Podcasts about JavaScript

Share on
Share on Facebook
Share on Twitter
Share on Reddit
Share on LinkedIn
Copy link to clipboard

High-level programming language

  • 1,916PODCASTS
  • 11,675EPISODES
  • 44mAVG DURATION
  • 2DAILY NEW EPISODES
  • Jul 5, 2022LATEST

POPULARITY

20122013201420152016201720182019202020212022



    Best podcasts about JavaScript

    Show all podcasts related to javascript

    Latest podcast episodes about JavaScript

    #StoriesByScrimba Podcast
    Nadia Zhuk: Anybody Can Code, and Your Background Doesn't Define You

    #StoriesByScrimba Podcast

    Play Episode Listen Later Jul 5, 2022 35:38


    InfoSec Overnights - Daily Security News
    WeWork Exposure, Django Injection, Google Zero-Day Patch, and more.

    InfoSec Overnights - Daily Security News

    Play Episode Listen Later Jul 5, 2022 2:42


    A daily look at the relevant information security news from overnight - 05 July, 2022Episode 258 - 05 July 2022WeWork Exposure- https://techcrunch.com/2022/07/04/wework-exposed-visitors-data/ Django Injection - https://www.bleepingcomputer.com/news/security/django-fixes-sql-injection-vulnerability-in-new-releases/AstraLocker Expires - https://www.bleepingcomputer.com/news/security/astralocker-ransomware-shuts-down-and-releases-decryptors/Google to Delete Sensitive Tracking- https://www.infosecurity-magazine.com/news/british-army-social-media-accounts/Google Zero-Day Patch - https://threatpost.com/actively-exploited-chrome-bug/180118/Hi, I'm Paul Torgersen. It's Tuesday July 5th 2022, and this is a look at the information security news from overnight. From TechCrunch.comWeWork India had a security lapse that exposed the personal information and selfies of tens of thousands of people who used the WeWork coworking spaces in the country. The bug made it possible to access the check-in record of any visitor by manually typing in a check-in ID, with no safeguards against accessing the data in bulk. The company is fixing the issue. From BleepingComputer.com:Django, an open source Python-based web framework, has patched a high-severity SQL injection vulnerability. The flaw affects Django's main branch, and versions 4.1 (currently in beta), 4.0, and 3.2. Developers are urged to upgrade to Django versions 4.0.6 and 3.2.14 as soon as possible. Also from BleepingComputer.com:The threat actor behind the AstraLocker ransomware says they're shutting down the operation and plan to switch to cryptojacking. The ransomware's developer even submitted a ZIP archive with the AstraLocker decryptors to VirusTotal. The decryptors appear to be legit and worked on the one sample the team at BleepingComputer tried out. Details and a link to that zip file in the article. From ZDNet.comGoogle says it will automatically wipe user location history for visits to healthcare clinics, including abortion and fertility clinics, domestic abuse shelters, and other sensitive areas. The fear is that, in a post-Roe world, this location tracking data could be used in persecutions, excuse me, prosecutions. These changes will be rolling out in the coming weeks. And last today, from ThreatPost.comGoogle quietly rolled out a stable channel update for Chrome to patch an actively exploited zero-day vulnerability. This is the fourth such flaw the vendor has had to patch so far this year. The bug is a buffer overflow that was just reported on July 1. The company also tidied up a few other bugs while it was at it. That's all for me today. Have a great rest of your day. Like and subscribe, and until tomorrow, be safe out there.

    • El siglo 21 es hoy •
    La historia de Uber

    • El siglo 21 es hoy •

    Play Episode Listen Later Jul 4, 2022 38:14


    La historia de Uber y su código de deep learning y modelado probabilístico.Oye también Command Line Heroes en español: https://bit.ly/CommandLineHeroesES "La historia de Uber" es un reportaje en Amazon Prime Video: [https://www.primevideo.com/detail/La-historia-de-Uber/0TREVOL4IIK960YTEPZW3FCK8N]El reportaje- The Uber Story, reportaje de Sean Nicholls original para el programa 4 Corners de ABC News en Australia. Grabado en Australia y visitando el centro de tecnología y de innovación de Uber en Dan Francisco. Descripción en Prime Vídeo: “Uber es una de las marcas más grandes del mundo y ha revolucionado la forma en que nos transportamos. En los últimos nueve años, el digital vanguardista ha volcado todo modelo de negocio dentro de la industria. Pero el viaje hacia el éxito no ha sido fácil. ¿Cómo ha hecho esta empresa despiadada para esquivar a los reguladores y aplastar a sus competidores?” Probable respuesta: Perdiendo dinero en la operación con tal de quedarse con el mercado. Habrían gastado sin retorno (o perdido) más de 6 mil millones de dólares para romper el mercado. ¿Cómo y cuando tendrán el retorno de su inversión? La Inteligencia Artificial- El modelo de Uber: una aplicación electrónica de intermediación de transporte bajo demanda. La empresa ofrece información y un medio de enlazar servicios de transporte privado mediante el uso de las nuevas tecnologías. - Un conductor calificado, con auto - Un pasajero calificado, con dinero- La ventaja competitiva de Uber: Saber el precio que el cliente está dispuesto a pagar, y los métodos de pago.- El mercado de Uber: Domina México con 80% del **mercado** de transporte privado.- Qué sabe Uber de ti: - Quién eres - Dónde estás - Hacia dónde vas - Cuándo vas - Cómo pagas - Cuánto estás dispuesto a pagar - Cuántas veces te movilizas - Dónde vives - Dónde trabajas - Dónde vive tu familia o el personal de tu empresa La historia - UberCab, la primera versión de la app, fue desarrollada por Garrett Camp, Oscar Salazar y Conrad Whelan, sobre la idea de los fundadores: Travis Kalanick y Garrett Camp. Era 2009 y Uber se enfocaba en el transporte en autos de lujo en San Francisco. Para 2011 tenían grandes fondos inversores, entre los cuales habría estado Jeff Bezos y Google Ventures, y alianzas con America Móvil de Carlos Slim, tal como lo conté en [https://spreaker.page.link/cXC3KAW8bHddb2uC8] El 3 de diciembre de 2014… permitiendo su expansión internacional, con servicios ya de bajo costo bajo la modalidad Uber X, llegando a mercados tan grandes como India. En 2016 Uber fue sobrepasado en el mercado mundial por la aplicación china Didi, que logró estar en más ciudades. Uber ha sido expulsada de Austin, Texas; Y de Hungría. Protestas de taxistas en Londres, Paris, Berlín, Madrid, México y Bogotá. - EL CÓDIGO:- Según Gembeta: Uber utiliza Node. js (es un entorno en tiempo de ejecución multiplataforma, de código abierto, para la capa del servidor basado en el lenguaje de programación JavaScript, asíncrono), Python, Go, Java y Scala, lo que además les permite contratar ingenieros de forma más rápida al no verse limitados por el el lenguaje. Pero el usar tantos lenguajes diferentes se convierte en una limitación cuando se tiene que solucionar el mismo problema tantas veces como lenguajes existen.- Pyro, un nuevo lenguaje de programación lanzado por Uber que fusiona el aprendizaje profundo con la programación de probabilidad.- Uber Engeineering: [https://eng.uber.com/pyro/](https://eng.uber.com/pyro/) - *Alcanzar el objetivo de Uber de brindar un transporte confiable para todos requiere predicción y optimización sin esfuerzo en todo momento. Las oportunidades van desde hacer coincidir a los pasajeros con los conductores hasta sugerir rutas óptimas, encontrar combinaciones de grupos sensatas e incluso crear la próxima generación de vehículos inteligentes. Para resolver estos desafíos, estamos combinando técnicas de inteligencia artificial (IA) de última generación con la rica experiencia de científicos de datos, ingenieros y otros usuarios. Estamos explorando un enfoque basado en herramientas que nos permitirá a nosotros y a otros crear la próxima generación de soluciones de IA.* - *Como parte de esta iniciativa, Uber AI Labs se complace en anunciar el lanzamiento de código abierto de nuestro lenguaje de programación probabilístico Pyro . Pyro es una herramienta para el modelado probabilístico profundo, que unifica lo mejor del aprendizaje profundo moderno y el modelado bayesiano (*La **probabilidad bayesiana** es una de las diferentes interpretaciones del concepto de probabilidad. La interpretación bayesiana de la probabilidad puede ser vista como una extensión de la lógica proposicional que permite razonar con hipótesis, es decir, las proposiciones cuya veracidad o falsedad son inciertas). *El objetivo de Pyro es acelerar la investigación y las aplicaciones de estas técnicas y hacerlas más accesibles para la comunidad de IA en general.*

    El Siglo 21 es Hoy
    La historia de Uber

    El Siglo 21 es Hoy

    Play Episode Listen Later Jul 4, 2022 38:14


    La historia de Uber y su código de deep learning y modelado probabilístico.Oye también Command Line Heroes en español: https://bit.ly/CLH-en-esp "La historia de Uber" es un reportaje en Amazon Prime Video: [https://www.primevideo.com/detail/La-historia-de-Uber/0TREVOL4IIK960YTEPZW3FCK8N]El reportaje- The Uber Story, reportaje de Sean Nicholls original para el programa 4 Corners de ABC News en Australia. Grabado en Australia y visitando el centro de tecnología y de innovación de Uber en Dan Francisco. Descripción en Prime Vídeo: “Uber es una de las marcas más grandes del mundo y ha revolucionado la forma en que nos transportamos. En los últimos nueve años, el digital vanguardista ha volcado todo modelo de negocio dentro de la industria. Pero el viaje hacia el éxito no ha sido fácil. ¿Cómo ha hecho esta empresa despiadada para esquivar a los reguladores y aplastar a sus competidores?” Probable respuesta: Perdiendo dinero en la operación con tal de quedarse con el mercado. Habrían gastado sin retorno (o perdido) más de 6 mil millones de dólares para romper el mercado. ¿Cómo y cuando tendrán el retorno de su inversión? La Inteligencia Artificial- El modelo de Uber: una aplicación electrónica de intermediación de transporte bajo demanda. La empresa ofrece información y un medio de enlazar servicios de transporte privado mediante el uso de las nuevas tecnologías. - Un conductor calificado, con auto - Un pasajero calificado, con dinero- La ventaja competitiva de Uber: Saber el precio que el cliente está dispuesto a pagar, y los métodos de pago.- El mercado de Uber: Domina México con 80% del **mercado** de transporte privado.- Qué sabe Uber de ti: - Quién eres - Dónde estás - Hacia dónde vas - Cuándo vas - Cómo pagas - Cuánto estás dispuesto a pagar - Cuántas veces te movilizas - Dónde vives - Dónde trabajas - Dónde vive tu familia o el personal de tu empresa La historia - UberCab, la primera versión de la app, fue desarrollada por Garrett Camp, Oscar Salazar y Conrad Whelan, sobre la idea de los fundadores: Travis Kalanick y Garrett Camp. Era 2009 y Uber se enfocaba en el transporte en autos de lujo en San Francisco. Para 2011 tenían grandes fondos inversores, entre los cuales habría estado Jeff Bezos y Google Ventures, y alianzas con America Móvil de Carlos Slim, tal como lo conté en [https://spreaker.page.link/cXC3KAW8bHddb2uC8] El 3 de diciembre de 2014… permitiendo su expansión internacional, con servicios ya de bajo costo bajo la modalidad Uber X, llegando a mercados tan grandes como India. En 2016 Uber fue sobrepasado en el mercado mundial por la aplicación china Didi, que logró estar en más ciudades. Uber ha sido expulsada de Austin, Texas; Y de Hungría. Protestas de taxistas en Londres, Paris, Berlín, Madrid, México y Bogotá. - EL CÓDIGO:- Según Gembeta: Uber utiliza Node. js (es un entorno en tiempo de ejecución multiplataforma, de código abierto, para la capa del servidor basado en el lenguaje de programación JavaScript, asíncrono), Python, Go, Java y Scala, lo que además les permite contratar ingenieros de forma más rápida al no verse limitados por el el lenguaje. Pero el usar tantos lenguajes diferentes se convierte en una limitación cuando se tiene que solucionar el mismo problema tantas veces como lenguajes existen.- Pyro, un nuevo lenguaje de programación lanzado por Uber que fusiona el aprendizaje profundo con la programación de probabilidad.- Uber Engeineering: [https://eng.uber.com/pyro/](https://eng.uber.com/pyro/) - *Alcanzar el objetivo de Uber de brindar un transporte confiable para todos requiere predicción y optimización sin esfuerzo en todo momento. Las oportunidades van desde hacer coincidir a los pasajeros con los conductores hasta sugerir rutas óptimas, encontrar combinaciones de grupos sensatas e incluso crear la próxima generación de vehículos inteligentes. Para resolver estos desafíos, estamos combinando técnicas de inteligencia artificial (IA) de última generación con la rica experiencia de científicos de datos, ingenieros y otros usuarios. Estamos explorando un enfoque basado en herramientas que nos permitirá a nosotros y a otros crear la próxima generación de soluciones de IA.* - *Como parte de esta iniciativa, Uber AI Labs se complace en anunciar el lanzamiento de código abierto de nuestro lenguaje de programación probabilístico Pyro . Pyro es una herramienta para el modelado probabilístico profundo, que unifica lo mejor del aprendizaje profundo moderno y el modelado bayesiano (*La **probabilidad bayesiana** es una de las diferentes interpretaciones del concepto de probabilidad. La interpretación bayesiana de la probabilidad puede ser vista como una extensión de la lógica proposicional que permite razonar con hipótesis, es decir, las proposiciones cuya veracidad o falsedad son inciertas). *El objetivo de Pyro es acelerar la investigación y las aplicaciones de estas técnicas y hacerlas más accesibles para la comunidad de IA en general.*

    The Python Podcast.__init__
    Tetra: A Full Stack Web Framework That Doesn't Make You Write Everything Twice

    The Python Podcast.__init__

    Play Episode Listen Later Jul 3, 2022 53:06


    Building a fully functional web application has been growing in complexity along with the growing popularity of javascript UI frameworks such as React, Vue, Angular, etc. Users have grown to expect interactive experiences with dynamic page updates, which leads to duplicated business logic and complex API contracts between the server-side application and the Javascript front-end. To reduce the friction involved in writing and maintaining a full application Sam Willis created Tetra, a framework built on top of Django that embeds the Javascript logic into the Python context where it is used. In this episode he explains his design goals for the project, how it has helped him build applications more rapidly, and how you can start using it to build your own projects today.

    Foundations of Amateur Radio
    Defining a standard on Contest Scoring

    Foundations of Amateur Radio

    Play Episode Listen Later Jul 2, 2022 6:22


    Foundations of Amateur Radio Not a weekend goes by without an amateur radio contest or six, each with its own objectives, audience, times, rules, exchanges and scores. When you get bitten by the contesting bug, you'll quickly graduate from using pen and paper to keyboard and screen. That process comes with the inevitable selection of software suitable to both run on your shack computer and log your particular contest since as you'll discover, not all software knows about all contests or runs on every computer. When you eventually do arrive at a working solution, you'll reap the rewards of using technology. Contesting software can help in many different ways. From logging your operating frequency and mode to tracking where other stations are active and it doesn't stop there. Type in a partial callsign and your software can suggest which ones it might be. Log a contact and you'll see if your contact is valid within the rules or not. Software can track your activity level and warn if you're exceeding any contest time limits. It can keep track of multipliers and the impact on your total score and at the end of a contest, contesting software can help with submitting your log. After you've done this for a while, you'll notice that contest rules and scoring change over time. That brings with it the possibility of your software using old and invalid rules for validation, scoring and other contesting requirements. In most cases, software is updated manually by the author to implement the latest rules. This means that authors are required to keep up to date with the rules for all of the contests that their software supports, let alone add new contests. There are a few applications that support the idea of a contest definition which suggests the ability for anyone to define contesting rules to use them within the application. Unfortunately their functionality is strictly limited and they are not sufficient to define every contest rule that is in use today. Sadly, flexible as they might seem, they're neither universal nor compatible with each other. One definition, written by one amateur, for one application, cannot be used anywhere else, never mind trying to determine what the latest version is. I strongly believe that we need a shared open standard that can serve contest organisers, contest software developers and contest participants. Before I elaborate, I will be explicit in pointing out that the intent is to standardise in a way that makes it possible to document all past, current and future contests and in doing so, provide a collaborative way to share contesting rules between organisers, software developers and contesters, not to mention awards committees and amateur associations. So, if such a contest rule standard were to exist, what would it look like? Until now, the approach has been to create a list of keywords and values that deal with particular types of rules, things like band start and stop, zone score, valid prefixes, power level, exchange, etc. The result is a growing but always incomplete list of keywords with no means to define any logic. At the moment, all the contesting applications manage any scoring logic internally, requiring that it's updated when any of the rules change. Not only that, the contest organiser has no insight into the mechanism and no means to validate the process. As a contest organiser, scoring hundreds if not thousands of logs is a whole different challenge. Many contests do this manually, rely on someone else's software, or if the contest is popular enough, write their own code to manage the process. All this effort creates a disconnect between the contester, the organiser and the contest software developers, each using their own definition of the rules of any particular contest. A different approach might be to implement specific rules in a universal programming language like say JavaScript, and use those to manage the scoring and validation logic specific to each contest. For example, you might define a function that returns the starting and ending time for a contest which gives you a mechanism to detect if the contest is happening right now. A contester could use it to determine when the contest starts and ends, but the same definition could be used by the organiser to determine if a submitted log entry is for a valid time. Another might be a function that uses a callsign to determine if it attracts points or not and if it does, how many. Contesting software might use it to change the colour of the screen to indicate an invalid entry, but an organiser might use it to exclude a contact from a log. You could have a function to determine if the exchange is valid, or what the next exchange number is, or if the frequency on which the radio is currently tuned to is allowed for a contest. You could combine some of these simple rules to determine, for example, if the frequency the radio is on is the same or different since the last contact and if that's permitted or not within the rules. As long as the framework in which this standard is defined is extensible, any contest could be defined in this way. If it's written well, contest organisers might be able to write their own rules using this standard and everyone can use the same rules for their own needs. You might recall that I've spoken about aspects of this problem before and at the time I suggested that an amateur radio standards body would be helpful. Failing that there's nothing stopping a few people collaborating in a discussion about how this might be implemented. As an IT professional outside my shack I have some ideas on what's needed and what could give the whole amateur community something useful, but unsurprisingly, I don't know everything. Working together as contesters we might come up with a better result. As a starting point, I've created a repository on GitHub called "amateur-contesting-standard" to start a conversation about this scheme and I would love to read your thoughts and see your ideas on how this might be achieved. If you'd like to get in touch, send an email to cq@vk6flab.com or find my callsign on Twitter and GitHub. I'm Onno VK6FLAB

    Craig Peterson's Tech Talk
    Saving 79% on Prescriptions - Microsoft Outlook Attack in Progress! - Does Your Business Use eMail? FBI Warning

    Craig Peterson's Tech Talk

    Play Episode Listen Later Jul 1, 2022 84:54


    Saving 79% on PrescriptionsMicrosoft Outlook Attack in Progress! Does Your Business Use eMail? FBI Warning About one-third of Americans are taking a prescription drug -- And this is kind of the scary part. The average person who is on a prescription has four prescriptions and we're paying dearly for it. But mark Cuban has an answer. [Following is an automated transcript] Well, you know, I do a lot of stuff in cybersecurity and I've got a few different courses coming up. [00:00:22] And of course, we do a little bit of weekly training for anybody who's on my email list, you know, on the free list. Absolutely free as well as you get my insider show notes. And if you got my show notes, you probably noticed this. Tidbit here on Tuesday when I sent it out. And that is mark Cuban. Now for those who don't know mark Cuban, he started way back in the internet. [00:00:48] Boom days he lucked out. He had a, a company called broadcast.com. and he was able to turn that into, I think it was well over a billion dollars. I don't remember the exact amount, but it, it was a very, very big chunk of money. And then he's gone on to become an investor. You might know him as the owner of a basketball team. [00:01:10] You might have seen him on a TV show called shark tank. He's been out there and he's a bright guy. He's been helping a lot of people and causing a lot of problems too. Right. But he has a new business that he has started with his billions of dollars only. He has at least 1 billion and it's called. Cost plus drugs. [00:01:35] Now this is where it comes into affect every American, because I mentioned, you know, how many Americans are on various prescriptions? Well, many of the prescriptions that we could be taking are actually generics. So for instance, if you go to the Walmart pharmacy or Walgreens or wherever it. Be you'll find that they have options for you. [00:02:00] If the doctor says, yeah, generic's okay. They'll say, Hey, listen, I'll give you the generic and you can save a whole lot of money. I don't know if you've looked at good RX at all. But good RX. I have saved a ton of money with that. And what they do is help you find free coupons. Compare the prices at, at Walmart Walgreen, CVS Rite aid, you know, at the major pharmacies. [00:02:24] And we'll tell you where you can go to get your best deal. Plus. They also have some really cool discounts. So it, it acts kind of like a discount card. So I'm on their site right now. Good rx.com. And I look, I'm looking up their number one drug, which is Lipitor, apparently it's used for coronary art or coronary disease and high cholesterol. [00:02:51] So they're saying, well, wait a minute. Now here. You can get a few different, uh, options. I'm looking now, for instance, CVS pharmacy nor normal retail, by the way is $126 at CVS. You can get it using a good rx.com card. 76% off for $30 instead of $126. Walmart, $15. Uh, Walmart neighborhood market, $15 now, Walmart, that's what they consider to be their retail price. [00:03:27] Although, as I mentioned, some of these other ones have much, much higher retail prices. So you can see that going. For instance, for Lipitor, you might be. Paying a premium for a brand name. Now there, there's a good reason for that. There's a reason why prescription drugs can be expensive and, and they're called patent drugs. [00:03:48] And the reason they're call patent drugs is they've put a lot of money in. They've put a lot of research time. They've, they've put up with a whole lot of regulation and going back and forth with various government agencies. And they finally were able to come forward with a drug that works. Put all of that together. [00:04:09] And you've got a very expensive research and development product, right. Or project, frankly. So I don't, I don't really hold it against them. If we're having some of these drugs being rather expensive. You might remember that, uh, epi epinephrine a few years ago, this guy got a hold of the company that made epinephrine and the, um, You know, the, the whole problem with I'm looking it up right now, like EpiPens, they used to be expensive and then they became crazy expensive. [00:04:44] So let me see here, EpiPens, EpiPens, and who needs it? There's a whole lot of information. It's not telling how much they are, but he raised the price. Like what was it? 2000% or something insane, again, a prescription drug and one that some people really need in order to save their lives. You know, I'm a beekeeper, right. [00:05:08] And I used to have a really bad reaction to be stings, wasp stings. Now we just. Reaction, right. We thought at the time I was allergic, but no, it was just a bad reaction, which I still have. Right. It gets stung multiple times a year, but, uh, it still swells up. When, when, uh, our friend mark Cuban started looking at this, he said that this is kind of crazy. [00:05:31] So what he's done now is mark Cuban has built, uh, I think it's all up and running just outside of Dallas. Let's see here. Yeah. Okay. Just outside of Dallas, a huge, huge building. It's a 22,000 square foot plant. Now most of the pharmaceuticals are actually easy to make and. To make. And that's what kind of gets confusing because you've got all of the R and D and the government regulations, everything else that's expensive, but actually making them is pretty cheap, but he's built this $11 million plant near downtown Dallas. [00:06:14] And he says right now, looking at what the expenses are that Medicare could have saved as much as are you ready for this? 3.6 billion per year. Now that's where we're talking about everybody. Because if you pay taxes, you are paying for some of this Medicare money, 3.6 billion per year in savings. By buying it from cost plus drugs. [00:06:46] So there's something else I want you to check out. So the first one was good. rx.com. The second one is cost plus drugs. They have over a hundred generic prescription medications right now. And what they're doing is they're taking the actual cost of production. And I'm sure that includes right. The loan on the building, et cetera, but the cost of production, plus a 15% margin because you need to keep the lights on. [00:07:13] You need to be able to expand. Profit is not a bad word. That's how people save for retirement by investing in companies, buying stocks, and that profit then becomes their money for retirement. I think that's an important thing. So. 15% margin and an $8 pharmacy dispensing and shipping fee. That is absolutely cheap. [00:07:41] So this is, uh, Husain Liani who did the research on this? And he published it in the annals of internal medicine. Looking at that just absolutely amazing. And that's something you can do too. One third of Americans, again, we are on prescription drugs and the average person is on four. Wow. So researchers compared the price charge by cost plus drugs for 89, generic medications to the cost for the same drugs paid. [00:08:17] Medicare in 2020, they found the government program could have saved 37% on 77 generic drugs by buying from Cuban's company cost plus drugs. Once in January drug to consumer bypasses, wholesalers bypasses, pharmacies bypasses, I PA passes insurance. All of those are driving up the cost of medicine. So direct to consumer. [00:08:43] Uh, how easy could that be? And I'm on their website right now, looking at a couple of things here. Let me see, let me go back there. Cost plus drugs, and I'm believing this go to cost plus drugs.com. Yes you can. I am there as we are talking. So he's got, oh, here's one tib. Uh, which is the generic for gleek I'm. [00:09:08] Now I'm not familiar with that myself retail price, $2,502. cost. Plus, are you ready? $14. Can you believe that that is crazy. Yeah. Wow. And it'll look, it'll look different obviously, cuz it's a generic. So you saved $2,488 for a 30 count supply. That is just amazing. So when I, I, I was talking about the savings here, where. [00:09:41] Okay. They could have saved 37% on 77 generic drugs. But when you start getting into these really expensive drugs, that's where the 3.6 billion really, really starts to add up in savings. This is something so what you can do once you're on cost plus drugs.com, you can contact your doctor for a prescription. [00:10:04] They've gotta get started button. They have the strength that you want in this case, a hundred milligrams or 400, the quantity you want. And then all that has to happen is your doctor has to approve it. You pay $14 instead of $2,500 and it gets shipped straight to you. Wow. Now, is that cheaper than Medicare part B right? [00:10:28] Or your regular insurance? Wow, sure. Is just absolutely amazing. So you can find all of this stuff. This is mark Cuban doing this, and I gotta say, I am impressed. He is going to help a whole lot of people. Yeah, I'm, I'm just looking at this. Wow. Here's another one retail price. $9,600. And at cost plus drugs, you can get it for 39. [00:10:57] So there you go. Two options, mark Cuban's new venture, which is online now at costplusdrugs.com and goodrx.com. Wow. It's just amazing, right? This world. What's it coming to? Great little great little drug company. So we're gonna talk if you are a user of outlook, this is important to you because a major attack is underway. [00:11:26] Major scam underway. If you are an outlook customer, you are in the crosshairs of a very successful credential stealing campaign. So I'm gonna tell you about that, what it means, what you can do and, uh, how you can stay safe. [00:11:43] This is a very big problem for people who are using Microsoft 365, that is really common, used to be called office 365 and you pay a, a flat monthly fee, 20, 25 bucks. [00:11:59] It kind of depends on what level you get. They have some real cheap ones as well, and it lets you use all of what Microsoft used to call Microsoft office applications. And one of those applications is outlook. And I've never particularly liked. they have gotten better in recent years. And I actually do use it right now, as well as MacMail I use both of them, but there is a hack going on against Microsoft 365 and outlook customers in the us. [00:12:34] Here's what's happening. They are sending you an email and the email really does look like it's ti voicemail that somebody left. This is called a voicemail fishing attack and it follows, what's kind of a classic fishing flow. If you will, the ways they've been doing fishing here over the years, and what fishing is, is basically. [00:13:02] Getting you to bite at something that you shouldn't bite on. You, you will respond to an email. You'll click on a link. You might call a phone number. You might click on a text message. That's another one that's going around right now. How do you tell a fake text message from a real text message? And I'm afraid to say nowadays you tell by just not clicking on the links that are in text messages. [00:13:30] It's, it's so disappointing. I was talking on the radio this week. It, it, it, because it just, it bothers me so much about this very thing. I've been on the internet for decades now. Right? I, I started back in 81. I think it was maybe 80. Two and we had email and it was the best thing ever. If you had somebody's email address, you could send them a note and you'd be pretty darn sure they'd get it. [00:13:58] In fact, they probably would get it within just a few minutes and respond to you. And there, there wasn't any spam. Back then the idea was, Hey, listen, the internet is for research government research, university research, and that's the way it should stay. And indeed, we were kind of keeping it that way for, for quite a while. [00:14:21] And then some people who were marketers got on the internet. And they would start to advertise, Hey, we have a special session for you at, uh, UC Berkeley this week only $500. And of course that went be beyond what the internet was for. In fact, at the time you could not use it legally. For any sort of financial purposes. [00:14:47] So what we would do back then is we would send the script to the Monty Python routine of spam. Remember that spam, spam, and egg spam, and hands spam, spam. Uh, yeah, we would send them the whole. And they, sometimes, if somebody sent out a little thing that was trying to sell something that they should not be selling online because it was illegal to use the internet for business in case you didn't know until about 1991. [00:15:20] And that's when I started. Putting businesses online and really started focusing in on cyber security because almost immediately the bad guys started getting on there. So this is, uh, this is really what happened. This was the script, right? Uh, well, what have you got waitress? Well, there's egg and bacon, egg, sausage, and bacon, egg, and spam, egg, bacon, and spam, egg, bacon, spam, sausage, and spam spam, bacon sausages, and spam spam eggs, spam spam, bacon spam. [00:15:51] Do you remember that? So. We would send this to people who kind of broke the rules written or unwritten on the internet. And sometimes somebody would get just a hundred of these things, maybe even more. And what would happen back then of course, is it would fill up your mailbox and it would slow down your check connection. [00:16:10] Cuz a lot of us were just connected to the internet via dial up modems. So it, it really kind of hurt you to get all kinds of spam. Emails coming in. That's where the term comes from. I remember it well, so I don't care what they say on some of these websites or they're trying to do little research on it and figure it out. [00:16:31] Well, now things have gotten a lot worse because it isn't just marketers that are trying to solve something. And I don't have a problem with marketers, I guess, in a way I am one myself. Right. I, I have a business and I provide cybersecurity services. For a high net worth individuals and for businesses. [00:16:50] And if you are a regular person, you have a question. Please ask, just send an email to me, me Craig peterson.com, no matter who you are. And I will try and answer the question for you. And I have a lot of stuff that I've written over the years. That'd be more than glad to forward to you. There are some training courses that I. [00:17:10] Put together that I will be more than glad to share with you. And you probably know I did all of the training for the FBI's Ingar program for a couple of years. I, I ran that online, all of their webinars. So I've been doing this for a long time and I'm more than glad to help. That's why I am here. Right. [00:17:31] But now we got bad guys. and the bad guys are trying to get you to do something against your best interest. So in this case, what happens is you get a missed voicemail notification via email, and a lot of times it'll look pretty legitimate. It might even be coming from someone inside your company, whose account they have hacked. [00:17:57] Now on that email, there is an HTML attachment. Now HTML attachments can get past a lot of email gateway filters because they aren't in and of themselves malicious. So they're not raising big red flags for users in a, in a voicemail notification setting because that's how office Microsoft office sends you legitimate notifications. [00:18:24] Anyways. Now, these from fields are set up specifically using the organization's name. As I said, sometimes even a valid email address. Now, if you go ahead and click on that attachment, it will run a program on your computer using a language called JavaScript and that's embedded in every browser out there nowadays. [00:18:47] And that JavaScript code is going to redirect you to an attack. Controlled website. Now this website set up to get you to give up your credentials. So, what they'll do now is as you go to the website and the website might look like it's Microsoft office and it might look like it's your business website, and it'll ask you to log in. [00:19:15] It might ask you for other information as well. It is trying to get your username and password that it can then use to go after other people. You see what's happening here. So each of the URLs, these guys are creating these websites that they're sending you to are created to match the targeted company. [00:19:39] It's it's incredible how good they're getting, and they even have one of those Google recapture. Pop ups. Now this is a, an increasingly popular technique to evade these auto mail, automated URL analysis tools. So for instance, with my client, an email comes in, it goes through Cisco's. Email filter. We have an advanced email filter from Cisco, but we run our client's emails through. [00:20:10] And what happens is they look at the URLs, they visit the website that the URL PO points to, they try and verify if it's legit or not. And you you've had captures, you know, it's, um, click every box that has a bicycle in it, sort of a thing. It's kind of a touring test, test puzzle. So once this is solved, We'll tell you what happens next, cuz we're out of time right now. [00:20:36] Uh, make sure you visit me online. Craig Peter son.com. I'll keep you up to date. You can get my free newsletter and trainings. Craig Peter son.com. And I want to talk too about businesses in the, the big business of email compromise. [00:20:55] Yeah, I think most of us know what a big business is. Well, how about a business, an industry that has racked in 43 billion, according to the FBI. That's what we're talking about right now and what you can do about it. [00:21:11] We were talking about, what's been happening with Microsoft outlook users right now, a major campaign underway that has been extremely successful because these bad guys are using some rather advanced technologies. Absolutely crazy. So they get you to click. HTML link that is there while filed that is there as part of what looks to be a voicemail notification for you. [00:21:43] And then it takes you to a website that's specially crafted for you and your company. So you work@bigco.com and you click on that HTML and it'll take you to big co.com. Well, at least that's what it looks like, but it distracts you now because it wants to give you this capture as well. So this Google captures, you know, these things, these little mini touring tests, click on all of the trees in the picture, sort of a thing, right? [00:22:18] And you've got the nine things well with, uh, or maybe it's some blurred or distorted text and you have to type that in. And the whole idea behind that is normally to weed out these bots on eCommerce sites, online account sites. But what they're doing here is. They're making sure that the email, the, the software that checks the emails to make sure they are legitimate, that is going out to the big co dot or big co fake.com website. [00:22:54] They wanna make sure that that email checker does not find out that it's not the real site that you wanted to go. So the computer that's doing the checking will go to the site and it'll say, oh, there's a capture on there. And then it'll stop because it can't solve the capture. It needs you, it needs a human, right. [00:23:15] So this is kind of cool here. Uh, Eric. K. He's a security awareness advocate with no before. No. Before is a company that does training for people, for employees here about some of these, uh, these hacks and things are going on. When faced with a login prompt, it looks like a typical. Office 365 login. The person is likely to feel comfortable entering their information without looking at the browser's URL bar to ensure they are at the real login site, this familiarity and the high odds in an attended victim regularly uses office 365 for something in the Workday makes this a great Lu. [00:24:02] For attackers, this is from an article over on dark reading.com. This isn't, uh, a new technique, but let me tell you, it is B a very successful one. They have seen a resurgent, uh, resurgence of this starting a couple of years ago, back in July, 2020. And it is really targeting human nature. And of course, Microsoft 365 is quite the target. [00:24:29] So I mentioned. $43 billion industry. I'm looking right now at a public service announcement from the F FBI and they are calling business email compromise the $43 billion. Scam. This is crazy. A sophisticated scam. It targets businesses and individuals who are performing legitimate transfer funds requests. [00:25:00] It's carried out by people who are compromising legitimate businesses and individuals. Now, what they're trying to do with this business email compromise is get someone who has. Control of funds to do a transfer. What happens is they will do a little research on the business that might go to the website and see on the website. [00:25:25] Oh, let me see here. Okay. The president's name is Craig Peterson. Uh, the CFO is Mary Jane and, uh, the accounting department head is manly. And, uh, so now they got that information. So they'll go online. And to look at LinkedIn, find out who all else is at the business. Maybe things have changed, you know, maybe try and find an email address by doing an open source search for the email address of people there at the business. [00:25:57] You see where this is going here? Yeah, it, it gets pretty bad. So, uh, let's say they befriend the CEO on Facebook or on LinkedIn, but Facebook more likely, uh, and now. They're they can see on Facebook or maybe they don't even have to because your Facebook profile and posts are not hidden from the public. [00:26:20] So they just go there and, oh, let me see. Okay, great. He's gonna be out of town next week. And then what they'll do is they'll get into somebody's email account at the business. And once they're into somebody's email account, they can start looking through the emails and sending emails that look perfectly legitimate to other people within the organization. [00:26:43] Now, I, I did a whole story on television about this one on news program, and one of the people on staff, one of the talking. received an email like this, and it asked him to, uh, to buy some gift cards. This is very, very common scam right now, the gift card scam, and they try and get you to go ahead and. Buy gift cards for other people in the office are gonna have a little party and we don't want anybody else to know about it. [00:27:15] It's supposed to be a surprise. And I had some real fun with him. One of these days, I should probably share all of this in one of my newsletters. I think you guys would really appreciate it, enjoy it a little bit, but, uh, we really led them on and sure enough, you know, it was a total scam and we kept playing with them and it, it was something, any. [00:27:38] That was one thing. This is another because they will eventually get to the CFO, somebody who has the authority to transfer funds and get them to transfer funds to. Them. And then they use mules to move the money around these, uh, useful idiots who will sign up. And yeah. Yeah. It's kinda like the Nigerian scam. [00:28:05] All I need is access to your bank account and I'm gonna wire in, uh, $10,000. And I, and what I need you to do is transfer 8,000 of it over here to this PayPal account because my grandmother's dying and she needs the money. There's similar scams that are going after lonely people and getting them to send money because somebody needs an operation, et cetera. [00:28:33] So in this case with the business email compromise and the 43. Billion dollars that have been stolen from businesses. They'll usually get to the CFO and send a story like, Hey, uh, we have this new vendor and we've had 'em for three months and we haven't been paying them and we gotta make sure we pay them. [00:28:54] And, uh, we need to wire 43 million to this account that actually happened. And they did wire the money. It happened to Barbara cran, another person who wa is on shark tank. Uh, it, it happens to a lot of companies out there. And I've got a couple in the last month that we've worked with the FBI on the, these companies hear me on the radio. [00:29:21] They sent an email to me@craigpeterson.com and they had had their operating account. Emptied. Uh, the latest one is a, a lady 77 years old who had her retirement money stolen from her over $70,000. This stuff's real people. We've got to pay attention. We can't let this continue to happen. Make sure you sign up online. [00:29:48] Craig peterson.com so that you can get my insider show notes and we can keep you ahead of the bad guys. When we come back, we're gonna talk about this row overturned and what senators are asking the FTC. [00:30:05] We've got some senators who are saying they were spurred on by the row overturned. And they're asking the FTC to probe, apple and Android, and what's happening with tracking. Now I have a suspicion. That's not really right. [00:30:21] We've got, of course the recent overturn of Roe. You, you of course heard about that. it was pretty much impossible to miss if you pay any attention to the news. [00:30:36] Well, we've got three Democrat, us senators and a Democrat us representative that asked. The federal trade commission to investigate apple and Google for engaging in unfair and deceptive practices by enabling the collection and sale of hundreds of millions of mobile phones, users, data, the FTC should investigate apple and Google's role in transforming online advertising into an intense system of surveillance that incentivizes and facilitates the UN. [00:31:11] Train collection and constant sale of Americans' personal data. These companies have failed to inform consumers of the privacy and security dangers involved in using those products. It is beyond time to bring an end to the privacy harms, forced on consumers. Buy these companies. Now I have been talking about this on the [00:31:38] radio for 20 years. Because do you remember when Congress forced telephone manufacturers and cell phone companies to put GPS coordinates into the receivers, into the phones? Do you remember that you could no longer use your analog phone? You had to use digital phones under federal law. right. It, it's just amazing. [00:32:09] We can go into all of the reasons that they've given for that in the past, but anyhow, that's what they did. So immediately decades ago, now, many years ago, they started collecting data. Now it's okay for the government to collect it, even though it's illegal. For them to collect this data. So what's happening here? [00:32:30] Why have the Democrats for so long? Well, and frankly, a lot of Republicans been big on collecting data on all of us. Now, I I've gotta say when I've looked at the stats, the biggest. Purveyors of the surveillance society have been president Obama followed by president Biden. Now you could argue that president Bush was won too, because of course they passed an act that allowed for all kinds of changes in surveillance. [00:33:02] So, okay. So we'll put him in there too. So we got a Republican in there. Obama put that program that president Bush had put in place on steroids and then president Biden did the same thing. President Trump tried to cut it back because he was a victim of some of the surveillance that they were doing. So what's going on here? [00:33:25] Well, these Democrat senators are saying, uh, we don't want people who are trying to get abortions to be. okay. I can see that. Uh, I can also see that I don't want to be tracked and you don't want to be tracked. And it's one thing to have an advertiser know a little bit about us, you know, Hey, we just visited the Ford dealer and the Chevy dealer and the Honda dealer. [00:33:52] So maybe he's looking for a car let's let's try and advertise a car. Right. So Honda and Chevy and Ford all start putting ads up for you. Okay. So that's. Thing if I'm in, if I'm interested in buying a truck. Okay, great. Show me ads on a truck, but we've seen already misuses of this data over the years, one of the earliest ones I talked about here on the radio was this guy who went to an emergency room and all of a sudden started seeing ads for what you might call ambulance, chasing lawyers saying, have you been injured? [00:34:30] right. You've seen those types of ads before, but once he was in the emergency room and he was geolo geolocated in the emergency room, they started selling advertising to lawyers. I, I, I'm not real fond of that one either, but I think there's an ulterior motive here behind what these Democrats are saying. [00:34:52] If you have seen the movie 2000 mules, you understand what I'm talking about here? what ended up happening here is they looked at trillions of data points. You see, they went out and bought databases of smartphone data where these smartphones were located. And then they started doing some serious analysis on it and they were able to say, okay, this smartphone went to. [00:35:28] Different Dropboxes for the election for ballots. And in between each visit to the Dropbox, they went to a left wing organization where they did something. Right. So they, they go to a Dropbox drop off ballots and they're on video doing this, dropping off ballots. And then they go to a left wing organization and then they go drop off more ballots at a different Dropbox, and then they go back again and then it's on video. [00:36:02] And some of these people are taking pictures of them, stuffing the ballots into the box, supposedly, so they can get paid. So now there are some criminal investigations that have been started. I don't know how far they've gotten yet over some of this information that was gathered. And that was documented in the film by Danes. [00:36:24] Dusuza called 2000 mul. And if you haven't seen it, no matter what side of the aisle you want, you need to see it. Absolutely need to see. And whether you believe or not, when president Biden said that we have the best, uh, what was it? Um, election stealing organization that's ever been made? I can't remember his exact words right now. [00:36:49] Uh, he was serious about it, right? So now all of a sudden, the Democrats are concerned that people who visit abortion clinics might be tracked, cuz they could be. Right. You could buy data geotagged with an abortion clinic's location, GPS coordinates. You absolutely could do that, but that's been true for a long time. [00:37:15] Why now? Well, maybe because of Roe V Wade, but I look, of course it wasn't just that one decision that was overturned, but I, I look at some of this and really, really do wonder because it really looks like some number of people were caught illegally stuffing ballot box. So it's, it's fascinating to me that all of a sudden now out, they come with this. [00:37:45] Now apple has stopped enabling the tracker identifiers. By default, if you have an apple smartphone, it is much more. Private than the Android phones are by far, right? Google makes its money by selling your information. That's how they make most of their money. Apple makes its money by selling you services and selling you hardware. [00:38:13] so that should tell you something right there. And the fact that Senator Elizabeth Warren is one of the ones who is proposing this legislation makes you think even more about this. Now, Google, uh, this is an article from ours. Technical apparently responded to this whole concept in an article that ours was writing, saying that it's had all kinds of efforts to block apps and violate Google play policies. [00:38:41] And. the bands it's imposed on companies that are apparently sold user data, and they say Google never sells user data in the play at Google, strictly prohibits a sale of user data by developers and, uh, goes into the advertising ID. So it it's fascinating to me that all of a sudden, now the Democrats are interested in stopping the data collection. [00:39:08] It really is. I don't like it. As I said, I've talked about this for more than 20 years now on the radio. It, I think it's a real problem. This data collection, because also the federal government, even though it's illegal for them to collect information on American citizens, they do it every. And some of the largest, like the, um, immigration people, Homeland security are the biggest collector. [00:39:37] They have more information about you than anyone else. Even if you're here legally, you were born in the United States, et cetera, etcetera, because they are buying all of this information from what are called data broker. So, yeah, they say, yeah, we're, we're not collecting it. You we're forbidden by law to collect it, which is absolutely true. [00:39:59] But what they are doing is buying it from private businesses. So I think we've got to completely. Reconsider how this all works. Apple has been working on it. You can go into your apple phone and make a change, share identifier if you want to, which makes it harder to track apple also. And Google has this, as I believe is an option. [00:40:25] But apple also will give you a different Mac address every time you're connecting to wifi networks so that you can't be tracked that way. Because just, if, if you connect to the network at target the wifi at target, for instance, they will know when you return because your phone has the same Mac address that's used for the wifi. [00:40:49] So they know. They know where you go in the store. They know what you're looking at in the store, in some cases, depending on how the tracking works. So it's fascinating to me, this is a, a real privacy issue that could easily turn into something much worse because this data, this same data that's available to marketers is available to government is also available to bad guys. [00:41:17] and you talk about the ability to potentially frame someone and it, it, it just gets extremely, extremely scary. Right now, last month, more than 40 members of Congress called on Google to stop collecting and retaining customer location data, the prosecutors could use to identify women who obtain abortions. [00:41:37] Again, tied into this, uh, abortion anytime any day. Uh, and as the governor of Virginia said, even after the baby is born and delivered it, you should be able to abort it. Uh, so wherever you fall in that spectrum, obviously the Democrats in the us want abortions far more than the Europeans that every European country I can think of has much tougher restrictions on abortion than we have here. [00:42:05] But. Privacy is not an abortion issue. Hey, join me online. Craig peterson.com. Make sure you are on my email list. And, uh, you can ask any question you want. Just email me, [00:42:20] me@CraigPeterson.com. [00:42:26] I really appreciate all the emails I get from you guys. And it is driving me to do something I've never done before now. I've always provided all kinds of free information to share on my email list. Great stuff. But now we're talking about cyber punch lists. [00:42:43] So they know what's hot because who really, really tracks technology, not too many people. And I get, uh, you know, a little off put by some of these other radio hosts that call themselves tech people, and they're actually marketing people, but you. That's me. Right. And that's why, if you are on my list, you've probably noticed I'm not hammering you trying to sell you stuff all of the time. [00:43:09] It's good, valuable content. And I'm starting something brand new. Never done this before, but this is for you guys. Okay. You know that I do cybersecurity. As a business and I've been doing it now for more than three decades. I don't know if I should admit that. Right. They say, never say more than 17 years. [00:43:30] Okay. So I've been doing it for more than 17 years and I've been on the internet now for. Oh, 40 years now. Okay. Back before it was even called the internet, I helped to develop the silly thing. So over the years, we've come up with a number of different strategies. We have these things that are called plan of action and milestones, and we have all kinds of other lists of things that we do and that need to be done. [00:44:01] So what we're doing right now is we're setting it. So that you can just email me, me, Craig peterson.com. And I will go ahead and send you one of these punch lists. Now the punch lists are around one specific topic. You know, we got these massive. Punch list with hundreds and hundreds of things on them. And those are what we use when we go in to help clean up the cybersecurity in a company. [00:44:28] So we'll go in, we'll do scans. We will do red team blue team where we're attacking. We do all, all kinds of different types of scans using different software, trying to break in. We use the same tools that the hackers use in order to see if we can. Into your systems and if the systems are properly secured, so we do all of this stuff, so, and, and then it goes into all of the paperwork that needs to be done to comply with whatever it might be. [00:45:00] Right. It might be, they accept payment cards. It might be that they have hip. Information, which is healthcare information. And it might be also that they're a government contractor. So there are hundreds and hundreds of things that they have to comply with. Most of them are procedural. So we have all of this stuff. [00:45:18] We do all of this stuff. And I was talking with my wife here this last week about it and said, you. So much of this could be used by small companies that can't afford to hire my team to come in and clean things up. Right. And I don't want them to suffer. So here's what we're doing. We're starting this next week. [00:45:42] We have a punch list for you on email. So what are the things you can do should do for email? Just very, very narrow on email so that you can recognize a fishing. Email, what you might wanna do to lock down your outlook, if you're on windows or your Mac mail. So we're taking these massive spreadsheets that we have and we're breaking them up. [00:46:10] So the first one that's available to you guys, absolutely. A hundred percent free. Is the one on email. So just send me an email. Me M E Craig peterson.com. Now, remember I am, my, my business is a business to business business, right. But almost everything in these various. Punch lists applies to individuals as well. [00:46:34] So I got an email this last week from a guy saying, Hey, I'm 80 years old and, uh, retired and I don't know much about computers and that's kind of what got us thinking about this. You know, we need to be able to help him. We need to be able to help you out. Okay. And if you're a small business and we've dealt with a lot of them over the years, and as a small business, you just don't have the funds to bring in an expert, whether it's me or somebody else, although yeah. [00:47:03] What you want the best. But anyways, , it, it, uh, it is gonna allow you to do it yourself. Okay. So absolutely free. All of these punch lists on all of these topics, we're probably gonna end up with more than a hundred of these punch lists. And all you do is email me, me, Craig peterson.com. Just let me know in there what you're interested in. [00:47:29] So even if we haven't got that punch list broken down for you yet, we will go ahead and put that on the. To do right. We need the priorities. What kind of a priority should we have as we're putting these things together for free for people. Right. Uh, and the only way we know is if you ask, so the first one's on email, you can certainly ask for email. [00:47:50] We've got, as I said, more than a hundred others, that we think we're gonna be able to pull out of the exact. Plan of action worksheets that we use so that you can go through this yourself, whether you're a home user or you are a small business or even a big business, right? We we're talking with, uh, a gentleman who's probably listening right now, who has a business. [00:48:17] They have three offices, they have some requirement because of the military contracts for high level. Cyber security and it would work for him too. All right. So they, this is all of the punch list stuff. You probably know what a punch list is, right? It's using the construction industry a lot, but in our case, it's you need to do this. [00:48:39] You need to do this, you need to do this. Okay. So that's what that's all about. So enough rambling on that. It's gonna take us some time to get 'em all together. I'm also. We're gonna do more video stuff again, training. So just like on the radio show where we're talking about what's in the news, we're gonna talk about what's what's in the news. [00:49:01] When it comes to small businesses, what you should be paying attention to with of course, an emphasis on cybersecurity and we're. Putting those up on my website@craigpeterson.com. In fact, we've already got some up there already, and then we are going to also be putting them on YouTube and rumble. So if you don't like YouTube and Google, then you can certainly go to rumble. [00:49:25] You'll see them there. But if you're on the email list, I'm I'm. Starting to put links in the bottom of the emails. So you can go and watch those videos. If you are a video type person that you know, more visual. So it's, I think all good. And it's good news for everybody. And this is what happens, I think, as you get more mature, In the business. [00:49:48] Right. Um, as I said, I've been on the internet for more than 40 years, helped develop some of that software that, uh, some of it's still in use today and now it's time to do more give back. And I really am trying to give back, okay, there's this isn't. This isn't a joke. So, uh, no joke. Right. So go ahead. Email me at Craig Peterson. [00:50:12] Tell me which punch list that you would like. And I can also put you on my email list so that you get my insider show notes, and you can just do that yourself by gonna Craig Peterson dot. Com you'll see right up at the top of the page. If you scroll down a little bit, it'll kind of pop up. It's a big red bar that goes across the top. [00:50:32] I try not to be too intrusive and you can sign up there for the newsletter. So you'll get some of these trainings automatically. You'll get my insider show notes, all of this stuff. It it's absolutely free. Okay. This is my giveback to help you out. It really is. Okay. I, as I mentioned at the very beginning, I, I. [00:50:52] Peeve by some of these people that represent themselves as tech experts. And in fact, all they are are marketers. We've got a client that decided that, uh, I was too expensive. My team. So they went out and shopped around, tried to find the cheapest company they could. And so now the, the company that they're bringing in is saying, you're saying, uh, Hey, um, uh, so how does this work? [00:51:15] How do you do zero trust? Uh, why do you have a firewall here? Uh, why do you bother to have a direct fiber link between the offices? All this stuff? Well, because they need it. Okay. I get it. You use. Barracuda spam firewalls and Barracuda firewalls. It, it, yeah, this is a different league. Okay. So you are gonna be getting these punch lists from me that are really gonna help you understand and secure your systems. [00:51:47] Right? This isn't your average run of the mill so-called managed security services provider or managed services or break fix shop. You are getting it from the guy that the FBI. Ingar program went to, to do their trainings. That was me. Okay. So for two years I set up the program. I ran it. And if we ever are sitting down having a coffee or beer, sometimes I'll tell you why I left. [00:52:13] Okay. Uh, but think about FBI and I, I think you might have a clue as to why I decided not to do that anymore, but I trained thousands of businesses, government agencies, state local. Federal, you name it. So you are getting what you really need, which is another problem. I keep hearing from people, you do a search for something on YouTube or Google and you get what a million, 5 million pages, right. [00:52:43] As supposedly that it says are available and they give you, okay, here's the top one, but what you need is an integrated single way. To do things where everything works together. And that's what I'm trying to do for you guys, because there's so many little products, different products that just don't work so well together. [00:53:06] So we'll, we'll be covering that as well in these, but you gotta be on that email list. Craig peterson.com. Craig Peterson. So n.com/subscribe will take you right to the subscription page. And I'll keep you up to date. This is not my paid newsletter. All right, stick around. We'll be right back. And I promise I'll get to Russia, Russia, Russia. [00:53:33] Some of the high tech companies and others pulled out of Russia after the Ukraine invasion, but one stayed Google. What is going on with Google? And now they're in big trouble with the Russian government. Wow.  [00:53:50] Here's a list of companies according to CNET that have pulled out of Russia because you remember Russia invaded Ukraine, February 24, we had Adobe, these are the guys that make Photoshop, Adobe reader. Airbnb, Airbnb has kind of an interesting story too in Ukraine because a number quite a number of Airbnb customers went ahead and rented rooms and homes from Ukrainians, even though they had no intention of going and they told the Ukrainians, Hey. [00:54:23] I'm not gonna show up, just take this money. I'm sure you need it. Can you, can you imagine that that's fantastic. Good for them, Amazon, they suspended shipments of all retail products of customers in Russia and Bella Russ, and also suspended prime video for users in Russia. Apple stops selling its product in Russia's it's halting online transactions, including limiting apple pay. [00:54:50] It's also disabled. Some apple map features in Ukraine in order to protect civilians, Amazon web services. They don't have data centers or offices in Russia, but it's allowing new signups for the service in Russia. BMW four GM Honda. Have all scaled back their operations or stopped them. Ford suspended its operations in Russia effective immediately until further notice. [00:55:19] GM is suspending business in Russia. Honda has suspended exports to Russia, Disney halted, all theatrical releases in Russia, including the new Pixar film, turning red, also pause content DJA. The drone company that's gotten in trouble here in the us for some of its practices of sending GPS information to China while they're not doing it over there. [00:55:45] Uh, electronic arts. They make a bunch of very popular, uh, games, epic games, another one Ericson FIFA body band Russia from this year's world cup formula one canceled its plan planned Russian ground pre Fujitsu, Goldman Sachs. Now Google that's where I want to go. We'll stop at Google here for a minute. [00:56:10] Google. Suspended their ad network in Russia. And the idea was okay. Uh, we're not sure how payments are gonna work because Russia of course has had this kind of this lockdown by foreign countries on their banking system. We're not sure we can get the money out. Right. Um, uh, that's what they're apparently doing now. [00:56:36] They're still there. Google's YouTube. It's search engine on and on still running in Russia. Now that is really disturbing. If you ask me, why did they not pull out? It doesn't make sense. So Google did stop accepting new customers for Google cloud. In March. YouTube said it's removing videos at denier trivial trivialize, the Russian invasion, but what finally got Google. [00:57:09] Out of Russia, Russia seized their bank accounts. They froze, they transferred their money out of the main bank account in Russia. We're talking about a 2 billion per year business, Google Russia, that that really upsets me. So I did a little more research online about all of this, and I was really surprised to see that Ukraine now has given the Ukraine peace prize to Google. [00:57:40] and it says, uh, quote on the behalf of the Ukrainian people with gratitude for the support during this pivotal moment in our nation's history. So what is it? I, I, I'm not sure. Right? So there, uh, one of their foreign ministers, I guess, and, uh, Koran. Baha I think, uh, said thank you from the beginning of the war, Google has sought to help. [00:58:05] However, however we can through humanitarian support of our tools will continue to do as long as needed. So I dug in a little more and tried to figure out what's up. Well rush or Google left its Russian search engine online and YouTube online and was using it in Russia in order to. Control the narrative in Russia. [00:58:31] Now, unlike what they've done here in the us, where Google has been caught, many times controlling the narrative in various elections and taking certain ads and not taking others and taking certain business and not taking others, apparently in Russia, it has been. Blocking a lot of the stuff that Russia itself has been putting out. [00:58:55] So the, the federal government there in Russia. Interesting. Hey, so they also have helped Ukraine out by providing them with mapping GPS and rumor has it satellite services. Yeah. Interestingly to track Russian troop movements, uh, Al also Ukraine saying the Google news component has also been tremendously valuable. [00:59:24] Google's also helping to raise money for the cause of Ukraine. Like many companies are doing right now to help people displace due to the war and Poland. Wow. They've been doing Yemen's work and, and bringing. People in, by the millions, into Poland from Ukraine. It reminds me when I lived in Calgary, Alberta, my Cub, one of the Cub masters Cub troop leaders was a woman who came from Poland many years ago. [00:59:52] This was back during Soviet occupation of. Poland. And I, I remember talking to her about what was happening over there. Why did she leave? And it is just so, so impressive. The polls have done so much impressive stuff over the years. So they're also saying that Google's done a lot of other things in order to. [01:00:13] Help protect Ukraine, including Google's block domains. They've prevented fishing attacks against Ukraine. They've warn targeted individuals that they are being targeted. It's really something what they've done. So my first knee jerk was why is Google? Still doing business in Russia. Well, now it's become clear because they have a special page for Russians that gives correct information, at least, you know, Google's claiming it's correct. [01:00:47] Uh, I don't know which fact checkers, checkers they're using, but. That gives Russians real information about the war what's going on in Ukraine. What's happening with the Russian soldiers. Did, did you see this just this last week, apparently Russia removed the age limit for volunteers for the military. It used to be, I think it was 40 years old. [01:01:12] If you were a Russian citizen and 30 years old, if you were foreign national, now the Russian military will take anybody. Any age from anywhere. In other words, Russia is really getting kind of hard up if they want people like me, right. To fight, to fight their wars. I'm sure they don't really well. I don't know. [01:01:32] Maybe they do want me, right. That every, every war needs cannon fodder. So it is fascinating to see good job Google. I am quite impressed. I did not expect them to be doing that. They've also. Uh, uh, provided over 45 million in donations and grants to various groups. They've done pro bono work for various organizations over there. [01:02:01] So this is really, really cool. So that's it. That's what's happening over there in you? Crane and Google, you can of course, find out a lot more. Get my insider show notes. So you had all of this on Tuesday morning. You could have digested it all and be ahead of everybody else out there. And then also don't forget about my new offer here. [01:02:27] Free, absolutely free for. Asks by emailing me Craig peterson.com. I'll go ahead and send them to you, which is I think a pretty cool thing now. What am I gonna send you? Well, you gotta ask first, right? You gotta ask. And what we're gonna be doing is taking what I have been using for years to help secure my customers. [01:02:54] And we're making available for free my cyber punch lists. Craig peterson.com/subscribe. [01:03:02] Bit of a hubub here, a B Biden's infrastructure bill $1.2 trillion. And, and it's in there is this thing that Bob BARR is calling an automobile kill switch. Well, I did some more research and we'll tell you the facts right now. [01:03:19] What are you supposed to do? If you are trying to pass a bill to stop drunk driving deaths, and you've got all of the money in the world, you know, well, I guess 1.2 trillion, isn't all of the money in the world. [01:03:33] What are you gonna put in there? Well, I did a search on this and I I'm chuckling because this is craziness. This is the AP associated press. And they've got this article claim. President Joe Biden signed a bill that will give law enforcement access to a kill switch that will be attached to all new cars in 2026 APS assessment false. [01:03:59] Okay, so we've got fact checkers here while the bipartisan infrastructure bill Biden signed last year requires advanced drunk and impaired driving technology to become standard equipment in cars. Experts say. Technology doesn't amount to a kill switch. Hmm. Let me see. So I can't start the car. If the car's computer thinks I might be drunk or impaired in some other way, but that's not a kill switch. [01:04:31] What, what is that? Then if I can't start the car, because I have a disagreement with the computer. How about these people that I don't know, maybe their eyes can't open all of the way. Maybe they have problems with eyes on nystagmus, the eyes kind of jittering back and forth. Right. And now what are they gonna do? [01:04:50] Argue with the computer? That's a kill switch. I can't believe these crazy people that are like AP here, coming up with fact checking on things. So, yeah, I'm sure there's some distortions in some articles out there, but they contradicted themselves in two paragraphs. I guess they figure people are just gonna see false. [01:05:14] Okay. I'm done. They're not gonna bother reading the rest of the article. Yeah. Kind of crazy, isn't it? So according to an article written by remember former us representative Bob BARR in the infrastructure bill, is this kill switch. Now the, the big question is what is the kill switch? How far does it go? [01:05:39] So I decided, well, let's look up something I remember from years ago and that is GM GM has the OnStar system it's yet another reason I won't buy GM, there are a number of reasons, but this is another one. OnStar system, you know, they've got an advisor, isn't that great. And if your car is in a car accident, a crash that advisor can hop on and ask if you're okay. [01:06:08] And if you want emergency services coming, they'll come, uh, OnStar will call them for you. And if you are just fine, they won't bother calling. I mean, if there's no answer at all, they'll they'll call emergency services and let them know where the vehicle is. Cuz the vehicle has with OnStar built in GPS. [01:06:30] Well, one of the features of OnStar is that it can send a signal to disable cars, engines, and gradually slow the vehicle to an idle speed to assist police in recovering the vehicle. Now they will only do that at least right now for vehicles that have been reported stolen and have been confirmed by the police. [01:06:58] So in, in reality, that's kind of cool, right? It slows down. Hopefully the bad guy, if he's on the highway, makes it over to the side of the road and while the car slows down and eventually stops. So, uh, all of this stuff sounds good. This kill switch. Sounds good. Doesn't it? Because you know, we're gonna keep drunk drivers off the road. [01:07:24] Now in reality, of course, they're not gonna be able to keep drunk drivers or other impaired drivers off the road. I really don't care what kind of technology they put in. And they're not talking about putting in one of these blow in the tube, things that checks your blood alcohol level. They're talking about having a camera facing you as the driver and probably other occupants of the vehicles and that internally facing camera. [01:07:53] It's going to evaluate you. It's gonna look at you. It's gonna look at your face. Is something droopy. Are, are you kind of slow to respond? It might have a little test that it has you take right there. The, the law is very loosey goosey on any details. There really aren't any, so it's gonna be up to the manufacturer. [01:08:15] So they put this in the car step. Just like OnStar, step one, put it in the car and they'll tell you when to turn. Remember how cool that was the GPS with OnStar. And you'd say, yeah, I want to go to this address. And then the, uh, the assistant goes ahead and sense programming to your car. And now you can go and if you lock your keys in the car, they can unlock the car for you. [01:08:41] All, all kinds of cool stuff. And then next up what happens. Well, but they can stop the vehicle. So there's another technology story related to OnStar. And this is from 2009 from Kelly blue book book, OnStar stolen vehicle, slow down forts its first carjacking. So again, doesn't that sound fantastic. This was a Tahoe OnStar. [01:09:10] And, uh, the driver and his passenger forced out of the vehicle robbed by a shotgun wielding perp who then drove off in the SUV. And the OnStar dispatcher was able to locate the vehicle using GPS advised police of exact location. And as soon as the police established visual contact, the stolen vehicle slow down system is activated available on a number of GM cars and trucks. [01:09:36] Right? So this was over a decade ago. That this happened, but the technology's evolved hasn. so we initially have all of these car companies trying to decide, okay. So we've got this kill switch law, which AP says is not a kill switch law. Cuz they talk to experts just like the, what was it? 52 people, uh, heads of intelligence. [01:10:01] Committees and agencies said that this wasn't a collusion hoax, right? So they talked to experts who said, no, no, no, this isn't a kill switch, but that's today you can argue, it's not a kill switch. I would completely disagree with you. Day one. It's a kill switch cuz you can't start your car. Right. It's a kill switch. [01:10:21] A kill switch is often something you hide somewhere on the car so you can kill the engine. So it can't be stolen. It's a kill switch. Come on. People fact checkers aside. This could potentially allow law enforcement again, to shut down your car, remotely track the car's metrics, location, maybe the passenger load, because remember now cars are tracking all of this. [01:10:46] They've already been. Tickets issued by police that did not see anyone speeding. The car was not caught on a traffic camera, but they hook up a device to your car's port that talks to its computer. And the computer says, yeah, he was doing 80 miles an hour or, uh, five minutes ago. And all of a sudden you got a ticket, right? [01:11:08] Massachusetts wants to go ahead now and say, uh, yeah, yeah. Let's charge by the mile that you drive and mask. Because of course they're not getting enough revenue from gasoline because of the electric cars, right. Electric cars are not paying their fair share when it comes to road taxes. So let's do it that way. [01:11:27] So how are they gonna collect the information while. They're gonna hook up to your car's computer. The next thing coming down the road, and it's already in most cars is wireless data connectivity. You might have found already. If you have a Nissan, a Honda, many other cars that. You have to get a major upgrade. [01:11:49] It varies 600 bucks up to a few grand for an expensive car, but the two G data network, we talked about this on the show already is being completely shut down by the end of the year. So we've gotta replace it and switch you over. To the LTE data network, which of course eventually will go away as well, or at least 3g what happens once it's all hooked up? [01:12:16] Well, the next easy step is just feed all of that information straight to the government. Craig, Peter son.com. [01:12:27] If you've been afraid of ransomware before I I've got a good example for you where a whole country now has been ransom. Absolutely crazy. So we'll talk about that. What is the state of ransomware? And the NSA is asking us to trust them again. [01:12:43] Of course staying up to date means that you get my insider newsletter pretty much every Tuesday morning and, and the only way to get that is to go to Craig peterson.com/subscribe. [01:12:56] And I will keep you up to date. You'll get even more insight information. The Costa REAN government has declared a state of national emergency. And to the best of my knowledge, this is the first time a government has done this because agencies of the Costa Rican government have been hit so badly by the K ransomware. [01:13:22] That the new incoming president immediately declared a state of emergency. So now the country has expanded law enforcement powers and they are trying to go after the KTI ransomware group. Now between you and me. Good luck on that one. They are based in Russia. There's a number of different articles out this week. [01:13:44] This one from ADV Intel at tech target. But according to their research, the Kati ransomware groups attack on Costa Rican government was part of a rebranding effort. So this ransomware gang has seen a lot of their payments, just dry up. Because it's harder to get the money in. Right. And what are you gonna do with cryptocurrency? [01:14:09] If you are the KTI group, can you turn it into anything useful? Well, it kind of depends on the country you're in, but for most people, no. Okay. Absolutely. No. So we were able to knock the KTI ransomware groups. Offline. And we talked about that before here. The us government did that, but now this is marking a new chapter for the cyber crime landscape. [01:14:37] Interesting. Isn't it? So there are some investigations that have been going on. They've been trying to figure out what happened. What was the cause of the downfall of the county ransomware group? Are they really gone? Why did they pull their website offline and also. They declared publicly support for Russia in its invasion of Ukraine. [01:15:00] And so now the Canti ransomware group got hacked and held ransom. They suffered major leaks. As a consequence. So other hackers went after KTI, which is a hacking group and they, they showed here from internal in documents that were stolen, that the KTI ransomware gang's primary Bitcoin address, which was found in the leak, showed that they had taken in over 2 billion in cryptocurrency over the last five years. [01:15:34] Isn't that just amazing and anonymous leaker has published more of the gangs communications, but you know, that can help that's for sure. But you think with that much money, they'd be able to protect themselves right now on top of it, because of the hack of Costa Rica and the major damage it's caused, the us government has offered a couple of bounties here. [01:16:00] Against the KTI ransomware group. So there's $10 million available. If you can provide the feds with information about the leaders of the KTI ransomware group and $5 million that you can get leading to the arrest of anyone involved with a cont ransomware attack. Isn't that something. So ransomware has been really outta control for years. [01:16:25] There's no signs that things are actually slowing down. Definitely been enhanced law enforcement efforts to track them down. But ultimately here, the core members of these groups have been escaping these law enforcement activities. They've been using mules kinda like 2000 mules. Have you seen that movie? [01:16:46] But the idea is they get people primarily in the us cuz that's where most of the money comes from. They do ran. Of people and businesses information here. In fact, last year, it's estimated that 60%, six, 0% of small businesses were hacked, which is just crazy. Right? Well, no wonder it's got $2 billion, but. [01:17:09] What are, what are we supposed to do? What are they doing to, to, uh, really come after us? Well, they're doing many of the same things. These mules will, uh, be hired saying, Hey, I just need to, uh, use your PayPal account. And, uh, all you have to do is transfer some money. You can keep. 5%, 10% of the money I put in there. [01:17:29] And they've always got these excuses, you know, think the Nigerian email scams from years past, and frankly still kind of go around a little bit here, but large bounties are really becoming a part of the toolbox, a law enforcement's been using in the us and abroad to try and track them down. And that's really what they're hoping for down in Costa Rica, because what are they gonna do? [01:17:57] You know, frankly, really? What are they gonna do? Well, I don't know. And they obviously are relying on the United States to help them out with this. The internal structure of the K group has been highly organized. They've got the same type of structure of a legitimate corporation would have it takes its work that needs to be done. [01:18:18] They hire contractors that may not even know who they're actually working for to write small pieces of, of, uh, code here that gets tied. so it's not too surprising that a KTI affiliate is going to

    React Native Radio
    RNR 241 - Redux Toolkit vs MobX-State-Tree Showdown

    React Native Radio

    Play Episode Listen Later Jul 1, 2022 51:23


    Should you use Redux or MobX-State-Tree? Robin, Mazen, and Jamon do a breakdown of the various tradeoffs of these two popular state management libraries.This episode brought to you by Infinite Red! Infinite Red is a premier React Native design and development agency located in the USA. With five years of React Native experience and deep roots in the React Native community (hosts of Chain React and the React Native Newsletter), Infinite Red is the best choice for your next React Native app.Helpful Links:https://www.loom.com/share/9e3afe0547824e42bada06191e891ae1https://mobx-state-tree.js.org/intro/welcomehttps://redux.js.org/introduction/getting-startedhttps://reactnativeradio.com/episodes/175-state-management-in-react-native-sLR6hN_vConnect With Us!React Native Radio - @ReactNativeRdioJamon - @jamonholmgrenMazen - @mazenchamiRobin - @robin_heinze

    JS Party
    Sophisticated Cornhole

    JS Party

    Play Episode Listen Later Jul 1, 2022 56:58


    Jerod, Nick & Ali partake in a few rounds of Story of the Week, TIL, and I'm Excited about $X. Oh, and is TypeScript the new Java? Nick responds and emotes all over the place!

    Career Switch To Coding
    Stack Overflow Dev Survey 2022 Part 1

    Career Switch To Coding

    Play Episode Listen Later Jul 1, 2022 34:16


    This week we start a two parter on the Stack Overflow developer survey 2022 and unearth the surprising dev tech stories of this year. Spoiler, jQuery is still with us!Find Simon B at All The CodeFind Simon G at the Ionic AcademyLinks:Stack Overflow 2022 dev survey

    Digital Marketing with Bill Hartzer
    Google Algo Update, Facebook Internet Tracking Settlement, Canonical Tags, Quick Rankings

    Digital Marketing with Bill Hartzer

    Play Episode Listen Later Jun 30, 2022 26:01


    In this episode of the Digital Marketing with Bill Hartzer podcast, Bill Hartzer talks about another Google algorithm update, and Alan Kent from Google sharing 8 e-commerce SEO tips in a video. Google will index a page that is under 15mb in size, and Bill Hartzer talks about pages with a lot of words and ranking them. He then goes on to talk about injecting canonical tags using JavaScript and how that could potentially be an issue or cause problems. The Facebook Internet Tracking Settlement is again mentioned, and Bill Hartzer provides an update on the rankings and how he's created a video that's ranking well for that trending keyword phrase. He goes on to talk about other opportunities for ranking a page or ranking content quickly, and how to get into Google News. Should SEOs know the difference between crawling, indexing, and ranking? Bill Hartzer lets you know his view on that. Then, finally, he talks about an example site with over 1,000 unique domains linking to the site, but the Trust Flow is abnormally low. Listed to the podcast to get his take on why this site has so many good links but the TF is low and the site's having ranking problems.

    Screaming in the Cloud
    TikTok and Short Form Content for Developers with Linda Vivah

    Screaming in the Cloud

    Play Episode Listen Later Jun 28, 2022 34:01


    Full Description / Show Notes Corey and Linda talk about Tiktok and the online developer community (1:18) Linda talks about what prompted her to want to work at AWS (5:29) Linda discusses navigating the change from just being part of the developer community to being an employee of AWS (10:37) Linda talks about moving AWS more in the direction of short form content, and Corey and Linda talk about the Tiktok algorithm (15:56) Linda talks about the potential struggle of going from short form to long form content (25:21) About LindaLinda Vivah is a Site Reliability Engineer for a major media organization in NYC, a tech content creator, an AWS community builder member, a part-time wedding singer, and the founder of a STEM jewelry shop called Coding Crystals. At the time of this recording she was about to join AWS in her current position as a Developer Advocate.Linda had an untraditional journey into tech. She was a Philosophy major in college and began her career in journalism. In 2015, she quit her tv job to attend The Flatiron School, a full stack web development immersive program in NYC. She worked as a full-stack developer building web applications for 5 years before shifting into SRE to work on the cloud end internally.Throughout the years, she's created tech content on platforms like TikTok & Instagram and believes that sometimes the best way to learn is to teach.Links Referenced:lindavivah.com: https://lindavivah.com TranscriptAnnouncer: Hello, and welcome to Screaming in the Cloud with your host, Chief Cloud Economist at The Duckbill Group, Corey Quinn. This weekly show features conversations with people doing interesting work in the world of cloud, thoughtful commentary on the state of the technical world, and ridiculous titles for which Corey refuses to apologize. This is Screaming in the Cloud.Corey: This episode is sponsored in part by Honeycomb. When production is running slow, it's hard to know where problems originate. Is it your application code, users, or the underlying systems? I've got five bucks on DNS, personally. Why scroll through endless dashboards while dealing with alert floods, going from tool to tool to tool that you employ, guessing at which puzzle pieces matter? Context switching and tool sprawl are slowly killing both your team and your business. You should care more about one of those than the other; which one is up to you. Drop the separate pillars and enter a world of getting one unified understanding of the one thing driving your business: production. With Honeycomb, you guess less and know more. Try it for free at honeycomb.io/screaminginthecloud. Observability: it's more than just hipster monitoring.Corey: Let's face it, on-call firefighting at 2am is stressful! So there's good news and there's bad news. The bad news is that you probably can't prevent incidents from happening, but the good news is that incident.io makes incidents less stressful and a lot more valuable. incident.io is a Slack-native incident management platform that allows you to automate incident processes, focus on fixing the issues and learn from incident insights to improve site reliability and fix your vulnerabilities. Try incident.io, recover faster and sleep more.Corey: Welcome to Screaming in the Cloud. I'm Corey Quinn. We talk a lot about how people go about getting into this ridiculous industry of ours, and I've talked a little bit about how I go about finding interesting and varied guests to show up and help me indulge my ongoing love affair on this show with the sound of my own voice. Today, we're going to be able to address both of those because today I'm speaking to Linda Haviv, who, as of this recording, has accepted a job as a Developer Advocate at AWS, but has not started. Linda, welcome to the show.Linda: Thank you so much for having me, Corey. Happy to be here.Corey: So, you and I have been talking for a while and there's been a lot of interesting things I learned along the way. You were one of the first people I encountered when I joined the TikToks, as all the kids do these days, and was trying to figure out is there a community of folks who use AWS. Which really boils down to, “So, where are these people that are sad all the time?” Well, it turns out, they're on TikTok, so there we go. We found my people.And that was great. And we started talking, and it turns out that we were both in the AWS community builder program. And we've developed a bit of a rapport. We talk about different things. And then, I guess, weird stuff started happening, in the context of you were—you're doing very well at building an audience for yourself on TikTok.I tried it, and it was—my sense of humor sometimes works, sometimes doesn't. I've had challenges in finding any reasonable way to monetize it because a 30-second video doesn't really give nuance for a full ad read, for example. And you've been looking at it from the perspective of a content creator looking to build the audience slash platform is step one, and then, eh, step two, you'll sort of figure out aspects of monetization later. Which, honestly, is a way easier way to do it in hindsight, but, yeah, the things that we learn. Now, that you're going to AWS, first, you planning to still be on the TikToks and whatnot?Linda: Absolutely. So, I really look at TikTok as a funnel. I don't think it's the main place, you're going to get that deep-dive content but I think it's a great way, especially for things that excite you or get you into understanding it, especially beginner-type audience, I think there's a lot of untapped market of people looking to into tech, or technologists that aren't in the cloud. I mean, even when I worked—I worked as a web developer and then kind of learned more about the cloud, and I started out as a front-end developer and shifted into, like, SRE and infrastructure, so even for people within tech, you can have a huge tech community which there is on TikTok, with a younger community—but not all of them really understand the cloud necessarily, depending on their job function. So, I think it's a great way to kind of expose people to that.For me, my exposure came from community. I met somebody at a meetup who was working in cloud, and it wasn't even on the job that I really started getting into cloud because many times in corporations, you might be working on a specific team and you're not really encountering other ends, and it seems kind of like a mystery. Although it shouldn't seem like magic, many times when you're doing certain job functions—especially the DevOps—could end up feeling like magic. So, [laugh] for the good and the bad. So sometimes, if you're not working on that end, you really sometimes take it for granted.And so, for me, I actually—meetups were the way I got exposed to that end. And then I brought it back into my work and shifted internally and did certifications and started, even, lunch-and-learns where I work to get more people in their learning journey together within the company, and you know, help us as we're migrating to the cloud, as we're building on the cloud. Which, of course, we have many more roles down the road. I did it for a few years and saw the shift. But I worked at a media company for many years and now shifting to AWS, and so I've seen that happen on different ends.Not—oh, I wasn't the one doing the migration because I was on the other end of that time, but now for the last two years, I was working on [laugh] the infrastructure end, and so it's really fascinating. And many people actually—until now I feel like—that will work on maybe the web and mobile and don't always know as much about the cloud. I think it's a great way to funnel things in a quick manner. I think also society is getting used to short videos, and our attention span is very low, and I think for—Corey: No argument here.Linda: —[crosstalk 00:04:39] spending so mu—yeah, and we're spending so much time on these platforms, we might as well, you know, learn something. And I think it depends what content. Some things work well, some things doesn't. As with anything content creation, you kind of have to do trial and error, but I do find the audience to be a bit different on TikTok versus Twitter versus Instagram versus YouTube. Which is interesting how it's going to play out on YouTube, too, which is a whole ‘nother topic conversation.Corey: Well, it's odd to me watching your path. It's almost the exact opposite of mine where I started off on the back-end, grumpy sysadmin world and, “Oh, why would I ever need to learn JavaScript?” “Well, genius, because as the world progresses, guess what? That's right. The entire world becomes JavaScript. Welcome.”And it took me a long time to come around to that. You started with the front-end world and then basically approached from the exact opposite end. Let's be clear, back in my day, mine was the common path. These days, yours is very much the common path.Linda: Yeah.Corey: I also want to highlight that all of those transitions and careers that you spoke about, you were at the same company for nine years, which in tech is closer to 30. So, I have to ask, what was it that inspired you, after nine years, to decide, “I'm going to go work somewhere else. But not just anywhere; I'm going to AWS.” Because normally people don't almost institutionalized lifers past a certain point.Linda: [laugh].Corey: Like, “Oh, you'll be there till you retire or die.” Whereas seeing significant career change after that long in one place, even if you've moved around internally and experienced a lot of different roles, is not common at all what sparked that?Linda: Yeah. Yeah, no, it's such a good question. I always think about that, too, especially as I was reflecting because I'm, you know, in the midst of this transition, and I've gotten a lot of reflecting over the last two weeks [laugh], or more. But I think the main thing for me is, I always, wherever I was—and this kind of something that—I'm very proactive when it comes to trying to transition. I think, even when I was—right, I held many roles in the same company; I used to work in TV production and actually left for three months to go to a coding boot camp and then came back on the other end, but I understood the product in a different way.So, for that time period, it was really interesting to work on the other end. But, you know, as I kind of—every time I wanted to progress further, I always made a move that was actually new and put me in an uncomfortable place, even within the same company. And I'm at the point now that I'm in my career, I felt like this next step really needs to be, you know, at AWS. It's not, like, the natural progression for me. I worked alongside—on the client end—with AWS and have seen so many projects come through and how much our own workloads have changed.And it's just been an incredible journey, also dealing with accounts team. On that end, I've worked alongside them, so for me, it was kind of a natural progression. I was very passionate about cloud computing at AWS and I kind of wanted to take it to that next place, and I felt like—also, dealing with the community as part of my job is a dream part to me because I was always doing that on the side on social media. So, it wasn't part of my day-to-day job. I was working as an SRE and an infrastructure engineer, so I didn't get to do that as part of my day-to-day.I was making videos at 2 a.m. and, you know, kind of trying to, like, do—you know, interact with the community like that. And I think—I come from a performing background, the people background, I was singing since I was four years old. I always go to—I was a wedding singer, so I go into a room and I love making people happy or giving value. And I think, like, education has a huge part of that. And in a way, like making that content and—Corey: You got to get people's attention—Linda: Yeah.Corey: —you can't teach them a damn thing.Linda: Right. Exactly. So, it's kind of a mix of everything. It's like that performance, the love of learning. You know, between you and I, like, I wanted to be a lawyer before I thought I was going to—before I went to tech.I thought I was going to be a lawyer purely because I loved the concept of going to law school. I never took time to think about the law part, like, being the lawyer part. I always thought, “Oh, school.” I'm a student at heart. I always call myself a professional student. I really think that's part of what you need to be in this world, in this tech industry, and I think for me, that's what keeps my fire going.I love to experiment, to learn, to build. And there's something very fulfilling about building products. If you take a step back, like, you're kind of—you know, for me that part, every time I look back at that, that always is what kind of keeps me going. When I was doing front-end, it felt a lot more like I was doing smaller things than when I was doing infrastructure, so I felt like that was another reason why I shifted. I love doing the front-end, but I felt like I was spending two days on an Internet Explorer bug and it just drove me—[laugh] it just made it feel unfulfilling versus spending two days on, you know, trying to understand why, you know, something doesn't run the infrastructure or, like, there's—you know, it's failing blindly, you know? Stuff like that. Like, I don't know, for me that felt more fulfilling because the problem was more macro. But I think I needed both. I have a love for both, but I definitely prefer being back-end. So. [laugh]. Well, I'm saying that now but—[laugh].Corey: This might be a weakness on my part where I'm basically projecting onto others, and this is—I might be completely wrong on this, but I tend to take a bit of a bifurcated view of community. I mean, community is part of the reason that I know the things I know and how I got to this place that I am, so use that as a cautionary tale if you want. But when I talk to someone like you at this moment, where you're in the community, I'm in the community, and I'm talking to you about a problem I'm having and we're working on ways to potentially solve that or how to think about that. I view us as basically commiserating on these things, whereas as soon as you start on day one—and yes, it's always day one—at AWS and this becomes your day job and you work there, on some level, for me, there's a bit shift that happens and a switch gets flipped in my head where, oh, you actually work at this company. That means you're the problem.And I'm not saying that in a way of being antagonistic. Please, if you're watching or listening to this, do not antagonize the developer advocates. They have a very hard job understanding all this so they can explain that to the rest of us. But how do you wind up planning to navigate, or I guess your views on, I guess, handling the shift between, “One of the customers like the rest of us,” to, as I say, “Part of the problem,” for lack of a better term.Linda: Or, like, work because you kind of get the—you know. I love this question and it's something I've been pondering a lot on because I think the messaging will need to be a little different [coming from me 00:10:44] in the sense of, there needs to be—just in anything, you have to kind of create trust. And to create trust, you have to be vulnerable and authentic. And I think I, for example, utilize a lot of things outside of just the AWS cloud topic to do that now, even, when I—you know, kind of building it without saying where I work or anything like that, going into this role and it being my job, it's going to be different kind of challenge as far as the messaging, but I think it still holds true that part, that just developing trust and authenticity, I might have to do more of that, you know? I might have to really share more of that part, share other things to really—because it's more like people come, it doesn't matter how much somet—how many times you explain it, many times, they will see your title and they will judge you for it, and they don't know what happened before. Every TikTok, for example, you have to act like it's a new person watching. There is no series, you know? Like, yes, there's a series but, like, sometimes you can make that but it's not really the way TikTok functions or a short-form video functions. So, you kind of have to think this is my first time—Corey: It works really terribly when you're trying to break it out that way on TikTok.Linda: [laugh]. Yeah.Corey: Right. Here's part 17 of my 80-TikTok-video saga. And it's, “Could you just turn this into a blog post or put this on YouTube or something? I don't have four hours to spend learning how all this stuff works in your world.”Linda: Yeah. And you know, I think repeating certain things, too, is really important. So, they say you have to repeat something eight times for people to see it or [laugh] something like that. I learned that in media [crosstalk 00:12:13]—Corey: In a row, or—yeah. [laugh].Linda: I mean, the truth is that when you, kind of like, do a TikTok maybe, like, there's something you could also say or clarify because I think there's going to be—and I'm going to have to—there's going to be a lot of trial and error for me; I don't know if I have answers—but my plan is going into it very much testing that kind of introduction, or, like, clarifying what that role is. Because the truth is, the role is advocating on behalf of the community and really helping that community, so making sure that—you don't have to say it as far as a definition maybe, but, like, making sure that comes across when you create a video. And I think that's going to be really important for me, and more important than the prior even creating content going forward. So, I think that's one thing that I definitely feel like is key.As well as creating more raw interaction. So, it depends on the platform, too. Instagram, for example, is much more community—how do I put this? Instagram is much more easy to navigate as far as reaching the same community because you have something, like, called Instagram Stories, right? So, on Instagram Stories, you're bringing those stories, mostly the same people that follow you. You're able to build that trust through those stories.On TikTok, they just released Stories. I haven't really tried them much and I don't play with it a lot, but I think that's something I will utilize because those are the people that are already follow you, meaning they have seen a piece of content. So, I think addressing it differently and knowing who's watching what and trying to kind of put yourself in their shoes when you're trying to, you know, teach something, it's important for you to have that trust with them. And I think—key to everything—being raw and authentic. I think people see through that. I would hope they do.And I think, uh, [laugh] that's what I'm going to be trying to do. I'm just going to be really myself and real, and try to help people and I hope that comes through because that's—I'm passionate about getting more people into the cloud and getting them educated. And I feel like it's something that could also allow you to build anything, just from anywhere on your computer, brings people together, the world is getting smaller, really. And just being able to meet people through that and there's just a way to also change your life. And people really could change their life.I changed my life, I think, going into tech and I'm in the United States and I, you know—I'm in New York, you know, but I feel like so many people in the States and outside of the States, you know, all over the world, you know, have access to this, and it's powerful to be able to build something and contribute and be a part of the future of technology, which AWS is.Corey: I feel like, in three years or whatever it is that you leave AWS in the far future, we're going to basically pull this video up and MST3k came together. It's like, “Remember how naive you were talking about these things?” And I'm mostly kidding, but let's be serious. You are presumably going to be focusing on the idea of short-form content. That is—Linda: Yeah.Corey: What your bread-and-butter of audience-building has been around, and that is something that is new for AWS.Linda: Yeah.Corey: And I'm always curious as to how companies and their cultures continue to evolve. I can only imagine there's a lot of support structure in place for that. I personally remember giving a talk at an AWS event and I had my slides reviewed by their legal team, as they always do, and I had a slide that they were looking at very closely where I was listing out the top five AWS services that are bullshit. And they don't really have a framework for that, so instead, they did their typical thing of, “Okay, we need to make sure that each of those services starts with the appropriate AWS or Amazon naming convention and are they capitalized properly?” Because they have a framework for working on those things.I'm really curious as to how the AWS culture and way of bringing messaging to where people are is going to be forced to evolve now that they, like it or not, are going to be having significantly increased presence on TikTok and other short-form platforms.Linda: I mean, it's really going to be interesting to see how this plays out. There's so much content that's put out, but sometimes it's just not reaching the right audience, so making sure that funnel exists to the right people is important and reaching those audiences. So, I think even YouTube Shorts, for example. Many people in tech use YouTube to search a question.They do not care about the intro, sometimes. It depends what kind of following, it depends if [in gaming 00:16:30], but if you're coming and you're building something, it's like a Stack Overflow sometimes. You want to know the answer to your question. Now, YouTube Shorts is a great solution to that because many times people want the shortest possible answer. Now, of course, if it's a tutorial on how to build something, and it warrants ten minutes, that's great.Even ten minutes is considered, now, Shorts because TikTok now has ten-minute videos, but I think TikTok is now searchable in the way YouTube is, and I think let's say YouTube Shorts is short-form, but very different type of short-form than TikTok is. TikTok, hooks matter. YouTube answers to your questions, especially in chat. I wouldn't say everything in YouTube is like that; depends on the niche. But I think even within short-form, there's going to be a different strategy regarding that.So, kind of like having that mix. I guess, depending on platform and audience, that's there. Again, trial and error, but we'll see how this plays out and how this will evolve. Corey: This episode is sponsored in part by our friends at Vultr. Optimized cloud compute plans have landed at Vultr to deliver lightning-fast processing power, courtesy of third-gen AMD EPYC processors without the IO or hardware limitations of a traditional multi-tenant cloud server. Starting at just 28 bucks a month, users can deploy general-purpose, CPU, memory, or storage optimized cloud instances in more than 20 locations across five continents. Without looking, I know that once again, Antarctica has gotten the short end of the stick. Launch your Vultr optimized compute instance in 60 seconds or less on your choice of included operating systems, or bring your own. It's time to ditch convoluted and unpredictable giant tech company billing practices and say goodbye to noisy neighbors and egregious egress forever. Vultr delivers the power of the cloud with none of the bloat. Screaming in the Cloud listeners can try Vultr for free today with a $150 in credit when they visit getvultr.com/screaming. That's G-E-T-V-U-L-T-R dot com slash screaming. My thanks to them for sponsoring this ridiculous podcast.Corey: I feel like there are two possible outcomes here. One is that AWS—Linda: Yeah.Corey: Nails this pivot into short-form content, and the other is that all your TikTok videos start becoming ten minutes long, which they now support, welcome to my TED Talk. It's awful, and then you wind up basically being video equivalent for all of your content, of recipes when you search them on the internet where first they circle the point to death 18 times with, “Back when I was a small child growing up in the hinterlands, we wound—my grandmother would always make the following stew after she killed the bison with here bare hands. Why did grandma kill a bison? We don't know.” And it just leads down this path so they can get, like, long enough content or they can have longer and longer articles to display more ads.And then finally at the end, it's like ingredient one: butter. Ingredient two, there is no ingredient two. Okay. That explains why it's delicious. Awesome. But I don't like having people prolong it. It's just, give me the answer I'm looking for.Linda: Yeah.Corey: Get to the point. Tell me the story. And—Linda: And this is—Corey: —I'm really hoping that is not the direction your content goes in. Which I don't think it would, but that is the horrifying thing and if for some chance I'm right, I will look like Nostradamus when we do that MST3k episode.Linda: No, no. I mean, I really am—I always personally—even when I was creating content these last few years and testing different things, I'm really a fan of the shortest way possible because I don't have the patience to watch long videos. And maybe it's because I'm a New Yorker that can't sit down from the life of me—apart from when I code of course—but, you know, I don't like wasting time, I'm always on the go, I'm with my coffee, I'm like—that's the kind of style I prefer to bring in videos in the sense of, like, people have no time. [laugh]. You know?The amount of content we're consuming is just, uh, bonkers. So, I don't think our mind is really a built for consuming [laugh] this much content every time you open your phone, or every time you look, you know, online. It's definitely something that is challenging in a whole different way. But I think where my content—if it's ten minutes, it better be because I can't shorten it. That's my thing. So, you can hold me accountable to that because—Corey: Yeah, I want ten minutes of—Linda: I'm not a—Corey: Content, not three minutes of content in a ten-minute bag.Linda: Exactly. Exactly. So, if it's a ten-minute video, it would have been in one hour that I cut down, like, meaning a tutorial, a very much technical types of content. I think things that are that long, especially in tech, would be something like, on that end—unless, of course, you know, I'm not talking about, like, longer videos on YouTube which are panels or that kind of thing. I'm talking more like if I'm doing something on TikTok specifically.TikTok also cares about your watch time, so if people aren't interested in it, it's not going to do well, it doesn't matter how many followers you have. Which is what I do like about the way TikTok functions as opposed to, let's say, Instagram. Instagram is more like it gives it to your following—and this is the current state, I don't know if it always evolves—but the current state is, Instagram Reels kind of functions in a way where it goes first to the people that follow you, but, like, in a way that's more amplified than TikTok. TikTox tests people that follows you, but if it's not a good video, it won't do well. And honestly, they're many good videos videos that don't go viral. I'm not talking about that.Sometimes it's also the topic and the niche and the sound and the title. I mean, there's so many people who take a topic and do it in three different ways and one of them goes viral. I mean, there's so many factors that play into it and it's hard to really, like, always, you know, kind of reverse engineer but I do think that with TikTok, things won't do well, more likely if it's not a good piece of content as opposed to—or, like, too long, right? Not—I shouldn't say not good a good piece of content—it's too long.Corey: The TikTok algorithm is inscrutable to me. TikTok is firmly convinced, based upon what it shows me, that I am apparently a lesbian. Which okay, fine. Awesome. Whatever. I'm also—it keeps showing me ads for ADHD stuff, and it was like, “Wow, like, how did it know that?” Followed by, “Oh, right. I'm on TikTok. Nevermind.”And I will say at one point, it recommended someone to me who, looking at the profile picture, she's my nanny. And it's, I have a strong policy of not, you know, stalking my household employees on social media. We are not Facebook friends, we are not—in a bunch of different areas. Like, how on earth would they have figured this out? I'm filling the corkboard with conspiracy and twine followed by, “Wait a minute. We probably both connect from the same WiFi network, which looks like the same IP address and it probably doesn't require a giant data science team to put two and two together on those things.” So, it was great. I was all set to do the tinfoil hat conspiracy, but no, no, that's just very basic correlation 101.Linda: And also, this is why I don't enable contacts on TikTok. You know, how it says, “Oh, connect your contacts?”Corey: Oh, I never do that. Like, “Can we look at your contacts?”Linda: Never.Corey: “No.” “Can we look at all of your photos?” “Absolutely not.” “Can we track you across apps?” “Why would anyone say yes to this? You're going to do it anyway, but I'll say no.” Yeah.Linda: Got to give the least privilege. [laugh]. Definitely not—Corey: Oh absolutely.Linda: Yeah. I think they also help [crosstalk 00:22:40]—Corey: But when I'm looking at—the monetization problem is always a challenge on things like this, too, because when I'm—my guilty TikTok scrolling pleasures hit, it's basically late at night, I just want to see—I want something to want to wind down and decompress. And I'm not about ready to watch, “Hey, would you like to migrate your enterprise database to this other thing?” It's, I… no. There's a reason that the ads that seem to be everywhere and doing well are aimed at the mass market, they're generally impulse buys, like, “Hey, do you want to set that thing over there on fire, but you're not close enough to get the job done? But this flame thrower today. Done.”And great, like, that is something everyone can enjoy, but these nuanced database products and anything else is B2B SaaS style stuff, it feels like it's a very tough sell and no one has quite cracked that nut, yet.Linda: Yeah, and I think the key there—this is, I'm guessing based on, like, what I want to try out a lot—is the hook and the way you're presenting it has to be very product-focused in the sense that it needs to be very relatable. Even if you don't know anything about tech, you need to be—like, for example, in the architecture page on AWS, there's a video about the Emirates going to Mars mission. Space is a very interesting topic, right? I think, a hook, like, “Do want to see how, like, how this is bu—” like, it's all, like, freely available to see exactly [laugh] how this was built. Like, it might—in the right wording, of course—it might be interesting to someone who's looking for fun-fact-style content.Now, is it really addressing the people that are building everyday? Not really always, depends who's on there and the mass market there. But I feel like going on the product and the things that are mass-market, and then working backwards to the tech part of it, even if they learn something and then want to learn more, that's really where I see TikTok. I don't think every platform would be, maybe, like this, but that's where I see getting people: kind of inviting them in to learn more, but making it cool and fun. It's very important, but it feels cool and fun. [laugh]. So.Because you're right, you're scrolling at 2 a.m. who wants to start seeing that. Like, it's all about how you teach. The content is there, the content has—you know, that's my thing. It's like, the content is there. You don't need to—it's yes, there's the part where things are always evolving and you need to keep track of that; that's whole ‘nother type thing which you do very well, right?And then there's a part where, like, the content that already exists, which part is evergreen? Meaning, which part is, like, something that could be re—also is not timely as far as update, for example, well-architected framework. Yes, it evolves all the time, you always have new pillars, but the guide, the story, that is an evergreen in some sense because that guide doesn't, you know, that whole concept isn't going anywhere. So, you know, why should someone care about that?Corey: Right. How to turn on two-factor authentication for your AWS account.Linda: Right.Corey: That's evergreen. That's the sort of thing that—and this is the problem, I think, AWS has had for a long time where they're talking about new features, new enhancements, new releases. But you look what people are actually doing and so much of it is just the same stuff again and again because yeah, that is how most of the cloud works. It turns out that three-quarters of company's production infrastructures tends to run on EC2 more frequently than it tends to run on IoT Greengrass. Imagine that.So, there's this idea of continuing to focus on these things. Now, one of my predictions is that you're going to have a lot of fun with this and on some level, it's going to really work for you. In others, it's going to be hilariously—well, its shortcomings might be predictable. I can just picture now you're at re:Invent; you have a breakout talk and terrific. And you've successfully gotten your talk down to one minute and then you're sitting there with—Linda: [laugh].Corey: —the remainder of maybe 59. Like, oh, right. Yeah. Turns out not everything is short-form. Are you predicting any—Linda: Yep.Corey: Problems going from short-form to long-form in those instances?Linda: I think it needs to go hand-in-hand, to be honest. I think when you're creating any short-form content, you have—you know, maybe something short is actually sometimes in some ways, right, harder because you really have to make sure, especially in a technical standpoint, leaving things out is sometimes—leaves, like, a blind spot. And so, making sure you're kind of—whatever you're educating, you kind of, to be clear, “Here's where you learn more. Here's how I'm going to answer this next question for you: go here.” Now, in a longer-form content, you would cover all that.So, there's always that longevity. I think even when I write a script, and there's many scripts I'm still [laugh] I've had many ideas until now I've been doing this still at 2 a.m. so of course, there's many that didn't, you know, get released, but those are the things that are more time consuming to create because you're taking something that's an hour-long, and trying to make sure you're pulling out the things that are most—that are hook-style, that invite people in, that are accurate, okay, that really give you—explain to you clearly where are the blind spots that I'm not explaining on this video are. So, “XYZ here is, like, the high level, but by the way, there's, like, this and this.” And in a long-form, you kind of have to know the long-form version of it to make the short-form, in some ways, depending on what—you're doing because you're funneling them to somewhere. That's my thing. Because I don't think there should be [crosstalk 00:27:36]—Corey: This is the curse of Twitter, on some level. It's, “Well, you forgot about this corner case.” “Yeah, I had 280 characters to get into.” Like, the whole point of short-form content—which I do consider Twitter to be—is a glimpse and a hook, and get people interested enough to go somewhere and learn more.For something like AWS, this makes a lot of sense. When you highlight a capability or something interesting, it's something relevant, whereas on the other side of it, where it's this, “Oh, great. Now, here's an 8000-word blog post on how I did this thing.” Yeah, I'm going to get relatively fewer amounts of traffic through that giant thing, but the people who are they're going to be frickin' invested because that's going to be a slog.Linda: Exactly.Corey: “And now my eight-hour video on how exactly I built this thing with TypeScript.” Badly—Linda: Exactly.Corey: —as it turns out because I'm a bad programmer.Linda: [laugh]. No, you're not. I love your shit-posting. It's great.Corey: Challenge accepted.Linda: [laugh]. I love what you just mentioned because I think you're hitting the nail on the head when it comes to the quality content that's niche focus, like, there needs to be a good healthy mix. I think always doing that, like, mass-market type video, it doesn't give you, also, the credibility you need. So, doing those more niche things that might not be relevant to everybody, but here and there, are part of that is really key for your own knowledge and for, like, the com—you know, as far as, like, helping someone specific. Because it's almost like—right, when you're selling a service and you're using social media, right, not everybody's going to buy your service. It doesn't matter what business you're in right? The deep-divers are going to be the people that pay up. It's just a numbers game, right? The more people you, kind of, address from there, you'll find—Corey: It's called a funnel for a reason.Linda: Right. Exactly.Corey: Free content, paid content. Almost anyone will follow me on Twitter; fewer than will sign up for a newsletter; fewer will listen to a podcast; fewer will watch a video, and almost none of them will buy a consulting engagement. But ‘almost' and ‘actually none of them,' it turns out is a very different world.Linda: Exactly. [laugh]. So FYI, I think there's—Corey: And that's fine. That's the way it works.Linda: That's the way it works. And I think there needs to be that niche content that might not be, like, the most viral thing, but viral doesn't mean quality, you know? It doesn't. There's many things that play into what viral is, but it's important to have the quality content for the people that need that content, and finding those people, you know, it's easier when you have that kind of mass engagement. Like, who knows? I'm a student. I told you; I'm a professional student. I'm still [laugh] learning every day.Corey: Working with AWS almost makes it a requirement. I wish you luck—Linda: Yeah.Corey: —in the new gig and I also want to thank you for taking time out of your day to speak with me about how you got to this point. And we're all very eager to see where you go from here.Linda: Thank you so much, Corey, for having me. I'm a huge fan, I love your content, I'm an avid reader of your newsletter and I am looking forward to very much being in touch and on the Twitterverse and beyond. So. [laugh].Corey: If people want to learn more about what you're up to, and other assorted nonsense, where's the best place they can go to find you?Linda: So, the best place they could go is lindavivah.com. I have all my different social handles listed on there as well a little bit about me, and I hope to connect with you. So, definitely go to lindavivah.com.Corey: And that link will, of course, be in the [show notes 00:30:39]. Thank you so much for taking the time to speak with me. I really appreciate it.Linda: Thank you, Corey. Have a wonderful rest of the day.Corey: Linda Haviv, AWS Developer Advocate, very soon now anyway. I'm Cloud Economist Corey Quinn and this is Screaming in the Cloud. If you've enjoyed this podcast, please leave a five-star review on your podcast platform of choice, whereas if you've hated this podcast, please leave a five-star review on your podcast platform of choice, smash the like and subscribe buttons, and of course, leave an angry comment that you have broken down into 40 serialized TikTok videos.Corey: If your AWS bill keeps rising and your blood pressure is doing the same, then you need The Duckbill Group. We help companies fix their AWS bill by making it smaller and less horrifying. The Duckbill Group works for you, not AWS. We tailor recommendations to your business and we get to the point. Visit duckbillgroup.com to get started.Announcer: This has been a HumblePod production. Stay humble.

    FSJam Podcast
    Episode 75 - Prisma with Austin Crim

    FSJam Podcast

    Play Episode Listen Later Jun 28, 2022 51:15


    In this episode we discuss the history and mission of Prisma, the boundary between Prisma Client and Prisma Migrate, and whether developers need to know the difference between SQL and NoSQL.Austin Crim Home Page Twitter GitHub LinkedIn Prisma Home Page Twitter GitHub Links Prisma Data Platform Deploying Prisma to Cloudflare Workers Remix with Kent C. Dodds

    COMPRESSEDfm
    Secrets Things, Env Vars, How to Handle API Keys Correctly

    COMPRESSEDfm

    Play Episode Listen Later Jun 28, 2022 47:11


    In this episode, James shares common mistakes people make with their API Keys and explains the appropriate way to handle them.SponsorsVercelVercel combines the best developer experience with an obsessive focus on end-user performance. Their platform enables frontend teams to do their best work. It is the best place to deploy any frontend app. Start by deploying with zero configuration to their global edge network. Scale dynamically to millions of pages without breaking a sweat.For more information, visit Vercel.comZEAL is hiring!ZEAL is a computer software agency that delivers “the world's most zealous” and custom solutions. The company plans and develops web and mobile applications that consistently help clients draw in customers, foster engagement, scale technologies, and ensure delivery.ZEAL believes that a business is “only as strong as” its team and cares about culture, values, a transparent process, leveling up, giving back, and providing excellent equipment. The company has staffers distributed throughout the United States, and as it continues to grow, ZEAL looks for collaborative, object-oriented, and organized individuals to apply for open roles.For more information visit softwareresidency.com/careersDatoCMSDatoCMS is a complete and performant headless CMS built to offer the best developer experience and user-friendliness in the market. It features a rich, CDN-powered GraphQL API (with realtime updates!), a super-flexible way to handle dynamic layouts and structured content, and best-in-class image/video support, with progressive/LQIP image loading out-of-the-box."For more information, visit datocms.comShow Notes0:00 IntroductionYouTube Video RE: Mistakes People Make with API Keys6:42 API Keys7:37 Where do API Keys come from?8:57 Mistakes People Make with API Keys9:10 Mistake #1: Hard Coding the API Key Value11:45 Sponsor: Vercel12:53 Mistake #2: Adding an API Key to the .env file, but still exposing the key16:20 Mistake #3: Committing Your Key to Source Control17:59 What should you do about a leaked API key?19:38 Using .gitignore21:20 The Best Way to Handle Secrets22:57 Serverless FunctionsEpisode 57 - Authentication and Authorization and other Buzz Words29:55 Sponsor: ZEAL30:41 Where would you put a Bearer Token?31:40 Server Side Rendering33:49 Public API Keys37:20 Sponsor: DatoCMS38:13 Grab Bag Questions38:24 What's the best way to share environmental variables across different machines?38:35 What are the pros and cons of system environmental variables vs a KMS (Key Management System)?40:34 Picks and Plugs40:44 James's Pick: Sketcher's Tennis Shoes from Costco44:54 James's Plug: YouTube Video - 10 Things JavaScript Developers Have Stopped Doing45:26 Amy's Picks: James Clear 3-2-1 NewsletterAtomic Habits, by James Clear46:14 Amy's Pick: Keystone.js on Level Up Tutorials

    Career Switch To Coding
    The AWS Summit & Ionic Blocks sneaky release

    Career Switch To Coding

    Play Episode Listen Later Jun 28, 2022 56:26


    Simon B went to the AWS summit in Milan and comes back with interesting data based stats about Formula 1 and shares his experience of the conference including the Gameday challenge for developers.Meanwhile Simon G has silently opened up his latest side project Ionic Blocks to the world and already made a sale without any official announcement,Links in this episode Ionic Blocks (super) early bird launch

    The Stack Overflow Podcast
    GitHub Copilot is here. But what's the price?

    The Stack Overflow Podcast

    Play Episode Listen Later Jun 28, 2022 25:26


    GitHub Copilot is now available to all developers. There's also the GitHub Copilot Labs extension for Visual Studio Code, which has some neat tricks up its sleeve. Yes, Copilot is impressive; no, it's not gunning for your job. ICYMI, check out our blog post exploring whether AI is poised to steal our livelihoods: The robots are coming for (the boring parts of) your job.Mullvad VPN is removing the option to add new subscriptions because they want to know “as little as possible” about their users: “We are constantly looking for ways to reduce the amount of data we store while still providing a usable service.”Data scraping is both ubiquitous and seemingly unavoidable—but it raises serious privacy concerns, writes David Golumbia for Real Life.Tech recs: a ladder to bypass (almost) any paywall, the smartest way to learn a new language, how to explore the JavaScript universe, a great place to listen to longform journalism, and the email-free way to read your favorite newsletters.Thanks to Liam for emailing the podcast to share Physics Girl's terrific explanation of quantum cryptography.Today's Lifeboat badge goes to user martineau for their answer to How to start and stop a thread.

    The Bike Shed
    344: Spinner Armageddon

    The Bike Shed

    Play Episode Listen Later Jun 28, 2022 38:50


    Steph has an update and a question wrapped into one about the work that is being done to migrate the Test::Unit test over to RSpec. Chris got to do something exciting this week using dry-monads. Success or failure? This episode is brought to you by BuildPulse (https://buildpulse.io/bikeshed). Start your 14-day free trial of BuildPulse today. Bartender (https://www.macbartender.com/) dry-rb - dry-monads v1.0 - Pattern matching (https://dry-rb.org/gems/dry-monads/1.0/pattern-matching/) alfred-workflows (https://github.com/tupleapp/alfred-workflows/blob/master/scripts/online_users.rb) Raycast (https://www.raycast.com/) ruby-science (https://github.com/thoughtbot/ruby-science) Inertia.js (https://inertiajs.com/) Remix (https://remix.run/) Become a Sponsor (https://thoughtbot.com/sponsorship) of The Bike Shed! Transcript: AD: Flaky tests take the joy out of programming. You push up some code, wait for the tests to run, and the build fails because of a test that has nothing to do with your change. So you click rebuild, and you wait. Again. And you hope you're lucky enough to get a passing build this time. Flaky tests slow everyone down, break your flow, and make things downright miserable. In a perfect world, tests would only break if there's a legitimate problem that would impact production. They'd fail immediately and consistently, not intermittently. But the world's not perfect, and flaky tests will happen, and you don't have time to fix all of them today. So how do you know where to start? BuildPulse automatically detects and tracks your team's flaky tests. Better still, it pinpoints the ones that are disrupting your team the most. With this list of top offenders, you'll know exactly where to focus your effort for maximum impact on making your builds more stable. In fact, the team at Codecademy was able to identify their flakiest tests with BuildPulse in just a few days. By focusing on those tests first, they reduced their flaky builds by more than 68% in less than a month! And you can do the same because BuildPulse integrates with the tools you're already using. It supports all of the major CI systems, including CircleCI, GitHub Actions, Jenkins, and others. And it analyzes test results for all popular test frameworks and programming languages, like RSpec, Jest, Go, pytest, PHPUnit, and more. So stop letting flaky tests slow you down. Start your 14-day free trial of BuildPulse today. To learn more, visit buildpulse.io/bikeshed. That's buildpulse.io/bikeshed. STEPH: What type of bird is the strongest bird? CHRIS: I don't know. STEPH: A crane. [laughter] STEPH: You're welcome. And on that note, shall we wrap up? CHRIS: Let's wrap up. [laughter] Hello and welcome to another episode of The Bike Shed, a weekly podcast from your friends at thoughtbot about developing great software. I'm Chris Toomey. STEPH: And I'm Steph Viccari. CHRIS: And together, we're here to share a bit of what we've learned along the way. So, Steph, what's new in your world? STEPH: Hey, Chris, I saw a good movie I'd like to tell you about. It was just over the weekend. It's called The Duke, and it's based on a real story. I should ask, have you seen it? Have you heard of this movie called The Duke? CHRIS: I don't think so. STEPH: Okay, cool. It's a true story, and it's based on an individual named Kempton Bunton who then stole a particular portrait, a Goya portrait; if you know your artist, I do not. But he stole a Goya portrait and then essentially held at ransom because he was a big advocate that the BBC News channel should be free for people that are living on a pension or that are war veterans because then they're not able to afford that fee. But then, if you take the BBC channel away from them, it disconnects them from society. And it's a very good movie. I highly recommend it. So I really enjoyed watching that over the weekend. CHRIS: All right. Excellent recommendation. We will, of course, add that to the show notes mostly so that I can find it again later. STEPH: On a more technical note, I have a small update, or it's more of a question. It's an update and a question wrapped into one about the work that is being done to migrate the Test::Unit test over to RSpec. This has been quite a journey that Joël and I have been on for a while now. And we're making progress, but we're realizing that we're spending like 95% of our time in the test setup and porting that over, specifically because we're mapping fixture data over to FactoryBot, and we're just realizing that's really painful. It's taking up a lot of time to do that. And initially, when I realized we were just doing that, we hadn't even really talked about it, but we were moving it over to FactoryBot. I was like, oh, cool. We'll get to delete all these fixtures because there are around 208 files of them. And so that felt like a really good additional accomplishment to migrating the test over. But now that we realize how much time we're spending migrating the data over for that test setup, we've reevaluated, and I shared with Joël in the Slack channel. I was like, crap. I was like, I have a bad idea, and I can't not say it now because it's crossed my mind. And my bad idea was what if we stopped porting over fixtures to FactoryBot and then we just added the fixtures to a directory that RSpec would look so then we can rely on those fixtures? And then that way, we're literally then ideally just copying over from Test::Unit over to RSpec. But it does mean a couple of things. Well, one, it means that we're now running those fixtures at the beginning of RSpec test. We're introducing another pattern of where these tests are already using FactoryBot, but now they have fixtures at the top, and then we won't get to delete the fixtures. So we had a conversation around how to manage and mitigate some of those concerns. And we're still in that exploratory. We're going to test it out and see if this really speeds us up referencing the fixtures. The question that's wrapped up in this is there's something different between how fixtures generate data and how factories generate data. So I've run into this a couple of times now where I moved data over to just call a factory. But then I was hitting these callbacks or after-save-hooks or weird things that were then preventing me from creating the record, even though fixtures was creating them just fine. And then Joël pointed out today that he was running into something similar where there were private methods that were getting called. And there were all sorts of additional code that was getting run with factories versus fixtures. And I don't have an answer. Like, I haven't looked into this. And it's frankly intentional because I was trying hard to not dive into understanding the mechanics. We really want to get through this. But now I'm starting to ponder a little more as to what is different with fixtures and factories? And I liked that factories is running these callbacks; that feels correct. But I'm surprised that fixtures doesn't, or at least that's the experience that I'm having. So there's some funkiness there that I'd like to explore. I'll be honest; I don't know if I'm going to. But if anybody happens to know what that funkiness is or why fixtures and factories are different in that regard, I would be very intrigued because, at some point, I might look into it just because I would like to know. CHRIS: Oh, that is interesting. I have not really worked with fixtures much at all. I've lived a factory life myself, and thus that's where almost all of my experience is. I'm not super surprised if this ends up being the case, like, the idea that fixtures are just some data that gets shoveled into the database directly as opposed to FactoryBot going through the model layer. And so it's sort of like that difference. But I don't know that for certain. That sounds like what this is and makes sense conceptually. But I think this is what you were saying like, that also kind of pushes me more in the direction of factories because it's like, oh, they're now representative. They're using our model layer, where we're defining certain truths. And I don't love callbacks as a mechanism. But if your app has them, then getting data that is representative is useful in tests. Like one of the things I add whenever I'm working with FactoryBot is the FactoryBot lint rake task RSpec thing that basically just says, "Are your factories valid?" which I think is a great baseline to have. Because you may add a migration that adds a default constraint or something like that to the database that suddenly all your factories are invalid, and it's breaking tests, but you don't know it. Like subtly, you change it, and it doesn't actually break a test, but then it's harder later. So that idea of just having more correctness baked in is always nice, especially when it can be automated like that, so definitely a fan of that. But yeah, interested if you do figure out the distinction. I do like your take, though, of like, but also, maybe I just won't figure this out. Maybe this isn't worth figuring it out. Although you were in the interesting spot of, you could just port the fixtures over and then be done and call the larger body of work done. But it's done in sort of a half-complete way, so it's an interesting trade-off space. I'm also interested to hear where you end up on that. STEPH: Yeah, it's a tough trade-off. It's one that we don't feel great about. But then it's also recognizing what's the true value of what we're trying to deliver? And it also comes down to the idea of churn versus complexity. And I feel like we are porting over existing complexity and even adding a smidge, not actual complexity but adding a smidge of indirection in terms that when someone sees this file, they're going to see a mixed-use of fixtures and factories, and that doesn't feel good. And so we've already talked about adding a giant comment above fixtures that just is very honest and says, "Hey, these were ported over. Please don't mimic this. But this is some legacy tests that we have brought over. And we haven't migrated the fixtures over to use factories." And then, in regards to the churn versus complexity, this code isn't likely to get touched like these tests. We really just need them to keep running and keep validating scenarios. But it's not likely that someone's going to come in here and really need to manage these anytime soon. At least, this is what I'm telling myself to make me feel better about it. So there's also that idea of yes, we are porting this over. This is also how they already exist. So if someone did need to manage these tests, then going to Test::Unit, they would have the same experience that they're going to have in RSpec. So that's really the crux of it is that we're not improving that experience. We're just moving it over and then trying to communicate that; yes, we have muddied the waters a little bit by introducing this other pattern. So we're going to find a way to communicate why we've introduced this other pattern, but that way, we can stay focused on actually porting things over to RSpec. As for the factories versus fixtures, I feel like you're onto something in terms of it's just skipping that model layer. And that's why a lot of that functionality isn't getting run. And I do appreciate the accuracy of factories. I'd much rather know is my data representative of real data that can get created in the world? And right now, it feels like some of the fixtures aren't. Like, how they're getting created seemed to bypass really important checks and validations, and that is wrong. That's not what we want to have in our test is, where we're creating data that then the rest of the application can't truly create. But that's another problem for another day. So that's an update on a trade-off that we have made in regards to the testing journey that we are on. What's going on in your world? CHRIS: Well, we got to do something exciting this week. I was working on some code. This is using dry-monads, the dry-rb space. So we have these result objects that we use pretty pervasively throughout the app, and often, we're in a controller. We run one of these command objects. So it's create user, and create user actually encompasses a ton of logic in our app, and that object returns a result. So it's either a success or a failure. And if it's a success, it'll be a success with that new user wrapped up inside of it, or if it's a failure, it's a specific error message. Actually, different structured error messages in different ways, some that would be pushed to the form, some that would be a flash message. There are actually fun, different things that we do there. But in the controller, when we interact with those result objects, typically what we'll do is we'll say result equals create user dot run, (result=createuser.run) and then pass it whatever data it needs. And then on the next line, we'll say results dot either, (results.either), which is a method on these result objects. It's on both the success and failure so you can treat them the same. And then you pass what ends up being a lambda or a stabby proc, or I forget what they are. But one of those sort of inline function type things in Ruby that always feel kind of weird. But you pass one of those, and you actually pass two of them, one for the success case and one for the failure case. And so in the success case, we redirect back with a notice of congratulations, your user was created. Or, in the failure case, we potentially do a flash message of an alert, or we send the errors down, or whatever it ends up being. But it allows us to handle both of those cases. But it's always been syntactically terrible, is how I would describe it. It's, yeah, I'm just going to leave it at that. We are now living in a wonderful, new world. This has been something that I've wanted to try for a while. But I finally realized we're actually on Ruby 2.7, and so thus, we have access to pattern matching in Ruby. So I get to take it for a spin for the first time, realizing that we were already on the correct version. And in particular, dry-monads has a page in their docs specific to how we can take advantage of pattern matching with the result objects that they provide us. There's nothing specific in the library as far as I understand it. This is just them showing a bunch of examples of how one might want to do it if they're working with these result objects. But it's really great because it gives the ability to interact with, you know, success is typically going to be a singular case. There's one success branch to this whole logic, but there are like seven different ways it can fail. And that's the whole idea as to why we use these command objects and the whole Railway Oriented Programming and that whole thing which I have...what is this word? [laughs] I feel like I should know it. It's a positive rant. I have raved; that is how our users kindly pointed that out to us. I have raved about the Railway Oriented Programming that allows us to do. But it's that idea that they're actually, you know, there's one happy path, and there are seven distinct failure modes, seven unhappy paths. And now, using pattern matching, we actually get a really expressive, readable, useful way to destructure each of those distinct failures to work with the particular bits of data that we need. So it was a very happy day, and I got to explore it. This is, again, a feature of Ruby, not a feature of dry-monads. But dry-monads just happens to embrace it and work really well with it. So that was awesome. STEPH: That is awesome. I've seen one or two; I don't know, I've seen a couple of tweets where people are like, yeah, Ruby pattern matching. I haven't found a way to use it. So I'm excited that you just shared a way that you found to use it. I'm also worried what it says about our developer culture that we know the word rant so well, but rave, we always have to reach back into our memory to be like, what's that positive word or something that we like? [laughs] CHRIS: And especially here on The Bike Shed, where we try to gravitate towards the positive. But yeah, it's an interesting point that you make. STEPH: We're a bunch of ranters. It's what we do, pranting ranters. I don't know why we're pranting. [laughs] CHRIS: Because it's that exciting. That's what it is. Actually, there was an interesting thing as we were playing around with the pattern matching code, just poking around in the console session with it, and it prints out a deprecation warning. It's like, warning: this is an experimental feature. Do not use it, be careful. But in the back of my head, I was like, I actually know how this whole thing plays out, Ruby 2.7, and I assure you, it's going to be fine. I have been to the future, at least I'm pretty sure. I think the version that is in Ruby 2.7 did end up getting adopted basically as it stands. And so, I think there is also a setting to turn off that deprecation warning. I haven't done it yet, but I mostly just enjoyed the conversation that I had with this deprecation message of like, listen, I've been to the future, and it's great. Well, it's complicated, but specific to this pattern matching [laughs] in Ruby 3+ versions, it went awesome. And I'm really excited about that future that we now live in. STEPH: I wish we had that for so many more things in our life [laughs] of like, here's a warning, and it's like, no, no, I've seen the future. It's all right. Or you're totally right; I should avoid and back out of this now. CHRIS: If only we could know how the things would play out, you know. But yeah, so pattern matching, very cool. I'll include a link in the show notes to the particular page in the dry-monads docs. But there are also other cool things on the internet. In an unrelated but also cool thing that I found this week, we use Tuple a lot within our organization for pair programming. For anyone who's not familiar with it, it's a really wonderful piece of technology that allows you to pair program pretty seamlessly, better video quality, all of those nice things that we want. But I found there was just the tiniest bit of friction in starting a Tuple call. I know I want to pair with this person. And I have to go up and click on the little menu bar, and then I have to find their name, then I have to click a button. That's just too much. That's not how...I want to live my life at the keyboard. I have a thing called Bartender, which is a little menu bar manager utility app that will collapse down and hide the icons. But it's also got a nice, little hotkey accessible pop-up window that allows me to filter down and open one of the menu bar pop-out menus. But unfortunately, when that happens, the Tuple window isn't interactive at that point. I can't use the arrow keys to go up and down. And so I was like, oh, man, I wonder if there's like an Alfred workflow for this. And it turns out indeed there is actually managed by the kind folks at Tuple themselves. So I was able to find that, install it; it's great. I have it now. I can use that. So that was a nice little upgrade to my workflow. I can just type like TC space and then start typing out the person's name, and then hit enter, and it will start a call immediately. And it doesn't actually make me more productive, but it makes me happier. And some days, that's what matters. STEPH: That's always so impressive to me when that happens where you're like, oh, I need a thing. And then you went through the saga that you just went through. And then the people who manage the application have already gotten there ahead of you, and they're like, don't worry, we've created this for you. That's one of those just beautiful moments of like, wow, y'all have really thought this through on a bunch of different levels and got there before me. CHRIS: It's somewhat unsurprising in this case because it's a very developer-centric organization, and Ben's background being a thoughtbot developer and Alfred user, I'm almost certain. Although I've seen folks talking about Raycast, which is the new hotness on the quick launcher world. I started eons ago in Quicksilver, and then I moved to Alfred, I don't know, ten years ago. I don't know what time it is anymore. But I've been in Alfred land for a while, but Raycast seems very cool. Just as an aside, I have not allowed myself... [laughs] this is another one of those like; I do not have permission to go explore this new tool yet because I don't think it will actually make me more productive, although it could make me happier. So... STEPH: I haven't heard of that one, Raycast. I'm literally adding it to the show notes right now as a way so you can find The Duke later, and I can find Raycast later [chuckles] and take a look at it and check it out. Although I really haven't embraced the whole Alfred workflow. I've seen people really enjoy it and just rave about it and how wonderful it is. But I haven't really leaned into that part of the world; I don't know why. I haven't set any hard and fast rules for myself where I can't play around with these technologies, but I haven't taken the time to do it either. CHRIS: You've also not found yourself writing thousands of lines of Vimscript because you thought that was a good idea. So you don't need as many guardrails it would seem. That's my guess. STEPH: This is true. CHRIS: Whereas I need to be intentional [laughs] with how I structure my interaction with my dev tools. STEPH: Instead, I'm just porting over fixtures from one place to another. [laughs] That's the weird space that I'm living in instead. [laughs] CHRIS: But you're getting paid for that. No one paid me for the Vimscript I wrote. [laughter] STEPH: That's fair. Speaking around process-y things, there's something that's been on my mind that Valeria, another thoughtboter, suggested around how we structure our meetings and the default timing that we have for meetings. So Thursdays are my team-focused day. And it's the day where I have a lot of one on ones. And I realized that I've scheduled them back to back, which is problematic because then I have zero break in between them, which I'm less concerned about that because then I can go for an hour or something and not have a break. And I'm not worried about that part. But it does mean that if one of those discussions happens to go over just even for like two or three minutes, then it means that someone else is waiting for me in those two to three minutes. And that feels unacceptable to me. So Valeria brought up a really good idea where I think it's only with the Google Meet paid version. I could be wrong there. But I think with the paid version of it that then you can set the new default for how long a meeting is going to last. So instead of having it default to 30 minutes, have it default to 25 minutes. So then, that way, you do have that five-minute buffer. So if you do go over just like two or three minutes with someone, you've still got like two minutes to then hop to the next call, and nobody's waiting for you. Or if you want those five minutes to then grab some water or something like that. So we haven't implemented it just yet because then there's discussion around is this a new practice that we want everybody to move to? Because I mean, if just one person does it, it doesn't work. You really need everybody to buy into the concept of we're now defaulting to 25 versus 30-minute meetings. So I'll have to let you know how that goes. But I'm intrigued to try it out because I think that would be very helpful for me. Although there's a part of me that then feels bad because it's like, well, if I have 30 minutes to chat with somebody, but now I'm reducing it to 25 minutes each time, I didn't love that I'm taking time away from our discussion. But that still feels like a better outcome than making somebody wait for three to five minutes if something else goes over. So have you ever run into something like that? How do you manage back-to-back meetings? Do you intentionally schedule a break in between or? CHRIS: I do try to give myself some buffer time. I stack meetings but not so much so that they're just back to back. So I'll stack them like Wednesdays are a meeting-heavy day for me. That's intentional just to be like, all right, I know that my day is going to get chopped up. So let's just really lean into that, chop the heck out of Wednesday afternoons, and then the rest of the week can hopefully have slightly longer deep work-type sessions. And, yeah, in general, I try and have like a little gap in between them. But often what I'll do for that is I'll stagger the start of the next meeting to be rather than on the hour or the half-hour, I start it on the 15th minute. And so then it's sort of I now have these little 15-minute gaps in my workflow, which is enough time to do one or two small things or to go get a drink or whatever it is or if things do run over. Like, again, I feel what you're saying of like, I don't necessarily want to constrain a meeting. Or I also don't necessarily want to go into the habit of often over-running. I think it's good to be intentional. Start meetings on time, end meetings on time. If there's a great conversation that's happening, maybe there's another follow-up meeting that should happen or something like that. But for as nonsensical of a human as I believe myself to be, I am rather rigid about meetings. I try very hard to be on time. I try very hard to wrap them up on time to make sure I go to the next one. And so with that, the 15-minute staggering is what I've found works for me. STEPH: Yeah, that makes sense. One-on-ones feels special to me because I wholeheartedly agree with being very diligent about like, hey, this is our meeting time. Let's do a time check. Someone says that at the end, and then that way, everybody can move on. But one on ones are, there's more open discussion space, and I hate cutting people off, especially because it might not be until the last 15 minutes that you really got into the meat of the conversation. Or you really got somewhere that's a little bit more personal or things that you want to talk about. So if someone's like, "Yeah, let me tell you about my life goals," and you're like, "Oh, no, wait, sorry. We're out of time." That feels terrible and tragic to do. So I struggle with that part of it. CHRIS: I will say actually, on that note, I'm now thinking through, but I believe this to be true. Everyone that reports to me I have a 45-minute one-on-one with, and then my CEO I set up the one-on-one. So I also made that one a 45-minute one-on-one. And that has worked out really well. Typically, I try and structure it and reiterate this from time to time of, like, hey, this is your space, not mine. So let's have whatever conversation fits in here. And it's fine if we don't need to use the whole time, but I want to make sure that we have it and that we protect it. Because I often find much like retro, I don't know; I think everything's fine. And then suddenly the conversation starts, and you're like, you know what? Actually, I'm really concerned now that you mentioned it. And you need that sort of empty space that then the reality sort of pop up into. And so with one on one, I try and make sure that there is that space, but I'm fine with being like, we can cut this short. We can move on from one-on-one topics to more of status updates; let's talk about the work. But I want to make sure that we lead with is there anything deeper, any concerns, anything you want to talk through? And sort of having the space and time for that. STEPH: I like that. And I also think it speaks more directly to the problem I'm having because I'm saying that we keep running over a couple of minutes, and so someone else is waiting. So rather than shorten it, which is where I'm already feeling some pain...although I still think that's a good idea to have a default of 25-minute meetings so then that way, there is a break versus the full 30. So if people want to have back-to-back meetings, they still have a little bit of time in between. But for one on ones specifically, upping it to 45 minutes feels nice because then you've got that 15-minute buffer likely. I mean, maybe you schedule a meeting, but, I don't know, that's funky. But likely, you've got a 15-minute buffer until your next one. And then that's also an area that I feel comfortable in sharing with folks and saying, "Hey, I've booked this whole 45 minutes. But if we don't need the whole time, that's fine." I'm comfortable saying, "Hey, we can end early, and you can get more of your time back to focus on some other areas." It's more the cutting someone off when they're talking because I have to hop to the next thing. I absolutely hate that feeling. So thanks, I think I'll give that a go. I think I'll try actually bumping it up to 45 minutes, presuming that other people like that strategy too, since they're opting in [laughs] to the 45 minutes structure. But that sounds like a nice solution. CHRIS: Well yeah, happy to share it. Actually, one interesting thing that I'm realizing, having been a manager at thoughtbot and then now being a manager within Sagewell, the nature of the interactions are very different. With thoughtbot, I was often on other projects. I was not working with my team day to day in any real capacity. So it was once every two weeks, I would have this moment to reconnect with them. And there was some amount of just catching up. Ideally, not like status update, low-level sort of thing, but sort of just like hey, what have you been working on? What have you been struggling with? What have you been enjoying? There was more like I needed bigger space, I would say for that, or it's not surprising to me that you're bumping into 30 minutes not being quite long enough. Whereas regularly, in the one on ones that I have now, we end up cutting them short or shifting out of true one-on-one mode into more general conversation and chatting about Raycast or other tools or whatever it is because we are working together daily. And we're pairing very regularly, and we're all on the same project and all sorts of in sync and know what's going on. And we're having retro together. We have plenty of places to have the conversation. So the one-on-one again, still, I keep the same cadence and the same time structure just because I want to make sure we have the space for any day that we really need that. But in general, we don't. Whereas when I was at thoughtbot, it was all the more necessary. And I think for folks listening; I could imagine if you're in a team lead position and if you're working very closely with folks, then you may be on the one side of things versus if you're a little bit more at a distance from the work that they're doing day to day. That's probably an interesting question to ask, and think about how you want to structure it. STEPH: Yeah, I think that's an excellent point. Because you're right; I don't see these individuals. We may not have really gotten to interact, except for our daily syncs outside of that. So then yeah, there's always like a good first 10 minutes of where we're just chatting about life and catching up on how things are going before then we dive into some other things. So I think that's a really good point. Cool, solving management problems on the mic. I dig it. In slightly different news, I've joined a book club, which I'm excited about. This book club is about Ruby. It's specifically reading the book Ruby Science, which is a book that was written and published by thoughtbot. And it requires zero homework, which is my favorite type of book club. Because I have found I always want to be part of book clubs. I'm always interested in them, but then I'm not great at budgeting the time to make sure I read everything I'm supposed to read. And so then it comes time for folks to get together. And I'm like, well, I didn't do my homework, so I can't join it. But for this one, it's being led by Joël, and the goal is that you don't have to do the homework. And they're just really short sections. So whoever's in charge of leading that particular session of the book club they're going to provide an overview of what's covered in whatever the reading material that we're supposed to read, whatever topic we're covering that day. They're going to provide an overview of it, an example of it, so then we can all talk about it together. So if you read it, that's wonderful. You're a bit ahead and could even join the meeting like five minutes late. Or, if you haven't read it, then you could join and then get that update. So I'm very excited about it. And this was one of those books that I'd forgotten that thoughtbot had written, and it's one that I've never read. And it's public for anybody that's interested in it. So to cover a little bit of details about it, so it talks about code smells, ways to refactor code, and then also common patterns that you can use to solve some issues. So there's a lot of really just great content that's in it. And I'll be sure to include a link in the show notes for anyone else that's interested. CHRIS: And again, to reiterate, this book is free at this point. Previously, in the past, it was available for purchase. But at one point a number of years ago, thoughtbot set all of the books free. And so now that along with a handful of other books like...what's Edward's DNS book? Domain Name Sanity, I believe, is Edward's book name that Edward Loveall wrote when he was not a thoughtboter, [laughs] and then later joined as a thoughtboter, and then we made the book free. But on the specific topic of Ruby Science, that is a book that I will never forget. And the reason I will never forget it is that book was written by the one and only CTO Joe Ferris, who is an incredibly talented developer. And when I was interviewing with thoughtbot, I got down to the final day, which is a pairing session. You do a morning pairing session with one thoughtbot developer, and you do an afternoon pairing session with another thoughtbot developer. So in the morning, I was working with someone on actually a patch to Rails which was pretty cool. I'd never really done that, so that was exciting. And that went fine with the exception that I kept turning on Caps Lock on their keyboard because I was used to Caps Lock being CTRL, and then Vim was going real weird for me. But otherwise, that went really well. But then, in the afternoon, I was paired with the one and only CTO Joe Ferris, who was writing the book Ruby Science at that time. And the nature of the book is like, here's a code sample, and then here's that code sample improved, just a lot of sort of side-by-side comparisons of code. And I forget the exact way that this went, but I just remember being terrified because Joe would put some code up on the screen and be like, "What do you think?" And I was like, oh, is this the good code or the bad code? I feel like I should know. I do not know. I'm not sure. It worked out fine, I guess. I made it through. But I just remember being so terrified at that point. I was just like, oh no, this is how it ends for me. It's been a good run. STEPH: [laughs] CHRIS: I made it this far. I would have loved to work for this nice thoughtbot company, but here we are. But yeah, I made it through. [laughs] STEPH: There are so many layers to that too where it's like, well if I say it's terrible, are you going to be offended? Like, how's this going to go for me if I speak my truths? Or what am I going to miss? Yeah, that seems very interesting (I kind of like it.) but also a terrifying pairing session. CHRIS: I think it went well because I think the code...I'd been following thoughtbot's work, and I knew who Joe was and had heard him on podcasts and things. And I kind of knew roughly where things were, and I was like, that code looks messy. And so I think I mostly got it right, but just the openness of the question of like, what do you think? I was like, oh God. [laughs] So yeah, that book will always be in my memories, is how I would describe it. STEPH: Well, I'm glad it worked out so we could be here today recording a podcast together. [laughs] CHRIS: Recording a podcast together. Now that I say all that, though, it's been a long time since I've read the book. So maybe I'll take a revisit. And definitely interested to hear more about your book club and how that goes. But shifting ever so slightly (I don't have a lot to say on this topic.) but there's a new framework technology thing out there that has caught my attention. And this hasn't happened for a while, so it's kind of novel for me. So I tend to try and keep my eye on where is the sort of trend of web development going? And I found Inertia a while ago, and I've been very, very happy with that as sort of this is the default answer as to how I build websites. To be clear, Inertia is still the answer as to how I build websites. I love Inertia. I love what it represents. But I'm seeing some stuff that's really interesting that is different. Specifically, Remix.run is the thing that I'm seeing. I mentioned it, I think, in the last episode talking about there was some stuff that they were doing with data loading and async versus synchronous, and do you wait on it or? They had built some really nice levers and trade-offs into the framework. And there's a really great talk that Ryan Florence, one of the creators of Remix.run, gave about that and showed what they were building. I've been exploring it a little bit more in-depth now. And there is some really, really interesting stuff in Remix. In particular, it's a meta-framework, I think, is the nonsense phrase that we use to describe it. But it's built on top of React. That won't be true for forever. I think it's actually they would say it's more built on top of React Router. But it is very similar to Next.js for folks that have seen that. But it's got a little bit more thought around data loading. How do we change data? How do we revalidate data after? There's a ton of stuff that, having worked in many React client-side API-heavy apps that there's so much pain, cache invalidation. How do you think about the cache? When do you fetch from the network? How do you avoid showing 19 different loading spinners on the page? And Remix as a framework has some really, I think, robust and well-thought-out answers to a lot of that. So I am super-duper intrigued by what they're doing over there. There's a particular video that I think shows off what Remix represents really well. It's Ryan Florence, that same individual, the creator of Remix, building just a newsletter signup page. But he goes through like, let's start from the bare bones, simplest thing. It's just an input, and a form submits to the server. That's it. And so we're starting from web 2.0, long, long ago, sort of ideas, and then he gradually enhances it with animations and transitions and error states. And even at the end, goes through an accessibility audit using the screen reader to say, "Look, Remix helps you get really close because you're just using web fundamentals." But then goes a couple of steps further and actually makes it work really, really well for a screen reader. And, yeah, overall, I'm just super impressed by the project, really, really intrigued by the work that they're doing. And frankly, I see a couple of different projects that are sort of in this space. So yeah, again, very early but excited. STEPH: On their website...I'm checking it out as you're walking me through it, and on their website, they have "Say goodbye to Spinnageddon." And that's very cute. [laughs] CHRIS: There's some fundamental stuff that I think we've just kind of as a web community, we made some trade-offs that I personally really don't like. And that idea of just spinners everywhere just sending down a ball of application logic and a giant JavaScript file turning it on on someone's computer. And then immediately, it has to fetch back to the server. There are just trade-offs there that are not great. I love that Remix is sort of flipping that around. I will say, just to sort of couch the excitement that I'm expressing right now, that Remix exists in a certain place. It helps with building complex UIs. But it doesn't have anything in the data layer. So you have to bring your own data layer and figure out what that means. We have ActiveRecord within Rails, and it's deeply integrated. And so you would need to bring a Prisma or some other database connection or whatever it is. And it also doesn't have more sort of full-featured framework things. Like with Rails, it's very easy to get started with a background job system. Remix has no answer to that because they're like, no, no, this is what we're doing over here. But similarly, security is probably the one that concerns me the most. There's an open conversation in their discussion portal about CSRF protection and a back and forth of whether or not Remix should have that out of the box or not. And there are trade-offs because there are different adapters that you can use for auth. And each would require their own CSRF mitigation. But to me, that is the sort of thing that I would want a framework to have. Or I'd be interested in a framework that continues to build on top of Remix that adds in background jobs and databases and all that kind of stuff as a complete solution, something more akin to a Rails or a Laravel where it's like, here we go. This is everything. But again, having some of these more advanced concepts and patterns to build really, really delightful UIs without having to change out the fundamental way that you're building things. STEPH: Interesting. Yeah, I think you've answered a couple of questions that I had about it. I am curious as to how it fits into your current tech stack. So you've mentioned that you're excited and that it's helpful. But given that you already have Rails, and Inertia, and Svelte, does it plug and play with the other libraries or the other frameworks that you have? Are you going to have to replace something to then take advantage of Remix? What does that roadmap look like? CHRIS: Oh yeah, I don't expect to be using Remix anytime soon. I'm just keeping an eye on it. I think it would be a pretty fundamental shift because it ends up being the server layer. So it would replace Rails. It would replace the Inertia within the stack that I'm using. This is why as I started, I was like, Inertia is still my answer. Because Inertia integrates really well with Rails and allows me to do the sort of it's not progressive enhancement, but it's like, I want fancy UI, and I don't want to give up on Rails. And so, Inertia is a great answer for that. Remix does not quite fit in the same way. Remix will own all of the request-response lifecycle. And so, if I were to use it, I would need to build out the rest of that myself. So I would need to figure out the data layer. I would need to figure out other things. I wouldn't be using Rails. I'm sure there's a way to shoehorn the technologies together, but I think it sort of architecturally would be misaligned. And so my sense is that folks out there are building...they're sort of piecing together parts of the stack to fill out the rest. And Remix is a really fantastic controller and view from their down experience and routing layer. So it's routing, controller, view I would say Remix has a really great answer to, but it doesn't have as much of the other stuff. Whereas in my case, Inertia and Rails come together and give me a great answer to the whole story. STEPH: Got it. Okay, that's super helpful. CHRIS: But yeah, again, I'm in very much the exploratory phase. I'm super intrigued by a lot of what I've seen of it and also just sort of the mindset, the ethos of the project as it were. That sounds fancy as I say it, but it's what I mean. I think they want to build from web fundamentals and then enhance the experience on top of that, and I think that's a really great way to go. It means that links will work. It means that routing and URLs will work by default. It means that you won't have loading spinner Armageddon, and these are core fundamentals that I believe make for good websites and web applications. So super interested to see where they go with it. But again, for me, I'm still very much in the Rails Inertia camp. Certainly, I mean, I've built Sagewell on top of it, so I'm going to be hanging out with it for a while, but also, it would still be my answer if I were starting something new right now. I'm just really intrigued by there's a new example out there in the world, this Remix thing that's pushing the envelope in a way that I think is really great. But with that, my now…what was that? My second or my third rave? Also called the positive rant, as we call it. But yeah, I think on that note, what do you think? Should we wrap up? STEPH: Let's wrap up. CHRIS: The show notes for this episode can be found at bikeshed.fm. STEPH: This show is produced and edited by Mandy Moore. CHRIS: If you enjoyed listening, one really easy way to support the show is to leave us a quick rating or even a review on iTunes, as it really helps other folks find the show. STEPH: If you have any feedback for this or any of our other episodes, you can reach us at @_bikeshed or reach me on Twitter @SViccari. CHRIS: And I'm @christoomey. STEPH: Or you can reach us at hosts@bikeshed.fm via email. CHRIS: Thanks so much for listening to The Bike Shed, and we'll see you next week. ALL: Byeeeeeeee!!!!!!!!! ANNOUNCER: This podcast was brought to you by thoughtbot. thoughtbot is your expert design and development partner. Let's make your product and team a success.

    #TWIMshow - This Week in Marketing
    [Ep114] - Updates From Google SEO Day

    #TWIMshow - This Week in Marketing

    Play Episode Listen Later Jun 27, 2022 17:59


    1. Shopify Announces Audience During Their Semi-Annual Showcase - Shopify Editions is Shopify's new semi-annual showcase demonstrating the speed and breadth of innovation at Shopify to bring merchants into the future. Per Shopify, they are powering a radically different model of commerce: Connect to Consumer (C2C). To help merchants embrace C2C, they unveiled an entirely new B2B offering, launching Tokengated Commerce, partnered with Google to help consumers shop local, brought commerce to Twitter,  launched Tap to Pay on iPhone—just to name a few.Shopify Audiences, a new marketing tool helps Shopify Plus merchants find new customers. Using Shopify's unique view on purchase intent and their merchant network helps identify buyers who are looking for your products. Then create and export high-interest audiences to ad platforms like Facebook.Other notable things announced at Shopify Editions are:a.) B2B on Shopify makes it seamless for Shopify Plus merchants to sell to other businesses on the same platform that they use for D2C. Say goodbye to spreadsheets, one-off invoices, and manual data entry. Not to mention, they've also partnering with ERP providers such as NetSuite, Brightpearl, and Acumatica to automatically integrate merchants' essential data with their B2B solution.b.) With Shopify's offline GMV growing nearly 80% year over year in Q1 2022, they figured out that in-person shopping is coming back in a big way—and they want a piece of the pie. That's why they're one of the first commerce platforms to launch Tap to Pay on iPhone in the U.S. in partnership with Stripe. Currently in early access with select Shopify point-of-sale merchants, Tap to Pay on iPhone will be fully available in the U.S. in the coming months.With Tap to Pay on iPhone, they're lowering the barrier to entry for Shopify merchants to expand into offline retail for the first time without needing extra hardware or investment. Per Shopify, “Think farmers markets, new pop-up experiences, test shops for established merchants to expand to new physical locations. Enabling Tap to Pay on iPhone will broaden the possibilities in offline commerce, giving merchants who haven't yet tried in-person selling an easy way to connect with customers IRL.”c.) Local Inventory on Google . Turning browsers into local buyers. We know that nearly all U.S. consumers have searched for local businesses online, with more than a third searching multiple times every week. Shopify is about to improve those searches in a big way with local inventory sync on Google, available through Shopify's Google channel. Now, Shopify merchants can automatically let nearby customers know when a product is available in store. Shopping local has never been more convenient. Local inventory sync on Google is globally available via Shopify's Google channel to merchants using Shopify's point-of-sale app.You can find all the details here.2. Twitter Launches New Shopify Integration - Social commerce continues to be a growing opportunity for merchants. Orders placed with Shopify merchants through partner integrations quadrupled YoY in the first quarter of 2022. Sometimes, a brand's biggest audience is the one they haven't tapped. Twitter's hundreds of millions of users represent potential connections for independent merchants, and that's why Shopify is the first commerce platform to partner with Twitter as it continues to scale its Twitter Shopping ecosystem. In fact, shopping-related Tweets saw 40-billion impressions over the last year alone. Using Shopify's new Twitter sales channel, merchants can reach consumers directly from their Twitter profiles, creating a frictionless path to purchase in today's digital townsquare. This will enable Shopify merchants to list their products on their Twitter Professional Profiles, with each item, when tapped, then redirecting users to the Shopify product page to make a purchase.Twitter's shopping features include Twitter Shops and Shop Spotlight, and, starting today, both are available for free to all Shopify U.S. merchants selling to U.S. consumers. “The Twitter sales channel makes it quicker and easier to meet our customers wherever they are,” said Jessica Stevens, Senior Social Media Manager at Trixie Cosmetics. “The automatic syncing is going to help us save so much time, and the sales channel allows me to easily connect the two platforms that we already tap into to sell products and engage with customers.”3. Twitter Releases Twitter Write, Notes Feature - Finally available on some user profiles, Twitter's new "Notes" feature offers a quick, seamless method to include lengthy text pieces in your tweets. The Notes UI is quite simple and has all the standard features of a blog post composer, such as the ability to add header pictures, insert photos and links within the text, and a quick way to add tweets.Once posted, Notes will display as a Twitter card that directs users to the complete article. You have a lot more area for your longer-form content on the app because Note titles are only allowed to be 100 characters long and the body of a Note can be up to 2,500 words.Additionally, unlike tweets, notes can be edited after they are published, and a "Edited" label will be appended at the top of the note.4. LinkedIn Updates Event Engagement Options & Simplifies ‘Repost' Process - In order to promote on-topic conversation and interaction within LinkedIn Events, LinkedIn is now introducing new comment engagement options. You may now interact with participants before, during, and after the session by using the Comments tab of a LinkedIn event. You can also reply to particular comments in-stream. With more than 24,000 events being added to the app each week as of this writing, the option is intended to take advantage of LinkedIn Events engagement. Furthermore, LinkedIn recently added LinkedIn Events to its simplified "Boost" ad option, giving users another method to promote their LinkedIn event listings.p.s. Users are currently starting to see the enhanced Comments choices in-stream as the option is being rolled out.Additionally, LinkedIn is making it simpler to share updates on LinkedIn by adding a new, streamlined "Repost" option to the "Share" menu. When you tap the "Share" prompt, a new "Repost" option will soon be available, allowing you to share without leaving a comment (currently your only option). By removing the requirement for users to contribute their own commentary to every re-share, this will make it simpler to share posts.5. Will Google Crawl URLs In Structured Data? - Does Google crawl alternative kinds of links like those found in structured data? Google's John Mueller answered:“So for the most part, when we look at HTML pages, if we see something that looks like a link, we might go off and kind of like try that URL out as well. That's something where if we find a URL in JavaScript, we can try to pick that up and try to use it. If we find a link in kind of a text file on a site, we can try to crawl that and use it.”Do not blindly assume that just because a link is in structured data means it will or will not be indexed.He recommends that if you want Google to go off and crawl that URL, make sure that there's a natural HTML link to that URL, with a clear anchor text as well, that you give some information about the destination page. If you don't want Google to crawl that specific URL, then maybe block it with robots.txt or on that page use a rel=canonical pointing to your preferred version, anything like that.6. Google Crawls And Indexes The First 15MB - The Googlebot help page has been updated to reflect the fact that Googlebot will only crawl the first 15MB of a page before stopping. Therefore, if you want to make sure that Google ranks your website appropriately, make sure that the first 15MB of the page can be crawled and indexed by Googlebot.Generally speaking, you should aim to keep your pages as lightweight as possible for both users and search engine crawlers. However, Google is being very upfront about how much of your website it will use here.Using the URL Inspection tool in Google Search Console to examine what portions of the page Google renders and detects in the debugging tool is an excellent approach to test this.7. Google: Images Can Impact Your Rankings - You might not be aware, but the images on your website might affect how well it ranks in Google Search results.If the image dimensions on a web page are not specified, the page's content may move about while the image loads. This is interpreted by Google Search as a bad signal.The solution is as easy as including the width and height attributes in the image's HTML code.8. Google: Keywords In Domain Names Are Overrated - Keywords in domain names are overstated, according to John Mueller of Google. He repeated what he and other Google employees have said countless times over the years. He advised choosing something for the long term and for your business instead.9. Google: It's OK To Link Your WhatsApp Number - John Mueller from Google stated on Twitter that including a link to your WhatsApp number on your website is not a negative SEO strategy. Contrary to what some SEO toolkits claim, connecting to a WhatsApp, phone, or fax number is acceptable, and Google does not evaluate your site differently dependent on the type of number you link to.10. Google: Do This For Product Variants Pages - When a product is offered in a variety of sizes or colors, ecommerce sites generally take URL structure into consideration. A product variant is any combination of a product's attributes. For product variants, Google supports a broad variety of URL configurations.To help Google understand which variant is best to show in Search, choose one of the product variant URLs as the canonical URL for the product.The following restrictions apply if you decide to display many product variants on a single page (i.e., if the variants all have the same URL). The page may be ineligible for Product rich results in search results because the experience is only supported for pages holding a single product (and product variants may be treated as distinct products by Google Search). Experiences such as Google Shopping cannot take a user to a specific variant of a product on your site, leading to the user needing to select the variant they wish to purchase on your site before checkout. This can lead to a poor user experience if the shopper already selected the variant they wanted in Google Shopping. If you choose to use a distinct URL per variant, Google recommends using either: A path segment, such as /t-shirt/green  A query parameter, such as /t-shirt?color=green 11. Google Changes Requirements For Local Service Ads - Google has increased the requirements for local service ads, mandating five reviews. This is an increase over the prior requirement of simply requiring one review.According to Ginny Marvin of Google's AdsLiaison, "The procedure for placing an ad with Local Services Ads has not changed; rather, the quantity of reviews has increased from 1 to 5. More customer testimonials increase credibility and increase the likelihood of connecting with prospective customers."Industries that now need five reviews are: Real estate agents and brokers Lawyer for personal injuries HVAC Companies Home Cleaning Companies Tree care/services companies Roofing 12. Updates From Google SEODay - John Mueller, a Google Search Advocate, discussed improvements to the search engine's scoring system and the effect of page experience on rankings at an online session at SEODay 2022.Google now bases desktop search results on a site's desktop experience and mobile search results on a site's mobile experience, among other modifications that were made public.The search engine calculates experience scores using three main metrics: largest contentful paint (LCP), first input delay (FID), and cumulative layout shift (CLS)."Interactivity to next page," often known as INP, is a new page experience statistic that Google has added. Other things that came out of SEODay are: Users can create custom reports and obtain a fresh perspective on the data by using analytics and Search Console data.  Videos & Images Take On More Prominent Role In Search - “We see that people love videos and authentic images in search results, so we try to show them more,” Mueller said. Google now offers a WordPress plugin for creating Web stories - A collection of pages that often have videos. Authentic Product Reviews Factored Into Rankings - “People have high expectations of reviews they find online, so we've also worked specifically on updates to algorithms with regards to ranking these product reviews,” he said.

    Rustacean Station
    This Week in Rust - Issue 446

    Rustacean Station

    Play Episode Listen Later Jun 27, 2022 56:19


    Highlights from This Week in Rust - Issue 446, presented by Allen and Tim, with Nell Shamrell-Harrington, co-hosting for the first time in 2022. Contributing to Rustacean Station Rustacean Station is a community project; get in touch with us if you'd like to suggest an idea for an episode or offer your services as a host or audio editor! Twitter: @rustaceanfm Discord: Rustacean Station Github: @rustacean-station Email: hello@rustacean-station.org Timestamps & referenced resources [@00:00:00] Welcome [@00:00:10] - Introduction [@00:00:52] - Agenda [@00:01:27] - Interview with Nell Shamrell-Harrington about editing This Week in Rust [@00:06:21] Submitting an article to This week in Rust TWIR Github Repository github.com/rust-lang/this-week-in-rust TWIR Twitter account @thisweekinrust [@00:07:42] Call for volunteers to co-host an episode [@00:08:38] - Quote of the week I wrote a bespoke time-series database in Rust a few years ago, and it has had exactly one issue since I stood it up in production, and that was due to pessimistic filesystem access patterns, rather than the language. This thing is handling hundreds of thousands of inserts per second, and it's even threaded. Given that I've been programming professionally for over a decade in Python, Perl, Ruby, C, C++, Javascript, Java, and Rust, I'll pick Rust absolutely any time that I want something running that I won't get called at 3 AM to fix. It probably took me 5 times as long to write it as if I did it in Go or Python, but I guarantee it's saved me 10 times as much time I would have otherwise spent triaging, debugging, and running disaster recovery. “Configuring uWSGI for Production Deployment” (2019) by at Peter Sperl and Ben Green from Bloomberg uWSGI's max-requests and max-worker-lifetime options are intended to reduce the chance of memory leaks affecting production workloads [@00:14:47] - Crate of the week: osmpbf A Rust library for reading the OpenStreetMap PBF file format (*.osm.pbf). It strives to offer the best performance using parallelization and lazy-decoding with a simple interface while also exposing iterators for items of every level in a PBF file. OpenStreetMap Humanitarian OpenStreetMap Team (HOT OSM) [@00:16:40] Official Notices [@00:16:43] - Rust Compiler June 2022 Steering Cycle [@00:21:24] Highlights [@00:21:51] (async) Rust doesn't have to be hard Rust Is Hard, Or: The Misery of Mainstream Programming Stack Overflow Developer Survey: Most loved programming language [@00:28:28] clippy book [@00:29:40] Rolling co-lead roles for T-compiler [@00:36:33] Hyper vs Rocket - Low Level vs Batteries included Rust is surprisingly expressive (2013) by Steve Klabnik [@00:40:00] Macro Patterns - A match made in heaven by Conrad Ludgate [@00:41:11] Web Scraping with Rust by Gints Dreimanis Hyper with Sean McArthur [@00:44:09] Trivia About Rust Types: An (Authorized) Transcription of Jon Gjengset's Twitter Thread by Jimmy Hartzell [@00:46:01] Rust language's explosive popularity comes with challenges by Ed Targett “A proactive approach to more secure code” (2019) by Microsoft Security Response Center Project Zero team at Google [audio] Rust Foundation with Rebecca Rumbul Credits Intro Theme: Aerocity Audio Editing: Tim McNamara Hosting Infrastructure: Jon Gjengset Show Notes: Tim McNamara Hosts: Tim McNamara, Nell Shamrell-Harrington and Allen Wyma.

    Svelte Radio
    All About the Sirens

    Svelte Radio

    Play Episode Listen Later Jun 27, 2022 51:59


    SponsorThis week's episode is sponsored by... Svelte Summit! Get your tickets for the upcoming in-person event in Stockholm before it's too late! We already have some confirmed speakers: Rich Harris,

    Planet of the Klimates
    Andy Szybalski - Co-Founder of Degen Blues

    Planet of the Klimates

    Play Episode