a short series of podcasts where we're focusing on maintainers of open source, what they do with their experience, and how they contribute to the sustainability of their projects. Our first guest is Marie Kochsiek, who's a developer and one of the maintainers of drip, a menstrual cycle and fertility tracking app. Marie goes in depth about the drip app, challenges she has as a maintainer, and since the supreme court repealed Roe v. Wade, she shares advice on what people can do with their menstruation trackers to stay safe. Our next guest is Hélène Martin, who's the CTO of ODK, a platform for offline data collection that's used by organizations like Red Cross. We'll hear about ODK's funding model, how Hélène has transitioned their governance strategy, we learn about their funding model, and she shares advice to maintainers who want to go to a higher level with their projects in open source. Go ahead and download this episode now! Marie: [00:01:19] Marie explains the drip app and how she ended up working on this project. [00:03:21] We find out how large the community is working on drip and how many users there are. [00:05:37] Since there are a lot of period tracking apps out there, Marie fills us in on how drip is different from other things out there. [00:08:16] Marie talks about some hurdles she overcame recently with her team. [00:10:06] We learn why Marie works on open source with her free time and what she does for her main work to work on this stuff. [00:11:51] What advice does Marie wish people would have given her when she first started out coding to make it easier. [00:13:28] Find out where you can contribute to her project. [00:16:00] With Roe v. Wade being overturned, Marie shares advice what people should do with their menstruation trackers. Hélène: [00:21:26] Hélène tells us what ODK is and how many users it has. [00:23:40 ] We learn how Hélène views herself as a maintainer of that ODK's software and what it means for her. [00:24:42] In the past one and a half years Hélène transitioned her governance strategy, so she expands on what she transitioned to and why. [00:27:51] Richard wonders if Hélène's source code has ever been forked, cloned, or if anyone has ever made their own company out of it. [00:29:38 ] We hear about ODK's funding model and where they get their money to keep the work going. [00:30:13] Since we've heard the direction Hélène has taken with governance, Richard wonders how she has led that change as a CTO. Also, she tells us if she's still getting into the weeds and writing commits. [00:34:47] Hélène shares advice for maintainers who are realizing they need to go to a higher level of abstraction to grow the projects they're in. [00:37:33 ] If you want to read along and join the ODK community, find out where you can go to get involved, and where you can follow Hélène on the web. Quotes Marie: [00:08:35] “The best work we achieve is when we work on stuff collectively.” [00:10:53] “Open source work is also community work.” [00:12:03] “Things can take time.” Hélène: [00:28:16 ] “We think the pie is big enough.” [00:31:23] “I think it's hard to jump between levels of abstraction.” [00:33:08 ] “I really think there are modes, and any given project can switch between them over time.” [00:34:48 ] “It's really important to realize that there's no one way to do open source.” [00:36:16] “A lot of times when people talk about open source, I think they mean the source is open AND.” Links SustainOSS (https://sustainoss.org/) SustainOSS Twitter (https://twitter.com/SustainOSS?ref_src=twsrc%5Egoogle%7Ctwcamp%5Eserp%7Ctwgr%5Eauthor) SustainOSS Discourse (https://discourse.sustainoss.org/) Sustain Podcast Invite Details (https://podcast.sustainoss.org/invite) podcast@sustainoss.org (mailto:podcast@sustainoss.org) Richard Littauer Twitter (https://twitter.com/richlitt?ref_src=twsrc%5Egoogle%7Ctwcamp%5Eserp%7Ctwgr%5Eauthor) Marie Kochsiek Twitter (https://twitter.com/bl00dymarie) drip (https://play.google.com/store/apps/details?id=com.drip&hl=en_US&gl=US) drip, the open-source cycle tracking app-GitHub (https://github.com/jfr3000/drip) drip-GitLab (https://gitlab.com/bloodyhealth/drip) Hélène Martin Twitter (https://twitter.com/purplespatula?lang=en) Hélène Martin GitHub (https://github.com/lognaturel) ODK Twitter (https://twitter.com/getodk?lang=en) ODK (https://getodk.org/) Credits Produced by Richard Littauer (https://www.burntfen.com/)] Edited by Paul M. Bahr at Peachtree Sound (https://www.peachtreesound.com/) Show notes by DeAnn Bahr Peachtree Sound (https://www.peachtreesound.com/) Special Guests: Hélène Martin and Marie Kochsiek.

    Citizen Cosmos
    Sébastien Couture, blockchain journalism, podcasting & summits

    Citizen Cosmos

    Play Episode Listen Later Jun 30, 2022 41:49


    In this episode, we talk to Sébastien Couture, the co-founder and the host of the Epicentr.tv and Interop podcast. Epicentr.tv is the OG of crypto podcasts, making sense of cryptocurrencies and blockchain since before they became mainstream. Epicentr explores this game-changing industry's technical, economic, and social implications through interviews with founders and builders. They have recorded more than 400 episodes. The Interop is Sébastien's new project. In this podcast, he discusses building the decentralized networks that make up the Interchain with the entrepreneurs and developers. Sébastien's Twitter (https://twitter.com/seb3point0) We spoke to the Sébastien about Epicentr.tv and: Crypto podcasts & podcast recording Sébastien's biography Crypto regulation in France & KYC Transactions & Bitcoin white paper Moving to France How did he get into crypto Money making and the philosophy of the web3 Investments, Interop Ventures, ICO & Bullrun Interop Podcast Validating & Delegating Nebular summit Cosmoverse The projects and people that have been mentioned in this episode: | Cosmos (https://cosmos.network/) | Nebuler.paris (https://nebular.paris/) | Terra (https://www.terra.money/) | DAO (https://en.wikipedia.org/wiki/The_DAO_(organization)) | Interop (https://theinterop.show/) | epicentr.tv (http://epicentr.tv/) | Let's Talk Bitcoin (https://letstalkbitcoin.com/) | Bankless (http://podcast.banklesshq.com/) | Osmosis (https://www.citizencosmos.space/osmosis) | Evmos (https://www.citizencosmos.space/evmos) | ADEN (https://adan.eu/) | Zcash (https://z.cash/) | Stakefish (https://www.citizencosmos.space/stakefish-adoption) | Do Kwon (https://twitter.com/stablekwon) | Juno (https://www.citizencosmos.space/juno) | Interop Ventures (https://interop.ventures/) | BTC (https://www.bitcoin.org/) | Celestia (https://celestia.org/) | ETH (https://ethereum.org/en/) | Cosmoverse (https://cosmoverse.org/) | If you like what we do at Citizen Cosmos: Stake with Citizen Cosmos validator (https://www.citizencosmos.space/staking) Help support the project via Gitcoin Grants (https://gitcoin.co/grants/1113/citizen-cosmos-podcast) Listen to the YouTube version (https://youtu.be/ks7YvKgzDGQ) Read our blog (https://citizen-cosmos.github.io/blog/) Check out our GitHub (https://github.com/citizen-cosmos/) Join our Telegram (https://t.me/citizen_cosmos) Follow us on Twitter (https://twitter.com/cosmos_voice) Sign up to the RSS feed (https://www.citizencosmos.space/rss) Special Guest: Sébastien Couture.

    Screaming in the Cloud
    Granted, Common Fate, and AWS Functionality with Chris Norman

    Screaming in the Cloud

    Play Episode Listen Later Jun 30, 2022 33:34


    About ChrisChris is a robotics engineer turned cloud security practitioner. From building origami robots for NASA, to neuroscience wearables, to enterprise software consulting, he is a passionate builder at heart. Chris is a cofounder of Common Fate, a company with a mission to make cloud access simple and secure.Links: Common Fate: https://commonfate.io/ Granted: https://granted.dev Twitter: https://twitter.com/chr_norm TranscriptAnnouncer: Hello, and welcome to Screaming in the Cloud with your host, Chief Cloud Economist at The Duckbill Group, Corey Quinn. This weekly show features conversations with people doing interesting work in the world of cloud, thoughtful commentary on the state of the technical world, and ridiculous titles for which Corey refuses to apologize. This is Screaming in the Cloud.Corey: Let's face it, on-call firefighting at 2am is stressful! So there's good news and there's bad news. The bad news is that you probably can't prevent incidents from happening, but the good news is that incident.io makes incidents less stressful and a lot more valuable. incident.io is a Slack-native incident management platform that allows you to automate incident processes, focus on fixing the issues and learn from incident insights to improve site reliability and fix your vulnerabilities. Try incident.io, recover faster and sleep more.Corey: This episode is sponsored in part by Honeycomb. When production is running slow, it's hard to know where problems originate. Is it your application code, users, or the underlying systems? I've got five bucks on DNS, personally. Why scroll through endless dashboards while dealing with alert floods, going from tool to tool to tool that you employ, guessing at which puzzle pieces matter? Context switching and tool sprawl are slowly killing both your team and your business. You should care more about one of those than the other; which one is up to you. Drop the separate pillars and enter a world of getting one unified understanding of the one thing driving your business: production. With Honeycomb, you guess less and know more. Try it for free at honeycomb.io/screaminginthecloud. Observability: it's more than just hipster monitoring.Corey: Welcome to Screaming in the Cloud. I'm Corey Quinn. It doesn't matter where you are on your journey in cloud—you could never have heard of Amazon the bookstore—and you encounter AWS and you spin up an account. And within 20 minutes, you will come to the realization that everyone in this space does. “Wow, logging in to AWS absolutely blows goats.”Today, my guest, obviously had that reaction, but unlike most people I talked to, decided to get up and do something about it. Chris Norman is the co-founder of Common Fate and most notably to how I know him is one of the original authors of the tool, Granted. Chris, thank you so much for joining me.Chris: Hey, Corey, thank you for having me.Corey: I have done podcasts before; I have done a blog post on it; I evangelize it on Twitter constantly, and even now, it is challenging in a few ways to explain holistically what Granted is. Rather than trying to tell your story for you, when someone says, “Oh, Granted, that seems interesting and impossible to Google for in isolation, so therefore, we know it's going to be good because all the open-source projects with hard to find names are,” what is Granted and what does it do?Chris: Granted is a command-line tool which makes it really easy for you to get access and assume roles when you're working with AWS. For me, when I'm using Granted day-to-day, I wake up, go to my computer—I'm working from home right now—crack open the MacBook and I log in and do some development work. I'm going to go and start working in the cloud.Corey: Oh, when I start first thing in the morning doing development work and logging into the cloud, I know. All right, I'm going to log in to AWS and now I know that my day is going downhill from here.Chris: [laugh]. Exactly, exactly. I think maybe the best days are when you don't need to log in at all. But when you do, I go and I open my terminal and I run this command. Using Granted, I ran this assume command and it authenticates me with single-sign-on into AWS, and then it opens up a console window in a particular account.Now, you might ask, “Well, that's a fairly standard thing.” And in fact, that's probably the way that the console and all of the tools work by default with AWS. Why do you need a third-party tool for this?Corey: Right. I've used a bunch of things that do varying forms of this and unlike Granted, you don't see me gushing about them. I want to be very clear, we have no business relationship. You're not sponsoring anything that I do. I'm not entirely clear on what your day job entails, but I have absolutely fallen in love with the Granted tool, which is why I'm dragging you on to this show, kicking and screaming, mostly to give me an excuse to rave about it some more.Chris: [laugh]. Exactly. And thank you for the kind words. And I'd say really what makes it special or why I've been so excited to be working on it is that it makes this access, particularly when you're working with multiple accounts, really, really easy. So, when I run assume and I open up that console window, you know, that's all fine and that's very similar to how a lot of the other tools and projects that are out there work, but when I want to open that second account and that second console window, maybe because I'm looking at like a development and a staging account at the same time, then Granted allows me to view both of those simultaneously in my browser. And we do that using some platform sort of tricks and building into the way that the browser works.Corey: Honestly, one of the biggest differences in how you describe what Granted is and how I view it is when you describe it as a CLI application because yes, it is that, but one of the distinguishing characteristics is you also have a Firefox extension that winds up leveraging the multi-container functionality extension that Firefox has. So, whenever I wind up running a single command—assume with a-c' flag, then I give it the name of my AWS profile, it opens the web console so I can ClickOps my heart's content inside of a tab that is locked to a container, which means I can have one or two or twenty different AWS accounts and/or regions up running simultaneously side-by-side, which is basically impossible any other way that I've ever looked at it.Chris: Absolutely, yeah. And that's, like, the big differentiating factor right now between Granted and between this sort of default, the native experience, if you're just using the AWS command line by itself. With Granted, you can—with these Firefox containers, all of your cookies, your profile, everything is all localized into that one container. It's actually it's a privacy features that are built into Firefox, which keeps everything really separate between your different profiles. And what we're doing with Granted is that we make it really easy to open a specific profiles that correspond with different AWS profiles that you're using.So, you'd have one which could be your development account, one which could be production or staging. And you can jump between these and navigate between them just as separate tabs in your browser, which is a massive improvement over, you know, what I've previously had to use in the past.Corey: The thing that really just strikes me about this is first, of course, the functionality and the rest, so I saw this—I forget how I even came across it—and immediately I started using it. On my Mac, it was great. I started using it when I was on the road, and it was less great because you built this thing in Go. It can compile and install on almost anything, but there were some assumptions that you had built into this in its early days that did not necessarily encompass all of the use cases that I use. For example, it hadn't really occurred to you that some lunatic would try and only use an iPad when they're on the road, so they have to be able to run this to get federated login links via SSHing into an EC2 instance running somewhere and not have it open locally.You seemed almost taken aback when I brought it up. Like, “What lunatic would do that?” Like, “Hi, I'm such a lunatic. Let's talk about this.” And it does that now, and it's awesome. It does seem to me though, and please correct me if I'm wrong on this assumption slash assessment that this is first and foremost aimed at desktop users, specifically people running Mac on the desktop, is that the genesis of it?Chris: It is indeed. And I think part of the cause behind that is that we originally built a tool for ourselves. And as we were building things and as we were working using the cloud, we were running things—you know, we like to think that we're following best practices when we're using AWS, and so we'd set up multiple accounts, we'd have a special account for development, a separate one for staging, a separate one for production, even internal tools that we would build, we would go and spin up an individual account for those. And then you know, we had lots of accounts. and to go and access those really easily was quite difficult.So, we definitely, we built it for ourselves first and I think that that's part of when we released it, it actually a little bit of cause for some of the initial problems. And some of the feedback that we had was that it's great to build tools for yourself, but when you're working in open-source, there's a lot of different diversity with how people are using things.Corey: We take different approaches. You want to try to align with existing best practices, whereas I am a loudmouth white guy who works in tech. So, what I do definitionally becomes a best practice in the ecosystem. It's easier to just comport with the ones that are already existing that smart people put together rather than just trying to competence your way through it, so you took a better path than I did.But there's been a lot of evolution to Granted as I've been using it for a while. I did a whole write-up on it and that got a whole bunch of eyes onto the project, which I can now admit was a nefarious plan on my part because popping into your community Slack and yelling at you for features I want was all well and good, but let's try and get some people with eyes on this who are smarter than me—which is not that high of a bar when it comes to SSO, and IAM, and federated login, and the rest—and they can start finding other enhancements that I'll probably benefit from. And sure enough, that's exactly what happened. My sneaky plan has come to fruition. Thanks for being a sucker, I guess. I mean—[laugh] it worked. I'm super thrilled by the product.Chris: [laugh]. I guess it's a great thing I think that the feedback and particularly something that's always been really exciting is just seeing new issues come through on GitHub because it really shows the kinds of interesting use cases and the kinds of interesting teams and companies that are using Granted to make their lives a little bit easier.Corey: When I go to the website—which again is impossible to Google—the website for those wondering is granted.dev. It's short, it's concise, I can say it on a podcast and people automatically know how to spell it. But at the top of the website—which is very well done by the way—it mentions that oh, you can, “Govern access to breakglass roles with Common Fate Cloud,” and it also says in the drop shadow nonsense thing in the upper corner, “Brought to you by Common Fate,” which is apparently the name of your company.So, the question I'll get to in a second is what does your company do, but first and foremost, is this going to be one of those rug-pull open-source projects where one day it's, “Oh, you want to log into your AWS accounts? Insert quarter to continue.” I'm mostly being a little over the top with that description, but we've all seen things that we love turn into molten garbage. What is the plan around this? Are you about to ruin this for the rest of us once you wind up raising a round or something? What's the deal?Chris: Yeah, it's a great question, Corey. And I think that to a degree, releasing anything like this that sits in the access workflow and helps you assume roles and helps you day-to-day, you know, we have a responsibility to uphold stability and reliability here and to not change things. And I think part of, like, not changing things includes not [laugh] rug-pulling, as you've alluded to. And I think that for some companies, it ends up that open-source becomes, like, a kind of a lead-generation tool, or you end up with, you know, now finally, let's go on add another login so that you have to log into Common Fate to use Granted. And I think that, to be honest, a tool like this where it's all about improving the speed of access, the incentives for us, like, it doesn't even make sense to try and add another login for to try to get people to, like, to say, login to Common Fate because that would make your signing process for AWS take even longer than it already does.Corey: Yeah, you decided that you know, what's the biggest problem? Oh, you can sleep at night, so let's go ahead and make it even worse, by now I want you to be this custodian of all my credentials to log into all of my accounts. And now you're going to be critical path, so if you're down, I'm not able to log into anything. And oh, by the way, I have to trust you with full access to my bank stuff. I just can't imagine that is a direction that you would be super excited about diving head-first into.Chris: No, no. Yeah, certainly not. And I think that the, you know, building anything in this space, and with what we're doing with Common Fate, you know, we're building a cloud platform to try to make IAM a little bit easier to work with, but it's really sensitive around granting any kind of permission and I think that you really do need that trust. So, trying to build trust, I guess, with our open-source projects is really important for us with Granted and with this project, that it's going to continue to be reliable and continue to work as it currently does.Corey: The way I see it, one of the dangers of doing anything that is particularly open-source—or that leans in the direction of building in Amazon's ecosystem—it leads to the natural question of, well, isn't this just going to be some people say stolen—and I don't think those people understand how open-source works—by AWS themselves? Or aren't they going to build something themselves at AWS that's going to wind up stomping this thing that you've built? And my honest and remarkably cynical answer is that, “You have built a tool that is a joy to use, that makes logging into AWS accounts streamlined and efficient in a variety of different patterns. Does that really sound like something AWS would do?” And followed by, “I wish they would because everyone would benefit from that rising tide.”I have to be very direct and very clear. Your product should not exist. This should be something the provider themselves handles. But nope. Instead, it has to exist. And while I'm glad it does, I also can't shake the feeling that I am incredibly annoyed by the fact that it has to.Chris: Yeah. Certainly, certainly. And it's something that I think about a little bit. I like to wonder whether there's maybe like a single feature flag or some single sort of configuration setting in AWS where they're not allowing different tabs to access different accounts, they're not allowing this kind of concurrent access. And maybe if we make enough noise about Granted, maybe one of the engineers will go and flick that switch and they'll just enable it by default.And then Granted itself will be a lot less relevant, but for everybody who's using AWS, that'll be a massive win because the big draw of using Granted is mainly just around being able to access different accounts at the same time. If AWS let you do that out of the box, hey, that would be great and, you know, I'd have a lot less stuff to maintain.Corey: Originally, I had you here to talk about Granted, but I took a glance at what you're actually building over at Common Fate and I'm about to basically hijack slash derail what probably is going to amount the rest of this conversation because you have a quick example on your site for by developers, for developers. You show a quick Python script that tries to access a S3 bucket object and it's denied. You copy the error message, you paste it into what you're building over a Common Fate, and in return, it's like, “Oh. Yeah, this is the policy that fixes it. Do you want us to apply it for you?”And I just about fell out of my chair because I have been asking for this explicit thing for a very long time. And AWS doesn't do it. Their IAM access analyzer claims to. Like, “Oh, just go look at CloudTrail and see what permissions it uses and we'll build a policy to scope it down.” “Okay. So, it's S3 access. Fair enough. To what object or what bucket?” “Guess,” is what it tells you there.And it's, this is crap. Who thinks this is a good user experience? You have built the thing that I wish AWS had built in natively. Because let's be honest here, I do what an awful lot of people do and overscope permissions massively just because messing around with the bare minimum set of permissions in many cases takes more time than building the damn thing in the first place.Chris: Oh, absolutely. Absolutely. And in fact, this—was a few years ago when I was consulting—I had a really similar sort of story where one of the clients that we were working with, the CTO of this company, he was needing to grant us access to AWS and we were needing to build a particular service. And he said, “Okay, can you just let me know the permissions that you will need and I'll go and deploy the role for this.” And I came back and I said, “Wait. I don't even know the permissions that I'm going to need because the damn thing isn't even built yet.”So, we went sort of back and forth around this. And the compromise ended up just being you know, way too much access. And that was sort of part of the inspiration for, you know, really this whole project and what we're building with Common Fate, just trying to make that feedback loop around getting to the right level of permissions a lot faster.Corey: Yeah, I am just so overwhelmingly impressed by the fact that you have built—and please don't take this as a criticism—but a set of very simple tools. Not simple in the terms of, “Oh, that's, like, three lines of bash, and a fool could write that on a weekend.” No. Simple in the sense of it solves a problem elegantly and well and it's straightforward—well, straightforward as anything in the world of access control goes—to wrap your head around exactly what it does. You don't tend to build these things by sitting around a table brainstorming with someone you met at co-founder dating pool or something and wind up figuring out, “Oh, we should go and solve that. That sounds like a billion-dollar problem.”This feels very much like the outcome of when you're sitting around talking to someone and let's start by drinking six beers so we become extraordinarily honest, followed immediately by let's talk about what sucks. What pisses you off the most? It feels like this is sort of the low-hanging fruit of things that upset people when it comes to AWS. I mean, if things had gone slightly differently, instead of focusing on AWS bills, IAM was next on my list of things to tackle just because I was tired of smacking my head into it.This is very clearly a problem space that you folks have analyzed deeply, worked within, and have put a lot of thought into. I want to be clear, I've thrown a lot of feature suggestions that you for Granted from start to finish. But all of them have been around interface stuff and usability and expanding use cases. None of them have been, “Well, that seems screamingly insecure.” Because it hasn't been.Chris: [laugh].Corey: It has been effective, start to finish, I think that from a security posture, you make terrific choices, in many cases better than ones I would have made a starting from scratch myself. Everything that I'm looking at in what you have built is from a position of this is absolutely amazing and it is transformative to my own workflows. Now, how can we improve it?Chris: Mmm. Thank you, Corey. And I'll say as well, maybe around the security angle, that one of the goals with Granted was to try and do things a little bit better than the default way that AWS does them when it comes to security. And it's actually been a bit of a source for challenges with some of the users that we've been working with with Granted because one of the things we wanted to do was encrypt the SSO token. And this is the token that when you sign in to AWS, kind of like, it allows you to then get access to all of the rest of the accounts.So, it's like a pretty—it's a short-lived token, but it's a really sensitive one. And you know, by default, it's just stored in plain text on your disk. So, we dump to a file and, you know, anything that can go and read that, they can go and get it. It's also a little bit hard to revoke and to lock people out. There's not really great workflows around that on AWS's side.So, we thought, “Okay, great. One of the goals for Granted can be that we will go and store this in your keychain in your system and we'll work natively with that.” And that's actually been a cause for a little bit of a hassle for some users, though, because by doing that and by storing all of this information in the keychain, it's actually broken some of the integrations with the rest of the tooling, which kind of expects tokens and things to be in certain places. So, we've actually had to, as part of dealing with that with Granted, we've had to give users the ability to opt out for that.Corey: DoorDash had a problem. As their cloud-native environment scaled and developers delivered new features, their monitoring system kept breaking down. In an organization where data is used to make better decisions about technology and about the business, losing observability means the entire company loses their competitive edge. With Chronosphere, DoorDash is no longer losing visibility into their applications suite. The key? Chronosphere is an open-source compatible, scalable, and reliable observability solution that gives the observability lead at DoorDash business, confidence, and peace of mind. Read the full success story at snark.cloud/chronosphere. That's snark.cloud slash C-H-R-O-N-O-S-P-H-E-R-E.Corey: That's why I find this so, I think, just across the board, fantastic. It's you are very clearly engaged with your community. There's a community Slack that you have set up for this. And I know, I know, too many Slacks; everyone has this problem. This is one of those that is worth hanging in, at least from my perspective, just because one of the problems that you have, I suspect, is on my Mac it's great because I wind up automatically updating it to whatever the most recent one is every time I do a brew upgrade.But on the Linux side of the world, you've discovered what many of us have discovered, and that is that packaging things for Linux is a freaking disaster. The current installation is, “Great. Here's basically a curl bash.” Or, “Here, grab this tarball and install it.” And that's fine, but there's no real way of keeping that updated and synced.So, I was checking the other day, oh wow, I'm something like eight versions behind on this box. But it still just works. I upgraded. Oh, wow. There's new functionality here. This is stuff that's actually really handy. I like this quite a bit. Let's see what else we can do.I'm just so impressed, start to finish, by just how receptive you've been to various community feedbacks. And as well—I want to be very clear on this point, too—I've had folks who actually know what they're doing in an InfoSec sense look at what you're up to, and none of them had any issues of note. I'm sure that they have a pile of things like, with that curl bash, they should really be doing a GPG check. Yes, yes, fine. Whatever. If that's your target threat model, okay, great. Here in reality-land for what I do, this is awesome.And they don't seem to have any problems with, “Oh, yeah. By the way, sending analytics back up”—which, okay, fine, whatever. “And it's not disclosing them.” Okay, that's bad. “And it's including the contents of your AWS credentials.”Ahhhh. I did encounter something that was doing that on the back-end once. [cough]—Serverless Framework—sorry, something caught in my throat for a second.Chris: [laugh].Corey: No faster way I can think of to erode trust in that. But everything you're doing just makes sense.Chris: Oh, I do remember that. And that was a little bit of a fiasco, really, around all of that, right? And it's great to hear actually around that InfoSec folks and security people being, you know, not unhappy, I guess, with a tool like this. It's been interesting for me personally. We've really come from a practitioner's background.You know, I wouldn't call myself a security engineer at all. I would call myself as a sometimes a software developer, I guess. I have been hacking my way around Go and definitely learning a lot about how the cloud has worked over the past seven, eight years or so, but I wouldn't call myself a security engineer, so being very cautious around how all of these things work. And we've really tried to defer to things like the system keychain and defer to things that we know are pretty safe and work.Corey: The thing that I also want to call out as well is that your licensing is under the MIT license. This is not one of those, “Oh, you're required to wind up doing a bunch of branding stuff around it.” And, like some people say, “Oh, you have to own the trademark for all of these things.” I mean, I'm not an expert in international trademark law, let's be very clear, but I also feel that trademarking a term that is already used heavily in the space such as the word ‘Granted,' feels like kind of an uphill battle. And let's further be clear that it doesn't matter what you call this thing.In fact, I will call attention to an oddity that I've encountered a fair bit. After installing it, the first thing you do is you run the command ‘granted.' That sets it up, it lets you configure your browser, what browser you want to use, and it now supports standard out for that headless, EC2 use case. Great. Awesome. Love it. But then the other binary that ships with it is Assume. And that's what I use day-to-day. It actually takes me a minute sometimes when it's been long enough to remember that the tool is called Granted and not Assume what's up with that?Chris: So, part of the challenge that we ran into when we were building the Granted project is that we needed to export some environment variables. And these are really important when you're logging into AWS because you have your access key, your secret key, your session token. All of those, when you run the assume command, need to go into the terminal session that you called it. This doesn't matter so much when you're using the console mode, which is what we mentioned earlier where you can open 100 different accounts if you want to view all of those at the same time in your browser. But if you want to use it in your terminal, we wanted to make it look as really smooth and seamless as possible here.And we were really inspired by this approach from—and I have to shout them out and kind of give credit to them—a tool called AWSume—they're spelled A-W-S-U-M-E—Python-based tool that they don't do as much with single-sign-on, but we thought they had a really nice, like, general approach to the way that they did the scripting and aliasing. And we were inspired by that and part of that means that we needed to have a shell script that called this executable, which then will export things back out into the shell script. And we're doing all this wizardry under the hood to make the user experience really smooth and seamless. Part of that meant that we separated the commands into granted and assume and the other part of the naming for everything is that I felt Granted had a far better ring to it than calling the whole project Assume.Corey: True. And when you say assume, is it AWS or not? I've used the AWSume project before; I've used AWS Vault out of 99 Designs for a while. I've used—for three minutes—the native AWS SSO config, and that is just trash. Again, they're so good at the plumbing, so bad at the porcelain, I think is the criticism that I would levy toward a lot of this stuff.Chris: Mmm.Corey: And it's odd to think there's an entire company built around just smoothing over these sharp, obnoxious edges, but I'm saying this as someone who runs a consultancy and have five years that just fixes the bill for this one company. So, there's definitely a series of cottage industries that spring up around these things. I would be thrilled, on some level, if you wound up being completely subsumed by their product advancements, but it's been 15 years for a lot of this stuff and we're still waiting. My big failure mode that I'm worried about is that you never are.Chris: Yeah, exactly, exactly. And it's really interesting when you think about all of these user experience gaps in AWS being opportunities for, I guess, for companies like us, I think, trying to simplify a lot of the complexity for things. I'm interested in sort of waiting for a startup to try and, like, rebuild the actual AWS console itself to make it a little bit faster and easier to use.Corey: It's been done and attempted a bunch of different times. The problem is that the console is a lot of different things to a lot of different people, and as you step through that, you can solve for your use case super easily. “Yeah, what do I care? I use RDS, I use some VPC nonsense, and I use EC2. The end.” “Great. What about IAM?”Because I promise you're using that whether you know it or not. And okay, well, I'm talking to someone else who's DynamoDB, and someone else is full-on serverless, and someone else has more money than sense, so they mostly use SageMaker, and so on and so forth. And it turns out that you're effectively trying to rebuild everything. I don't know if that necessarily works.Chris: Yeah, and I think that's a good point around maybe while we haven't seen anything around that sort of space so far. You go to the console, and you click down, you see that list of 200 different services and all of those have had teams go and actually, like, build the UI and work with those individual APIs. Yeah.Corey: Any ideas as far as what's next for features on Granted?Chris: I think that, for us, it's continuing to work with everybody who's using it, and with a focus of stability and performance. We actually had somebody in the community raise an issue because they have an AWS config file that's over 7000 lines long. And I kind of pity that person, potentially, for their day-to-day. They must deal with so much complexity. Granted is currently quite slow when the config files get very big. And for us, I think, you know, we built it for ourselves; we don't have that many accounts just yet, so working to try to, like, make it really performant and really reliable is something that's really important.Corey: If you don't mind a feature request while we're at it—and I understand that this is more challenging than it looks like—I'm willing to fund this as a feature bounty that makes sense. And this also feels like it might be a good first project for a very particular type of person, I would love to get tab completion working in Zsh. You have it—Chris: Oh.Corey: For Fish because there's a great library that automatically populates that out, but for the Zsh side of it, it's, “Oh, I should just wind up getting Zsh completion working,” and I fell down a rabbit hole, let me tell you. And I come away from this with the perception of yeah, I'm not going to do it. I have not smart enough to check those boxes. But a lot of people are so that is the next thing I would love to see. Because I will change my browser to log into the AWS console for you, but be damned if I'm changing my shell.Chris: [laugh]. I think autocomplete probably should be higher on our roadmap for the tool, to be honest because it's really, like, a key metric and what we're focusing on is how easy is it to log in. And you know, if you're not too sure what commands to use or if we can save you a few keystrokes, I think that would be the, kind of like, reaching our goals.Corey: From where I'm sitting, you definitely have. I really want to thank you for taking the time to not only build this in the first place, but also speak with me about it. If people want to learn more, where's the best place to find you?Chris: So, you can find me on Twitter, I'm @chr_norm, or you can go and visit granted.dev and you'll have a link to join the Slack community. And I'm very active on the Slack.Corey: You certainly are, although I will admit that I fall into the challenge of being in just the perfectly opposed timezone from you and your co-founder, who are in different time zones to my understanding; one of you is on Australia and one of you was in London; you're the London guy as best I'm aware. And as a result, invariably, I wind up putting in feature requests right when no one's around. And, for better or worse, in the middle of the night is not when I'm usually awake trying to log into AWS. That is Azure time.Chris: [laugh]. Yeah, no, we don't have the US time zone properly covered yet for our community support and help. But we do have a fair bit of the world timezone covered. The rest of the team for Common Fate is all based in Australia and I'm out here over in London.Corey: Yeah. I just want to thank you again, for just being so accessible and, like, honestly receptive to feedback. I want to be clear, there's a way to give feedback and I do strive to do it constructively. I didn't come crashing into your Slack one day with a, “You know what your problem is?” I prefer to take the, “This is awesome. Here's what I think would be even better. Does that make sense?” As opposed to the imperious demands and GitHub issues and whatnot? It's, “I'd love it if it did this thing. Doesn't do this thing. Can you please make it do this thing?” Turns out that's the better way to drive change. Who knew?Chris: Yeah. [laugh]. Yeah, definitely. And I think that one of the things that's been the best around our journey with Granted so far has been listening to feedback and hearing from people how they would like to use the tool. And a big thank you to you, Corey, for actually suggesting changes that make it not only better for you, but better for everybody else who's using Granted.Corey: Well, at least as long as we're using my particular byzantine workload patterns in some way, or shape, or form, I'll hear that. But no, it's been an absolute pleasure and I really want to thank you for your time as well.Chris: Yeah, thank you for having me.Corey: Chris Norman, co-founder of Common Fate, as well as one of the two primary developers originally behind the Granted project that logs you into AWS without you having to lose your mind. I'm Cloud Economist Corey Quinn and this is Screaming in the Cloud. If you've enjoyed this podcast, please leave a five-star review on your podcast platform of choice, whereas if you've hated this podcast, please leave a five-star review on your podcast platform of choice along with an angry, incensed, raging comment that talks about just how terrible all of this is once you spend four hours logging into your AWS account by hand first.Corey: If your AWS bill keeps rising and your blood pressure is doing the same, then you need The Duckbill Group. We help companies fix their AWS bill by making it smaller and less horrifying. The Duckbill Group works for you, not AWS. We tailor recommendations to your business and we get to the point. Visit duckbillgroup.com to get started.Announcer: This has been a HumblePod production. Stay humble.

    Agile Thoughts
    196 YOU can Contribute to Cyber-Dojo

    Agile Thoughts

    Play Episode Listen Later Jun 29, 2022 8:39


    CyberDojo is at http://Cyber-Dojo.org Jon Jagger can be contacted on Twitter: @JonJagger Jon Jaggers blog: http://jonjagger.blogspot.com CyberDojo’s GitHub: https://github.com/cyber-dojo/cyber-dojo A video presentation from Jon about Cyber-Dojo: https://www.youtube.com/watch?v=CPiACJVY4fA Mentioned in this episode: The Alan Turing Trust: https://turingtrust.co.uk Tout: Agile Noir

    The Nerd Cantina Show
    Elvis, cryptocurrency bill, data privacy, and space news- TNCS Ep 226

    The Nerd Cantina Show

    Play Episode Listen Later Jun 29, 2022 54:53


    This episode covers the latest in entertainment, tech, and space news.  Topics include Elvis, Marvel returning to comic con, crypto regulation, eBay buys an NFT marketplace, and space news.   We ask that you support the show in any way possible.  You can like, share, rate or comment on any of the various social media and podcast players.  Join the conversation in our closed Facebook group at https://www.thenerdcantina.com/community, or become a patron on our Patreon page (https://www.patreon.com/thenerdcantina) where a pledge of as little as $1 will get you a free sticker.   CNN: 'Top Gun: Maverick' becomes the first $1 billion Tom Cruise film.https://www.cnn.com/2022/06/27/media/top-gun-maverick-billion-box-office IGN: Kevin Feige Confirms Marvel Studios Is Returning To San Diego Comic-Con.https://www.ign.com/articles/marvel-studios-returns-to-comic-con-kevin-feige Kotaku: Overwatch 2 Will Replace The Original, Making It Unplayable In October.https://kotaku.com/overwatch-2-october-release-date-multiplatform-replace-1849101931 The Verge: Senator posts cryptocurrency bill on GitHub, chaos ensues.https://www.theverge.com/2022/6/23/23180813/cryptocurrency-bill-cynthia-lummis-kirsten-gillibrand-github-trolling CNBC: $100 million worth of crypto has been stolen in another major hack.https://www.cnbc.com/2022/06/24/hackers-steal-100-million-in-crypto-from-harmonys-horizon-bridge.html The Verge: eBay acquires established NFT marketplace KnownOrigin.https://www.theverge.com/2022/6/22/23178699/ebay-acquires-knownorigin-nft-marketplace CNN: Man loses USB flash drive with data on entire city's residents after night out.https://www.cnn.com/2022/06/24/asia/japan-amagasaki-usb-data-intl-hnk/index.html Vitali Klitschko fake tricks Berlin mayor in video callhttps://www.dw.com/en/vitali-klitschko-fake-tricks-berlin-mayor-in-video-call/a-62257289?fbclid=IwAR2L3z0u8NvnvcPCmablnpqfOx7otXOUw_vhmtTngMDWwUnm0N-YW74MyVA  Gizmodo: SpaceX Says 5G Interference Could Make Starlink Internet 'Unusable'.https://gizmodo.com/spacex-starlink-internet-dish-5g-interference-unusable-1849093964  Yahoo Life: Meet the ‘Dream Chaser,' the Supersonic Space Craft Taking on Blue Origin and Virgin Galactic.https://www.yahoo.com/lifestyle/meet-dream-chaser-supersonic-space-153000132.html

    Zero Knowledge
    Episode 236: Aztec Connect and Private DeFi with Charlie and Joe

    Zero Knowledge

    Play Episode Listen Later Jun 29, 2022 68:18


    In this week's episode, Anna (https://twitter.com/annarrose) checks in with Aztec, a ZK-based privacy L2 project. She speaks with Joe Andrews (https://twitter.com/jaosef) and Lead Engineer, Charles Julian. They discuss some of the team's most important ZK research and implementations such as Plonk and how bringing privacy to Ethereum could truly change the way we do DeFi. They also discuss Aztec Connect and how it relates to zk.money (https://zk.money/), the Aztec roadmap with future projects like DSL Noir and Aztec 3, as well as a quick postmortem on the halted Aztec Connect launch. Here are some links for this episode: * Ep 176: Zk-zk-rollup & zk.money with Zac and Joe from Aztec (https://zeroknowledge.fm/176-2/) * Ep 75: Exploring Aztec with Zac Williamson (https://zeroknowledge.fm/75-2/) * Ep 232: Cutting Edge ZK Research with Mary Maller (https://zeroknowledge.fm/232-2/) * AZTEC Trusted Setup (https://ignition.aztecprotocol.com/) * PLONK: Permutations over Lagrange-bases for Oecumenical Noninteractive arguments of Knowledge (https://eprint.iacr.org/2019/953) * AztecProtocol/barretenberg: C++ elliptic curve library | GitHub (https://github.com/AztecProtocol/barretenberg) * AztecProtocol/aztec-connect-bridges | GitHub (https://github.com/AztecProtocol/aztec-connect-bridges) If you are looking to jump into ZK professionally, check out the ZK Jobs board to find job posts from some of the top teams working in ZK – like Aleo, Anoma and Mina. If you're looking to hire, be sure to add your jobs as well! More at ZK Jobs Board (https://jobsboard.zeroknowledge.fm/). Today's episode is sponsored by Aleo (https://www.aleo.org/). Aleo is a new Layer-1 blockchain that achieves the programmability of Ethereum, the privacy of Zcash, and the scalability of a rollup. If you're building private applications - then check out Aleo's programming language called Leo which enables non-cryptographers to harness the power of ZKPs. Visit leo-lang.org to start building. You can also participate in Aleo's incentivized testnet3 by downloading and running a snarkOS node. No sign-up is necessary to participate. For questions, join their Discord at aleo.org/discord (aleo.org/discord) If you like what we do: Find all our links here! (https://linktr.ee/zeroknowledge) Subscribe to our podcast newsletter (https://zeroknowledge.substack.com) Follow us on Twitter @zeroknowledgefm (https://twitter.com/zeroknowledgefm) Join us on Telegram (https://zeroknowledge.fm/telegram) Catch us on Youtube (https://zeroknowledge.fm/) Head to the ZK Community Forum (https://community.zeroknowledge.fm/) Support our Gitcoin Grant (https://zeroknowledge.fm/gitcoin-grant-329-zkp-2)

    Niptech: tech & startups
    418 - Robionic - Meta, IA, Robots

    Niptech: tech & startups

    Play Episode Listen Later Jun 29, 2022 79:13


    Cette semaine malgré le début de la période estivale, les news sont intéressantes: Facebook se tiktokise, on découvre de nouvelles innovations chez Amazon et Github grâce au machine learning, et la "real world robotics" se rapproche... Voir Acast.com/privacy pour les informations sur la vie privée et l'opt-out.

    Ask Noah Show
    Episode 292: Fixing Crashing Containers

    Ask Noah Show

    Play Episode Listen Later Jun 29, 2022 53:52


    What do you do when your container crashes your host? Steve is back and we walk through this and other questions! -- During The Show -- 03:20 Wireguard & Modems - Norm State Tables Image loading issue Next Steps Upgrade Modem Log into Modem Replace Modem 10:30 Emby, Docker & System Resources - Mike What a container is Name Spaces CGroups Use Systemd to launch containers Manually apply CGroup controls Steve's CGroups Write Up (https://www.redhat.com/sysadmin/cgroups-part-one) Docker flags to limit Memory and/or CPU Usage: docker run -it --cpus="1.0" --memory="1g" 17:50 Linux and Backblaze - Keith BackBlaze B2 Protocol Dupicity Restic GPG Encrypt 20:00 IPFS to store academic papers? - BG IPFS Might work 23:30 Caller 1 Restaurant Point of Sale System Open Source POS.org (https://opensourcepos.org/) Squirrel POS (https://www.squirrelsystems.com/) Odoo POS (https://www.odoo.com/app/point-of-sale-shop) Odoo POS Hardware (https://www.odoo.com/app/point-of-sale-hardware) 27:50 Caller 2 Mesh Commander Mesh Central On Site Radios? MURS Radio Buy Two Way Radios (https://www.buytwowayradios.com/) Repeaters Element has a walkie talkie feature 36:00 Solution for single node container host? - Jeremy SystemD Swarm or Single Node OpenShift 38:00 Problems with new TLDs - Sunjam Spamassassin Blocks New Domains by Default (https://topicdesk.com/downloads/tutorials/spamassassin-filter-for-new-tlds-xyz-info-ninja-etc/) Steve hasn't had issues Most big companies don't care Make sure you have DKIM and SPF setup 44:00 News Wire AMD Publishes FSR 2.0 Under MIT License WCCF Tech (https://wccftech.com/amd-publishes-fsr-2-0-fidelityfx-super-resolution-technology-open-source-code/) Rust in Linux Kernel The Register (https://www.theregister.com/2022/06/23/linus_torvalds_rust_linux_kernel/) CBL Mariner 2.0 Live Patching and PXE Boot Phoronix (https://www.phoronix.com/scan.php?page=news_item&px=CBL-Mariner-2.0-June-2022) KDE Plasma 5.25-1 Make Use Of (https://www.makeuseof.com/kde-plasma-5-25-1-released-with-bug-fixes/) Firefox 102 9 to 5 Linux (https://9to5linux.com/mozilla-firefox-102-is-now-available-for-download-adds-geoclue-support-on-linux) KaOS Linux 2022.06 Released 9 to 5 Linux (https://9to5linux.com/kaos-linux-2022-06-released-with-kde-plasma-5-25-desktop-and-calamares-3-3-installer) EndeavourOS Artemix Launches 9 to 5 Linux (https://9to5linux.com/endeavouros-artemis-launches-with-arm-installer-linux-5-18-and-latest-calamares) Pitivi 2022.06 9 to 5 Linux (https://9to5linux.com/pitivi-2022-06-open-source-video-editor-released-with-object-tracking-and-blurring) Xone Driver 0.3 Released Github (https://github.com/medusalix/xone/releases/tag/v0.3) Flameshot v12 Released GitHub (https://github.com/flameshot-org/flameshot/releases/tag/v12.0.0) GTK 2FA App "Authenticator" Tech Republic (https://www.techrepublic.com/article/linux-new-authenticator-app/) Digikam 7.7 Released Digikam (https://www.digikam.org/news/2022-06-26-7.7.0_release_announcement/) Peta Pixel (https://petapixel.com/2022/06/27/free-open-source-photo-manager-digikam-gets-a-big-update/) Github Co-Pilot changes liscense (No Longer Free) Infoq (https://www.infoq.com/news/2022/06/GitHub-copilot-ga/) GoFundMe To Fight Government Contractor Copying and Copyrighting Open Source 3D Printer Tech Drit (https://www.techdirt.com/2022/06/24/ridiculous-govt-contractor-copies-open-source-3d-printing-concept-and-patents-it/) 47:05 Pick of the Week Firezone (https://www.firezone.dev/) "Run Anywhere" Firewall and VPN Server Based on Wireguard Stable, Performant, Lightweight NAT Gateway Static IP -- The Extra Credit Section -- For links to the articles and material referenced in this week's episode check out this week's page from our podcast dashboard! This Episode's Podcast Dashboard (http://podcast.asknoahshow.com/292) Phone Systems for Ask Noah provided by Voxtelesys (http://www.voxtelesys.com/asknoah) Join us in our dedicated chatroom #GeekLab:linuxdelta.com on Matrix (https://element.linuxdelta.com/#/room/#geeklab:linuxdelta.com) -- Stay In Touch -- Find all the resources for this show on the Ask Noah Dashboard Ask Noah Dashboard (http://www.asknoahshow.com) Need more help than a radio show can offer? Altispeed provides commercial IT services and they're excited to offer you a great deal for listening to the Ask Noah Show. Call today and ask about the discount for listeners of the Ask Noah Show! Altispeed Technologies (http://www.altispeed.com/) Contact Noah live [at] asknoahshow.com -- Twitter -- Noah - Kernellinux (https://twitter.com/kernellinux) Ask Noah Show (https://twitter.com/asknoahshow) Altispeed Technologies (https://twitter.com/altispeed) Special Guest: Steve Ovens.

    Business of Tech
    Tue Jun-28-2022: FTC actions, GitHub legislation, and Windows 8.1's coming end

    Business of Tech

    Play Episode Listen Later Jun 28, 2022 5:37


    Three things to know today The FTC flexes its muscles The Senator, GitHub, and the Trolls AND The clock starts ticking on Windows 8.1   Do you want to get the show on your podcast app or the written versions of the stories? Subscribe to the Business of Tech: https://www.businessof.tech/   Support the show on Patreon:  https://patreon.com/mspradio/   Want our stuff?  Cool Merch?  Wear “Why Do We Care?” - Visit https://mspradio.myspreadshop.com   Follow us on: Facebook: https://www.facebook.com/mspradionews/ Twitter: https://twitter.com/mspradionews/ Instagram: https://www.instagram.com/mspradio/ LinkedIn: https://www.linkedin.com/company/28908079/      

    Papers Read on AI
    Evaluating Large Language Models Trained on Code

    Papers Read on AI

    Play Episode Listen Later Jun 28, 2022 53:01


    We introduce Codex, a GPT language model fine-tuned on publicly available code from GitHub, and study its Python code-writing capabilities. A distinct production version of Codex powers GitHub Copilot. On HumanEval, a new evaluation set we release to measure functional correctness for synthesizing programs from docstrings, our model solves 28.8% of the problems, while GPT-3 solves 0% and GPT-J solves 11.4%. Fur-thermore, we find that repeated sampling from the model is a surprisingly effective strategy for producing working solutions to difficult prompts. Using this method, we solve 70.2% of our problems with 100 samples per problem. Careful investigation of our model reveals its limitations, including difficulty with docstrings describing long chains of operations and with binding operations to variables. Finally, we discuss the potential broader impacts of deploying powerful code generation technologies, covering safety, security, and economics. 2021: Mark Chen, Jerry Tworek, Heewoo Jun, Qiming Yuan, Henrique Ponde, Jared Kaplan, Harrison Edwards, Yura Burda, Nicholas Joseph, Greg Brockman, Alex Ray, Raul Puri, Gretchen Krueger, Michael Petrov, Heidy Khlaaf, Girish Sastry, Pamela Mishkin, Brooke Chan, Scott Gray, Nick Ryder, Mikhail Pavlov, Alethea Power, Lukasz Kaiser, Mohammad Bavarian, Clemens Winter, Philippe Tillet, F. Such, D. Cummings, Matthias Plappert, Fotios Chantzis, Elizabeth Barnes, Ariel Herbert-Voss, William H. Guss, Alex Nichol, I. Babuschkin, S. Balaji, Shantanu Jain, A. Carr, J. Leike, Joshua Achiam, Vedant Misra, Evan Morikawa, Alec Radford, M. Knight, Miles Brundage, Mira Murati, Katie Mayer, P. Welinder, Bob McGrew, Dario Amodei, Sam McCandlish, Ilya Sutskever, Wojciech Zaremba https://arxiv.org/pdf/2107.03374v2.pdf

    UI Breakfast: UI/UX Design and Product Strategy
    Episode 242: Introducing Fun Into Your Work with Rafa Conde

    UI Breakfast: UI/UX Design and Product Strategy

    Play Episode Listen Later Jun 28, 2022 38:03


    How do we bring fun into our work and design? Our guest today is Rafa Conde, founding designer at Along Video. You'll learn strategies on how to design freely within bounds, elements of design that contribute to delight, tips on how to manage time with the goal of enjoyment, and more.Podcast feed: subscribe to https://feeds.simplecast.com/4MvgQ73R in your favorite podcast app, and follow us on iTunes, Stitcher, or Google Podcasts.Show NotesAlong — Rafa's productEpisode 240: Designing for Play & Delight with Richard WardSam Soffes, Bryn Jackson — Rafa's co-foundersNetlify, GitHub — good examples of fun design​​Bringing Up Bébé — a book by Pamela Druckermanrafa.design — Rafa's personal siteHand Mirror — Rafa's Mac AppBooby Track — a breastfeeding appLayout.fm — Rafa's podcastFollow Rafa on TwitterThis episode is brought to you by Zeplin. Design tools can do almost anything, and with Zeplin they can go even further. Don't spend any of your time preparing design files for your team — just let Zeplin do it for you! No more dealing with unnecessary layers to show user journeys, explain intent, or organize screens. Get started for free at zeplin.ioInterested in sponsoring an episode? Learn more here.Leave a ReviewReviews are hugely important because they help new people discover this podcast. If you enjoyed listening to this episode, please leave a review on iTunes. Here's how.

    Thinking Elixir Podcast
    105: Plausible Analytics, Elixir, and Privacy with Uku Taht

    Thinking Elixir Podcast

    Play Episode Listen Later Jun 28, 2022 55:08


    We learn about Plausible Analytics, a privacy respecting alternative to Google Analytics that is cloud or self-hostable, OpenSource and written in Elixir! Uku Taht shares how he founded the company, the mission he is on, and what he prioritizes. The company practices a “transparent by default” approach. This means they share a lot about what's going on, this includes how they recently reached $1m ARR, some of their growing pains, and dealing with the weight of being “the one who has to fix things.” We end with a candid discussion about wellness in our profession and how when we are too close to the problems, we become blind to our own successes. A great, transparent conversation with Uku! Show Notes online - http://podcast.thinkingelixir.com/105 (http://podcast.thinkingelixir.com/105) Elixir Community News - https://2022.elixirconf.com/ (https://2022.elixirconf.com/) – ElixirConf 2022 - Aug 30 - Sep 2 in Denver, CO. Call for proposals due July 2nd - https://2022.elixirconf.com/registration (https://2022.elixirconf.com/registration) – Early bird tickets are on sale - https://twitter.com/CodeBEAMio/status/1537502784790085634 (https://twitter.com/CodeBEAMio/status/1537502784790085634) – CodeBEAM America (November) is accepting training ideas for their upcoming conference. - https://hexdocs.pm/req/changelog.html#v0-3-0 (https://hexdocs.pm/req/changelog.html#v0-3-0) – Req v0.3 released with a new API - https://hexdocs.pm/req/changelog.html#plugins (https://hexdocs.pm/req/changelog.html#plugins) – List of available Req plugins - reqeasyhtml, reqs3, reqhex, reqgithub_oauth - https://twitter.com/sean_moriarity/status/1537405584710029313 (https://twitter.com/sean_moriarity/status/1537405584710029313) – Sean Moriarity shared a major milestone! The public release of Axon and AxonONNX. - https://podcast.thinkingelixir.com/102 (https://podcast.thinkingelixir.com/102) – Recent interview with Sean Moriarity about this work. - https://twitter.com/elixirweekly/status/1538082201212006400 (https://twitter.com/elixirweekly/status/1538082201212006400) – IntelliJ IDE gets updated Elixir plugin, v13.1.0 - https://twitter.com/whatyouhide/status/1538908870743101440 (https://twitter.com/whatyouhide/status/1538908870743101440) – NimbleLZ4, for performing LZ4 lossless compression, released with the help of Rustler Precompiled Do you have some Elixir news to share? Tell us at @ThinkingElixir (https://twitter.com/ThinkingElixir) or email at show@thinkingelixir.com (mailto:show@thinkingelixir.com) Discussion Resources - https://github.com/plausible/analytics (https://github.com/plausible/analytics) - https://twitter.com/PlausibleHQ/status/1532265765042376704 (https://twitter.com/PlausibleHQ/status/1532265765042376704) - https://plausible.io/about (https://plausible.io/about) - http://elixirkoans.io/ (http://elixirkoans.io/) - https://www.youtube.com/watch?v=6U7cLUygMeI (https://www.youtube.com/watch?v=6U7cLUygMeI) - https://en.wikipedia.org/wiki/Facebook%E2%80%93CambridgeAnalyticadata_scandal (https://en.wikipedia.org/wiki/Facebook%E2%80%93Cambridge_Analytica_data_scandal) - https://clickhouse.com/ (https://clickhouse.com/) - https://en.wikipedia.org/wiki/Onlineanalyticalprocessing (https://en.wikipedia.org/wiki/Online_analytical_processing) - https://github.com/plausible/clickhouse_ecto (https://github.com/plausible/clickhouse_ecto) - https://plausible.io/blog/you-probably-dont-need-a-single-page-app (https://plausible.io/blog/you-probably-dont-need-a-single-page-app) - https://twitter.com/PlausibleHQ/status/1532265765042376704 (https://twitter.com/PlausibleHQ/status/1532265765042376704) – Announced they reached a revenue milestone Guest Information - https://twitter.com/ukutaht (https://twitter.com/ukutaht) – Uku on Twitter - https://twitter.com/PlausibleHQ (https://twitter.com/PlausibleHQ) – Plausible HQ on Twitter - https://fosstodon.org/@plausible (https://fosstodon.org/@plausible) – Mastodon - https://github.com/ukutaht/ (https://github.com/ukutaht/) – Uku on Github - https://github.com/plausible (https://github.com/plausible) – Plausible on Github - https://plausible.io/blog (https://plausible.io/blog) – Plausible Blog Find us online - Message the show - @ThinkingElixir (https://twitter.com/ThinkingElixir) - Email the show - show@thinkingelixir.com (mailto:show@thinkingelixir.com) - Mark Ericksen - @brainlid (https://twitter.com/brainlid) - David Bernheisel - @bernheisel (https://twitter.com/bernheisel) - Cade Ward - @cadebward (https://twitter.com/cadebward)

    How They Made their Millions
    124: GitHub: Tom Preston-Werner - From dead-broke to a multi-millionaire.

    How They Made their Millions

    Play Episode Listen Later Jun 28, 2022 18:42


    GitHub is a well-known website that brings together developers from all over the globe to work together on code. But how did Tom Preston-Werner and Chris Wanstrath took GitHub from a “weekend project-started in-bar” to one of the world's most powerful software development services that Microsoft purchased for $7.5 billion? Let us check it out.

    Learning Bayesian Statistics
    #63 Media Mix Models & Bayes for Marketing, with Luciano Paz

    Learning Bayesian Statistics

    Play Episode Listen Later Jun 28, 2022 74:43


    Proudly sponsored by https://www.pymc-labs.io/ (PyMC Labs), the Bayesian Consultancy. https://calendar.google.com/calendar/appointments/schedules/AcZssZ1nOI_SElJzSiQ2sXBDiaW9w98ErjnHVzmHcSilYNWeXxJgV870NGuWZUGo3W-8-gDG8jIXQhBf (Book a call), or get in touch! Inviting someone like Luciano Paz on a stats podcast is both a pleasure and a challenge — he does so many things brilliantly that you have too many questions to ask him… In this episode, I've chosen — not without difficulty — to focus on the applications of Bayesian stats in the marketing industry, especially Media Mix Models. Ok, I also asked Luciano about other topics — but you know me, I like to talk… Originally, Luciano studied physics. He then did a PhD and postdoc in neuroscience, before transitioning into industry. During his time in academia, he used stats, machine learning and data science concepts here and there, but not in a very organized way. But at the end of his postdoc, he got into PyMC — and that's when everything changed… He loved the community and decided to hop on board to exit academia into a better life. After leaving academia, he worked at a company that wanted to do data science but that, for privacy reasons, didn't have a lot of data. And now, Luciano is one of the folks working full time at the PyMC Labs consultancy. But Luciano is not only one of the cool nerds building this crazy Bayesian adventures. He also did a lot of piano and ninjutsu. Sooooo, don't provoke him — either in the streets or at a karaoke bar… Our theme music is « Good Bayesian », by Baba Brinkman (feat MC Lars and Mega Ran). Check out his awesome work at https://bababrinkman.com/ (https://bababrinkman.com/) ! Thank you to my Patrons for making this episode possible! Yusuke Saito, Avi Bryant, Ero Carrera, Giuliano Cruz, Tim Gasser, James Wade, Tradd Salvo, Adam Bartonicek, William Benton, Alan O'Donnell, Mark Ormsby, James Ahloy, Robin Taylor, Thomas Wiecki, Chad Scherrer, Nathaniel Neitzke, Zwelithini Tunyiswa, Elea McDonnell Feit, Bertrand Wilden, James Thompson, Stephen Oates, Gian Luca Di Tanna, Jack Wells, Matthew Maldonado, Ian Costley, Ally Salim, Larry Gill, Joshua Duncan, Ian Moran, Paul Oreto, Colin Caprani, George Ho, Colin Carroll, Nathaniel Burbank, Michael Osthege, Rémi Louf, Clive Edelsten, Henri Wallen, Hugo Botha, Vinh Nguyen, Raul Maldonado, Marcin Elantkowski, Adam C. Smith, Will Kurt, Andrew Moskowitz, Hector Munoz, Marco Gorelli, Simon Kessell, Bradley Rode, Patrick Kelley, Rick Anderson, Casper de Bruin, Philippe Labonde, Matthew McAnear, Michael Hankin, Cameron Smith, Luis Iberico, Tomáš Frýda, Ryan Wesslen, Andreas Netti, Riley King, Aaron Jones, Yoshiyuki Hamajima, Sven De Maeyer, Michael DeCrescenzo, Fergal M, Mason Yahr, Naoya Kanai, Steven Rowland, Aubrey Clayton, Jeannine Sue, Omri Har Shemesh and Lin Yu Sha. Visit https://www.patreon.com/learnbayesstats (https://www.patreon.com/learnbayesstats) to unlock exclusive Bayesian swag ;) Links from the show: Luciano's website: https://lucianopaz.github.io/ (https://lucianopaz.github.io/) Luciano on GitHub: https://github.com/lucianopaz (https://github.com/lucianopaz) Luciano on LinkedIn: https://www.linkedin.com/in/luciano-paz-4139b5123/ (https://www.linkedin.com/in/luciano-paz-4139b5123/) Bayesian Media Mix Modeling for Marketing Optimization: https://www.pymc-labs.io/blog-posts/bayesian-media-mix-modeling-for-marketing-optimization/ (https://www.pymc-labs.io/blog-posts/bayesian-media-mix-modeling-for-marketing-optimization/) Improving the Speed and Accuracy of Bayesian Media Mix Models: https://www.pymc-labs.io/blog-posts/reducing-customer-acquisition-costs-how-we-helped-optimizing-hellofreshs-marketing-budget/ (https://www.pymc-labs.io/blog-posts/reducing-customer-acquisition-costs-how-we-helped-optimizing-hellofreshs-marketing-budget/) Speeding up HelloFresh's Bayesian AB tests by 60x:...

    ShopTalk » Podcast Feed
    521: GitHub Actions with Rizèl Scarlett and Brian Douglas

    ShopTalk » Podcast Feed

    Play Episode Listen Later Jun 27, 2022


    Rizèl Scarlett & Brian Douglas chat with us about GitHub Actions and help us understand how to use Actions on your next project. We also dive into GitHub Copilot and GitHub apps.

    Merge Conflict
    312: dotnet workload

    Merge Conflict

    Play Episode Listen Later Jun 27, 2022 32:49


    This week try to demystify the new workload system in .NET! .NET MAUI, Blazor WASM, Source Control, Continuous Integration, and more! Follow Us Frank: Twitter, Blog, GitHub James: Twitter, Blog, GitHub Merge Conflict: Twitter, Facebook, Website, Chat on Discord Music : Amethyst Seer - Citrine by Adventureface ⭐⭐ Review Us (https://itunes.apple.com/us/podcast/merge-conflict/id1133064277?mt=2&ls=1) ⭐⭐ Machine transcription available on http://mergeconflict.fm

    soundbite.fm: a podcast network
    Merge Conflict: 312: dotnet workload

    soundbite.fm: a podcast network

    Play Episode Listen Later Jun 27, 2022 32:49


    This week try to demystify the new workload system in .NET! .NET MAUI, Blazor WASM, Source Control, Continuous Integration, and more! Follow Us Frank: Twitter, Blog, GitHub James: Twitter, Blog, GitHub Merge Conflict: Twitter, Facebook, Website, Chat on Discord Music : Amethyst Seer - Citrine by Adventureface ⭐⭐ Review Us (https://itunes.apple.com/us/podcast/merge-conflict/id1133064277?mt=2&ls=1) ⭐⭐ Machine transcription available on http://mergeconflict.fm

    BlockDrops com Maurício Magaldi
    Phygital, Novidades da FTX, Mortoverso, e muito mais

    BlockDrops com Maurício Magaldi

    Play Episode Listen Later Jun 26, 2022 18:41


    Drop 1:  Phygital https://cointelegraph.com/news/lets-get-phygital-the-nfts-backed-by-real-world-collectibles Drop 2: FTX Investimento na BlockFi https://twitter.com/SBF_FTX/status/1539268631095152642?t=1xACIkxMSe9WWdxXSglOnQ&s=19 Aquisição da Embed https://twitter.com/Brett_FTX/status/1539234663897636864?t=d_zYq9wXm63eQaGRqVoaeA&s=19 Derivativos com Goldman Sachs https://www.zerohedge.com/crypto/goldman-sachs-reportedly-talks-ftx-bitcoin-crypto-derivatives Drop 3: Legathum, Metaverso após a morte https://cointelegraph.com.br/news/the-sky-is-no-longer-the-limit-brazilian-scientist-creates-metaverse-where-it-will-be-possible-to-live-after-death .. Moonpay partners with Universal/Fox para NFTs exclusivos https://www.cnbc.com/2022/06/21/crypto-start-up-moonpay-in-nft-deal-with-universal-fox.html Sardine contrata Simon Taylor https://www.prnewswire.com/news-releases/leading-payments-fraud--compliance-platform-sardine-adds-one-of-fintechs-most-influential-people-to-its-growing-team-301571443.html Uniswap adquire Genie para incorporar NFT à DEx https://twitter.com/Uniswap/status/1539306956002820096?t=QLX1piY9CrbEg9xrYJgWOQ&s=19 Bayz em parceira com The Sandbox https://cointelegraph.com.br/news/bayz-announces-partnership-with-the-sandbox-to-take-brazilian-brands-to-the-metaverse Nydig em parceria com Deloitte https://www.coindesk.com/business/2022/06/21/nydig-to-work-with-deloitte-in-offering-bitcoin-capabilities-to-clients/ Visa lança Bitcoin Cashback no Brasil e Argentina https://www.finextra.com/newsarticle/40478/visa-launches-bitcoin-cashback-cards-in-brazil-and-argentina Solana Labs to launch a mobile phone https://www.coindesk.com/business/2022/06/23/solana-labs-is-building-a-web3-mobile-phone/ Goldman de olho na Celcius https://www.coindesk.com/business/2022/06/24/goldman-sachs-raising-funds-to-buy-celsius-assets-sources/ Senadora Lummis sobe o PL crypto no GitHub https://www.theverge.com/2022/6/23/23180813/cryptocurrency-bill-cynthia-lummis-kirsten-gillibrand-github-trolling --- Send in a voice message: https://anchor.fm/blockdropspodcast/message

    Agile Thoughts
    195 Teaching With Cyber-Dojo

    Agile Thoughts

    Play Episode Listen Later Jun 25, 2022 13:40


    CyberDojo is at http://Cyber-Dojo.org Jon Jagger can be contacted on Twitter: @JonJagger Jon Jaggers blog: http://jonjagger.blogspot.com CyberDojo’s GitHub: https://github.com/cyber-dojo/cyber-dojo A video presentation from Jon about Cyber-Dojo: https://www.youtube.com/watch?v=CPiACJVY4fA Mentioned in this episode: The Alan Turing Trust: https://turingtrust.co.uk

    Sustain
    Episode 126: GitHub Maintainer Month with Mike McQuaid of Homebrew and Nina Breznik of DatDot

    Sustain

    Play Episode Listen Later Jun 24, 2022 28:39


    Guest Mike McQuaid | Nina Breznik Panelists Richard Littauer Show Notes Hello and welcome to a special episode of Sustain, where we interview Maintainers as part of GitHub Maintainer Month! On this episode, Richard is interviewing a few open source maintainers to talk about what it's like to be a maintainer, how awesome they are, and what issues they may have being a maintainer. My first guest is Mike McQuaid, who works for GitHub and is one of the maintainers of Homebrew. Mike tells us all about Homebrew, how you can contribute, and the most fun thing about being a maintainer there. Also joining me is Nina Breznik, another awesome maintainer, Founder of RefugeesWork, Partner and Open Source Developer at Playproject, Community Organizer at Wizard Amigos, and she works on a DatDot project with serapath. Nina shares how it is for her being a maintainer, how she helps other people see it as art, not just science and math, but a more creative thing, and she tells us the project she had the most fun working on. Go ahead and download this episode now to learn more! Mike: [00:00:48] Mike explains what Homebrew is, the size of the community, and the usage. [00:01:46] How did Mike come to maintain Homebrew and the other twenty people and how did he pivot and make the switch elegantly? [00:04:08] Richard asks if Mike has any resources he can suggest to other maintainers. [00:05:04] Mike talks about burnout and when he works on Homebrew. [00:07:19] Mike shares advice to a first time open source person, and he tells us what advice he wishes someone had given him back in the day. [00:09:00] We learn from Mike the most fun thing about being a maintainer at Homebrew. [00:09:47] Find out how you can contribute to Mike's project and where you can follow him on the web. Nina: [00:11:48] We have Nina joining us now and Richard shares her bio with us. We also hear what Nina is maintaining these days and what her code looks like. [00:14:41] Nina tells us about the number of projects she maintains in the sense of commit access and the size of the community that she's working with. [00:17:30] Find out the hardest part for Nina when it comes to maintaining code. [00:18:47] Nina shares more about the RefugeesWork project she started which was the most magical experience for her. [00:21:36] What is Nina most looking forward to over the next five to ten years as a maintainer and what does she want to see happen with her work? [00:22:57] Nina shares what she wishes people had told her to make it easier for her when she first started coding. [00:24:27] We learn what Nina does in her community to ensure that designers or tech writers, etc., feel involved in the projects she works on. [00:27:15] Find out where you can follow Nina and her projects on the web. Quotes [00:01:59] “The best way to get involved with open source was solving a problem I had for myself.” [00:04:23] “Everything we do breaks down to human relationships and managing those and trying to have an environment where people are happy with each other.” [00:07:19] “What advice would you give to a first-time open source person? I think just strict boundaries.” [00:20:34] “I transitioned from social sciences and arts into coding because I wanted to get a skill. I wanted to be able to build something on my own and this was the first time I felt the power that I built something.” [00:21:45] “I would love to see more people learning to code, which is one of the reasons why I started Wizards Amigos Project because I feel that this really is literacy of the future.” [00:23:06] “They should have told me this is not all about math, but more like art.” Links SustainOSS (https://sustainoss.org/) SustainOSS Twitter (https://twitter.com/SustainOSS?ref_src=twsrc%5Egoogle%7Ctwcamp%5Eserp%7Ctwgr%5Eauthor) SustainOSS Discourse (https://discourse.sustainoss.org/) podcast@sustainoss.org (mailto:podcast@sustainoss.org) Richard Littauer Twitter (https://twitter.com/richlitt?ref_src=twsrc%5Egoogle%7Ctwcamp%5Eserp%7Ctwgr%5Eauthor) Mike McQuaid Twitter (https://twitter.com/mikemcquaid?lang=en) Mike McQuaid Website (https://mikemcquaid.com/) Homebrew (https://brew.sh/) Sustain Podcast-Episode 117: Mike McQuaid of Homebrew on Sustainability Working on OSS Projects (https://podcast.sustainoss.org/117) Nina Breznik Twitter (https://twitter.com/ninabreznik?lang=en) serapath Twitter (https://twitter.com/serapath) Google Summer of Code 2022 Program Announced (https://summerofcode.withgoogle.com/) Rails Girls (http://railsgirls.com/) Wizard Amigos (https://wizardamigos.com/) DatDot (https://datdot.org/) Dat Ecosystem (https://dat-ecosystem.org/) Mathias Buus (https://github.com/mafintosh) Ok Distribute Blog (https://okdistribute.xyz/) Dat Foundation Governance (https://dat.foundation/about/people/) Credits Produced by Richard Littauer (https://www.burntfen.com/) Edited by Paul M. Bahr at Peachtree Sound (https://www.peachtreesound.com/) Show notes by DeAnn Bahr Peachtree Sound (https://www.peachtreesound.com/) Special Guests: Mike McQuaid and Nina Breznik.

    The Laravel Podcast
    Pest, with Nuno Maduro

    The Laravel Podcast

    Play Episode Listen Later Jun 24, 2022 23:18


    Nuno Maduro's Twitter - https://twitter.com/enunomaduroSponsor Nuno Maduro - https://github.com/sponsors/nunomaduroPest - https://pestphp.comPest Discord Server - https://discord.com/invite/bMAJv82Perl - https://www.perl.org/Parallel Plugin - https://pestphp.com/docs/plugins/parallelPHPUnit - https://phpunit.de/Jest - https://jestjs.io/Livewire - https://laravel-livewire.com/Watch Plugin - https://pestphp.com/docs/plugins/watchRetry Plugin - https://docs.php-http.org/en/latest/plugins/retry.htmlDatasets - https://pestphp.com/docs/datasets#datasetsOliver Nybroe's Twitter - https://twitter.com/olivernybroe?lang=enOliver Nybroe's GitHub - https://github.com/olivernybroeOwen Voke's Twitter - https://twitter.com/owenvokeOwen Voke's GitHub - https://github.com/owenvokeLuke Downing's Twitter - https://twitter.com/LukeDowning19Luke Downing's GitHub - https://github.com/lukeraymonddowningFreek Van der Herten's Twitter - https://twitter.com/freekmurzeFreek Van der Herten's Blog - https://freek.dev

    PHP Internals News
    PHP Internals News: Episode 103: Disjunctive Normal Form (DNF) Types

    PHP Internals News

    Play Episode Listen Later Jun 24, 2022


    PHP Internals News: Episode 103: Disjunctive Normal Form (DNF) Types London, UK Friday, June 24th 2022, 09:07 BST In this episode of "PHP Internals News" I talk with George Peter Banyard (Website, Twitter, GitHub, GitLab) about the "Disjunctive Normal Form Types" RFC that he has proposed with Larry Garfield. The RSS feed for this podcast is https://derickrethans.nl/feed-phpinternalsnews.xml, you can download this episode's MP3 file, and it's available on Spotify and iTunes. There is a dedicated website: https://phpinternals.news Transcript Derick Rethans 0:15 Hi, I'm Derick. Welcome to PHP internals news, a podcast dedicated to explaining the latest developments in the PHP language. This is episode 103. Today I'm talking with George Peter Banyard again, this time about a disjunctive normal form types RFC, or DNF, for short, which he's proposing together with Larry Garfield. George Peter, would you please introduce yourself? George Peter Banyard 0:39 Hello, my name is George Peter Banyard, I work on PHP paid part time, by the PHP foundation. Derick Rethans 0:44 Just like last time, we are still got colleagues. George Peter Banyard 0:46 Yes, we are indeed still call it. Derick Rethans 0:48 What is this RFC about? What is it trying to solve? George Peter Banyard 0:52 The problems of this RFC is to be able to mix intersection and union types together. Last year, when intersection types were added to PHP, they were explicitly disallowed to be used with Union types. Because: a) mental framework, b) implementation complexity, because intersection types were already complicated on their own, to try to get them to work with Union types was kind of a big step. So it was done in chunks. And this is the second part of the chunk, being able to use it with Union types in a specific way. Derick Rethans 1:25 What is the specific way? George Peter Banyard 1:27 The specific way is where the disjoint normal form thing comes into play. So the joint normal form just means it's a normalized form of the type, where it's unions of intersections. The reason for that it helps the engine be able to like handle all of the various parts it needs to do, because at one point, it would need to normalize the type anyway. And we currently is just forced on to the developer because it makes the implementation easier. And probably also the source code, it's easier to read. Derick Rethans 1:54 When you say, forcing it up on a developer to check out you basically mean that PHP won't try to normalize any types, but instead throws a compilation error? George Peter Banyard 2:05 Exactly. It's, it's the job of the developer to do the normalization step. The normalization step is pretty easy, because I don't expect people to do too many stuff as intersection types. But as can always be done as a future scope of like adding a normalization step, then you get into the issues of like, maybe not having deterministic code, because normalization steps can take very, very long, and you can't necessarily prove that it will terminate, which is not a great situation to be in. Imagine just having PHP not running at all, because it's stuck in an infinite loop trying to normalize the format. It's just like, oh, I can't compile Derick Rethans 2:39 Would a potential type alias kind of syntax help with that? George Peter Banyard 2:44 Maybe, I'm not really sure. Actually reading like research about it from computer scientists, in functional programming languages, which is everything is compiled on my head. And they have the whole thing was like, well, they need to type type normalize, and especially with type aliases, they haven't really figured out a way yet. So I'm not sure how we are going to figure out a way if experts and PhD students and researchers haven't really figured out a way. Derick Rethans 3:08 And is the reason for that mostly, because PHP, resolves types while it is running code sometimes because it has to overload classes, and then it might find out it is an inherited class, for example? George Peter Banyard 3:19 Yes, I think it's like this weird thing where might maybe PHP has like kind of an advantage, because it doesn't need to, like resolve all of the types at once. And if you have a type alias, it's just oh, if it's used, and you just need to resolve it, and then try to figure it out. There's also the added complexity of like, variance checks, because most functional programming languages, they have variance to some degree, but they don't have the whole inheritance of like typical OOP languages have. It's kind of a very strange field, the fact that yeah, PHP is just like, well, we kind of do stuff at runtime, and you don't necessarily need everything. And it just works is like, well, we'll do. That's mainly the reason why the dev needs to do the normalization step, the form is done. It's also I think, the most easiest to understand, it's just like, Oh, you have this and this, or this group, or stuff, or this group of stuff, or this thing, simple type. The other form would be another normalized form would be conjunctive normal form, which is a list of ANDs of ORs to just have this thing, or X, like (A or B or C) and X and (Y or Z), which I think is harder to understand. Derick Rethans 4:26 What is the exact syntax then? George Peter Banyard 4:28 So the exact syntax is, if you want to have an intersection type was in a union type, you need to like bracket it by parentheses. And then you have like the normal pipe union operator and you can mix it with single types, you can mix it with true, you can mix it with false, which are literal types, which now exist, or just normal, bool types. Derick Rethans 4:48 The parenthesis is actually required. You don't rely on operator precedence to make things work? George Peter Banyard 4:53 Yes. Relying on operator precedence is terrible. Derick Rethans 4:57 Yep, I agree. George Peter Banyard 4:58 I'd say Oh, yeah, but I think I've heard this argument on the list like a couple of times, it's just, oh, yeah, but maths, like, has like, and as priority over like, or, I mean, I did three years of a maths degree and not gonna lie. Maths notation is terrible for most of us. People don't even agree on terminology. I'm just gonna say, let's, let's just do better. Derick Rethans 5:19 I agree. I mean, most coding standards for any sort of variable for like conditions, will already require parenthesis around multiple complex clauses anyway, right? I mean, it's a sensible thing to do, just for readability, in my opinion. So the RFC also talks about a few syntax that you aren't allowed to do, and that you have to normalize or deconstruct yourself, what kinds of things are these? George Peter Banyard 5:41 if you would want to have a type which has an intersection of a class A with at least one other class, so let's say X or Y, but you can always convert it into DNF form, how this type would be, it would be (A and X) or (A and Y). This seems to be the more unusual case, I would imagine. One of the motivating cases of DNF types is to do something like Array or (Traversable and Countable). I don't really see mixing and matching various different object interfaces in differencing, the most useful user land cases to be able to do Array or (Traversable and Countable) so that you can use just count or seeing something as an array, or you have like Traversable and Countable and ArrayAccess. And it's just like, Oh, here's an object, which kind of behaves like an array. Derick Rethans 6:32 I think there's currently another RFC just being proposed, that extends iterator_to_array to multiple types as well to accept more things. So that sort of fits into this category of things to do with iterables and traversals then I suppose. George Peter Banyard 6:49 yeah Derick Rethans 6:50 I'm hoping to talk to the author of that RFC as well. At the moment where two and a half weeks or so before a feature freeze, you now see a whole flurry of RFCs while it was a bit quiet in the last few months. So because you're adding to the type system, that's also usually has consequences for variance rules, or rather, how inheriting works with return types and argument types, as well as property types. What do DNF types mean for these variance checks? George Peter Banyard 7:19 The variance is checks, kind of follow the similar rules as before. So property types are easy. They are invariant, so you can't change them. You can reorder types, like was in your union if you want to. But that was already the case with Union types previously, because PHP will just check that, well, the types match. So contravariant, you can always restrict types, meaning you can either add intersections, or you can remove unions, broadly speaking. What you could do, for example, if you have like A or B or C, you could do A and X as a subtype, because you're restricting A to be of an extra, like an extra interface. Derick Rethans 8:06 So then you will have (A and X) or B or C. George Peter Banyard 8:10 Yes. So that's one restriction. You can add how many interfaces you want and do an intersection type, you can add them on every type you can. On the other side, you can just add like unions. So if for contravariance, or like an an argument type, it's like, well, I just want to return something new, well, then you can add unions, but you can't add an intersection to a type, you can only widen types of arguments. So if your type is A or B or C, you can't do A and B, and you can't do (A and X) or B or C, because you're restricting the type. If your type would be (A and X) or (B and Y) or (C and Z), then you could lift the restriction to A or B or (C and Z) because you loosening the requirements on on the type that you're accepting. Derick Rethans 8:55 To summarize this: argument types, you can always widen; return types you can only restrict, and, and property types you can't change at all. I specifically wanted to summarize that because I always find contravariance and covariance. These names confuse me. So that's why I prefer to talk about widening types and restricting types instead. Because there are so close together for me. We spoke a little bit about redundant types. What is this new functionality do if you specify redundant types? George Peter Banyard 9:30 Redundant types how they currently work in PHP are done at compile time. And they do exact class matches or constant class aliasing matches. Derick Rethans 9:41 That will need an explanation. George Peter Banyard 9:44 Class names and interface names in PHP are case insensitive. So you can write a lower-case a or upper-case A and it means the same class. If you provide let's say lower-case a or upper-case A, the engine realize this, this is the same class, so we'll serve it on the type error. So PHP has use statements, or use as. So these are compile time aliases. If you define a class A, and then you say use A as B. So B is a compile time alias of A. And then you do a type which has A or B, PHP already knows these things refer to the same class. So it will raise a compile time error. Derick Rethans 10:25 These use aliases are per file only, right? George Peter Banyard 10:28 Yes, that's usually to do with if you import traits or like a namespaces. And you get conflicting class names. That's how you handle it about. PHP has also this feature, which you can do this at runtime, using the function called class_alias. Now, obviously, compile time checks are done at compile time. So it doesn't know at runtime that you aliasing these classes or using this name as an alias. So then PHP won't complain. Derick Rethans 10:53 But will don't complain during runtime. George Peter Banyard 10:56 No. Derick Rethans 10:56 You really just wanted to shoot yourself in the foot, we'll let you do this. George Peter Banyard 11:00 Yet, during this at runtime, just as like a whole layer of time, because it's not it's not really useful. Basically, what it means that PHP won't guarantee you the type is minimal. I.e. you might have redundant types, but it will just try to tell you, it's like oh, the- these are exactly the same types. And I know these are the same types, you probably do get mistake. So if it can determine this at compile time, it will tell you. Derick Rethans 11:23 The variance is still checked when you're passing in things. George Peter Banyard 11:26 Yes, so variance is checked on inheritance. When the class is inherited and compiled, because it needs to load the parent class, it will then check that it's built properly, and otherwise it will raise an error, that's fine. But just checking that the types is minimal is not possible. A) because inheritance, you don't know how it works, because it will only do the checks on basically on the name of the strings, it will do like compare strings of class names. And if it doesn't know the class name, or if it or if it needs to do some inheritance, it just won't do an instance of check. They just ignore that. It's just like, well, maybe it is maybe it's not I don't know. And that's fine. Derick Rethans 12:08 Of course, if you pass in a wrong type at runtime, then it will still get rejected during runtime anyway. George Peter Banyard 12:14 Yes, that hasn't changed. Derick Rethans 12:16 The only thing that you might end up in a situation where you don't get warned during compile time whether type is redundant. George Peter Banyard 12:23 Yes. So that's the behaviour we currently are the behaviour is added. So, it will check that two intersection types within the union are identical using the same class stuff. So for example, if you have class A, and you say use a as B, and then you have a type which is (A and X) or (B and X), it will tell you: Okay, these classes are the same. The check it adds now also it will check that you don't have a more restrictive type with a wider type. So if your type is T or (T and X), because T is wider than T and X, it will error at compile time, it'll tell you well, T is less restrictive than T and X. So the T and X type is redundant. Derick Rethans 13:11 Okay, so nothing strange. Basically, what you expect to happen will happen. And PHP does its best telling you at compile time whether you've done something wrong or not. George Peter Banyard 13:22 Yes. Derick Rethans 13:24 I think we've spoken mostly about the functionality itself and types. I'm a little bit interested in whether you encountered some interesting things while implementing this feature. George Peter Banyard 13:33 This feature basically, was a bit in limbo for the implementation, because I was waiting on a change to make Iterable, a compile time alias of Array or Traversable, which shouldn't affect userland. Because previously, all of the checks needed to cater to if you get Iterable, then you need to check for the variance. Has it Array , has it a Traversable type, does this accept? Is it why the is it more restrictive, it's identical. It's just this weird edge case, which makes the variance code harder. Moving this to a compile time alias, where now it just uses the standard, a standard union type in some sense, just makes a lot of the variance checks already streamlined and simpler. And because this is simpler, in some sense, was DNF types. When you hit the intersection, you need to recurse one step to check the variance. This helps. This is also kind of why DNF types are enforced like as like the structure on the dev because otherwise, you could potentially get into the whole like, oh, infinite recursion if you do like very nested types, because it's just like, oh, you hit one nested type and so, oh okay, now I'm again in unnecessary time and then you recurse again and then you recurse again, and so that's all you get into the thing: Oh you need to normalize the type. The variance check is: Can you see if it's a union type is the first type a sub list So a list of intersection types, okay, is it balanced? And then just recall the same function in some sense, like, check the types for variance, is this correct? Okay, move to the next type back into the Union and everything. So the implementation is conceptually simple, because all of the implementation details already exist. And all the everything hard has already been done. Now, it's just like, in some sense, it was extracting it into its own function, and then like recurse into it, and not forget to update opcache properly. Derick Rethans 15:31 You mentioned that in order to make the DNF types work, you were waiting on this Array or Iterable or Traversable kind of type. Is this also type people can use it and userland? Or is it internal only? George Peter Banyard 15:44 It is the standard Iterable type that you can already use. So currently, PHP considered Iterable, a full type in some sense. And what the this implementation change basically makes it Iterable into ... compile time alias of Array or Traversable. Iterable exists since, PHP, 7.1, I think. Can still use it, reflection should still be fine if you use it as a single type. Derick Rethans 16:08 So to change there is more, instead of: if you encounter Iterable, we check for both Array and Traversable. Then, instead of making the check every time you look at Iterable is already part of the type system, so you don't have to make the check every time. George Peter Banyard 16:23 Exactly, you basically move when it's being transformed in some sense. Now it has some repercussion on other parts, which needed to be taken care of, which is probably why it was in limbo for 10 months. I had already done the implementation of DNF types, basically, working on my local copy of that branch. It's just like: Okay, this got merged, nice, I can now open the PR onto PHP SRC. So I didn't wait for it to land until start working on it. Derick Rethans 16:50 Things like that also often affect reflection, because you're adding more complex types to the type system. So what kind of changes does that make to PHP's reflection system? And does this end up breaking backwards compatibility? George Peter Banyard 17:04 So in theory, no, it doesn't. How the reflection API works around the type system is that most method calls will turn a reflection type interface, ReflectionNameType, ReflectionUnionType, and ReflectionIntersectionType, are all instances of a ReflectionType. And methods if you would call on the list. So on a union type, the type it would return if you get like getTypes is a ReflectionType. The type system and how the reflection idea was designed, there is no BC break. How the standard was working, it's like, Oh, if you had like a union type, or an intersection type, if you call the getList or getListOfTypes, or getTypes, I don't remember exactly what the method name is actually called, you will always get an array of reflection name types, because you can only have like one level of list in some sense. However, now, if your top type is a union type, then if you get getTypes, you might get an array of ReflectionNameTypes with ReflectionIntersectionTypes. So that's the case that you now need to cater to. So if you get another ReflectionIntersectionType in between. There, you could only have ReflectionNameTypes, there was no nesting, whereas now if you have a union type, one of the types that you get back from the getTypes method in the array will be a ReflectionIntersectionType. Technically, all of the types of the part of the reflection type, so it's an array of reflection types that you get. How it worked before is that you didn't need to care about this distinction between: Oh, it returns a ReflectionType and a ReflectionNameType because well, it only return a ReflectionNameType. But now this is not the case. So you now need to cater to that that oh, you might have nesting. Which kind of boils down to like if in the future, we decide to like have oh, you can nest union types in an intersection type, then the getTypes method might return a union type with other name types. Derick Rethans 19:03 You just need to make sure that you check for more than just one thing that it previously would have done. You can't assume not everything is a ReflectionType any more. It could also be ReflecionIntersectionType. George Peter Banyard 19:18 Yes, exactly. Derick Rethans 19:20 I think that sort of what's in the RFC, is there any future scope? George Peter Banyard 19:25 I mean, the future scope is type alias. As usual. Everything I feel when you talk about the type system, it's like type aliases. At one point when your types gets very complicated. It would be nice to just be able to refer this as a as a named type in some sense, instead of needing to retype every time the whole union slash intersection of it. Hopefully we can get this running for 8.3. We are starting to get kind of complicated types. It would be nice being able to have this feature. The other obvious future scope in some sense, who knows if it's actually desirable is to allow either having conjunctive normal form so you can have like a list of ANDs or ORs Derick Rethans 20:05 You call these conjunctive normal forms? George Peter Banyard 20:08 Yes. Or just a type, which is not normalized. Not sure if it's really desirable to have this feature, because then you get into the whole thing of, if PHP doesn't, either PHP doesn't know how to like normalize it, or it's not in the best form, and then you get into like, very long compilation units or just checking. It's like, okay, does it respect the type? Does it do all of the instance of checks? And I'm not sure if it's super desirable. Derick Rethans 20:38 So it could be considered future scope. But from what I gather from you, you don't actually know what it is actually a desirable thing to add to the language? George Peter Banyard 20:46 Yes. Derick Rethans 20:47 Okay, George, thank you for taking the time this morning to talk about this new DNF types RFC. George Peter Banyard 20:54 Thank you for having me. As always. Derick Rethans 20:59 Thank you for listening to this installment of PHP internals news, a podcast dedicated to demystifying the development of the PHP language. I maintain a Patreon account for supporters of this podcast as well as the Xdebug debugging tool. You can sign up for Patreon at https://drck.me/patreon. If you have comments or suggestions, feel free to email them to derick@phpinternals.news. Thank you for listening, and I'll see you next time. Show Notes RFC: Disjunctive Normal Form Types Credits Music: Chipper Doodle v2 — Kevin MacLeod (incompetech.com) — Creative Commons: By Attribution 3.0

    Ikkunastudio
    #143T: GitHub Copilot GA, Synlapse ja muuta synkkyyttä

    Ikkunastudio

    Play Episode Listen Later Jun 24, 2022 37:45


    IglooConf Summer 2022 -sisältöt YouTubessaGitHub Copilot is generally available to all developersMetaverse Stocks: Facebook, Microsoft, Nvidia Form Standards GroupReport reveals half of Japan's businesses had yet to ditch Internet ExplorerHoloLens leader Alex Kipman to leave Microsoft in mixed reality reorg after report on 'toxic' behavior – GeekWireMicrosoft's Toxic Culture Persists Despite Pledge by CEO Satya NadellaMicrosoft HoloLens boss Alex Kipman is out after misconduct allegations - The VergeSynLapse: Azure Synapse Analytics Service Vulnerability - Orca SecurityMicrosoft to acquire foreign cyberthreat analysis vendor Miburo | ZDNetMicrosoft Entra - Secure Identities and Access | Microsoft SecurityNew event sources for Azure Event Grid: Azure AD, Microsoft Outlook, Teams, SharePoint, Microsoft Conversations, Security Alerts and Universal PrintGeneral availability: Azure Data Explorer connector for Power Automate, Logic Apps, and Power AppsReuse policy configurations in Azure API Management | Microsoft DocsPublic preview: API Management authorizationsPublic preview: Apache Parquet capturing support in Azure Event Hubs

    Cyber Pro Podcast
    #190 - Skyler Curtis - Sr Security Researcher - Cyborg Security

    Cyber Pro Podcast

    Play Episode Listen Later Jun 23, 2022 10:35


    Skyler talks about how cyber security is built on the shoulders of people just screwing around! Skyler stresses to take advantage of every opportunity to implement something, be hands on, or be a decision maker in process to take it! Whether it is on product design, or how the company is structured, get involved and make sure you are using and instilling best practices and becoming more secure. He discusses how to have a "cyber mindset”, and don't let “imposter syndrome” hold you back. Continue to be inquisitive and “screw around”, it can be the best way to learn and stay sharp. You may discover something like Bill Gates did in his garage. Nothing can replace hands on learning like that, and you will remember what you learned and how you fixed it.   Connect with Skyler: https://www.linkedin.com/in/skyler-curtis/ Visit Skyler on Github: https://github.com/deadPix3l Email Skyler directly: skyler@cyborgsecurity.com Visit Cyborg Security: https://www.cyborgsecurity.com/   Visit Short Arms website: https://www.shortarmsolutions.com/    You can follow us at: Linked In: https://www.linkedin.com/company/shortarmsolutions  YouTube: https://www.youtube.com/channel/UCjUNoFuy6d1rouj_SBg3Qkw/featured  Twitter: https://twitter.com/ShortArmSAS

    Cyber Pro Podcast
    #190 - Skyler Curtis - Sr Security Researcher - Cyborg Security

    Cyber Pro Podcast

    Play Episode Listen Later Jun 23, 2022 10:35


    Skyler talks about how cyber security is built on the shoulders of people just screwing around! Skyler stresses to take advantage of every opportunity to implement something, be hands on, or be a decision maker in process to take it! Whether it is on product design, or how the company is structured, get involved and make sure you are using and instilling best practices and becoming more secure. He discusses how to have a "cyber mindset”, and don't let “imposter syndrome” hold you back. Continue to be inquisitive and “screw around”, it can be the best way to learn and stay sharp. You may discover something like Bill Gates did in his garage. Nothing can replace hands on learning like that, and you will remember what you learned and how you fixed it.   Connect with Skyler: https://www.linkedin.com/in/skyler-curtis/ Visit Skyler on Github: https://github.com/deadPix3l Email Skyler directly: skyler@cyborgsecurity.com Visit Cyborg Security: https://www.cyborgsecurity.com/   Visit Short Arms website: https://www.shortarmsolutions.com/    You can follow us at: Linked In: https://www.linkedin.com/company/shortarmsolutions  YouTube: https://www.youtube.com/channel/UCjUNoFuy6d1rouj_SBg3Qkw/featured  Twitter: https://twitter.com/ShortArmSAS

    Screaming in the Cloud
    Google Cloud Run, Satisfaction, and Scalability with Steren Giannini

    Screaming in the Cloud

    Play Episode Listen Later Jun 23, 2022 37:01


    Full Description / Show Notes Steren and Corey talk about how Google Cloud Run got its name (00:49) Corey talks about his experiences using Google Cloud (2:42) Corey and Steven discuss Google Cloud's cloud run custom domains (10:01) Steren talks about Cloud Run's high developer satisfaction and scalability (15:54) Corey and Steven talk about Cloud Run releases at Google I/O (23:21) Steren discusses the majority of developer and customer interest in Google's cloud product (25:33) Steren talks about his 20% projects around sustainability (29:00) About SterenSteren is a Senior Product Manager at Google Cloud. He is part of the serverless team, leading Cloud Run. He is also working on sustainability, leading the Google Cloud Carbon Footprint product.Steren is an engineer from École Centrale (France). Prior to joining Google, he was CTO of a startup building connected objects and multi device solutions.Links Referenced: Google Cloud Run: https://cloud.run sheets-url-shortener: https://github.com/ahmetb/sheets-url-shortener snark.cloud/run: https://snark.cloud/run Twitter: https://twitter.com/steren TranscriptAnnouncer: Hello, and welcome to Screaming in the Cloud with your host, Chief Cloud Economist at The Duckbill Group, Corey Quinn. This weekly show features conversations with people doing interesting work in the world of cloud, thoughtful commentary on the state of the technical world, and ridiculous titles for which Corey refuses to apologize. This is Screaming in the Cloud.Corey: Welcome to Screaming in the Cloud. I'm Corey Quinn. I'm joined today by Steren Giannini, who is a senior product manager at Google Cloud, specifically on something called Google Cloud Run. Steren, thank you for joining me today.Steren: Thanks for inviting me, Corey.Corey: So, I want to start at the very beginning of, “Oh, a cloud service. What are we going to call it?” “Well, let's put the word cloud in it.” “Okay, great. Now, it is cloud, so we have to give it a vague and unassuming name. What does it do?” “It runs things.” “Genius. Let's break and go for work.” Now, it's easy to imagine that you spent all of 30 seconds on a name, but it never works that way. How easy was it to get to Cloud Run as a name for the service?Steren: [laugh]. Such a good question because originally it was not named Cloud Run at all. The original name was Google Serverless Engine. But a few people know that because they've been helping us since the beginning, but originally it was Google Serverless Engine. Nobody liked the name internally, and I think at one point, we wondered, “Hey, can we drop the engine structure and let's just think about the name. And what does this thing do?” “It runs things.”We already have Cloud Build. Well, wouldn't it be great to have Cloud Run to pair with Cloud Build so that after you've built your containers, you can run them? And that's how we ended up with this very simple Cloud Run, which today seems so obvious, but it took us a long time to get to that name, and we actually had a lot of renaming to do because we were about to ship with Google Serverless Engine.Corey: That seems like a very interesting last-minute change because it's not just a find and replace at that point, it's—Steren: No.Corey: —“Well, okay, if we call it Cloud Run, which can also be a verb or a noun, depending, is that going to change the meaning of some sentences?” And just doing a find and replace without a proofread pass as well, well, that's how you wind up with funny things on Twitter.Steren: API endpoints needed to be changed, adding weeks of delays to the launch. That is why we—you know, [laugh] announced in 2018 and publicly launched in 2019.Corey: I've been doing a fair bit of work in cloud for a while, and I wound up going down a very interesting path. So, the first native Google Cloud service—not things like WP Engine that ride on top of GCP—but my first native Google Cloud Service was done in service of this podcast, and it is built on Google Cloud Run. I don't think I've told you part of this story yet, but it's one of the reasons I reached out to invite you onto the show. Let me set the stage here with a little bit of backstory that might explain what the hell I'm talking about.As listeners of this show are probably aware, we have sponsors whom we love and adore. In the early days of this show, they would say, “Great, we want to tell people about our product”—which is the point of a sponsorship—“And then send them to a URL.” “Great. What's the URL?” And they would give me something that was three layers deep, then with a bunch of UTM tracking parameters at the end.And it's, “You do realize that no one is going to be sitting there typing all of that into a web browser?” At best, you're going to get three words or so. So, I built myself a URL redirector, snark.cloud. I can wind up redirecting things in there anywhere it needs to go.And for a long time, I did this on top of S3 and then put CloudFront in front of it. And this was all well and good until, you know, things happened in the fullness of time. And now holy crap, I have an operations team involved in things, and maybe I shouldn't be the only person that knows how to work on all of these bits and bobs. So, it was time to come up with something that had a business user-friendly interface that had some level of security, so I don't wind up automatically building out a spam redirect service for anything that wants to, and it needs to be something that's easy to work with. So, I went on an exploration.So, at first it showed that there were—like, I have an article out that I've spoken about before that there are, “17 Ways to Run Containers on AWS,” and then I wrote the sequel, “17 More Ways to Run Containers on AWS.” And I'm keeping a list, I'm almost to the third installation of that series, which is awful. So, great. There's got to be some ways to build some URL redirect stuff with an interface that has an admin panel. And I spent three days on this trying a bunch of different things, and some were running on deprecated versions of Node that wouldn't build properly and others were just such complex nonsense things that had got really bad. I was starting to consider something like just paying for Bitly or whatnot and making it someone else's problem.And then I stumbled upon something on GitHub that really was probably one of the formative things that changed my opinion of Google Cloud for the better. And within half an hour of discovering this thing, it was up and running. I did the entire thing, start to finish, from my iPad in a web browser, and it just worked. It was written by—let me make sure I get his name correct; you know, messing up someone's name is a great way to say that we don't care about them—Ahmet Balkan used to work at Google Cloud; now he's over at Twitter. And he has something up on GitHub that is just absolutely phenomenal about this, called sheets-url-shortener.And this is going to sound wild, but stick with me. The interface is simply a Google Sheet, where you have one column that has the shorthand slug—for example, run; if you go to snark.cloud/run, it will redirect to Google Cloud Run's website. And the second column is where you want it to go. The end.And whenever that gets updated, there's of course some caching issues, which means it can take up to five seconds from finishing that before it will actually work across the entire internet. And as best I can tell, that is fundamentally magic. But what made it particularly useful and magic, from my perspective, was how easy it was to get up and running. There was none of this oh, but then you have to integrate it with Google Sheets and that's a whole ‘nother team so there's no way you're going to be able to figure that out from our Docs. Go talk to them and then come back in the day.They were the get started, click here to proceed. It just worked. And it really brought back some of the magic of cloud for me in a way that I hadn't seen in quite a while. So, all which is to say, amazing service, I continue to use it for all of these sponsored links, and I am still waiting for you folks to bill me, but it fits comfortably in the free tier because it turns out that I don't have hundreds of thousands of people typing it in every week.Steren: I'm glad it went well. And you know, we measure tasks success for Cloud Run. And we do know that most new users are able to deploy their apps very quickly. And that was the case for you. Just so you know, we've put a lot of effort to make sure it was true, and I'll be glad to tell you more about all that.But for that particular service, yes, I suppose Ahmet—who I really enjoyed working with on Cloud Run, he was really helpful designing Cloud Run with us—has open-sourced this side project. And basically, you might even have clicked on a deploy to Cloud Run button on GitHub, right, to deploy it?Corey: That is exactly what I did and it somehow just worked and—Steren: Exactly.Corey: And it knew, even logging into the Google Cloud Console because it understands who I am because I use Google Docs and things, I'm already logged in. None of this, “Oh, which one of these 85 credential sets is it going to be?” Like certain other clouds. It was, “Oh, wow. Wait, cloud can be easy and fun? When did that happen?”Steren: So, what has happened when you click that deploy to Google Cloud button, basically, the GitHub repository was built into a container with Cloud Build and then was deployed to Cloud Run. And once on Cloud Run, well, hopefully, you have forgotten about it because that's what we do, right? We—give us your code, in a container if you know containers if you don't just—we support, you know, many popular languages, and we know how to build them, so don't worry about that. And then we run it. And as you said, when there is low traffic or no traffic, it scales to zero.When there is low traffic, you're likely going to stay under the generous free tier. And if you have more traffic for, you know, Screaming in the Cloud suddenly becoming a high destination URL redirects, well, Cloud Run will scale the number of instances of this container to be able to handle the load. Cloud Run scales automatically and very well, but only—as always—charging you when you are processing some requests.Corey: I had to fork and make a couple of changes myself after I wound up doing some testing. The first was to make the entire thing case insensitive, which is—you know, makes obvious sense. And the other was to change the permanent redirect to a temporary redirect because believe it or not, in the fullness of time, sometimes sponsors want to change the landing page in different ways for different campaigns and that's fine by me. I just wanted to make sure people's browser cache didn't remember it into perpetuity. But it was easy enough to run—that was back in the early days of my exploring Go, which I've been doing this quarter—and in the couple of months this thing has been running it has been effectively flawless.It's set it; it's forget it. The only challenges I had with it are it was a little opaque getting a custom domain set up that—which is still in beta, to be clear—and I've heard some horror stories of people saying it got wedged. In my case, no, I deployed it and I started refreshing it and suddenly, it start throwing an SSL error. And it's like, “Oh, that's not good, but I'm going to break my own lifestyle here and be patient for ten minutes.” And sure enough, it cleared itself and everything started working. And that was the last time I had to think about any of this. And it just worked.Steren: So first, Cloud Run is HTTPS only. Why? Because it's 2020, right? It's 2022, but—Corey: [laugh].Steren: —it's launched in 2020. And so basically, we have made a decision that let's just not accept HTTP traffic; it's only HTTPS. As a consequence, we need to provision a cert for your custom domain. That is something that can take some time. And as you said, we keep it in beta or in preview because we are not yet satisfied with the experience or even the performance of Cloud Run custom domains, so we are actively working on fixing that with a different approach. So, expect some changes, hopefully, this year.Corey: I will say it does take a few seconds when people go to a snark.cloud URL for it to finish resolving, and it feels on some level like it's almost like a cold start problem. But subsequent visits, the same thing also feel a little on the slow and pokey side. And I don't know if that's just me being wildly impatient, if there's an optimization opportunity, or if that's just inherent to the platform that is not under current significant load.Steren: So, it depends. If the Cloud Run service has scaled down to zero, well of course, your service will need to be started. But what we do know, if it's a small Go binary, like something that you mentioned, it should really take less than, let's say, 500 milliseconds to go from zero to one of your container instance. Latency can also be due to the way the code is running. If it occurred is fetching things from Google Sheets at every startup, that is something that could add to the startup latency.So, I would need to take a look, but in general, we are not spinning up a virtual machine anytime we need to scale horizontally. Like, our infrastructure is a multi-tenant, rapidly scalable infrastructure that can materialize a container in literally 300 milliseconds. The rest of the latency comes from what does the container do at startup time?Corey: Yeah, I just ran a quick test of putting time in front of a curl command. It looks like it took 4.83 seconds. So, enough to be perceptive. But again, for just a quick redirect, it's generally not the end of the world and there's probably something I'm doing that is interesting and odd. Again, I did not invite you on the show to file a—Steren: [laugh].Corey: Bug report. Let's be very clear here.Steren: Seems on the very high end of startup latencies. I mean, I would definitely expect under the second. We should deep-dive into the code to take a look. And by the way, building stuff on top of spreadsheets. I've done that a ton in my previous lives as a CTO of a startup because well, that's the best administration interface, right? You just have a CRUD UI—Corey: [unintelligible 00:12:29] world and all business users understand it. If people in Microsoft decided they were going to change Microsoft Excel interface, even a bit, they would revert the change before noon of the same day after an army of business users grabbed pitchforks and torches and marched on their headquarters. It's one of those things that is how the world runs; it is the world's most common IDE. And it's great, but I still think of databases through the lens of thinking about it as a spreadsheet as my default approach to things. I also think of databases as DNS, but that's neither here nor there.Steren: You know, if you have maybe 100 redirects, that's totally fine. And by the way, the beauty of Cloud Run in a spreadsheet, as you mentioned is that Cloud Run services run with a certain identity. And this identity, you can grant it permissions. And in that case, what I would recommend if you haven't done so yet, is to give an identity to your Cloud Run service that has the permission to read that particular spreadsheet. And how you do that you invite the email of the service account as a reader of your spreadsheet, and that's probably what you did.Corey: The click button to the workflow on Google Cloud automatically did that—Steren: Oh, wow.Corey: —and taught me how to do it. “Here's the thing that look at. The end.” It was a flawless user-onboarding experience.Steren: Very nicely done. But indeed, you know, there is this built-in security which is the principle of minimal permission, like each of your Cloud Run service should basically only be able to read and write to the backing resources that they should. And by default, we give you a service account which has a lot of permissions, but our recommendation is to narrow those permissions to basically only look at the cloud storage buckets that the service is supposed to look at. And the same for a spreadsheet.Corey: Yes, on some level, I feel like I'm going to write an analysis of my own security approach. It would be titled, “My God, It's Full Of Stars” as I look at the IAM policies of everything that I've configured. The idea of least privilege is great. What I like about this approach is that it made it easy to do it so I don't have to worry about it. At one point, I want to go back and wind up instrumenting it a bit further, just so I can wind up getting aggregate numbers of all right, how many times if someone visited this particular link? It'll be good to know.And I don't know… if I have to change permissions to do that yet, but that's okay. It's the best kind of problem: future Corey. So, we'll deal with that when the time comes. But across the board, this has just been a phenomenal experience and it's clear that when you were building Google Cloud Run, you understood the assignment. Because I was looking for people saying negative things about it and by and large, all of its seem to come from a perspective of, “Well, this isn't going to be the most cost-effective or best way to run something that is hyperscale, globe-spanning.”It's yes, that's the thing that Kubernetes was originally built to run and for some godforsaken reason people run their blog on it instead now. Okay. For something that is small, scales to zero, and has long periods where no one is visiting it, great, this is a terrific answer and there's absolutely nothing wrong with that. It's clear that you understood who you were aiming at, and the migration strategy to something that is a bit more, I want to say robust, but let's be clear what I mean when I'm saying that if you want something that's a little bit more impressive on your SRE resume as you're trying a multi-year project to get hired by Google or pretend you got hired by Google, yeah, you can migrate to something else in a relatively straightforward way. But that this is up, running, and works without having to think about it, and that is no small thing.Steren: So, there are two things to say here. The first is yes, indeed, we know we have high developer satisfaction. You know, we measure this—in Google Cloud, you might have seen those small satisfaction surveys popping up sometimes on the user interface, and you know, we are above 90% satisfaction score. We hire third parties to help us understand how usable and what satisfaction score would users get out of Cloud Run, and we are constantly getting very, very good results, in absolute but also compared to the competition.Now, the other thing that you said is that, you know, Cloud Run is for small things, and here while it is definitely something that allows you to be productive, something that strives for simplicity, but it also scales a lot. And contrary to other systems, you do not have any pre-provisioning to make. So, we have done demos where we go from zero to 10,000 container instances in ten seconds because of the infrastructure on which Cloud Run runs, which is fully managed and multi-tenant, we can offer you this scale on demand. And many of our biggest customers have actually not switched to something like Kubernetes after starting with Cloud Run because they value the low maintenance, the no infrastructure management that Cloud Run brings them.So, we have like Ikea, ecobee… for example ecobee, you know, the smart thermostats are using Cloud Run to ingest events from the thermostat. I think Ikea is using Cloud Run more and more for more of their websites. You know, those companies scale, right? This is not, like, scale to zero hobby project. This is actually production e-commerce and connected smart objects production systems that have made the choice of being on a fully-managed platform in order to reduce their operational overhead.[midroll 00:17:54]Corey: Let me be clear. When I say scale—I think we might be talking past each other on a small point here. When I say scale, I'm talking less about oh tens or hundreds of thousands of containers running concurrently. I'm talking in a more complicated way of, okay, now we have a whole bunch of different microservices talking to one another and affinity as far as location to each other for data transfer reasons. And as you start beginning to service discovery style areas of things, where we build a really complicated applications because we hired engineers and failed to properly supervise them, and that type of convoluted complex architecture.That's where it feels like Cloud Run increasingly, as you move in that direction, starts to look a little bit less like the tool of choice. Which is fine, I want to be clear on that point. The sense that I've gotten of it is a great way to get started, it's a great way to continue running a thing you don't have to think about because you have a day job that isn't infrastructure management. And it is clear to—as your needs change—to either remain with the service or pivot to a very close service without a whole lot of retooling, which is key. There's not much of a lock-in story to this, which I love.Steren: That was one of the key principles when we started to design Cloud Run was, you know, we realized the industry had agreed that the container image was the standard for the deployment artifact of software. And so, we just made the early choice of focusing on deploying containers. Of course, we are helping users build those containers, you know, we have things called build packs, we can continuously deploy from GitHub, but at the end of the day, the thing that gets auto-scaled on Cloud Run is a container. And that enables portability.As you said. You can literally run the same container, nothing proprietary in it, I want to be clear. Like, you're just listening on a port for some incoming requests. Those requests can be HTTP requests, events, you know, we have products that can push events to Cloud Run like Eventarc or Pub/Sub. And this same container, you can run it on your local machine, you can run it on Kubernetes, you can run it on another cloud. You're not locked in, in terms of API of the compute.We even went even above and beyond by having the Cloud Run API looks like a Kubernetes API. I think that was an extra effort that we made. I'm not sure people care that much, but if you look at the Cloud Run API, it is actually exactly looking like Kubernetes, Even if there is no Kubernetes at all under the hood; we just made it for portability. Because we wanted to address this concern of serverless which was lock-in. Like, when you use a Function as a Service product, you are worried that the architecture that you are going to develop around this product is going to be only working in this particular cloud provider, and you're not in control of the language, the version that this provider has decided to offer you, you're not in control of more of the complexity that can come as you want to scan this code, as you want to move this code between staging and production or test this code.So, containers are really helping with that. So, I think we made the right choice of this new artifact that to build Cloud Run around the container artifact. And you know, at the time when we launched, it was a little bit controversial because back in the day, you know, 2018, 2019, serverless really meant Functions as a Service. So, when we launched, we little bit redefined serverless. And we basically said serverless containers. Which at the time were two worlds that in the same sentence were incompatible. Like, many people, including internally, had concerns around—Corey: Oh, the serverless versus container war was a big thing for a while. Everyone was on a different side of that divide. It's… containers are effectively increasingly—and I know, I'll get email for this, and I don't even slightly care, they're a packaging format—Steren: Exactly.Corey: —where it solves the problem of how do I build this thing to deploy on Debian instances? And Ubuntu instances, and other instances, God forbid, Windows somewhere, you throw a container over the wall. The end. Its DevOps is about breaking down the walls between Dev and Ops. That's why containers are here to make them silos that don't have to talk to each other.Steren: A container image is a glorified zip file. Literally. You have a set of layers with files in them, and basically, we decided to adopt that artifact standard, but not the perceived complexity that existed at the time around containers. And so, we basically merged containers with serverless to make something as easy to use as a Function as a Service product but with the power of bringing your own container. And today, we are seeing—you mentioned, what kind of architecture would you use Cloud Run for?So, I would say now there are three big buckets. The obvious one is anything that is a website or an API, serving public internet traffic, like your URL redirect service, right? This is, you have an API, takes a request and returns a response. It can be a REST API, GraphQL API. We recently added support for WebSockets, which is pretty unique for a service offering to support natively WebSockets.So, what I mean natively is, my client can open a socket connection—a bi-directional socket connection—with a given instance, for up to one hour. This is pretty unique for something that is as fully managed as Cloud Run.Corey: Right. As we're recording this, we are just coming off of Google I/O, and there were a number of announcements around Cloud Run that were touching it because of, you know, strange marketing issues. I only found out that Google I/O was a thing and featured cloud stuff via Twitter at the time it was happening. What did you folks release around Cloud Run?Steren: Good question, actually. Part of the Google I/O Developer keynote, I pitched a story around how Cloud Run helps developers, and the I/O team liked the story, so we decided to include that story as part of the live developer keynote. So, on stage, we announced Cloud Run jobs. So now, I talked to you about Cloud Run services, which can be used to expose an API, but also to do, like, private microservice-to-microservice communication—because cloud services don't have to be public—and in that case, we support GRPC and, you know, a very strong security mechanism where only Service A can invoke Service B, for example, but Cloud Run jobs are about non-request-driven containers. So, today—I mean, before Google I/O a few days ago, the only requirement that we imposed on your container image was that it started to listen for requests, or events, or GRPC—Corey: Web requests—Steren: Exactly—Corey: It speaks [unintelligible 00:24:35] you want as long as it's HTTP. Yes.Steren: That was the only requirement we asked you to have on your container image. And now we've changed that. Now, if you have a container that basically starts and executes to completion, you can deploy it on a Cloud Run job. So, you will use Cloud Run jobs for, like, daily batch jobs. And you have the same infrastructure, so on-demand, you can go from zero to, I think for now, the maximum is a hundred tasks in parallel, for—of course, you can run many tasks in sequence, but in parallel, you can go from zero to a hundred, right away to run your daily batch job, daily admin job, data processing.But this is more in the batch mode than in streaming mode. If you would like to use a more, like, streaming data processing, than a Cloud Run service would still be the best fit because you can literally push events to it, and it will auto-scale to handle any number of events that it receives.Corey: Do you find that the majority of customers are using Cloud Run for one-off jobs that barely will get more than a single container, like my thing, or do you find that they're doing massively parallel jobs? Where's the lion's share of developer and customer interest?Steren: It's both actually. We have both individual developers, small startups—which really value the scale to zero and pay per use model of Cloud Run. Your URL redirect service probably is staying below the free tier, and there are many, many, many users in your case. But at the same time, we have big, big, big customers who value the on-demand scalability of Cloud Run. And for these customers, of course, they will probably very likely not scale to zero, but they value the fact that—you know, we have a media company who uses Cloud Run for TV streaming, and when there is a soccer game somewhere in the world, they have a big spike of usage of requests coming in to their Cloud Run service, and here they can trust the rapid scaling of Cloud Run so they don't have to pre-provision things in advance to be able to serve that sudden traffic spike.But for those customers, Cloud Run is priced in a way so that if you know that you're going to consume a lot of Cloud Run CPU and memory, you can purchase Committed Use Discounts, which will lower your bill overall because you know you are going to spend one dollar per hour on Cloud Run, well purchase a Committed Use Discount because you will only spend 83 cents instead of one dollar. And also, Cloud Run and comes with two pricing model, one which is the default, which is the request-based pricing model, which is basically you only have CPU allocated to your container instances if you are processing at least one request. But as a consequence of that, you are not paying outside of the processing of those requests. Those containers might stay up for you, one, ready to receive new requests, but you're not paying for them. And so, that is—you know, your URL redirect service is probably in that mode where yes when you haven't used it for a while, it will scale down to zero, but if you send one request to it, it will serve that request and then it will stay up for a while until it decides to scale down. But you the user only pays when you are processing these specific requests, a little bit like a Function as a Service product.Corey: Scales to zero is one of the fundamental tenets of serverless that I think that companies calling something serverless, but it always charges you per hour anyway. Yeah, that doesn't work. Storage, let's be clear, is a separate matter entirely. I'm talking about compute. Even if your workflow doesn't scale down to zero ever as a workload, that's fine, but if the workload does, you don't get to keep charging me for it.Steren: Exactly. And so, in that other mode where you decide to always have CPU allocated to your Cloud Run container instances, then you pay for the entire lifecycle of this container instances. You still benefit from the auto-scaling of Cloud Run, but you will pay for the lifecycle and in that case, the price points are lower because you pay for a longer period of time. But that's more the price model that those bigger customers will take because at their scale, they basically always receive requests, so they already to pay always, basically.Corey: I really want to thank you for taking the time to chat with me. Before you go, one last question that we'll be using as a teaser for the next episode that we record together. It seems like this is a full-time job being the product manager on Cloud Run, but no Google, contrary to popular opinion, does in fact, still support 20% projects. What's yours?Steren: So, I've been looking to work on Cloud Run since it was a prototype, and you know, for a long time, we've been iterating privately on Cloud Run, launching it, seeing it grow, seeing it adopted, it's great. It's my full-time job. But on Fridays, I still find the time to have a 20% project, which also had quite a bit of impact. And I work on some sustainability efforts for Google Cloud. And notably, we've released two things last year.The first one is that we are sharing some carbon characteristics of Google Cloud regions. So, if you have seen those small leaves in the Cloud Console next to the regions that are emitting the less carbon, that's something that I helped bring to life. And the second one, which is something quite big, is we are helping customers report and reduce their gross carbon emissions of their Google Cloud usage by providing an out of the box reporting tool called Google Cloud Carbon Footprint. So, that's something that I was able to bootstrap with a team a little bit on the side of my Cloud Run project, but I was very glad to see it launched by our CEO at the last Cloud Next Conference. And now it is a fully-funded project, so we are very glad that we are able to help our customers better meet their sustainability goals themselves.Corey: And we will be talking about it significantly on the next episode. We're giving a teaser, not telling the whole story.Steren: [laugh].Corey: I really want to thank you for being as generous with your time as you are. If people want to learn more, where can they find you?Steren: Well, if they want to learn more about Cloud Run, we talked about how simple was that name. It was obviously not simple to find this simple name, but the domain is https://cloud.run.Corey: We will also accept snark.cloud/run, I will take credit for that service, too.Steren: [laugh]. Exactly.Corey: There we are.Steren: And then, people can find me on Twitter at @steren, S-T-E-R-E-N. I'll be happy—I'm always happy to help developers get started or answer questions about Cloud Run. And, yeah, thank you for having me. As I said, you successfully deployed something in just a few minutes to Cloud Run. I would encourage the audience to—Corey: In spite of myself. I know, I'm as surprised as anyone.Steren: [laugh].Corey: The only snag I really hit was the fact that I was riding shotgun when we picked up my daughter from school and went through a dead zone. It's like, why is this thing not loading in the Google Cloud Console? Yeah, fix the cell network in my area, please.Steren: I'm impressed that you did all of that from an iPad. But yeah, to the audience give Cloud Run the try. You can really get started connecting your GitHub repository or deploy your favorite container image. And we've worked very hard to ensure that usability was here, and we know we have pretty strong usability scores. Because that was a lot of work to simplicity, and product excellence and developer experience is a lot of work to get right, and we are very proud of what we've achieved with Cloud Run and proud to see that the developer community has been very supportive and likes this product.Corey: I'm a big fan of what you've built. And well, of course, it links to all of that in the show notes. I just want to thank you again for being so generous with your time. And thanks again for building something that I think in many ways showcases the best of what Google Cloud has to offer.Steren: Thanks for the invite.Corey: We'll talk again soon. Steren Giannini is a senior product manager at Google Cloud, on Cloud Run. I'm Cloud Economist Corey Quinn and this is Screaming in the Cloud. If you've enjoyed this podcast, please leave a five-star review on your podcast platform of choice, whereas if you've hated this podcast, please leave a five-star review on your podcast platform of choice. If it's on YouTube, put the thumbs up and the subscribe buttons as well, but in the event that you hated it also include an angry comment explaining why your 20% project is being a shithead on the internet.Corey: If your AWS bill keeps rising and your blood pressure is doing the same, then you need The Duckbill Group. We help companies fix their AWS bill by making it smaller and less horrifying. The Duckbill Group works for you, not AWS. We tailor recommendations to your business and we get to the point. Visit duckbillgroup.com to get started.Announcer: This has been a HumblePod production. Stay humble.

    SEO Podcast | SEO.co Search Engine Optimization Podcast
    #748: Sitefinity Development Services

    SEO Podcast | SEO.co Search Engine Optimization Podcast

    Play Episode Listen Later Jun 23, 2022 4:30


    Sitefinity Design Services Laravel is one of the most popular PHP frameworks on Github. Companies like Coca-Cola and Mercedes Benz use Sitefinity to power their websites.  They make it easy to manage your website in a highly responsive manner for mobile development. Sitefinity isn't perfect, but it goes toe-to-toe with any other CMS platform on the market.  For businesses willing to pay a premium, it can supply everything they need. We have a team of skilled developers and Sitefinity consultants standing by ready to serve you. More info about sitefinity development services:   https://dev.co/sitefinity/   Connect with us:  SEO // PPC // DEV // WEBSITE DESIGN

    Security Nation
    Steve Micallef of SpiderFoot on Open-Source Intelligence

    Security Nation

    Play Episode Listen Later Jun 22, 2022 30:02


    Interview LinksFollow Steve on Twitter, and give the SpiderFoot official account a follow while you're at it.Check out the SpiderFoot website and GitHub page, and learn more about the SaaS version, SpiderFoot HX.Learn about the latest SpiderFoot 4.0 release with YAML correlation rules. Read Steve's blog, especially his posts on the 10 years developing SpiderFoot and the misuse of OSINT to claim election fraud.Rapid Rundown LinksRead the full paper, “A Closer Look at CVSS Scores.”Follow the author, Jacques Chester, on Twitter.Like the show? Want to keep Jen and Tod in the podcasting business? Feel free to rate and review with your favorite podcast purveyor, like Apple Podcasts.

    ClojureScript Podcast
    E73 Data Processing with Chris Nuernberger (part 2)

    ClojureScript Podcast

    Play Episode Listen Later Jun 22, 2022 25:48


    Second part of the discussion with Chris starting with dataset. Chris on GitHub - https://github.com/cnuernber TechAscent - https://techascent.com dtype next - https://github.com/cnuernber/dtype-next dataset - https://github.com/techascent/tech.ml.dataset Video Courses: https://clojure.stream https://learnpedestal.com https://learndatomic.com https://learnreitit.com https://learnreframe.com https://learnreagent.com https://www.jacekschae.com

    Ask Noah Show
    Episode 291: The Art of Troubleshooting

    Ask Noah Show

    Play Episode Listen Later Jun 22, 2022 64:51


    Troubleshooting is much more than solving problems. True troubleshooting is digging into the issue until you identify the root cause of the issue. This week we dig deep into the art of troubleshooting and give you some practical tips and ticks you can use to troubleshoot your way out of any issue! -- During The Show -- 01:00 Digital Signage & CCTV - Matt Xibo (https://xibo.org.uk/) Frigate (https://frigate.video/) 04:00 Rust Desk - Charlie Rust Desk (https://github.com/rustdesk/rustdesk/releases) Video on censortube (https://invidious.snopyta.org/watch?v=9nzHm3xGz2I) Video Shownotes for docker install (https://shownotes.opensourceisawesome.com/rustdesk/) Rport (https://rport.io) Important to offer a paid "hosted" option 11:00 Camera/NVR Combo - Mike Chinese cameras bad Used Access Cameras Might be missing peices May need to be reset May not have updates GeoVision (https://www.geovision.com.tw/) Stay away from GeoVision 360 Cameras Spork Syndrome Buy a Used Switch Synology + Survelance Station Orchard NVR (ipconfigure.com) MotionEyeOS (https://github.com/motioneye-project/motioneyeos/wiki) 21:20 Gadget of the Week Notkia Hackaday (https://hackaday.com/2022/06/18/notkia-building-an-open-and-linux-powered-numpad-phone/) 24:00 News Wire JRC Disaster Relief Algorithm JRC (https://joint-research-centre.ec.europa.eu/jrc-news/new-open-source-software-decrypts-social-media-messages-help-manage-risks-and-disasters-2022-06-20_en) Github (https://github.com/ec-jrc/SMDRM) Open Source USB Camera DIY Photography (https://www.diyphotography.net/this-diy-usb-camera-features-interchangeable-lenses-and-sensors-and-is-completely-open-source/) Circuit Valley (https://www.circuitvalley.com/2022/06/pensource-usb-c-industrial-camera-c-mount-fpga-imx-mipi-usb-3-crosslinknx.html) MS Store Policy Changes GHacks (https://www.ghacks.net/2022/06/17/microsoft-store-no-astronomical-pricing-and-paid-open-source-or-free-copycat-applications-anymore/) Mattermost 7 Venture Beat (https://venturebeat.com/2022/06/15/open-source-mattermost-expands-workflow-platform-with-7-0-release/) Grafana OnCall Open Source Tech Crunch (https://techcrunch.com/2022/06/14/grafana-open-sources-its-on-call-management-tool/) KDE Plasma 5.25 KDE (https://kde.org/announcements/plasma/5/5.25.0/) Manjaro 21.3 Make Use Of (https://www.makeuseof.com/manjaro-21-3-released/) Linux 5.17 EOL 9 to 5 Linux (https://9to5linux.com/linux-kernel-5-17-reaches-end-of-life-users-urged-to-upgrade-to-linux-5-18) Fish Shell 3.5 Fish Shell (https://fishshell.com/docs/current/relnotes.html#fish-3-5-0-released-june-16-2022) Ubuntu Core 22 Venture Beat (https://venturebeat.com/2022/06/15/ubuntu-core-22-brings-real-time-linux-options-to-iot/) Proton 7.0-3 Make Use Of (https://www.makeuseof.com/proton-7-0-3-boots-linux-steam-deck-game-compatibility/) Total War WARHAMMER III Ported to Linux 9 to 5 Linux (https://9to5linux.com/total-war-warhammer-iii-is-out-now-on-linux-ported-by-feral-interactive) Travis CI Bug Tech Monitor (https://techmonitor.ai/technology/cybersecurity/travis-ci-vulnerability-open-source) Linux Rootkit Syslogk Tech Radar (https://www.techradar.com/news/this-new-linux-rootkit-malware-is-already-targeting-victims) SSH Worm Panchan Akamai (https://www.akamai.com/blog/security/new-p2p-botnet-panchan) New Linux Malware Symbiote Threat Post (https://threatpost.com/linux-malware-impossible-detect/179944/) 28:15 Technical Problem Solving Start with the end in mind Define Success (Avoids Scope Creep) Appropriate Response to scope creep Eliminate low hanging fruit first Make sure things are up to date Back tracing (try earlier versions) Nuke and Pave Keunwoo's Blog Post (https://keunwoo.com/notes/rebooting/) Start with what you know Eliminate Variables Simplify or Isolate Be Firm "We have to do this" Minimize hardware and software configuration Can the problem be reproduced on single and/or multiple systems Root Cause Analasys What is the cause Is it correctly fixed Three main Root Causes Physical Human Error Organizational Problem Solving Steps 1 Define the Problem 2 Gather Data 3 Identify Causal Factors 4 Determine Root Cause for each factor 5 Implement Solutions Documentation Start with existing documentation Document and share trouble shooting steps Document the solution (no magic configs) Share the solution Effective Bug Reporting A HUMAN IS ON THE OTHER SIDE OF YOUR BUG REPORT!!! Title/Bug ID/Reference Point Environment details Steps to reproduce a bug Expected result Actual result Visual Proof (Screenshot/Video/Logs) Severity/Priority Resolution / Presentation Review the end goal Work around or fix Escalated/Filled Bug Report -- The Extra Credit Section -- For links to the articles and material referenced in this week's episode check out this week's page from our podcast dashboard! This Episode's Podcast Dashboard (http://podcast.asknoahshow.com/291) Phone Systems for Ask Noah provided by Voxtelesys (http://www.voxtelesys.com/asknoah) Join us in our dedicated chatroom #GeekLab:linuxdelta.com on Matrix (https://element.linuxdelta.com/#/room/#geeklab:linuxdelta.com) -- Stay In Touch -- Find all the resources for this show on the Ask Noah Dashboard Ask Noah Dashboard (http://www.asknoahshow.com) Need more help than a radio show can offer? Altispeed provides commercial IT services and they're excited to offer you a great deal for listening to the Ask Noah Show. Call today and ask about the discount for listeners of the Ask Noah Show! Altispeed Technologies (http://www.altispeed.com/) Contact Noah live [at] asknoahshow.com -- Twitter -- Noah - Kernellinux (https://twitter.com/kernellinux) Ask Noah Show (https://twitter.com/asknoahshow) Altispeed Technologies (https://twitter.com/altispeed)

    OnTrack with Judy Warner
    The Electronics Behind a Haunting Attraction

    OnTrack with Judy Warner

    Play Episode Listen Later Jun 21, 2022 53:14


    In this episode, a returning guest Gabriel Goldstein shares the electronics behind the thrills in escape rooms. He also generously gives some valuable advice on finding your niche and starting your own electronics business. Gabriel was the former owner of Anidea Engineering and Escape Room Tech. Listen to this episode and be inspired by how he married two industries together and become the master of this very unique niche. Watch the episode here Gabriel's background, he is the former owner of Anidea Engineering and Escape Room Tech The business of producing low-volume products - his first big project is an ARM9 with 16 mb of RAM, a PDA style learning device The fascinating technology in the escape room includes off-the-shelf surveillance cameras, keyboards, and maglocks. Gabriel describes the technology behind the “magic doors”They use RFID and developed their RS45-based networking system A successful escape room requires an extreme collaboration of multiple skill sets that include electronics guys, theater guys, and game theory team just to name the least The escape room industry is a marriage of electronics and haunt industry Creating a small, showpiece project could be a gateway to a PCB design career Software engineers have GitHub, while PCB designers have Arduino and Raspberry Pi Gabriel wrote blogs to educate his customers about the business of producing products that sellHe became Mr. Networker hanging out at the Angel Forum groups and the venture capital groups For about 6 years he was out there in the community to help out, give back and help build a business He recommends a book from Martin Gerber – Awakening the Entrepreneur Within “If you're going to take off the engineering hat and try to turn this into a business, please learn how to run a business because it's a completely different skill set” Ending the conversation with a little anecdote from Gabriel, an inspiration to be in the business mindset and going for the American Dream Resources: Connect with Gabriel Goldstein on LinkedIn Visit Escape Room Techs website Read Martin Gerber's Awakening the Entrepreneur Within Watch the previous episode with Gabriel Goldstein - How to Build a New Data Management System Read Gabriel Goldstein's Blog Articles on LinkedIn Connect with Zach on LinkedIn   Full OnTrack Podcast Library Altium Website   Altium 365: Where the World Designs Electronics

    No Sharding - The Solana Podcast
    Chewing Glass - Cronos

    No Sharding - The Solana Podcast

    Play Episode Listen Later Jun 21, 2022 32:32


    Chewing glass is what Solana developers do. Introducing the fifth episode in a new series on the Solana Podcast, Chewing Glass. Chase Barker (Developer Relations Lead at Solana Labs) talks shop with the most interesting builders in the Solana ecosystem. It's for devs, by devs.Today's guest is Cronos, an on-chain task scheduler that allows users to schedule instructions and winner of the recent Riptide Hackathon. 00:38 - Introductions01:25 - How they started                 02:48 - How they met                     04:26  - Who else is in Austin            05:09  -  Cronos backstory                 07:34 - How they started building tasks    09:11 - TLDR: what is Cronos?              13:33  - Winning the Riptide Hackathon               15:40  - How cronos came to life           18:12 - Building on solana and familiarity with other languages20:16  - Learning curve with rust         22:50 -  Nick's  learning curve              25:04 -  Advice on learning curve         27:08 - What's missing in Solana         29:20  - Advice to new developers on Solana DISCLAIMERThe information on this podcast is provided for educational, informational, and entertainment purposes only, without any express or implied warranty of any kind, including warranties of accuracy, completeness, or fitness for any particular purpose.The information contained in or provided from or through this podcast is not intended to be and does not constitute financial advice, investment advice, trading advice, or any other advice.The information on this podcast is general in nature and is not specific to you, the user or anyone else. You should not make any decision, financial, investment, trading or otherwise, based on any of the information presented on this podcast without undertaking independent due diligence and consultation with a professional broker or financial advisor.  Chase (00:38):Hey everybody. And welcome to Chewing Glass, the show where we talk to developers building in the Solana ecosystem. Today, we have Nick and Elias from Cronos, the recent winners of the Riptide Hackathon. Welcome guys. How's it going?Elias (00:50):It's going well.Nick (00:51):Yeah, great to be here.Chase (00:52):So let's start with you, Nick. What's your history? How'd you get into this whole thing?Nick (00:56):My background is basically, I worked on the payments team at Uber for about four years or so, helping build out the payroll system there. And so