Podcasts about Linux Foundation

The episode identifies a growing governance gap as a central structural issue for MSPs and IT service providers, driven by rapid AI adoption through subscription-based tools and platforms. Rather than being introduced as controlled, IT-led initiatives, AI services are entering organizations piecemeal—often through end users and business units—undermining established accountability and management practices. This dynamic is exemplified by ConnectWise's dismantling of its ASIO platform in favor of a new AI-native operating layer designed to unify PSA, RMM, security, and automation functions, and by clients independently layering on AI-powered tools without centralized oversight or cost control. A primary example of ungoverned risk involves unsustainable AI cost exposure. According to Axios and TechCrunch, an enterprise amassed around $500 million in a single month on Anthropic's Claude due to unlimited, unmonitored usage. Freshworks' survey of over 12,000 IT professionals quantifies the industry's operational friction, finding mid-market companies waste about 25% of AI budgets on complexity, for a total of $16 billion in annual waste. Despite 89% of respondents planning to increase AI spend, only 15% have actively integrated these tools into daily workflows—revealing widespread governance lag behind adoption. Supporting developments highlight the breadth and persistence of this governance deficit. Organizations such as the Linux Foundation have responded by forming the Tokenomics Foundation to standardize AI cost tracking. Meanwhile, AI tool adoption is occurring outside IT, leading to agent sprawl, unclear permissions, and cost scaling linked to agent behavior rather than headcount. Roll-up strategies in adjacent sectors—such as Thrive Holdings' $1 billion commitment to consolidate accounting firms under an AI operational platform—demonstrate capital's move toward operationally governed, AI-enabled service models, suggesting a parallel risk for IT providers. For MSPs and IT leaders, these trends underscore the urgency of operationalizing AI governance as a billable, contractual service rather than an informal or embedded support task. Risks include absorbing liability for unmanaged AI usage, exacerbated operational complexity, and relinquishing margin to platform or capital entrants. Practical steps involve conducting AI tool audits, inventorying agent access and spend, instituting usage controls, and reframing account segmentation around governance and liability exposure. MSPs who define, price, and contract for governance can mitigate inherited risk and avoid being displaced by vendors or capital-backed consolidators. 00:00 ConnectWise Rebuilds  03:59 Ungoverned Agents 06:06 Roll-Up Warning 09:38 Why Do We Care?    Supported by:  Moovila  ScalePad 

Citi, DTCC and others are quietly using Hyperledger Besu as neutral, enterprise-grade rails for tokenized deposits and collateral. Daniela Barbosa, general manager of decentralized technologies at the Linux Foundation, explains why.

Erik Reppel, Head of Engineering at Coinbase Developer Platform, joins the Consensus mainstage to make the case for internet-native payments. The internet was built for humans, but AI agents are taking over and they don't click ads. x402 is an open standard that finally gives the web a native payment layer, built on a forgotten HTTP status code that's been sitting unused since 1994. Created by Reppel and now backed by Visa, Stripe, Cloudflare, Microsoft, and others under the Linux Foundation, it lets any agent pay for any content or API with two lines of code and a stablecoin transaction that costs less than a cent. - Timecodes: 00:00 - Erik from x402 at Consensus Miami 2026 00:48 - The Internet Was Designed for Humans, Not Agents  03:53 - AI Is About to Break the Internet's Economic Model  05:03 - Defining What an Agent Actually Is  08:59 - Open Protocols vs Walled Gardens  12:21 - x402: An Open Standard for Internet Native Payments  15:02 - Why Now Is the Right Time for Agentic Payments

Agentic e-commerce is already reshaping how consumers discover and buy products online, yet it still accounts for barely 0.2% of total e-commerce traffic. BASE France is the French arm of Base.com, a Polish-born SaaS scale-up that has spent nearly two decades building operational infrastructure for online retailers. Its CEO, Ben Hamilton, brings a practitioner’s perspective to this emerging model: measured, practical, and refreshingly free of the hype that surrounds most conversations on the topic. Agentic E-Commerce: Could AI Become the Shopfront? Imagine an agentic e-commerce world where e-commerce happens on smartphone screens and robots deliver your purchases. We might be on the brink of this future. This image was created using Midjourney. Commerce as conversation: the oldest model in the book Before there were shops, there was conversation. For thousands of years, trade was oral. A buyer expressed a need, a seller responded with what they had, and the two parties negotiated until a deal was struck. The self-service retail store, born roughly a century ago, was a radical departure from this model. It replaced dialogue with browsing. It handed the customer a trolley and pointed them at the shelves. E-commerce then took that self-service model and, as Ben Hamilton puts it, “multiplied it by about 100,000.” The online shopper today faces a near-infinite array of products across dozens of marketplaces, with no guide, no-one to talk to, and no memory of what they looked at three tabs ago. It is efficient in theory. In practice, it is exhausting. Back to future? The agentic model, Hamilton argues, represents something of a return to origins. Instead of browsing, the consumer talks. An agent listens, asks questions, proposes options, and eventually surfaces an answer to a need that the buyer may not even have been able to articulate clearly at the outset. “back to the future,” Hamilton explains, “that’s what I’m getting at. The agentic model takes us back to something closer to how human beings have traded over thousands of years compared to the last ten, twenty or even a hundred.” My own experience bears this out. I recently found a diagnostician for a property I am selling. As a matter of fact, I didn’t find them through a Google search, but through a conversation with an LLM. I clicked through two or three irrelevant links before landing on exactly the right provider. I then completed the transaction on their website. The research was agentic; the checkout was not. That distinction, as it happens, sits at the heart of what Hamilton believes will define the next phase of e-commerce. Ben Hamilton on agentic e-commerce: “I can totally imagine a portion of that market occurring directly on an LLM”. Agentic E-commerce: Where checkout will and won’t happen One of the more grounded contributions Hamilton makes to this debate is his refusal to conflate two distinct phenomena: AI influence over purchasing decisions, and AI completing the transaction itself. Much of the media discourse collapses the two. Hamilton does not. “I don’t think we’re heading to a world where 20, 50 or 80% of online transactions happen on an LLM,” he says. “I would draw the distinction between where the checkout occurs and how much an agent is involved in the buying process.” For the foreseeable future, he believes, most consumers will continue to research via LLMs and transact on familiar websites and marketplaces. The inertia in human purchasing behaviour is simply too great for the checkout itself to migrate rapidly to a chat interface. This view is supported by the data available. According to research by commercetools, 73% of consumers already use AI somewhere in their shopping journey. Yet only 36% are open to AI agents making purchases on their behalf. In the US, the figure for autonomous AI purchasing drops to 14%. The gap between AI as advisor and AI as buyer is vast, and it will narrow slowly. The risks associated with agentic e-commerce are high The risks of handing uncapped authority to an AI agent are no longer hypothetical. In late May 2026, an AI consultant reported to Axios that one of their enterprise clients had accidentally accumulated a $500 million bill on Anthropic’s Claude in a single month, simply by giving employees unrestricted access to the platform with no usage controls in place. Agentic workflows, which loop through tasks repeatedly, consume tokens at a rate orders of magnitude higher than a standard chat query. The bill was not the result of malicious use or a system failure. It was the predictable outcome of deploying autonomous agents without guardrails. The case is far from isolated: Uber reportedly exhausted its entire 2026 AI budget by April, with per-engineer costs running between $500 and $2,000 monthly. “You’ve got to be bold to give them no upper limit on transactions,” Hamilton observed, and the arithmetic proved him right. [Editor's note: I misquoted a similar anecdote about the Davos Summit during the interview. I'd heard or read this story in traditional media but couldn't verify it with facts. I suspect it might have been fabricated. I replaced it with the above, duly sourced information.] The check out must remain on the merchant’s platform OpenAI itself learned this lesson when it launched Instant Checkout in September 2025, which allowed purchases to complete directly inside ChatGPT. By March 2026, the feature had been shut down. Brands rejected the model, citing the loss of traffic, customer data, and loyalty flows. Shopify’s own position makes the point clearly. At the Morgan Stanley Technology, Media and Telecom Conference in March 2026, Finkelstein noted that barely a dozen Shopify merchants were live on agentic commerce at the time. On the Q1 2026 earnings call, he was unambiguous: “LLMs do not bypass Shopify’s checkout.” The checkout, the payment flow, and the post-purchase relationship remain squarely on the merchant’s platform. A natural segmentation Hamilton sees a natural segmentation emerging by category. Low-value, frequently purchased household items lend themselves to fully autonomous agentic purchasing. “I can totally imagine a portion of that market occurring direct on an LLM,” he says. “Hey, I’ve run out of toothpaste, can you order me some?” High-involvement purchases, and anything with significant financial or emotional stakes, will retain human control over the final step for a long time yet. The death of keyword search, greatly exaggerated The brands Hamilton speaks with regularly are, understandably, worried. Most have spent the past two decades learning the rules of a game built around keyword search and performance marketing. That game has not ended, but the goalposts have shifted, and nobody is quite sure where they have moved to. Brands are understandably worried. Most have spent the past two decades learning the rules of a game built around keyword search and performance marketing and the goalposts have shifted, and nobody is quite sure where they have moved to. Gabriel Magalhães didn’t even need this to miss in the 2026 UEFA Cup Final penalty shootout. This image was tweaked with ChatGPT. The scale of the agentic e-commerce shift Key figures: the scale of the shift AI-driven sessions still represent below 0.2% of total e-commerce traffic, though they are the fastest-growing channel (Digital Commerce 360, 2025) GenAI referrals to US retail sites grew 693% year-on-year during the 2025 holiday season (Adobe Analytics) Gartner forecast that traditional search engine volume would drop 25% by 2026 as AI chatbots captured search share (Gartner, 2024) By early 2026, ChatGPT reached approximately 17% of global search queries against Google’s 78% Over 60% of Google searches now end without a click, across multiple industry studies Retailers with AI agent integration grew 32% faster during Cyber Week 2025 than those without (Salesforce) Hamilton’s view on the fate of keyword search is careful rather than apocalyptic. Google will not lose its advertising revenues overnight. But the direction of travel is clear. Search queries will progressively migrate towards conversational interfaces, for the simple reason that we rarely know precisely what we want when we start looking. “We don’t necessarily know what we want 90% of the time,” he observes. “It takes a bit of a conversation to elicit exactly what we’re looking for.” Keyword search was always a crude proxy for intent. LLMs are, at least in principle, better placed to decode it. Agentic e-commerce by the numbers Agentic e-commerce by the numbers. Infographic made with Gemini The question for brands is what to do about this. Hamilton’s prescription is structural rather than cosmetic. Brands need to become machine-readable, which means structured data connected to the right protocols, not just well-written product descriptions. Three open standards now define how AI agents interact with merchants: MCP (Model Context Protocol, originally developed by Anthropic and donated to the Linux Foundation in December 2025), ACP (OpenAI and Stripe, September 2025), and UCP (Google and Shopify, announced at NRF in January 2026). Shopify activated a default MCP endpoint for all its stores in Summer 2025. These are not optional extras. They are the new plumbing. MCP, ACP or UCP and the agentic acronym soup I raised with Hamilton the practical reality for most merchants, who have no idea what MCP, ACP, or UCP even stand for. His response was reassuring on one level, and sobering on another. Platforms like BASE are absorbing this complexity on behalf of their clients. A small or mid-sized retailer does not need to recruit data scientists or build protocol integrations in-house. They can, if they choose; the new generation of coding tools makes that more feasible than ever. But they can equally rely on an operational platform that handles those connections for them. The sobering part comes when Hamilton acknowledges a concern he is genuinely uncertain about. Even if the protocols function perfectly, will LLMs be able to surface smaller independent brands alongside the big players with their vast content libraries and tens of thousands of referring domains? Research from Airops suggests that brands are 6.5 times more likely to be cited in AI answers through third-party sources than through their own domains. According to SE Ranking’s analysis of 129,000 domains, sites with more than 32,000 referring domains are 3.5 times more likely to be cited by ChatGPT than lower-authority counterparts. Scale, in other words, confers an advantage in AI visibility just as it did in paid search. The field may level in some ways; in others, it may simply tilt differently. Operational excellence as the new marketing in this agentic e-commerce world What AI agents actually evaluate Unlike Google’s search algorithm, which can be influenced by ad spend, AI agents query real-time signals: live stock levels, shipping terms, return policies, and customer review aggregates. Structured data across these dimensions is now considered standard for AI visibility by the major platforms. Retailers with AI agent integration achieved roughly 7x better sales growth during Cyber Week 2025 than those without (Salesforce). Perhaps Hamilton’s most interesting claim, and the one most counterintuitive to marketers, is that operational excellence is becoming a direct marketing lever. An AI agent evaluating a recommendation does not care how much a brand has spent on Amazon retail media. It will scrape ten thousand reviews in half a second and draw its own conclusions about delivery reliability, return handling, and product quality. No media budget can substitute for that data trail. “I think we’re heading to a world where operational excellence will count for more in the decision process,” Hamilton says, “and will be less easily brushed behind the curtains with a bit of ad spend.” This is, in theory, good news for consumers and for competent smaller operators who have always delivered well but lacked the budget to outrank wealthier rivals in paid search. Whether it will materialise in practice depends on whether LLMs can actually surface those operators when large brands flood the information environment with well-structured, high-quality content. BASE France sits at exactly this intersection. The platform manages what it describes as the “spinal column” of an e-commerce operation: product catalogue management, order handling, marketplace feeds, stock synchronisation, and shipping. These are also, precisely, the data layers that AI agents query in real time when assembling recommendations. BASE connects to more than 1,700 integrations globally and serves some 30,000 merchants across more than 180 countries. In France, launched in early 2026 and operating from Bordeaux, the platform already counts 150 clients including Kiabi, Back Market, and Spartoo, with connections to around 250 marketplaces and partners. The platform’s value proposition in an agentic world, as Hamilton frames it, is straightforward: merchants who want to be visible to AI agents need to expose the right data through the right protocols. BASE does that for them, whether or not a checkout ever happens inside an LLM. The forecasts, the hype, and the rising tide McKinsey estimates that agentic commerce could redirect between three and five trillion dollars in global retail spend by 2030, with up to one trillion of that in the US alone. Bain puts the US figure at 300 to 500 billion dollars, representing 15% to 25% of total US e-commerce sales. These numbers attract attention and, inevitably, scepticism. Hamilton’s response is precise. He notes that global retail in 2030 will likely be somewhere around 50 trillion dollars. On that basis, the McKinsey and Bain figures imply that agentic commerce will account for somewhere between one and ten percent of total retail within four years. That is plausible, he suggests, if the definition of “agentic” is broad enough to include any transaction where an AI agent played a role somewhere in the funnel, from discovery to decision, not just cases where the checkout itself occurred on an LLM. Physical retail is not exempt either: a consumer standing in a supermarket aisle, consulting Gemini on their phone about which of two products is better, is already part of this story. The honest summary is that we are watching a slow revolution rather than a tidal wave. “Maybe a year or two ago, some people made it sound imminent,” Hamilton reflects. “When it comes to retail, there’s still quite a lot of human behaviour inertia in the system. Things aren’t going to change drastically in the next twelve or twenty-four months. But over ten or fifteen years, it’s pretty difficult to imagine consumer behaviour and the retail experience looking anything like what it looks like today.” Three priorities For merchants wondering what to do right now, Hamilton’s three priorities are: become machine-readable through structured data and protocol connections, maintain high-quality content that reflects genuine expertise, and resist the temptation to flood the market with AI-generated copy. On that last point, he is candid. “Humans are starting to get pretty good at telling what is AI-generated and what isn’t. When you read things now, you almost have a sixth sense for ‘I think a machine wrote that.'” Good news, as I told him, for those of us who write for a living. Three things merchants should do to score high in agentic e-commerce according to BASE.com’s Ben Hamilton. Infographic made with Gemini and Adobe Photoshop The winners: a scenario Hamilton wants to believe I asked Hamilton, as a final question, who he thought would win in this new landscape. Big retailers with scale advantages? Platform giants? Or the long tail of independent merchants who have always competed on product and service rather than budget? His answer was honest about the limits of his own conviction. He described the scenario he wants rather than the one he necessarily expects. In that scenario, agentic commerce levels the playing field by reducing the influence of performance marketing budgets and increasing the weight of genuine operational quality. “I like to believe that those who have superior products and superior service will get more and more traffic,” he said. Whether the reality will be so equitable depends on whether AI recommendation systems can overcome their own structural biases towards scale and data volume. I was reminded, hearing this, of an IBM advertisement from the 1990s that showed an Italian woman selling her homemade spaghetti sauce to the world via the internet. The vision was real. The timeline was not. It took twenty years for that kind of global reach to become genuinely accessible to small producers. The analogy is imperfect but instructive. Agentic commerce will likely democratise access to markets over time. That time will be measured in years, not months. Ben Hamilton and Base.com Ben Hamilton is CEO of BASE France, the French arm of Base.com, a Polish-born e-commerce SaaS scale-up founded in 2006. With nearly two decades of expertise and a presence in more than 20 countries, Base serves approximately 30,000 merchants worldwide and generated €50 million in revenue in 2024. BASE France was officially launched in early 2026, operating from Bordeaux with a team of 20. The platform covers order management, stock synchronisation, shipping, marketplace feeds, and AI-ready product enrichment. Ben Hamilton is a regular speaker on the strategic implications of AI for e-commerce visibility and discovery. The post Agentic E-Commerce, Could AI Become the Shopfront appeared first on Marketing and Innovation.

In this special episode of Mainframe Voices, we explore the signals and trends the mainframe community should be watching closely right now, from AI and modernisation to talent and skills. Our guests share what stands out to them most, and how these shifts may shape the future of the platform and the people working in it.We are delighted to have our guests:Geoffrey Decker – IBM Z Champion 2022–2026 | Instructor, Northern Illinois University Jakub Balhar – Engineer at Broadcom Inc. | Zowe TSC Chair | IBM Champion 2025, 2026 Brahadambal Srinivasan – Technical Architect at IBM | Open Source & Linux on Z Erin Joel Moore – IBM Z Student Ambassador The Mainframe Connect podcast includes the I Am a Mainframer series, Mainframe Voices, and other content exploring relevant topics with mainframe professionals, sponsored by the Open Mainframe Project, a Linux Foundation initiative.#MainframeVoices #MainframeConnect #OpenMainframeProject #LinuxFoundation #Mainframe #AI #Modernization #OpenSource

Big news: the MLOps Community is joining the Linux Foundation to become the official user community of the new Agentic AI Foundation (AAIF). The AAIF is the neutral home for open source projects like the Model Context Protocol (MCP), goose, and AGENTS.md, co-founded by Anthropic, Block, and OpenAI. With that governance and scaffolding now in place, the open source agent ecosystem has room to scale, and the MLOps Community is right in the middle of it.Everything you love about the community from the past six years keeps going, and we are adding even more on top.What this means:- Official user community: MLOps Community becomes the user community of the Agentic AI Foundation under the Linux Foundation.- The projects: MCP, goose, and AGENTS.md now live under one open, neutral governance structure built to scale.- Nothing goes away: The podcast, the global meetups, the weekly newsletter, the Slack workspace, and the virtual events all continue.- New: Ambassador Program: Just opened for applications, so you can get more involved in the community.- AgentCon EU: September 17 and 18 in Amsterdam.- AgentCon North America: October 22 and 23 in San Jose.- A possible new name: The podcast may become "Agentic Conversations," because honestly all we talk about is agents. Tell me what you think in the comments.If you build with AI agents or follow the open source agent ecosystem, this is the update to bookmark. This is MLOps Community 2.0.Links and Resources:- MLOps Community: https://mlops.community- MLOps Community 2.0: https://mlops.community/blog/mlops-community-2-0- Agentic AI Foundation: https://aaif.io- Ambassadors: https://aaif.io/ambassadors- Linux Foundation AAIF announcement: https://www.linuxfoundation.org/press/linux-foundation-announces-the-formation-of-the-agentic-ai-foundation- AgentCon and MCPCon events: https://events.linuxfoundation.org/aaif-events/- Model Context Protocol (MCP): https://modelcontextprotocol.io- goose: https://goose-docs.ai- AGENTS.md: https://agents.mdTimestamps (approximate, adjust before publishing):00:00 The big announcement00:12 Joining the Linux Foundation's Agentic AI Foundation00:30 Why it matters: MCP, goose, and AGENTS.md00:48 What is not changing: podcast, meetups, newsletter, Slack01:15 What is new: the Ambassador Program01:30 AgentCon EU in Amsterdam and North America in San Jose01:55 A new name for the podcast: Agentic Conversations?02:10 MLOps Community 2.0#AgenticAI #MCP #LinuxFoundation

The dominant structural shift highlighted is the increasing systematization and formalization of vendor-to-MSP growth channels, where vendors now dictate partner engagement through structured programs, marketplaces, and packaged offers. According to Dave Sobel, this trend is driven by vendors such as Microsoft, NinjaOne, GoTo (LogMeIn), and Forcepoint, each advancing formal partner networks and explicit funding paths. The episode contends that these programs operate less as genuine strategies for MSPs and more as distribution mechanisms, shifting operational and support burdens downstream to service providers. Primary supporting evidence comes from the 2026 Microsoft Partner Global Benchmark and Success Index from Maven Collective Marketing, which analyzed over 185,000 data points. The report found that 87% of partners exist on at least one Microsoft Marketplace, with 60% having transactable offers and 58% receiving leads sourced by Microsoft. Moreover, partners with dedicated Microsoft management support are three times more likely to secure funding from Microsoft. This data illustrates how tightly partner success is coupled to marketplace discoverability, direct purchasing offers, and vendor-provided leads and funding. Secondary developments reinforce this mechanism. Other vendors—such as NinjaOne, GoTo, and Forcepoint—have instituted similar programs, with explicitly defined partner journeys for integration, service delivery, and mutual success. Additionally, economic factors such as historically low consumer sentiment, supported by University of Michigan data, and persistent IT resourcing gaps, as identified by the Linux Foundation survey and reported by SmarterMSP, are further sharpening buyer demands for packaged, defensible IT outcomes. In parallel, reports like the 2026 Kaseya State of the MSP emphasize misaligned demand and revenue in AI/automation, and research from RCR Wireless highlights operational burdens that can fall back onto MSPs in vendor weak-support scenarios. For MSPs and IT service providers, the operational implications center on risk absorption, margin erosion, and increased dependency on vendor-defined models. Without internal discipline to clearly define, price, and standardize offers—especially for complex new demands like AI and automation—MSPs risk turning complexity into unpaid labor and operational drag. The key accountability remains with the provider to package and govern vendor-aligned services in a manner that remains robust regardless of shifting vendor incentives or support. Failure to do so leads to “MSP-owned friction,” where ticket volumes, support expectations, and inconsistent delivery increase without corresponding profit. 00:00 Partner Programs Formalized  04:31 Packaged or Passed 08:14 Priced or Absorbed 11:58 Why Do We Care? 

According to The Linux Foundation, the Flatpak packaging system is being re-written in Rust, dropping X11 support, with hard requirements on Systemd and Wayland.50% Off Yearly, & Massively Discounted Lifetime Subs Through May 31:https://lunduke.substack.com/p/50-off-yearly-and-massively-discountedMore from The Lunduke Journal:https://lunduke.com/ This is a public episode. If you'd like to discuss this with other subscribers or get access to bonus episodes, visit lunduke.substack.com/subscribe

In Episode 135 of the Dutch Kubernetes Podcast, Ronald Kers and Jan Stomphorst sit down with Mohamed Nasser, CEO of VEXXHOST and OpenInfra Foundation board member, together with Thierry Carrez, General Manager of the OpenInfra Foundation and Linux Foundation Europe. The conversation explores the growing relevance of OpenStack in a world increasingly focused on digital sovereignty, private cloud, AI workloads, and secure infrastructure.The episode dives into how the industry shifted from private infrastructure toward hyperscalers between 2016 and 2020, and why many organizations are now reconsidering that strategy. Thierry explains how geopolitical tensions, vendor lock-in, and changing licensing models have renewed interest in sovereign cloud solutions powered by open source technologies like OpenStack.Mohamed and Thierry discuss why OpenStack is still highly relevant at massive scale, especially for organizations requiring multi-tenancy, hardware abstraction, GPU enablement, HPC workloads, and advanced networking performance. They explain how Kubernetes has become the user-facing interface, while OpenStack increasingly operates invisibly underneath many modern platforms. Examples discussed include rail infrastructure, gaming companies, telecom providers, and even government environments.The discussion also explores how Kubernetes and OpenStack complement each other instead of competing. Mohamed explains how many providers now run OpenStack itself on Kubernetes, leveraging cloud-native tooling such as Prometheus and Loki to simplify operations and observability. The hosts also discuss storage abstraction, CSI drivers, bare-metal provisioning with Ironic, and why virtualization still offers major operational advantages in large-scale Kubernetes environments.Towards the end of the episode, the conversation shifts toward the future of open infrastructure, including confidential computing, Kata Containers, AI security, GPU orchestration, and the growing collaboration between the Linux Foundation, CNCF, and OpenInfra Foundation. Thierry highlights how secure container isolation and confidential computing are becoming increasingly important as AI workloads spread across Kubernetes platforms.Powered by ACC ICTStuur ons een bericht.ACC ICT Specialist in IT-CONTINUÏTEIT Bedrijfskritische applicaties én data veilig beschikbaar, onafhankelijk van derden, altijd en overalSupport the showLike and subscribe! It helps out a lot.You can also find us on:De Nederlandse Kubernetes Podcast - YouTubeNederlandse Kubernetes Podcast (@k8spodcast.nl) | TikTokDe Nederlandse Kubernetes PodcastWhere can you meet us:EventsThis Podcast is powered by:ACC ICT - IT-Continuïteit voor Bedrijfskritische Applicaties | ACC ICT

Linea Stack becomes Lineth under the Linux Foundation. Chainlink SVR goes live on Aave V4. Fileverse dDocs supports markdown. And Vitalik deposits 50 ETH into Privacy Pools. Read more: https://ethdaily.io/948 ETH Daily sponsorships are now open. Reach over 10,000 Ethereum-native subscribers every weekday. Learn more at ethdaily.io/sponsor Disclaimer: Content is for informational purposes only, not endorsement or investment advice. The accuracy of information is not guaranteed.

[Some ideas here were developed in conversation with Chris Hacking (real name)] I have tried and failed to write a longer post many times, so here goes a short one with little detail. Discourse has primarily focused on models' ability to develop new exploits against important software from scratch. That capability is impressive, but the tech industry has been dealing with people regularly finding 0-day exploits for important pieces of software for more than twenty years. Having to patch these vulnerabilities at a 10xed or even 100xed cadence for six months is annoying, but well within the resources of Mozilla, the Linux Foundation, and Microsoft. Additionally, the lag time between "patch shipped" and "patch reverse engineered and weaponized by a criminal organization" was longer than the cadence between high-severity CVEs for this software anyways. And importantly, such capabilities are dual sided; the defenders will have access to them and There are lots of capabilities that are not like this, however: Weaponizing recently patched exploits for common software. Right now, for widely used C projects, we get enough publicly disclosed vulnerabilities to develop exploits with. Every amateur computer hacker has the experience of seeing a CVE for a [...] --- First published: May 14th, 2026 Source: https://www.lesswrong.com/posts/gutiw8MBrYDiD2u5z/the-primary-sources-of-near-term-cybersecurity-risk --- Narrated by TYPE III AUDIO.

What began as an internal developer tool atBlockhas evolved into a broader open-source initiative with industry backing. Goose, Block's AI coding agent, followed a path similar to Amazon's transformation of internal infrastructure intoAmazon Web Services. After deploying Goose companywide, Block open-sourced the tool under a permissive license, leading to rapid adoption across the developer community. But according to Manik Surtani, Office of the CTO, Block and Co Founder of Agentic AI Foundation, early momentum exposed governance challenges. Although Goose was technically open source, Block retained trademark ownership, creating concerns for enterprises seeking truly independent governance. To address this, the team partnered with the creators ofAnthropicand the Model Context Protocol community to establish theAgentic AI Foundationunder the umbrella of theLinux Foundation. Goose, MCP, and Agents.MD became the foundation's initial projects, chosen largely to accelerate the launch of the new organization and create a collaborative ecosystem around agentic AI development. Learn more from The New Stack around the latest in open-source AI:  Anthropic extends MCP with a UI framework Why the Linux Foundation adopted MCP, with Jim Zemlin and Mazin Gilbert Join our community of newsletter subscribers to stay on top of the news and at the top of your game. 

Neste episódio, Guilherme Goulart e Vinícius Serafim analisam casos reais e tendências que colocam em xeque a segurança digital e física no Brasil. Você vai descobrir como criminosos burlaram um sistema de reconhecimento facial em condomínios de Porto Alegre usando engenharia social, expondo os riscos do teatro da segurança, do solucionismo tecnológico e da hipossuficiência técnica dos consumidores. Em seguida, você vai entender o que está por trás do lançamento do modelo Mitos da Anthropic — classificado como perigoso demais para uso público —, e por que os resultados práticos com o Firefox e o cURL geraram ceticismo no meio da cibersegurança, levantando questões sobre propaganda de IA, governança, regulação e concorrência no mercado de inteligência artificial. Neste episódio, você também acompanha a análise da lei 15.397, que atualizou crimes digitais no Brasil com penas mais severas para furto qualificado digital, cessão de conta laranja e fraude eletrônica — e por que, sem investimento em capacidade investigativa, isso pode ser apenas populismo penal. Além disso, são discutidas duas vulnerabilidades críticas no Linux (CVE Copyfile e Dirty Frag) com exploits já circulando antes da correção, e como a IA pode acabar com o anonimato na internet ao identificar autores por fingerprint de texto com apenas 125 palavras. Os temas de privacidade, proteção de dados, LGPD, segurança ofensiva, pentest e infraestrutura em nuvem permeiam toda a conversa. Assine o Segurança Legal na sua plataforma favorita, siga o perfil nas redes sociais e avalie o podcast para ajudar a ampliar o alcance deste projeto independente de conteúdo sobre segurança da informação. Você também pode apoiar diretamente pelo Apoia.se (apoia.se/segurancalegal) ou simplesmente indicar o podcast para colegas e amigos — cada compartilhamento faz diferença. Entre em contato pelo e-mail podcast@segurancalegal.com ou pelo Mastodon, Instagram, Bluesky, YouTube e TikTok. Esta descrição foi realizada a partir do áudio do podcast com o uso de IA, com revisão humana.  Visite nossa campanha de financiamento coletivo e nos apoie!  Conheça o Blog da BrownPipe Consultoria e se inscreva no nosso mailing Shownotes Polícia prende suspeitos de invadir e furtar apartamentos de alto padrão em Porto Alegre; grupo usava fraude em reconhecimento facial Polícia desarticula grupo de criminosos que furtava apartamentos de luxo via redes sociais Atualização do Código Penal para alguns crimes digitais Will AI end anonymity? I tested it I can never talk to an AI anonymously again Anthropic's most dangerous AI model just fell into the wrong hands Unauthorized group has gained access to Anthropic's exclusive cyber tool Mythos, report claims It’s a myth that you need Mythos to find bugs: Open source models can do it just as well Filme: Quebra de Sigilo (Sneakers) BC Protege Livro – Sob a sombra da suástica: a França ocupada Filme – Viagem ao mundo dos sonhos Artigo – Em louvor ao Teatro da Segurança Imagem do episódio: The Ancient Days, Willia, Blanke

Java 26 est là, GraalVM cartonne chez Trivago (43 à 12 réplicas !), OpenJDK interdit le code généré par LLM, Spring et Quarkus enchaînent les releases. Côté IA : ADK 1.0, A2A, Lyria 3 chante (mal ?), Yann LeCun lance Ami Labs et ses World Models. Mythos d'Anthropic fait trembler la sécu, Claude Code a leaké son source, et les git worktrees envahissent vos terminaux. Bonus : la mort annoncée de l'IDE, vagues de licenciement chez Oracle et Block, et nos voix toutes clonées. Bon week-ends de mai ! Enregistré le 7 mai 2026 Téléchargement de l'épisode LesCastCodeurs-Episode-340.mp3 ou en vidéo sur YouTube. News Langages Retour d'expérience d'une migration vers graalVM chez Trivago https://medium.com/graalvm/inside-trivagos-graalvm-migration-native-image-for-graphql-at-scale-912bca9df841 La passerelle GraphQL de Trivago (point d'entrée de tout le trafic vers 48 microservices) souffrait de pics de timeout au démarrage JVM Résultats spectaculaires après migration vers GraalVM Native Image : réduction des réplicas de 43 à 12, CPU de 15 à 5 cœurs, images Docker plus légères Obstacles techniques : incompatibilité Log4j → migration vers Logback, remplacement de Mockk par Testcontainers, compilation CI/CD très gourmande Netflix DGS et d'autres librairies manquaient de support GraalVM → l'équipe a contribué des correctifs upstream en open source Approche recommandée : commencer par les services les moins complexes, investir massivement dans les tests automatisés À la 14e migration, le processus était si rodé qu'il allait plus vite que la toute première tentative OpenJDK Interim Policy on Generative AI - https://openjdk.org/legal/ai OpenJDK adopte une politique intérimaire interdisant toute contribution incluant du contenu généré par des LLMs, modèles de diffusion ou systèmes deep-learning Le périmètre est large : code source, texte, images dans les dépôts Git, pull requests GitHub, emails, pages wiki et issues JBS Les contributeurs peuvent utiliser les outils d'IA de manière privée pour comprendre, déboguer et relire le code OpenJDK, mais ne peuvent pas contribuer le contenu généré Trois risques justifient cette politique : surcharge des relecteurs face au code plausible mais incorrect, risques de sûreté/sécurité pour une plateforme critique, et risques de propriété intellectuelle (l'OCA exige que les contributeurs possèdent les droits IP de leurs contributions) Même éditer partiellement du code AI-généré ne le rend pas acceptable à la contribution Oracle, sponsor corporatif d'OpenJDK, travaille sur une politique complète à soumettre au Governing Board GraalVM Native Image et la Closed-World Assumption en Java https://pvs-studio.com/en/blog/posts/java/1357/ Un bon article de rappel du contexte de closed world en Java GraalVM Native Image compile les applications Java en exécutables natifs statiques, sans JVM au runtime. La JVM fonctionne en monde ouvert : les classes sont chargées à la demande, les appels sont des références symboliques résolues dynamiquement. Native Image impose la "closed-world assumption" : tous les chemins d'exécution doivent être connus à la compilation. Les fonctionnalités dynamiques Java (réflexion, proxies, chargement de classes) créent des chemins cachés invisibles à l'analyse statique. C'est pourquoi Native Image exige des fichiers de configuration explicites pour la réflexion, les proxies, les ressources et la FFM API. L'article illustre le problème avec la Foreign Function & Memory API pour appeler printf natif : fonctionne sur JVM, échoue en Native Image sans config. Inclure tout le bytecode accessible serait inutilisable : binaire géant, compilation très lente, et la réflexion nécessite des métadonnées précises. La configuration n'est pas un défaut de conception mais une conséquence logique du passage du dynamique au statique. Java 26 : les nouveautés https://foojay.io/today/java-26-whats-new/ Java est le langage de la JVM, publié tous les 6 mois depuis Java 9 ; Java 26 est une version non-LTS avec 10 JEPs. JEP 500 : protection des champs final modifiés par réflexion profonde, avec des avertissements configurables. JEP 504 : suppression définitive de l'API Applet, plus supportée par les navigateurs. JEP 516 : le cache AOT (Project Leyden) fonctionne désormais avec n'importe quel garbage collector. JEP 517 : support HTTP/3 dans le client HTTP, HTTP/2 reste le défaut mais HTTP/3 est accessible à la demande. JEP 522 : amélioration du débit du GC G1 en réduisant la synchronisation entre threads applicatifs et threads GC. Nouveau support des UUIDv7 via UUID.ofEpochMillis(), naturellement triables et adaptés aux identifiants de bases de données. Process devient AutoCloseable, utilisable dans un try-with-resources. Aucune fonctionnalité en preview n'est graduée en standard ; Structured Concurrency en est à sa 6e preview. Librairies Guillaume a créé une petite librairie Java sans dépendance pour extraire le JSON d'une réponse d'un LLM un peu verbeux https://glaforge.dev/posts/2026/03/22/extracting-json-from-llm-chatter-with-jsonspotter/ Les LLM génèrent souvent du JSON, mais il est parfois entouré de bla-bla et/ou contient des erreurs (ex: commentaires, virgules finales) qui bloquent les parseurs JSON standards. Guillaume a créé une petite librairie légère sans dépendance pour localiser et extraire la structure la plus longue ressemblant à du JSON (même malformé) On peut ensuite passé cette chaîne à un parseur "lénient" (plus tolérant) comme Jackson pour ensuite avoir de bons vieux objets Java fortement typés Librairie dispo sur Maven Central ADK Java sort sa version 1.0 (Agent Development Kit par Google) https://developers.googleblog.com/announcing-adk-for-java-100-building-the-future-of-ai-agents-in-java/ ADK est un framework open source de Google pour créer des agents IA, initialement en Python, maintenant multi-langages (Python, Java, Go, Typescript). Nouvelles fonctionnalités majeures : Outils puissants : GoogleMapsTool, UrlContextTool, ContainerCodeExecutor, VertexAiCodeExecutor, abstraction ComputerUseTool. Architecture de plugins centralisée : Nouveau conteneur App pour gérer les Plugins à l'échelle de l'application (ex: LoggingPlugin, GlobalInstructionPlugin). Context engineering amélioré : Compaction d'événements pour gérer la taille des fenêtres de contexte (résumé et rétention). Human-in-the-Loop (HITL) : Supporte les workflows ToolConfirmation pour approbation humaine des actions d'agent. Services de session et de mémoire : Contrats clairs pour la gestion de l'état (InMemory, VertexAI, Firestore) et la mémoire à long terme. Support Agent2Agent (A2A) : Collaboration native entre agents distants de différents frameworks via le protocole A2A. Dans cet autre article, Guillaume partage comment il a développé l'application Comic Trip montrée dans la vidéo YouTube et qui utilise ADK 1.0 https://glaforge.dev/posts/2026/03/30/building-my-comic-trip-agent-with-adk-java-1-0/ Nouvelle version du SDK Java pour Agent2Agent Protocol, avec le support de la version 1.0 de la spécification https://medium.com/google-cloud/a2a-java-sdk-1-0-0-beta1-released-e83c414b34cc Alignement avec la version 1.0 de la spécification Nouveau groupId org.a2aproject.sdk et package org.a2aproject.sdk Protocoles de transport : support complet et équivalent pour JSON-RPC, gRPC et HTTP+JSON/REST. Gestion des erreurs : introduction de codes d'erreur et détails structurés pour une meilleure observabilité. Optimisation HTTP : ajout d'en-têtes de cache pour les métadonnées des agents (Agent Card). Flexibilité du client HTTP : support par défaut du JDK HttpClient, avec option Vert.x pour les environnements Quarkus. Nouvelles fonctionnalités techniques : méthode DataPart.fromJson() pour la création simplifiée d'objets depuis du JSON brut. Prochaines étapes (v1.0.0.GA) : support simultané des versions 1.0.0 et 0.3.0 du protocole pour assurer l'interopérabilité. JPA 4.0 Milestone 2 : nouvelles fonctionnalités pour Jakarta Persistence https://in.relation.to/2026/04/23/JPA-4-M2/ Jakarta Persistence (JPA) est la spécification standard Java pour le mapping objet-relationnel (ORM), implémentée notamment par Hibernate. JPA 4.0 M2 est la deuxième milestone de la prochaine version majeure de la spécification, annoncée par Gavin King. Construction de requêtes Criteria à partir de chaînes JPQL, offrant plus de flexibilité dans la composition dynamique des requêtes. Nouveaux types d'expressions spécialisés (TextExpression, NumericExpression) pour simplifier l'écriture des requêtes Criteria. Nouvelle interface FetchOption pour contrôler explicitement la stratégie de chargement des associations, dont un BatchSize intégré. Nouvelle annotation @EntityListener qui découple les classes entités de leurs listeners, supprimant les dépendances à la compilation. Les listeners peuvent cibler plusieurs types de callbacks et s'appliquer globalement à toute l'unité de persistance. Introduction de FlushModeType.EXPLICIT et QueryFlushMode pour un contrôle plus fin de la synchronisation avec la base de données. La méta-annotation @Discoverable permet de placer des annotations comme @NamedQuery sur n'importe quelle classe ou interface. Améliorations du DDL via @Index amélioré et clarifications de la spécification via la javadoc. Quarkus 3.35 : tree-shaking, PGO et AOT Semeru https://quarkus.io/blog/quarkus-3-35-released/ Quarkus est un framework Java cloud-natif optimisé pour GraalVM et HotSpot, conçu pour les microservices et les environnements conteneurisés. Nouveau JAR tree-shaking expérimental : analyse des dépendances à la compilation pour supprimer les classes inutilisées. Sur le CLI Quarkus, cela supprime plus de 6 000 classes et économise environ 18 Mo (39,5 %). Support du Profile-Guided Optimization (PGO) pour les builds natifs via quarkus.native.pgo.enabled=true. Le PGO est une fonctionnalité Oracle GraalVM, non disponible dans la Community Edition. Support de l'AOT IBM Semeru : le démarrage passe de ~380 ms à ~190 ms dans les premiers tests. Nouvelle extension quarkus-reactive-transactions : support de @Transactional pour les méthodes Hibernate Reactive retournant Uni. Configuration CORS dédiée pour l'interface de management, indépendante de l'interface HTTP principale. Les tests n'utilisent plus les System Properties pour la propagation de configuration, facilitant la parallélisation future. Le serializer jackson sans reflection n'est pas le default du aux retours de cas limites, encore du travail This Week in Spring - 21 avril 2026 https://spring.io/blog/2026/04/21/this-week-in-spring-april-21-2026 Spring Framework 6.2.18 et 7.0.7 corrigent trois failles de sécurité : DoS via fichiers multipart WebFlux, empoisonnement de cache de ressources statiques, et DoS sur Windows. Le support open source de Spring Framework 5.3.x et 6.1.x est terminé, la migration est recommandée. Spring Data 2026.0.0-RC1 introduit l'upsert (MERGE/INSERT ON CONFLICT) dans l'API Template de Spring Data Relational. Spring Data ajoute un RedisMessageSendingTemplate pour la cohérence avec les listeners Redis, et une optimisation de réinitialisation de caches en un seul appel. Spring AI introduit une Session API (série Agentic Patterns, partie 7) : architecture event-sourcée pour la mémoire des agents IA. La Session API supporte la compaction turn-safe, l'isolation de sous-agents en parallèle, et la persistence JDBC (PostgreSQL, MySQL, MariaDB, H2). Elle vise Spring AI 2.1 (novembre 2026) et remplacera à terme l'API ChatMemory. Spring Vault 4.1.0-RC1 et 4.0.2 sont disponibles. Netflix a présenté son usage de Java, Spring Boot et Spring AI dans une vidéo. This Week in Spring - 28 avril 2026 https://spring.io/blog/2026/04/28/this-week-in-spring-april-28-2026 Cette série hebdomadaire de Josh Long compile les nouveautés de l'écosystème Spring : articles, outils, podcasts et annonces de la communauté. Spring Boot 4 introduit un package natif de résilience org.springframework.resilience avec une nouvelle API de retry qui remplace les approches fragiles via Spring Retry ou Resilience4j. L'API retry native de Spring Boot 4 a des noms d'attributs et sémantiques différents des anciennes bibliothèques, rendant les tutoriels pré-2025 obsolètes et sources de bugs silencieux. Le SDK Spring AI pour Amazon Bedrock AgentCore est disponible en GA : il intègre les capacités AgentCore dans Spring AI via annotations et auto-configuration. Le SDK AgentCore gère automatiquement le contrat runtime AgentCore : endpoint /invocations, health check /ping, SSE avec backpressure. Il offre mémoire court terme (sliding window) et long terme (sémantique, préférences, résumé, épisodique), ainsi que des outils pour navigateur et exécution de code en sandbox. Un plugin Maven (Nullability Maven Plugin) simplifie l'intégration de JSpecify et NullAway pour enforcer la null-safety à la compilation dans les projets Java. Le plugin génère automatiquement les fichiers package-info.java par package et configure le compilateur pour traiter les violations de nullabilité comme des erreurs. Josh Long et Dr. Venkat Subramaniam ont co-présenté à Voxxed Days Amsterdam sur "Intelligent Kotlin", avec un épisode de podcast associé. Cloud Amazon S3 Files https://aws.amazon.com/about-aws/whats-new/2026/04/amazon-s3-files/ Amazon S3 Files est un nouveau service donnant un accès système de fichiers direct aux données stockées dans les buckets S3 Basé sur la technologie Amazon EFS, il supprime la barrière entre stockage objet et interface système de fichiers sans dupliquer les données Débit en lecture pouvant atteindre plusieurs téraoctets par seconde ; des milliers de ressources de calcul peuvent y accéder simultanément Les données restent accessibles via les deux interfaces : S3 API classique et système de fichiers standard, sans migration nécessaire Cas d'usage : agents IA pour la persistance de mémoire entre pipelines, équipes ML sans staging, simplification des data lakes Disponible dans 34 régions AWS Data et Intelligence Artificielle Comment générer de la musique et des clips audio en Java avec le modèle Lyria 3 https://glaforge.dev/posts/2026/03/25/generating-music-with-lyria-3-and-the-gemini-interactions-java-sdk/ Génération musicale avec Lyria 3 (DeepMind) et le SDK Java Gemini Interactions. Lyria 3 : modèle d'IA générative pour créer musique avec paroles ou pistes instrumentales. Utilisation via le SDK Java de l'API Gemini, nécessite une clé API Gemini. Deux versions de modèle Lyria 3 : lyria-3-clip-preview : Clips courts (30s), extraits. lyria-3-pro-preview : Chansons complètes (jusqu'à 3 min), structurées. Personnalisation via les prompts : Fournir ses propres paroles ou les faire générer. Contrôler la structure de la chanson ([Intro], [Verse], [Chorus], [Outro]). Générer des morceaux instrumentaux uniquement. Utiliser des images comme source d'inspiration (modèle multimodal). Sortie : Audio (MP3) et texte (paroles/structure) directement, sans décodage complexe. Facilite l'intégration de la génération musicale dans les applications Java. Les world model, la prochaine étape pour les IA https://www.lepoint.fr/sciences-nature/comment-le-commando-de-yann-le-cun-se-prepare-a-ringardiser-les-geants-mondiaux-de-lia-depuis-paris-OZVUWTDYBNE25C6WF44265ZQKE/ Yann LeCun a quitté Meta FAIR pour créer AMI Labs (Advanced Machine Intelligence) basée à Paris Sa thèse : les LLMs ne mèneront pas à l'intelligence générale, la vraie IA doit partir de la compréhension du monde physique AMI Labs a levé 1,03 milliard de dollars en seed (le plus grand seed round de l'histoire européenne) à 3,5 milliards de valorisation Les world models apprennent à prédire et comprendre la réalité physique plutôt qu'à prédire le prochain token d'une séquence Slogan d'AMI : "Real intelligence does not start in language. It starts in the world." Paris comme base stratégique pour challenger la Silicon Valley dans la prochaine rupture de l'IA Debezium 2026 : résultats du sondage communautaire https://debezium.io/blog/2026/04/27/debezium-2026-survey-results/ Debezium est un outil de Change Data Capture (CDC) open source qui capture les modifications de bases de données en temps réel pour les diffuser vers des systèmes comme Kafka. 98,6% des répondants utilisent Debezium activement ou prévoient de le faire dans l'année, avec 91,3% déjà en production. 63,8% des déploiements tournent sur Kubernetes, 60,9% utilisent Kafka Connect auto-géré, et 17,4% restent sur des VMs ou bare metal. Helm charts est l'approche dominante pour la gestion de configuration, souvent combiné avec GitOps, CI/CD, Ansible ou Terraform. PostgreSQL domine les connecteurs utilisés à 69,6%, suivi de MySQL (33,3%), SQL Server (29%) et Oracle (27,5%). Les volumes de changements capturés vont de 1-25 modifications par minute jusqu'à 1-2 millions par minute selon les environnements. Infinispan rejoint l'écosystème OGX comme fournisseur de stockage vectoriel https://infinispan.org/blog/2026/04/17/infinispan-joins-ogx-ecosystem OGX (anciennement Llama Stack) est un serveur API agentique open source pour construire des applications d'IA complètes. OGX compose des fournisseurs d'inférence, des stores vectoriels, des backends de sécurité, des runtimes d'outils et du stockage de fichiers en un seul serveur déployable. OGX se positionne comme une alternative à l'API OpenAI, déployable sur diverses infrastructures et modèles. OGX cible les workflows RAG (Retrieval-Augmented Generation) et les applications agentiques. Infinispan s'y intègre comme fournisseur de vector IO, apportant recherche vectorielle, par mots-clés et hybride. Je n'ai pas entendu parlé de ce renommage, vous le voyez dans vos deploiements ? Outillage cmux un nouveau terminal basé sur Ghostty spécialisé pour les coding agents https://cmux.com/ Application macOS native construite sur le moteur de rendu Ghostty (libghostty), offrant une accélération GPU pour une fluidité maximale Conçu spécifiquement pour le multitâche et les workflows assistés par IA, avec des onglets verticaux affichant la branche Git, le répertoire et les ports actifs Intègre des notifications qui illuminent les panneaux lorsqu'un agent IA (Claude Code, Codex, etc.) nécessite l'attention de l'utilisateur Propose un navigateur web intégré et scriptable qui peut être affiché en écran scindé à côté du terminal via une API Alternative moderne à tmux, ne nécessitant pas de fichiers de configuration complexes ou de préfixes de touches pour la gestion des vitres et des sessions Supporte nativement tous les agents de codage en ligne de commande et permet l'automatisation via une API socket et une interface CLI dédiée Git Worktree comme un chef https://www.metal3d.org/blog/2026/git-worktree-comme-un-chef/ Article par Patrice Ferlet Git Worktree: Travailler sur plusieurs branches simultanément via des répertoires distincts. Évite git stash ou clones multiples pour le changement de contexte rapide. Méthode "bare" (recommandée): Cloner le dépôt en mode bare (ex: .bare). Lier le dossier racine au dépôt bare via un fichier .git. Configurer le remote tracking pour voir toutes les branches distantes. Ajouter des worktrees pour chaque branche (git worktree add ). Avantages: Économie d'espace, source de vérité unique (un git fetch met tout à jour), hooks/configs partagés, sécurité. Conseils: Ne jamais faire de git checkout à l'intérieur d'un worktree. git fetch --all depuis n'importe quel worktree pour tout mettre à jour. git worktree add --detach pour tester des merges temporaires sans créer de branche. Supprimer: git worktree remove puis git worktree prune. Un script wtree est fourni pour automatiser l'initialisation du setup "bare". Améliore considérablement le workflow. L'IDE meurt et vite https://x.com/jdegoes/status/2036931874057314390?s=46&t=C18cckWlfukmsB_Fx0FfxQ Des leaders techniques prédisent la fin rapide de l'IDE traditionnel, remplacé par des interfaces conversationnelles agentiques Le changement de paradigme : le développeur n'écrit plus des lignes de code mais exprime son intention et supervise des agents autonomes Des outils comme Claude Code, Copilot et Cursor transforment déjà radicalement les workflows de développement quotidiens L'IDE centré sur l'éditeur de code perd sa raison d'être quand l'agent lit, modifie et structure le code de manière autonome La transition est comparable au passage du desktop au mobile : les pratiques établies depuis 30 ans remises en question en quelques mois Le source de Claude Code a leaké via probablement le codemap et un site decrit sont fonctionnement https://ccunpacked.dev/ Le 31 mars 2026, Anthropic a accidentellement inclus les sourcemaps dans un package npm de Claude Code, exposant ~512 000 lignes de TypeScript La fuite n'était pas un piratage mais une erreur humaine : un "*.map" oublié dans .npmignore Le site ccunpacked.dev a été lancé pour analyser et visualiser le code source décompressé Le code révèle un agent background permanent nommé "KAIROS", un mode furtif pour cacher les contributions des employés Anthropic à l'open source, et 44 feature flags cachés Une fonctionnalité inédite "Buddy" (animal de compagnie électronique dans le terminal) et un mode "dream" pour l'idéation continue ont été découverts Anthropic a confirmé : "Aucune donnée client sensible n'était impliquée. Erreur humaine dans le packaging de la release." Gemini CLI passe aux agents https://x.com/srithreepo/status/2039794081925382307?s=46&t=GLj1NFxZoCFCjw2oYpiJpw Gemini CLI, l'agent IA open source de Google pour le terminal, introduit des hooks dans sa boucle agentique Les hooks permettent d'exécuter des scripts automatiquement (scanners de sécurité, vérifications de conformité, logging) à chaque étape de l'agent Lancement de Gemini CLI GitHub Actions : un agent autonome pour les repositories qui peut exécuter des tâches de codage de routine Support des MCP servers pour étendre les capacités et des "Agent Skills" pour des workflows spécialisés Mode agent disponible dans VS Code et IntelliJ avec accès aux outils du système de fichiers et terminal Wispr, le speech to text en local sur macOS http://wispr.stormacq.com/ Wispr est une application macOS de dictée vocale entièrement locale, propulsée par Whisper (OpenAI) sur appareil, sans cloud ni tracking Sébastien Stormacq a développé Wispr en un jour et demi sans écrire une seule ligne de code, grâce à Kiro CLI (agent IA Amazon) Disponible en open source sur GitHub et via Homebrew Détection automatique de la langue, insertion du texte au curseur dans n'importe quelle application via un raccourci global En un mois : 19 releases incluant mode mains-libres, suppression des mots de remplissage, auto-envoi pour les chats, et un outil CLI Exemple concret de développement vibe coding produisant un outil de qualité production sans expertise Swift préalable Comment, Gordon, l'assistant spécialisé en Docker est né https://n9o.xyz/posts/202603-building-gordon/ Nuno Coração (n9o.xyz) détaille comment Gordon, l'assistant spécialisé Docker, a été construit sur docker-agent, le runtime d'agents IA open source de Docker écrit en Go Les agents sont définis en YAML déclaratif et distribués comme des artefacts OCI, sans mise à jour binaire nécessaire L'architecture initiale en essaim de 9 agents spécialisés a été abandonnée au profit d'un agent racine unique avec un prompt soigneusement conçu Le modèle utilisé est Claude Haiku 4.5, suffisant après optimisation des prompts Principe clé "show, then do" : toute action de l'agent nécessite une approbation explicite de l'utilisateur La description des outils impacte fortement la précision du LLM : ajouter des outils peut paradoxalement dégrader les performances existantes Le prompt est une spécification détaillée (identité, patterns d'accès fichiers, règles de sécurité) plutôt qu'une simple instruction IBM Bob https://bob.ibm.com/blog/announcing-ibm-bob-launch IBM Bob assistant IA d'IBM pour coder sur de vraies codebases (lancé avril 2026) 5 modes : Ask, Plan, Code, Advanced (MCP), Orchestrator Détecte la complexité du code en temps réel et propose des refactos Fait des revues de code automatiques sur tes branches/issues GitHub Permet d'écrire en langage naturel directement dans l'éditeur Fonctionne aussi en terminal/CLI et dans les pipelines CI/CD Sécurité : approbation manuelle, .bobignore, checkpoints, pas de training sur tes prompts How I use Claude - 50 tips pratiques https://www.youtube.com/watch?v=mZzhfPle9QU Staff Engineer Meta partage 50 tips après 6 mois d'utilisation intensive de Claude Code Basé sur ~12h/jour d'usage perso et professionnel Couvre tout : bases, workflows avancés, parallélisation Objectif : partager ce qu'il aurait voulu savoir dès le départ Méthodologies Quelqu'un rale sur la non soutenabilité des bases de code écritent avec des agents https://mariozechner.at/posts/2026-03-25-thoughts-on-slowing-the-fuck-down/ Mario Zechner estime que les agents IA font les mêmes erreurs répétitivement sans apprendre, accumulant la complexité à grande vitesse faute de bottlenecks humains Sans vision globale, les agents créent du cargo-cult : les "best practices" de l'industrie appliquées localement sans cohérence architecturale La croissance de la base de code dégrade la capacité des agents à retrouver le code existant → duplication et incohérences croissantes Il cite des pannes AWS et des initiatives qualité Microsoft comme signes préoccupants liés au code généré par IA Solution : réserver les agents aux tâches délimitées et évaluables, garder l'architecture, les APIs et les systèmes critiques écrits à la main Maintenir une revue de code rigoureuse et traiter les humains comme les gardiens finaux de la qualité On m'oblige à utiliser l'IA https://n.survol.fr/n/on-moblige-a-utiliser-lia Éric D. défend l'adoption obligatoire de l'IA comme décision stratégique légitime, comparable au choix du full remote ou de la stack technique Il distingue la décision stratégique (adoption IA) de la méthode d'accompagnement (qui reste collaborative et bienveillante) La compétence IA devient un critère de recrutement : chercher des candidats déjà curieux et explorateurs de ces outils L'alignement culturel sur les pratiques et outils est un prérequis à la cohésion d'équipe Le refus d'adopter certains outils stratégiques peut justifier de ne pas recruter un candidat autrement compétent Encore une metodo SPDD https://martinfowler.com/articles/structured-prompt-driven/ Problème : l'IA accélère le dev individuel mais amplifie ambiguïtés et incohérences à l'échelle d'une équipe. martinfowler SPDD : traiter les prompts comme des artefacts versionnés, révisables et réutilisables plutôt que des échanges jetables. martinfowler Canvas REASONS : 7 dimensions (Requirements, Entities, Approach, Structure, Operations, Norms, Safeguards) pour guider le LLM de l'intention à l'exécution. martinfowler Workflow en 6 étapes : exigences → analyse → contexte → prompt structuré → code → tests unitaires, chaque étape s'appuyant sur la précédente. martinfowler 3 compétences clés : abstraction d'abord, alignement de l'intention, revue itérative. martinfowler Limites : fort ROI sur du code métier complexe, peu adapté aux hotfixes urgents, scripts jetables ou travail créatif/visuel. m Sécurité Le projet Glasswing pour sécuriser les logiciels https://www.anthropic.com/glasswing Anthropic lance Glasswing, une initiative de cybersécurité utilisant Claude Mythos Preview pour identifier des vulnérabilités zero-day 12 partenaires fondateurs dont AWS, Apple, Cisco, CrowdStrike, Google, JPMorganChase, Linux Foundation, Microsoft et NVIDIA Anthropic investit 100 millions de dollars en crédits de modèle et 4 millions en dons aux organisations de sécurité open source Le modèle opère avec une autonomie substantielle, identifiant des milliers de vulnérabilités dans les OS, navigateurs et infrastructures critiques Plus de 40 organisations supplémentaires ont accès pour scanner et sécuriser leurs systèmes Objectif : donner l'avantage aux défenseurs avant que les techniques de hacking assistées par IA ne se généralisent chez les attaquants LinkedIn vous espionne https://frenchbreaches.com/blog/linkedin-est-accuse-de-fouiller-dans-votre-ordinateur-illegalement Scandale "BrowserGate" : LinkedIn injecte du JavaScript qui tente de détecter les extensions Chrome installées sur votre navigateur Le script analysé contient une liste codée en dur de 6 222 extensions Chrome avec identifiants et chemins de fichiers internes Croissance alarmante de la liste ciblée : 38 extensions en 2017 → 461 en 2024 → ~1 000 en mai 2025 → 6 222 début 2026 Les données collectées incluent aussi CPU, RAM, résolution d'écran, timezone et état batterie pour du fingerprinting Certaines extensions ciblées sont liées à la neurodivergence, aux pratiques religieuses ou aux opinions politiques → violation grave du RGPD LinkedIn défend que le scan vise uniquement à détecter les extensions qui pratiquent le scraping de données Post mortem de la supply chain attack sur la librairie NPM axios https://github.com/axios/axios/issues/10636 Le 31 mars 2026, deux versions malveillantes d'axios (1.14.1 et 0.30.4) ont été publiées via un compte mainteneur compromis Vecteur d'attaque : RAT installé via ingénierie sociale ciblée sur la machine personnelle du mainteneur principal La 2FA ne protège pas si la machine de l'utilisateur est compromise : l'attaquant contrôle tout et peut agir comme l'utilisateur Les packages malveillants injectaient plain-crypto-js@4.2.1, un cheval de Troie multi-plateforme (macOS, Windows, Linux) Détection communautaire en ~3 heures, suppression par npm, mesures correctives : rotation complète des credentials Changements préventifs : publication via OIDC, releases immuables, amélioration des pratiques GitHub Actions Passbolt un gestionnaire de mots de passe open source https://lesjoiesducode.fr/passbolt-gestionnaire-de-mots-de-passe-gratuit-open-source-que-votre-equipe-merite-vraiment Gestionnaire de mots de passe open source conçu pour le partage d'identifiants en équipe, utilisé par plus de 50 000 organisations Chiffrement individuel par utilisateur et par version de credential, pas de coffre-fort partagé — architecture zero-knowledge "Forward secrecy" : quand un membre quitte l'équipe, ses copies chiffrées sont automatiquement révoquées sans reset manuel Supporte TOTP, clés SSH, tokens API et champs personnalisés avec piste d'audit complète de tous les accès Édition communautaire entièrement gratuite avec utilisateurs illimités, auto-hébergeable ou cloud Chiffrement OpenPGP nécessitant passphrase + clé privée, avec tokens visuels anti-phishing Loi, société et organisation Anthropic fait un don d'1,5 millions de dollars à la fondation Apache https://news.apache.org/foundation/entry/the-apache-software-foundation-announces-1-5m-donation-from-anthropic Anthropic donne 1,5 million de dollars à l'ASF pour soutenir l'infrastructure, la sécurité et la communauté open source Vitaly Gudanets (CISO d'Anthropic) : "Soutenir l'ASF est un investissement direct dans la résilience et l'intégrité des systèmes dont dépend l'IA moderne" Les fonds financeront les systèmes de build, les processus de sécurité et les services aux projets Apache Ce don est le déclencheur de l'initiative IA responsable à 10 millions de dollars de l'ASF L'infrastructure Apache est invisible mais critique : des systèmes financiers aux plateformes de santé, elle sous-tend l'écosystème logiciel mondial L'ASF lance l'initiative IA responsable https://news.apache.org/foundation/entry/the-apache-software-foundation-launches-10m-responsible-ai-initiative-with-initial-1-75m-donation L'ASF lance une initiative pour une IA responsable dotée d'un budget de 10 millions de dollars sur 3 ans minimum Anthropic est le premier donateur avec 1,5 million de dollars ; Alpha-Omega contribue 250 000 dollars L'initiative fournit aux projets Apache un accès à des modèles IA pour l'expérimentation et la sécurité Elle soutient l'ensemble de la chaîne IA/ML : pipelines de données, infrastructure, frameworks de deep learning Des tracks de conférences, hackathons et bourses de voyage sont prévus pour élargir la communauté Les principes directeurs incluent la supervision humaine, l'intégrité des licences et la sécurité open source Oracle vire 30000 personnes https://rollingout.com/2026/03/31/oracle-slashes-30000-jobs-with-a-cold-6/ Oracle licencie 20 000 à 30 000 employés, 18% de ses effectifs mondiaux. Les salariés ont appris leur licenciement par un simple email à 6h du matin, sans aucun préavis. L'accès à tous les systèmes (Slack, Zoom, badges) a été coupé immédiatement après. But : libérer 8 à 10 milliards de dollars pour construire des centres de données IA. Oracle a déjà contracté 50 milliards de dettes en 2026 pour financer ses projets IA. Paradoxe : l'entreprise affiche un bénéfice record de 6,13 milliards, mais ses liquidités sont dans le rouge. L'action Oracle a perdu plus de la moitié de sa valeur depuis septembre 2025. Et si l'IA n'était qu'un prétexte pour licencier https://eventuallycoding.com/p/ia-licenciements-et-si-l-intelligence-artificielle-n-etait-qu-une-excuse Hugo Lassiège (eventuallycoding) estime que les entreprises utilisent l'IA comme narratif commode pour masquer des erreurs de gestion passées (Block a triplé ses effectifs post-COVID sans croissance des revenus correspondante) Moins de 1% des licenciements technologiques seraient réellement dus à des gains de productivité IA selon les analyses citées Mesurer la productivité des développeurs reste un problème non résolu, mais les entreprises affirment des gains d'efficacité sans preuves Des pressions économiques réelles (inflation, guerres commerciales, coûts énergétiques) sont masquées derrière le discours IA Les restructurations nécessaires sont présentées comme des transformations AI-driven positives pour rassurer les investisseurs Il y voit une fenêtre d'opportunité pour l'Europe pendant que les géants américains se restructurent GitHub Copilot va utiliser les interacitons pour entrainer ses modèles sauf si vous vous délistez https://github.blog/news-insights/company-news/updates-to-github-copilot-interaction-data-usage-policy/ À partir du 24 avril 2026, GitHub utilise par défaut les interactions des utilisateurs Copilot Free, Pro et Pro+ pour entraîner ses modèles Les données collectées incluent le code accepté ou modifié, les snippets envoyés, les noms de fichiers et structures de dépôts, et les retours utilisateurs Les utilisateurs Copilot Business, Enterprise et les dépôts d'entreprise sont exclus de cette collecte de données d'entraînement Opt-out disponible dans les paramètres GitHub > "Privacy" ; les préférences de désactivation préalables sont conservées automatiquement Objectif déclaré : améliorer la précision des modèles sur les langages et cas d'usage du monde réel Grosse percée de Claude Code dans les commits sur GitHub https://aifoc.us/damn-claude-thats-a-lot-of-commits/ Explosion de Claude Code : En six mois, Claude Code est passé de 0,7 % à 4,5 % de tous les commits publics sur GitHub, surpassant tous les autres outils d'IA combinés. Adoption massive des agents IA : Environ 5 % des commits publics sur GitHub sont désormais générés par des agents IA, un chiffre en croissance rapide depuis fin 2025. Domination des bots sur GitHub : Au-delà des commits, les outils d'IA sont omniprésents dans la gestion des pull requests et des problèmes (Copilot et CodeRabbit notamment). Limites méthodologiques : Les données ne concernent que les dépôts publics (les entreprises utilisent massivement des dépôts privés, invisibles ici). Le comptage dépend fortement de la visibilité des signatures (certains outils comme Claude marquent systématiquement leurs commits, d'autres non) L'API de recherche GitHub présente une fiabilité variable à cette échelle. Changement de paradigme : Le développement logiciel vit une transition majeure, comparable au passage du desktop au mobile. L'intégration des agents IA dans le cycle de production n'est plus une expérimentation, mais une réalité opérationnelle à grande échelle. Dysmaths une application pour aider à apprendre les mathématiques et la géométrie lorsque l'on souffre de dyspraxie, dysgraphie https://dysmaths.com/ Application web pour aider les élèves de collège et lycée souffrant de dysgraphie et dyspraxie à faire des maths et de la géométrie Outils de dessin à main levée, géométrie précise (compas, rapporteur, règle) et opérations structurées (fractions, racines, puissances, symboles mathématiques) Export PDF et PNG avec conservation fidèle de l'échelle pour l'impression et la soumission des exercices Options d'accessibilité : police OpenDyslexic, personnalisations d'interface, import d'images et de PDFs Répond à un besoin réel : les outils standards ne sont pas adaptés aux difficultés de coordination et d'organisation spatiale en mathématiques IA ou réalité ? Par Amistory https://www.youtube.com/watch?v=PPYdAhBBF2I L'IA génère des contenus (images, voix, vidéos) de plus en plus indétectables Les arnaques au clonage de voix et deepfakes sont en forte hausse Les faux contenus viraux manipulent l'opinion à grande échelle Le faux n'est plus un accident, c'est devenu un système organisé La société entre dans une ère de doute généralisé sur le réel Comment s'informer quand le réel lui-même peut être simulé ? Conférences La liste des conférences provenant de Developers Conferences Agenda/List par Aurélie Vache et contributeurs : 6-7 mai 2026 : Devoxx UK 2026 - London (UK) 12 mai 2026 : Lead Innovation Day - Leadership Edition - Paris (France) 12-13 mai 2026 : Lyon Craft - Lyon (France) 19 mai 2026 : La Product Conf Paris 2026 - Paris (France) 19-20 mai 2026 : Green Code Challenge - Paris (France) 21-22 mai 2026 : Flupa UX Days 2026 - Paris (France) 22 mai 2026 : AFUP Day 2026 Lille - Lille (France) 22 mai 2026 : AFUP Day 2026 Paris - Paris (France) 22 mai 2026 : AFUP Day 2026 Bordeaux - Bordeaux (France) 22 mai 2026 : AFUP Day 2026 Lyon - Lyon (France) 27 mai 2026 : aMP Day Strasbourg 2026 - Strasbourg (France) 28 mai 2026 : DevCon 27 : I.A. & Vibe Coding - Paris (France) 28 mai 2026 : Cloud Toulouse 2026 - Toulouse (France) 29 mai 2026 : NG Baguette Conf 2026 - Paris (France) 29 mai 2026 : Agile Tour Strasbourg 2026 - Strasbourg (France) 2-3 juin 2026 : Agile Tour Rennes 2026 - Rennes (France) 2-3 juin 2026 : OW2Con - Paris-Châtillon (France) 3 juin 2026 : IA–NA - La Rochelle (France) 4 juin 2026 : Workplace Intelligence Days - 1ère édition - Lyon (France) 5 juin 2026 : TechReady - Nantes (France) 5 juin 2026 : Fork it! - Rouen - Rouen (France) 6 juin 2026 : Polycloud - Montpellier (France) 9 juin 2026 : JFTL - Montrouge (France) 9 juin 2026 : C: - Caen (France) 9 juin 2026 : France API 2026 - Paris (France) 11-12 juin 2026 : DevQuest Niort - Niort (France) 11-12 juin 2026 : DevLille 2026 - Lille (France) 12 juin 2026 : Tech F'Est 2026 - Nancy (France) 15 juin 2026 : Jupyter Workshops: Demystifying MyST Markdown in Education - Orsay (France) 16 juin 2026 : Mobilis In Mobile 2026 - Nantes (France) 17-19 juin 2026 : Devoxx Poland - Krakow (Poland) 17-20 juin 2026 : VivaTech - Paris (France) 18 juin 2026 : Tech'Work - Lyon (France) 22-26 juin 2026 : Galaxy Community Conference - Clermont-Ferrand (France) 23-24 juin 2026 : MWCP 2026 - Paris (France) 24-25 juin 2026 : Agi'Lille 2026 - Lille (France) 24-26 juin 2026 : BreizhCamp 2026 - Rennes (France) 25-26 juin 2026 : Agile Tour Toulouse 2026 - Toulouse (France) 27 juin 2026 : Asynconf - Paris (France) 2 juillet 2026 : Azur Tech Summer 2026 - Valbonne (France) 2-3 juillet 2026 : Sunny Tech - Montpellier (France) 3 juillet 2026 : Agile Lyon 2026 - Lyon (France) 6-8 juillet 2026 : Riviera Dev - Sophia Antipolis (France) 28-30 août 2026 : State of the Map - Champs-sur-Marne (France) 4 septembre 2026 : JUG Summer Camp 2026 - La Rochelle (France) 10-11 septembre 2026 : Nantes Craft - Nantes (France) 17 septembre 2026 : dotAI - Paris (France) 17-18 septembre 2026 : API Platform Conference 2026 - Lille (France) 18 septembre 2026 : dotJS - Paris (France) 18 septembre 2026 : WordCamp Bretagne - Rennes (France) 22 septembre 2026 : Salon Data 2026 - Nantes (France) 22-23 septembre 2026 : Agile en Seine & IA 2026 - Paris (France) 24 septembre 2026 : OWASP AppSec Days France 2026 - Paris (France) 24 septembre 2026 : PlatformCon Paris - Paris (France) 24 septembre 2026 : React Native Connection 2026 - Paris (France) 24-26 septembre 2026 : Paris Web 2026 - Paris (France) 28-29 septembre 2026 : 4th Tech Summit on AI & Robotics - Paris (France) & Online 1 octobre 2026 : WAX 2026 - Marseille (France) 1-2 octobre 2026 : Volcamp - Clermont-Ferrand (France) 2 octobre 2026 : DevFest Perros-Guirec 2026 - Perros-Guirec (France) 5-9 octobre 2026 : Devoxx Belgium - Antwerp (Belgium) 12 octobre 2026 : Dev With AI - Paris (France) 27-29 octobre 2026 : Directions EMEA 2026 - Paris (France) 29-30 octobre 2026 : BDX I/O 2026 - Bordeaux (France) 30 octobre 2026 : Cloud Nord 2026 - Lille (France) 4-5 novembre 2026 : Devoxx Morocco - Casablanca (Morocco) 14-15 novembre 2026 : Capitole du Libre - Toulouse (France) 19 novembre 2026 : DevFest Toulouse 2026 - Toulouse (France) 27 novembre 2026 : DevFest Paris 2026 - Paris (France) 1-3 décembre 2026 : Apidays Paris - Paris (France) 4 décembre 2026 : DevFest Lyon 2026 - Lyon (France) 4 décembre 2026 : DevFest Dijon 2026 - Dijon (France) 9-10 décembre 2026 : OpenSource Expérience - Paris (France) 9-10 décembre 2026 : DevOps REX - Paris (France) 10 décembre 2026 : KCD Provence - Aix-en-Provence (France) 7-9 avril 2027 : Devoxx France 2027 - Paris (France) Nous contacter Pour réagir à cet épisode, venez discuter sur le groupe Google https://groups.google.com/group/lescastcodeurs Contactez-nous via X/twitter https://twitter.com/lescastcodeurs ou Bluesky https://bsky.app/profile/lescastcodeurs.com Faire un crowdcast ou une crowdquestion Soutenez Les Cast Codeurs sur Patreon https://www.patreon.com/LesCastCodeurs Tous les épisodes et toutes les infos sur https://lescastcodeurs.com/

Agentic AI is advancing rapidly, with open-source projects racing to keep pace with real-world deployment. To accelerate progress, the Linux Foundation consolidated key technologies—Model Context Protocol (MCP), Goose, and AGENTS.md—under the newly formed Agentic AI Foundation (AAIF) in late 2025. At the MCP Dev Summit in New York City, Linux Foundation CEO Jim Zemlin and newly appointed AAIF executive director Mazin Gilbert discussed this transition. Zemlin explained that leading both organizations was unsustainable, prompting a careful search for a leader with both technical expertise and collaborative leadership skills. Gilbert now takes on the challenge of guiding AAIF as it shapes the emerging agentic AI ecosystem. While the foundation currently oversees three projects, its broader mission involves defining the future architecture of agent-driven systems—deciding what to build, when, and why. These decisions will influence the trajectory of open-source AI development. The conversation also highlights the importance of open collaboration, funding dynamics, and early adopters in shaping the agentic stack's evolution.   Learn more from The New Stack around the latest in open-source projects and The Linux Foundation:  Anthropic Donates the MCP Protocol to the Agentic AI Foundation SAFE-MCP, a Community-Built Framework for AI Agent Security Google Donates the Agent2Agent Protocol to the Linux Foundation Join our community of newsletter subscribers to stay on top of the news and at the top of your game.

AI agents are moving fast,  but the infrastructure behind them is still catching up. In this episode of Screaming in the Cloud, Corey Quinn sits down with Paper Compute CEO Brian “B Dougie” Douglas to explore building telemetry for AI agents, open-source infrastructure, token economics, and what it takes to create developer tooling in the AI era. From local-first observability to agent runtimes and the future of AI workflows, this conversation dives into what's next for AI-powered development.Show highlights: (00:00) Open Source Trust Signal(00:16) Show Intro and Sponsor(01:07) What Paper Compute Builds(01:55) Telemetry for Agents Explained(04:10) Local First Data and Sharing(06:18) Second Time Founder Story(09:06) Token Costs and Pricing Psychology(14:20) Stereos VM and Safer Runtimes(20:34) Open Source Strategy and Vibe Coding(24:54) Whats Next and Wrap UpAbout Brian: Brian is the founder of the Paper Compute Company, a distributed systems primitives for AI agents.Brian previously founded Open Sauced, a company dedicated to increasing knowledge and insights of open-source communities. In 2024, Open Sauced joined the Linux Foundation, further solidifying Brian's commitment to advancing open-source initiatives. With a passion for open source, Brian has consistently supported and mentored new contributors through Open Sauced, empowering developers to excel in the open-source ecosystem.Previously, Brian also led Developer Advocacy at GitHub, where he fostered a community of early adopters through content creation showcasing the newest GitHub features. His experience spans across notable companies in the tech industry, including Netlify, where he worked as an advocate. Brian's dedication to open source extends beyond his professional endeavors. He currently hosts two podcasts Open Source Ready and The Secret Sauce: A podcast focusing on developer insights and experiences.Through these platforms, Brian continues to share valuable knowledge and promote open-source culture within the developer community.Links: LinkedIn: https://linkedin.com/in/brianldouglasWebsite: https://b.dougie.devSponsored by: duckbillhq.com

Something flipped this year. Chatbots were a toy. Useful sometimes, but a toy. Agents are not. Agents take actions, hold credentials, write code, move Kanban cards, and run on cron schedules. The window between "this is interesting" and "this is existential" has closed faster than cloud, faster than Kubernetes, faster than any prior shift. Viktor's read is blunt. One person can now build a bigger business than most mid-size companies have ever managed. That is not hyperbole -- that is a description of what is already happening with a handful of solo-built projects shipping in weeks what used to take a hundred-person org years. The thesis: panic. Not because the sky is falling, but because larger companies cannot turn around overnight, and the gap between the people who get this and the people who are still scheduling meetings about scheduling meetings is widening every week. The conversation walks through what each big provider is actually doing. AWS is not pretending to compete on models -- they want the inference revenue. Microsoft is lost in Copilot button-stuffing. Google is quietly winning on three layers at once: TPUs, models, and inference infrastructure. Anthropic is on the path to becoming the next defining IPO, while OpenAI looks like a place to take money out of, not put more in. The Linux Foundation's new Agentic AI foundation got Anthropic's MCP, Block's Goose, and OpenAI's AGENTS.md spec. Viktor's reaction: those are heavy hitters donating not very much. Then it gets practical. Vendor-provided agents are like hiring a genius engineer who knows nothing about your company. Public skills are mostly nonsense -- if it is in public training data, the model already knows it; what is missing is everything specific to you, which is exactly what no public skill can provide. OWASP just published an Agentic AI Top 10 and most of it is least-privilege rebranded for agents. The cost story is also not what the marketing says: a 00 monthly subscription will not last a day for anyone working full-time with agents. There is a true story in here about a leaked token that turned a 00 monthly spend into 5,000 in two days. The hardest part of the episode is the part nobody likes hearing. If your output stays the same in 2026, you are in trouble. If you multiply your output, you are fine. Companies have always wanted to do more than they could afford to do. Now they can. The middle is where careers used to live. The middle is where the cuts are going.   YouTube channel: https://youtube.com/devopsparadox   Review the podcast on Apple Podcasts: https://www.devopsparadox.com/review-podcast/   Slack: https://www.devopsparadox.com/slack/   Connect with us at: https://www.devopsparadox.com/contact/

This week we talk about Project Glasswing, Anthropic, and Q Day.We also discuss exploit markets, vulnerabilities, and zero days.Recommended Book: The Culture Map by Erin MeyerTranscriptIn the world of computer security, a zero-day vulnerability is an issue that exists within a system at launch—hence, zero-day, it's there at day zero of the system being available—that is also unknown to those who developed said system.Thus, if Microsoft released a new version of Windows that had a security hole that they didn't know about, but someone else, a hacking group maybe, discovered before it was released, they might use that vulnerability in Windows or Word or whatever else to hack the end-users of that software.While large companies like Microsoft do a pretty good job, considering the scope and scale of their product library, of identifying and fixing the worst of the security holes that might leave their customers prone to such attacks, that same scope and scale also means it's nearly impossible to fill every single possible gap: a truism within the cybersecurity world is that defenders need to get it right every single time, and attackers only need to get it right once, and the same is true here. There's never been a perfect piece of software, and as these things expand in capability and complexity, the opportunity to miss something also increases, and thus, so does the range of possible errors and exploitable imperfections.Because of how damaging zero-days can be for both users of software and the companies that make that software, there are thriving marketplaces, similar to those that deal in other illicit goods, where those who discover such vulnerabilities can sell them, usually for cryptocurrencies or funds derived from stolen credit cards.Software companies have countered the increasing sophistication of these exploit black markets with white and grey market efforts, the former being direct payouts to hackers, basically saying hey, thanks for finding this bug, here's a lump-sum of money, a bug bounty, rather than punishing all hacking of their systems, which is how they would have previously responded, which had the knock-on effect of sending all hackers, even those who weren't looking to cause trouble, either underground, or actively hunting for bugs for the black market.The grey market is more complicated and diverse, and also the largest of marketplaces for those shopping around for these types of exploits. And it's populated by the same sorts of neverdowells who might frequent the exploit black markets, but also includes all sorts of governments and intelligence agencies, who scoop up these sorts of vulnerabilities to use against their opponents, or to deny them to others who might use them instead, against them.All sorts of governments, from the US to Russia to North Korea to Iran are regular shoppers on these computer system exploit grey markets, and that has created a complicated, entangled system of incentives, as is some cases, it's better for the US government, or Iranian government, or whomever, if the company making these systems doesn't know about a bug or other vulnerability, because they just spent several million dollars to buy a map to said bug or gap, which could, at some point in the future, allow them to tunnel into an enemy's computers and cause damage or steal information.What I'd like to talk about today is a new AI system that is apparently very, very good at identifying these sorts of exploits, and why this is being seen as a milestone moment for some people operating in the zero day, and overall computer security space.—On April 7, 2026, US-based AI company Anthropic announced Project Glasswing—a new initiative that is currently only available to 11 companies that's meant to help those companies shore-up their cyber defenses before more AI systems like the one that underpins Project Glasswing, which is called Mythos Preview, hit the market.So these companies, Amazon Web Services, Anthropic, Apple, Broadcom, Cisco, CrowdStrike, Google, JPMorganChase, the Linux Foundation, Microsoft, NVIDIA, and Palo Alto Networks, make a lot of stuff, and in particular make and maintain a lot of vital online and device-based software infrastructure, like operating systems and all the stuff that keeps things in our apps and on the web secure.Mythos Preview is a new model created by Anthropic, similar to their existing Claude models, but apparently vastly more powerful. There are tests that AI companies use to compare the potency of their models at a variety of task types, but those are generally considered to be flawed or game-able in all sorts of ways, so the main thing to know here is that Mythos did way better at most of those tests, especially the coding, the programming-related ones, than the other, currently most capable models, the ones that professional programmers, most of them anyway, are using these days. It was also able to do impressive and worrying things like break out of the sandbox that contained it, accessing the internet when it wasn't supposed to be able to do so.And because of that leap forward in programming capability, Mythos Preview was tasked by Anthropic with finding vulnerabilities in all sorts of software systems, including operating systems—Windows, macOS, iOS—and browsers, like Chrome and Firefox.Most AI systems, and most human coders, if they focus enough and look really hard for long enough, will tend to find some kind of vulnerability in just about anything, because this software is just that big and complex. But within a relatively short period of time, Mythos Preview found thousands of vulnerabilities in these systems, indicating that it's a lot better at this kind of task than the other AI available these days, and so Anthropic created this project, Project Glasswing, to give these entities a head-start, helping them fill these gaps and bolster their defenses, before everyone else on the planet, including foreign governments, hacker and terrorist groups, but also just everyday people, suddenly have the ability to identify and possibly exploit these vulnerabilities, on scale.This news hasn't been super widely reported in the non-tech press quite yet, but within the tech world, it landed like a hand grenade in a crowded room.And there are already quite a few perspectives on what this all means, including a fair bit of skepticism.On the skeptic side, many analysts have noted that it's a common tactic amongst AI companies to doomsay, to basically suggest that their models might end the world, might kill all of humanity, might dramatically change everything, put everyone out of work, maybe, not necessarily because the founders and employees at those companies believe that would be the case, but because the implication is that if these products are that powerful, well, investors should probably give them gobs of money, because a tool that could end the world or cause that much disruption might be the last tool available, or might become the next electricity or internet or whatever else. Claiming philosophical, humanistic concern for the super-weapon you just built, in other words, is one way for AI company leaders to say their product is superior to every other product ever while also seeming to suggest that they are the thoughtful, careful leaders that we need holding the reins of that sort of capacity.Other skeptics have said that while this might be a step-up in terms of the speed at which such vulnerabilities can be identified in these sorts of systems, other AI systems, existing ones, even open source, free ones, have been able to do the same for a while now. So while Mythos Preview might be even better at it, and might be capable of running constantly, finding more and more of these things for a government that wants to save money they might otherwise spend on the grey market, scooping these things up for use against their enemies, or for defensive purposes, sharing some of them with their homegrown tech companies, perhaps, smaller, less-moneyed groups can already do the same, if they're smart about how they apply existing, even free, lower-end AI systems.Others have responded to this announcement similarly to how some have responded to the concept of Q Day, short for Quantum Day, which refers to the hypothetical moment at which quantum computers finally become powerful enough to break the encryption that allows the internet, and banking, and government privacy systems to function. If these encryption keys can be broken—and quantum computers should theoretically be able to do this a lot better than conventional computers, because of their very nature—if and when that happens, if these systems aren't suitably prepared with new encryption that's hardened against quantum systems, the entire banking sector could collapse, everything hackable, all the money stealable, none of it trustworthy anymore. The same with the whole of the web, with apps, with government systems that keep things hidden away and classified, with energy grids. It could be chaos.The theory here, then, is that this type of AI, maybe Mythos Preview, maybe the other systems that it portends—because this whole industry seems to leapfrog itself every three or four months at this point, someone coming out with a big, cool, most powerful new thing, then their competitors coming out with something even more powerful within weeks or months—maybe these vulnerability-identifying and exploiting AI will result in something similar, all the world's software and encryption a lot more vulnerable, all at once, essentially tomorrow.It's more of what we've already seen with AI, basically, these tools providing anyone who uses them more leverage to do all sorts of things. Not necessarily creating anything new—exploits and vulnerabilities have always existed—but giving a skilled hacker the ability to find and exploit thousands of them in the same time it would have previously taken them to find and exploit just one. And it could also give unskilled, non-hackery people and entities similar capabilities.That creates a dramatically new cybersecurity landscape essentially overnight, and that's why, at least according to their press releases on the matter, Anthropic is not releasing Mythos Preview to the public, and instead is taking the Project Glasswing approach: they don't think other AI companies, like OpenAI or xAI, can be trusted not to just lob that grenade into the crowded room, so since they got there first, they're going to try to help everyone protect themselves from that grenade when it inevitably lands.This could, then, be quite the PR coup, giving Anthropic the opportunity to tout their superior products, while also allowing them to portray themselves as sort of the white knight in the AI world, helping everyone protect themselves, even though they probably could have made far more money by either selling the exploits and creating their own new market for them, or by somehow leveraging those exploits themselves.At the same time, it could be that they are overselling the capabilities of this new model, painting a rosy picture with them as the heroes, while in turn makes their products seem more powerful than they are in order to bolster their public perception and future economic potential.It could also be a bit of both; even those who are skeptical about this specific announcement and the implications of it do tend to agree it's likely we'll see more disruption from these sorts of models soon. Even if Mythos Preview isn't the grenade everyone's worried about, in other words, it's likely we'll face such a threat in the near-future, and even if Project Glasswing isn't the defense we need against such a threat, it's probably prudent that we be thinking about whatever it is we do need, and ideally building it, too, so it's ready to go, already in place, when that new threat lands.Show Noteshttps://www.nytimes.com/2026/04/10/briefing/claude-mythos-preview.htmlhttps://www.nytimes.com/2026/04/07/technology/anthropic-claims-its-new-ai-model-mythos-is-a-cybersecurity-reckoning.htmlhttps://en.wikipedia.org/wiki/Claude_(language_model)#Claude_Mythos_Previewhttps://www.newyorker.com/magazine/2026/04/13/sam-altman-may-control-our-future-can-he-be-trustedhttps://www.anthropic.com/glasswinghttps://www.wired.com/story/anthropic-mythos-preview-project-glasswing/https://stratechery.com/2026/myth-and-mythos/https://en.wikipedia.org/wiki/Zero-day_vulnerabilityhttps://en.wikipedia.org/wiki/Market_for_zero-day_exploits This is a public episode. If you'd like to discuss this with other subscribers or get access to bonus episodes, visit letsknowthings.substack.com/subscribe

Die neue KI Claude Mythos soll so gut darin sein, Sicherheitslücken in Software zu finden, dass es zu gefährlich wäre, sie zu veröffentlichen. Google, Microsoft und die Linux Foundation bekommen trotzdem Zugang.

Is open source the true future of Artificial Intelligence? In this episode of the BRAVE Southeast Asia Tech Podcast, Jeremy Au sits down with Eugene Cheah, CEO and Co-Founder of Featherless AI. They dive deep into the architecture of the RWKV model, the intense global competition between open source and closed source AI, and how China is aggressively pushing an open source strategy to bypass chip constraints. Recorded with a focus on the Southeast Asian tech ecosystem, this episode breaks down the immediate impact of AI on the global south, specifically highlighting the vulnerability of the BPO and call center industries in the Philippines. Eugene also shares his extraordinary journey from building UIlicious to securing a $1M investment in San Francisco with no pitch deck, and his ongoing work with the Linux Foundation and the World Trade Organization to bridge the global AI language divide. Discover tactical insights into startup bootstrapping, macroeconomics, and the entrepreneurial mindset required to navigate the hyper-competitive deep tech space. Tune in to learn how to future-proof your business and stay ahead of the AI curve in Southeast Asia. 00:00 - Introduction & Featherless AI 02:59 - From UIlicious to AI Research 05:45 - RWKV & the Transformer Alternative 07:13 - Spinning Out Featherless as a New Company 09:10 - Fundraising in San Francisco 16:15 - Open Source vs. Closed Source AI 21:52 - China's Open Source AI Strategy 23:57 - Advantages & Disadvantages of Open Source 28:06 - Inference as a Service & Model Variety 32:13 - The Future of AI: Reliability & Specialization 36:35 - Personal Growth & Navigating AI Politics 39:01 - Policy Advice for Southeast Asia & Global AI Impact 43:39 - Multilingual AI & Closing the Global Divide 48:44 - Being Brave: Founding Story & Closing Reflections Watch, listen or read the full insight at https://www.bravesea.com/blog/eugene-cheah-featherless-ai-open-source-ai Get transcripts, startup resources & community discussions at https://www.bravesea.com WhatsApp: https://whatsapp.com/channel/0029VakR55X6BIElUEvkN02e TikTok: https://www.tiktok.com/@jeremyau Instagram: https://www.instagram.com/jeremyauz Twitter X : https://x.com/jeremyau LinkedIn: https://www.linkedin.com/company/bravesea English: Spotify | YouTube | Apple Podcasts Bahasa Indonesia: Spotify | YouTube | Apple Podcasts Chinese: Spotify | YouTube | Apple Podcasts #Singapore #China #Philippines #AI #ArtificalIntelligence #MachineLearning #Technology #TechNews #VentureCapital #Startup #Podcast #southeastasia #techpodcast

x402 just got a lot bigger. The Linux Foundation is now backing it — and maybe Amazon, Google, Stripe, Mastercard, and American Express along with them. In this episode, David sits down with Jordan Liu, co-founder of AIsa — one of earliest builders in the x402 ecosystem, with over 20 million microtransactions already processed. TIMESTAMPS: (00:00) Introduction (01:42) What AISA Builds (02:55) X40 Goes Linux (07:30) Nexo Ad (08:07) Adoption and Micropayments (19:58) Nexo Ad and Blockworks IR Promo (21:38) Adoption and Micropayments (Con't) (25:06) Protocols Roadblocks Future FOLLOW GUEST › Jordan Liu (AIsa) — https://x.com/AIsaOneHQ FOLLOW THE SHOW › David — https://x.com/dcanellis › The Breakdown — https://x.com/TheBreakdownBW SPONSORS › NEXO Nexo is the premier digital wealth platform. Receive interest on your crypto, borrow against it without selling, and trade a range of assets. Now available in the U.S with 30 days of exclusive privileges. Get started at http://nexo.com/breakdown - Get top market insights and the latest in crypto news. Subscribe to the Blockworks Daily Newsletter: https://blockworks.co/newsletter/ DISCLAIMER As always, remember this podcast is for informational purposes only, and any views expressed by anyone on the show are solely their opinions, not financial advice.

Safe launches Safenet Beta. x402 Foundation moves under the Linux Foundation. OpenCover introduces Covered Vaults. And Circle announces cirBTC. Read more: https://ethdaily.io/917 Sponsor: Lido Earn lets you deploy ETH or stablecoins into curated DeFi strategies for optimised yield. Two vaults, daily rewards, automatic compounding, and first-loss protection. Get started on stake.lido.fi/earn. Disclaimer: Content is for informational purposes only, not endorsement or investment advice. The accuracy of information is not guaranteed.

In this special episode of Mainframe Voices, we explore how open source is helping people discover, enter, and grow their careers on the mainframe. Our guests share how contributing to open source projects on IBM Z has given them hands‑on experience, visibility, and a community that supports their professional journeys.Featuring: •Steven Dickens – CEO and Principal Analyst, Top 3 Global Technology Industry Analyst, Advisor to Tech Vendor Executives •Sarah Julia Kriesch - Senior Lead, Mainframe Architect & Open Source Evangelist - zCloud @Kyndryl•John Lovett - Head of Education & Customer Engagement for the Mainframe Software Division @Broadcom Inc.•Junior Tamekem Tadiffo - IBM Z Student Ambassador•Marcus Davage - Lead Product Developer@BMC Software•Hunter Johnson - Product Marketing Engineer@Beyond Code(Broadcom)You will hear how open source has: - Lowered the barrier to getting practical mainframe experience - Helped contributors build portfolios they can share with employers - Created mentorship and networking opportunities across the global ecosystem.The Mainframe Connect podcast includes the I Am a Mainframer series, Mainframe Voices, and other content exploring relevant topics with mainframe professionals, sponsored by the Open Mainframe Project, a Linux Foundation initiative.#MainframeVoices #MainframeConnect #OpenMainframeProject #LinuxFoundation #Mainframe #OpenSource #IBMZ

Vijoy Pandey of Outshift by Cisco lays out his vision for an “Internet of Cognition,” where AI agents can share context, build reputation, and collaborate safely at scale. He offers a useful mental model for superintelligence: progress has to scale in two directions — up, through better individual models, and out, through networks of agents and humans thinking together. The conversation explores how distributed, protocol-driven agent systems could give enterprises fine-grained permissions, auditability, and controlled interfaces, in contrast to today's centralized frontier models. Vijoy also walks through Cisco's internal CAIPE system of 20 cooperating agents, the open-source AGNTCY project, and a live multi-agent healthcare demo spanning diagnostics, insurance, pharmacy, and scheduling. LINKS: AGNTCY Project Open source multi-agent infrastructure under Linux Foundation governance. Covers discovery, identity, communication, observability. Vijoy walks through the architecture at [00:34:57] and [00:41:17]. Scaling Out Superintelligence Whitepaper The technical whitepaper detailing the Internet of Cognition architecture, three-layer stack, and cognition state protocols. Referenced at [01:25:40]. Internet of Cognition Interactive Demo Clickable walkthrough showing per-agent activity, intent, context, and collective reasoning across a multi-agent SRE system. Vijoy demos at [01:26:20]. CAIPE Project (GitHub)  Cloud Native AI Platform Engineer. Multi-agent system with participation from Adobe, AWS, Cisco, Nike. 20 agents, 100+ tool calls, 10+ workflows. Referenced at [00:11:52]. Sponsors: Tasklet: Build your own Cognitive Revolution monitoring agent in one click.Try it for free and use code COGREV for 50% off your first month at https://tasklet.ai VCX: VCX, by Fundrise, is the public ticker for private tech, giving everyday investors access to high-growth private companies in AI, space, defense tech, and more. Learn how to invest at https://getvcx.com Claude: Claude is the AI collaborator that understands your entire workflow, from drafting and research to coding and complex problem-solving. Start tackling bigger problems with Claude and unlock Claude Pro's full capabilities at https://claude.ai/tcr CHAPTERS: (00:00) About the Episode (04:16) Cisco and networking foundations (13:34) Jarvis and ASI vision (Part 1) (18:16) Sponsors: Tasklet | VCX (21:09) Jarvis and ASI vision (Part 2) (Part 1) (31:46) Sponsor: Claude (33:59) Jarvis and ASI vision (Part 2) (Part 2) (34:00) Practical multi-agent examples (50:02) Multi-agent plumbing architecture (01:01:44) Agent identity and TBAC (01:15:23) Internet of cognition fabric (01:21:48) Emergent agents and safety (01:36:52) Outro PRODUCED BY: https://aipodcast.ing SOCIAL LINKS: Website: https://www.cognitiverevolution.ai Twitter (Podcast): https://x.com/cogrev_podcast Twitter (Nathan): https://x.com/labenz LinkedIn: https://linkedin.com/in/nathanlabenz/ Youtube: https://youtube.com/@CognitiveRevolutionPodcast Apple: https://podcasts.apple.com/de/podcast/the-cognitive-revolution-ai-builders-researchers-and/id1669813431 Spotify: https://open.spotify.com/show/6yHyok3M3BjqzR0VB5MSyk

video: https://youtu.be/_Dz2e21tSzI This week in Linux, we're going to be talking about GNOMEs latest release with GNOME 50. There's also new releases from Blender and GIMP as well as Samba and many more. Plus, we're also going to be talking about a new effort from the Linux Foundation related to ai slop in terms of pull requests for various different open source projects. And we're also going to be talking about Manjaro and they have a little bit of a potential turmoil or drama that's happening right now because of the Manjaro 2.0 Manifesto. We're going to talk about that and much more because we have so much to cover on this week in Linux, the weekly news show that keeps you up to date with what's going on in the Linux and Open Source world. Now let's jump right into Your Source for Linux GNews. Download as MP3 Support the Show Become a Patron = tuxdigital.com/membership Store = tuxdigital.com/store Chapters: 00:00 Intro 00:54 Thank You Patrons! 01:10 GNOME 50 Released 10:02 Manjaro 2.0 Manifesto Drama 17:41 Blender 5.1 Relesaed 20:27 Linux Foundation effort to shield FOSS projects from AI Slop Bug Reports 24:40 Samba 4.24 Released 26:26 GIMP 3.2 Released 30:00 Germany's Deutschland-Stack Mandates Open Document Format (ODF) 31:42 Fedora Asahi Remix 43 Released 34:46 Outro Links: GNOME 50 Released https://release.gnome.org/50/ https://www.omgubuntu.co.uk/2026/03/gnome-50-released Manjaro 2.0 Manifesto https://forum.manjaro.org/t/manjaro-2-0-manifesto/186171 Blender 5.1 Relesaed https://www.blender.org/download/releases/5-1/ Linux Foundation effort to shield FOSS projects from AI Slop Bug Reports https://www.linuxfoundation.org/press/linux-foundation-announces-12.5-million-in-grant-funding-from-leading-organizations-to-advance-open-source-security?ref=itsfoss.com https://alpha-omega.dev/blog/linux-foundation-announces-12-5-million-in-grant-funding-from-leading-organizations-to-advance-open-source-security/ https://itsfoss.com/news/ai-companies-fund-open-source-security/ https://www.theregister.com/2026/03/18/linux_foundation_ai_slop_defense/ Samba 4.24 Released https://www.samba.org/ https://www.samba.org/samba/history/samba-4.24.0.html https://www.phoronix.com/news/Samba-4.24-Released GIMP 3.2 Released https://www.gimp.org/release-notes/gimp-3.2.html https://www.omgubuntu.co.uk/2026/03/gimp-3-2-release-new-features Germany's Deutschland-Stack Mandates Open Document Format (ODF) https://blog.documentfoundation.org/blog/2026/03/19/germanys-sovereign-digital-stack-mandates-odf/ Fedora Asahi Remix 43 Released https://fedoramagazine.org/fedora-asahi-remix-43-is-now-available/ Support the show https://tuxdigital.com/membership https://store.tuxdigital.com/

An airhacks.fm conversation with Kabir Khan (@kabirkhan) about: Discussion about the A2A (Agent-to-Agent) protocol initiated by Google and donated to the Linux Foundation, the A2A Java SDK reference implementation using quarkus, the Java SDK development accepted by Google, comparison of python and Java expressiveness and coding practices, the concept of an agent as a stateful process versus a tool as a stateless function call, the agent card as a JSON document advertising capabilities including supported protocols and descriptions and input/output modes and examples, the three wire protocols supported: JSON RPC and HTTP+JSON (REST) and grpc, the proto file becoming the single source of truth for the upcoming 1.0 spec, the facade/adapter pattern for the unified client across protocols, the agent executor interface with request context and event queue parameters, the distinction between simple message interactions and long-running multi-turn tasks, tasks as Java Records containing conversation history with messages and artifacts, message parts including text parts and data parts and file parts, task lifecycle with task IDs and context IDs for stateful conversations, the event queue as internal plumbing for propagating task updates, the separation between spec package (wire protocol entities) and server package (implementation details), the task store as a CRUD interface with in-memory default and database-backed implementations in extras, replicated queue manager using microprofile reactive messaging with Kafka for kubernetes environments, building A2A agents without any LLM involvement for simple use cases like backup systems, the role of LLMs in creating prompts from task messages and context, the agentic loop and the challenge of deciding when an agent's work is complete, the relationship between MCP (Model Context Protocol) for tool access and A2A for agent-to-agent communication, the possibility of wrapping agent calls as MCP tools, memory management considerations with short-term and long-term memory and prompt size affecting LLM quality, the distinction between the bare reference implementation and Quarkus-specific enhancements like annotations and dependency injection, upcoming 1.0 release with standardized Java records for all API classes and improved JavaDoc, protocol extensions including the agent payment protocol and GUI snippet extensions using template engines, authentication support with OAuth2 tokens and API keys and bearer tokens, the authenticated agent card containing more information than the public agent card, authorization hooks being discussed for task-level access control, the API and SPI segregation suggestion for better clarity between spec and implementation Kabir Khan on twitter: @kabirkhan

In this interview Vijoy Pandey from Cisco Outshift discusses the "Internet of Agents," the donation of the AGNTCY framework to the Linux Foundation, and the new open-source SRE tool "Cape." Plus, how Swisscom is using agentic workflows to validate networks. Big thanks to Cisco for sponsoring this video and sponsoring my trip to Cisco Partners' Summit 2025 // Vijoy Pandey SOCIALS // LinkedIn: / vijoy X: https://x.com/vijoy // David's SOCIAL // Discord: discord.com/invite/usKSyzb Twitter: www.twitter.com/davidbombal Instagram: www.instagram.com/davidbombal LinkedIn: www.linkedin.com/in/davidbombal Facebook: www.facebook.com/davidbombal.co TikTok: tiktok.com/@davidbombal YouTube: / @davidbombal Spotify: open.spotify.com/show/3f6k6gE... SoundCloud: / davidbombal Apple Podcast: podcasts.apple.com/us/podcast... // MY STUFF // https://www.amazon.com/shop/davidbombal // SPONSORS // Interested in sponsoring my videos? Reach out to my team here: sponsors@davidbombal.com // MENU // 00:00 - Coming Up 00:37 - Introduction 01:00 - What is Internet of Agents? 02:11 - The 4 Steps of Internet of Agents 03:25 - Project AGNTCY 04:40 - A DNS of the Agentic Internet 06:07 - To What End is the Agency Stack 07:21 - Use-cases for the Agency Stack 11:28 - The Future of the Agency Stack 12:55 - Guardrails for Agents 13:38 - Timeline for the Integration of Agents 14:51 - Outro Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel! Disclaimer: This video is for educational purposes only. #agenticai #agntcy #cisco ‪@Cisco‬

Hilary Carter, the SVP of research at the Linux Foundation, discusses why Canadian firms have been slower to adopt AI than their global peers, what "AI readiness" actually means for businesses, and why open-source AI might be the key to unlocking Canada's potential. Carter makes a compelling case that we're at a defining moment—one that requires urgency over caution, execution over endless consultation, and a willingness to get uncomfortable.   This episode is presented in partnership with Meta.   The Hub is Canada's fastest growing independent digital news outlet.   Subscribe to The Hub's podcast feed to get our best content when you are on the go: https://tinyurl.com/3a7zpd7e (Apple)  https://tinyurl.com/y8akmfn7 (Spotify) Follow The Hub on X: https://x.com/thehubcanada?lang=en   CREDITS: Elia Gross - Producer & Editor Sean Speer - Host   To contact us, sign up for updates, and access transcripts email support@thehub.ca

Join AmyJune and Avi as they discuss the complexities of organizing large events in changing times. The discussion covers topics from past DrupalCons, the crucial coordination behind community health and safety, accessibility, and the evolving challenges involving inclusivity. They also touch on the intersection of community dynamics, the importance of creating shared realities, and the engaging experience of the Drupal community. Additionally, expect an overview of upcoming events, including keynotes and fun activities like the Drupal Coffee Exchange. For show notes visit: https://www.talkingDrupal.com/cafe014 Topics Catching Up with AmyJune and Avi Memories of DrupalCon and Camps The $2 Bill Tradition Open Y and Community Contributions Community Working Group and Governance Initial Reactions and Reflections Challenges of Organizing DrupalCon Accessibility and Safety Concerns Event Planning and Community Involvement Learning from Other Events Upcoming Keynote and Event Highlights Community and Collaboration AmyJune Hineline AmyJune works with the Linux Foundation as the Certification Community Architect, supporting the Education team in developing and maintaining exams and related documentation across the foundation's certification portfolio. She's also a DrupalCamp organizer (Florida DrupalCamp, DrupalCamp Asheville, and DrupalCamp Colorado), a member of the Community Working Group's Conflict Resolution Team, and serves on the board of the Colorado Drupal Association. Avi Schwab Avi came to Drupal for the community and has been active in it since 2008. He is a founding organizer of MidCamp, Midwest Open Source Alliance, and the Event Organizer Working Group. In his role as a Technical Product Consultant at ImageX Media, he builds and supports Drupal sites for over 40 YMCA associations in the USA and Canada. For fun, he bikes, bakes, and enjoys time with his family. Guests AmyJune Hineline - volkswagenchick Avi Schwab - froboy

Thank you to the folks at Sustain for providing the hosting account for CHAOSScast! CHAOSScast – Episode 127 In this episode of CHAOSScast, host Alice is joined by Matt Trifiro from the Commercial Open Source Startup Alliance (COSSA) and Daniel Izquierdo, CEO of Bitergia and co-founder of the CHAOSS Community. The discussion delves into the importance of open source community health metrics in shaping successful commercial strategies for startups. Matt shares COSSA's mission to support the growth of venture-funded open source projects by fostering collaboration among founders, investors, and customers. Daniel discusses how community health can influence the sustainability and innovation of projects. They also explore the future goals of COSSA, including establishing a working group to develop standardized metrics for evaluating community contributions and business value. Press download now to hear more! [00:00:29] Matt and Daniel introduce themselves and their backgrounds. [00:01:56] Matt explains COSSA's mission. [00:02:58] Matt cites evidence that community health can correlate with business outcomes and that investment can improve community indicators, and there's a discussion on moving beyond vanity metrics like GitHub stars. [00:05:13] Daniel shares his perspective from the Open Compliance Summit (Tokyo) and the supply chain/corporate lens: organizations want confidence the software will be safe and still maintained years from now, and he talks about measuring health via collaboration networks. [00:08:34] Matt breaks value into two buckets: Distribution and IP/innovation to explain how open source communities create startup value. Daniel adds that open source and can reduce procurement friction. [00:12:23] They touch on open source as a path to standards. [00:14:50] Matt describes how COSSA supports the startups: education, best practices, and measurement and his goal is to “convert community metrics into dollars.” Daniel notes the need for a baseline framework, then customization by industry. [00:19:38] What's next for COSSA? Matt shares COSSA is being bootstrapped, received initial Linux Foundation support, and is pursuing seed style funding. His planned membership structure is investors, founders, and customers. [00:20:36] Daniel and Matt discuss making the metric framework transparent, likely anchored via CHAOSS, and the goal to building a “Rosetta Stone” between investors and community. [00:25:49] There's a conversation on rug pulls, incentives, and lack of a shared framework. [00:28:21] Matt describes the “covenant” concept. [00:30:34] Alice wraps with mentioning COSSA's direction is clear, and a working group could be on the ramp for broader community participation. Value Adds (Picks) of the week: [00:31:20] Alice's pick is visiting outdoor Christmas light displays after dark. [00:32:27] Matt's pick is his oldest son's finishing his first semester in college. [00:32:58] Daniel's pick is his son finishing his first quarter at primary school and going to the Open Compliance Summit and thanking Shane Coughlan for all his work for many years running this event. Panelist: Alice Sowerby Guests: Matt Trifiro Daniel Izquierdo Links: CHAOSS CHAOSS Project X CHAOSScast Podcast CHAOSS YouTube podcast@chaoss.community Alice Sowerby LinkedIn Matt Trifiro LinkedIn COSSA Daniel Izquierdo LinkedIn Bitergia Christmas Lights at Stourhead Rapturous Delight: after-dark Worcester, Worcestershire The State of Commercial Open Source 2025 (The Linux Foundation)Special Guest: Matt Trifiro.

רק מספר 509 של רברס עם פלטפורמה - באמפרס מספר 90, שהוקלט ב-1 בינואר 2026, שנה אזרחית חדשה טובה! רן, דותן ואלון באולפן הוירטואלי (עם Riverside) בסדרה של קצרצרים וחדשות (ולפעמים קצת ישנות) מרחבי האינטרנט: הבלוגים, ה-GitHub-ים, ה-Rust-ים וה-LLM-ים החדשים מהתקופה האחרונה.

In the opening episode of 2026, we mark a major milestone—a decade to the Cloud Native Computing Foundation (CNCF)—with none other than the CNCF's CTO and co-founder, Chris Aniszczyk. Chris joins host Dotan Horovits on a fascinating fireside chat, looking back at the CNCF's journey from a bold experiment into a central pillar of modern infrastructure. They discuss the current state of cloud-native, across Kubernetes and an ecosystem of over 200 projects, and share their grounded predictions for 2026 and into the second decade.Beyond his role at the CNCF, Chris Aniszczyk serves as Executive Director of the Open Container Initiative (OCI), and CTO, Cloud & Infrastructure, at The Linux Foundation, the parent organization of the CNCF, OCI, OpenInfra and more. At Twitter, he created their open source program and led their open source efforts. You can read the recap post: https://medium.com/p/479e6bbf793c/Show Notes:00:00 - intro01:51 - 10th anniversary to the CNCF06:18 - the expanding scope of cloud native and Kubernetes14:58 - the community expansion around the world20:49 - KubeCon Europe29:30 - consolidation of observability and security34:00 - intersection of CNCF, FinOps and AI37:35 - AI-generated code contribution for open source43:46 - announcing the Agentic AI Foundation and MCP donation53:00 - outro Resources:Observability for AI workloads: https://medium.com/p/b8972ba1b6baCNCF Ambassador'sReflections on 10 Years of CNCF: https://medium.com/p/a796646db552Agentic AI Foundation formation: https://www.linuxfoundation.org/press/linux-foundation-announces-the-formation-of-the-agentic-ai-foundationSocials:BlueSky: https://bsky.app/profile/openobservability.bsky.socialTwitter: ⁠https://twitter.com/OpenObserv⁠LinkedIn: https://www.linkedin.com/company/openobservability/YouTube: ⁠https://www.youtube.com/@openobservabilitytalks⁠Dotan Horovits============Twitter: @horovitsLinkedIn: www.linkedin.com/in/horovitsMastodon: @horovits@fosstodonBlueSky: @horovits.bsky.socialChris Aniszczyk===============Twitter: @craLinkedIn: https://www.linkedin.com/in/caniszczyk/   Mastodon: @cra@macaw.socialOpenObservability Talks episodes are released monthly, on the last Thursday of each month and are available for listening on your favorite podcast app and on YouTube.

We make our big Linux predictions for 2026, but first, we score how we did for 2025.Sponsored By:Managed Nebula: Meet Managed Nebula from Defined Networking. A decentralized VPN built on the open-source Nebula platform that we love. 1Password Extended Access Management: 1Password Extended Access Management is a device trust solution for companies with Okta, and they ensure that if a device isn't trusted and secure, it can't log into your cloud apps. CrowdHealth: Discover a Better Way to Pay for Healthcare with Crowdfunded Memberships. Join CrowdHealth to get started today for $99 for your first three months using UNPLUGGED.Unraid: A powerful, easy operating system for servers and storage. Maximize your hardware with unmatched flexibility. Support LINUX UnpluggedLinks:

One year ago, Anthropic launched the Model Context Protocol (MCP)—a simple, open standard to connect AI applications to the data and tools they need. Today, MCP has exploded from a local-only experiment into the de facto protocol for agentic systems, adopted by OpenAI, Microsoft, Google, Block, and hundreds of enterprises building internal agents at scale. And now, MCP is joining the newly formed Agentic AI Foundation (AAIF) under the Linux Foundation, alongside Block's Goose coding agent, with founding members spanning the biggest names in AI and cloud infrastructure. We sat down with David Soria Parra (MCP lead, Anthropic), Nick Cooper (OpenAI), Brad Howes (Block / Goose), and Jim Zemlin (Linux Foundation CEO) to dig into the one-year journey of MCP—from Thanksgiving hacking sessions and the first remote authentication spec to long-running tasks, MCP Apps, and the rise of agent-to-agent communication—and the behind-the-scenes story of how three competitive AI labs came together to donate their protocols and agents to a neutral foundation, why enterprises are deploying MCP servers faster than anyone expected (most of it invisible, internal, and at massive scale), what it takes to design a protocol that works for both simple tool calls and complex multi-agent orchestration, how the foundation will balance taste-making (curating meaningful projects) with openness (avoiding vendor lock-in), and the 2025 vision: MCP as the communication layer for asynchronous, long-running agents that work while you sleep, discover and install their own tools, and unlock the next order of magnitude in AI productivity. We discuss: The one-year MCP journey: from local stdio servers to remote HTTP streaming, OAuth 2.1 authentication (and the enterprise lessons learned), long-running tasks, and MCP Apps (iframes for richer UI) Why MCP adoption is exploding internally at enterprises: invisible, internal servers connecting agents to Slack, Linear, proprietary data, and compliance-heavy workflows (financial services, healthcare) The authentication evolution: separating resource servers from identity providers, dynamic client registration, and why the March spec wasn't enterprise-ready (and how June fixed it) How Anthropic dogfoods MCP: internal gateway, custom servers for Slack summaries and employee surveys, and why MCP was born from "how do I scale dev tooling faster than the company grows?" Tasks: the new primitive for long-running, asynchronous agent operations—why tools aren't enough, how tasks enable deep research and agent-to-agent handoffs, and the design choice to make tasks a "container" (not just async tools) MCP Apps: why iframes, how to handle styles and branding, seat selection and shopping UIs as the killer use case, and the collaboration with OpenAI to build a common standard The registry problem: official registry vs. curated sub-registries (Smithery, GitHub), trust levels, model-driven discovery, and why MCP needs "npm for agents" (but with signatures and HIPAA/financial compliance) The founding story of AAIF: how Anthropic, OpenAI, and Block came together (spoiler: they didn't know each other were talking to Linux Foundation), why neutrality matters, and how Jim Zemlin has never seen this much day-one inbound interest in 22 years — David Soria Parra (Anthropic / MCP) MCP: https://modelcontextprotocol.io https://uk.linkedin.com/in/david-soria-parra-4a78b3a https://x.com/dsp_ Nick Cooper (OpenAI) X: https://x.com/nicoaicopr Brad Howes (Block / Goose) Goose: https://github.com/block/goose Jim Zemlin (Linux Foundation) LinkedIn: https://www.linkedin.com/in/zemlin/ Agentic AI Foundation https://agenticai.foundation Chapters 00:00:00 Introduction: MCP's First Year and Foundation Launch 00:01:17 MCP's Journey: From Launch to Industry Standard 00:02:06 Protocol Evolution: Remote Servers and Authentication 00:08:52 Enterprise Authentication and Financial Services 00:11:42 Transport Layer Challenges: HTTP Streaming and Scalability 00:15:37 Standards Development: Collaboration with Tech Giants 00:34:27 Long-Running Tasks: The Future of Async Agents 00:30:41 Discovery and Registries: Building the MCP Ecosystem 00:30:54 MCP Apps and UI: Beyond Text Interfaces 00:26:55 Internal Adoption: How Anthropic Uses MCP 00:23:15 Skills vs MCP: Complementary Not Competing 00:36:16 Community Events and Enterprise Learnings 01:03:31 Foundation Formation: Why Now and Why Together 01:07:38 Linux Foundation Partnership: Structure and Governance 01:11:13 Goose as Reference Implementation 01:17:28 Principles Over Roadmaps: Composability and Quality 01:21:02 Foundation Value Proposition: Why Contribute 01:27:49 Practical Investments: Events, Tools, and Community 01:34:58 Looking Ahead: Async Agents and Real Impact

One year ago, Anthropic launched the Model Context Protocol (MCP)—a simple, open standard to connect AI applications to the data and tools they need. Today, MCP has exploded from a local-only experiment into the de facto protocol for agentic systems, adopted by OpenAI, Microsoft, Google, Block, and hundreds of enterprises building internal agents at scale. And now, MCP is joining the newly formed Agentic AI Foundation (AAIF) under the Linux Foundation, alongside Block's Goose coding agent, with founding members spanning the biggest names in AI and cloud infrastructure.We sat down with David Soria Parra (MCP lead, Anthropic), Nick Cooper (OpenAI), Brad Howes (Block / Goose), and Jim Zemlin (Linux Foundation CEO) to dig into the one-year journey of MCP—from Thanksgiving hacking sessions and the first remote authentication spec to long-running tasks, MCP Apps, and the rise of agent-to-agent communication—and the behind-the-scenes story of how three competitive AI labs came together to donate their protocols and agents to a neutral foundation, why enterprises are deploying MCP servers faster than anyone expected (most of it invisible, internal, and at massive scale), what it takes to design a protocol that works for both simple tool calls and complex multi-agent orchestration, how the foundation will balance taste-making (curating meaningful projects) with openness (avoiding vendor lock-in), and the 2025 vision: MCP as the communication layer for asynchronous, long-running agents that work while you sleep, discover and install their own tools, and unlock the next order of magnitude in AI productivity.We discuss:* The one-year MCP journey: from local stdio servers to remote HTTP streaming, OAuth 2.1 authentication (and the enterprise lessons learned), long-running tasks, and MCP Apps (iframes for richer UI)* Why MCP adoption is exploding internally at enterprises: invisible, internal servers connecting agents to Slack, Linear, proprietary data, and compliance-heavy workflows (financial services, healthcare)* The authentication evolution: separating resource servers from identity providers, dynamic client registration, and why the March spec wasn't enterprise-ready (and how June fixed it)* How Anthropic dogfoods MCP: internal gateway, custom servers for Slack summaries and employee surveys, and why MCP was born from “how do I scale dev tooling faster than the company grows?”* Tasks: the new primitive for long-running, asynchronous agent operations—why tools aren't enough, how tasks enable deep research and agent-to-agent handoffs, and the design choice to make tasks a “container” (not just async tools)* MCP Apps: why iframes, how to handle styles and branding, seat selection and shopping UIs as the killer use case, and the collaboration with OpenAI to build a common standard* The registry problem: official registry vs. curated sub-registries (Smithery, GitHub), trust levels, model-driven discovery, and why MCP needs “npm for agents” (but with signatures and HIPAA/financial compliance)* The founding story of AAIF: how Anthropic, OpenAI, and Block came together (spoiler: they didn't know each other were talking to Linux Foundation), why neutrality matters, and how Jim Zemlin has never seen this much day-one inbound interest in 22 years—David Soria Parra (Anthropic / MCP)* MCP: https://modelcontextprotocol.io* https://uk.linkedin.com/in/david-soria-parra-4a78b3a* https://x.com/dsp_Nick Cooper (OpenAI)* X: https://x.com/nicoaicoprBrad Howes (Block / Goose)* Goose: https://github.com/block/gooseJim Zemlin (Linux Foundation)* LinkedIn: https://www.linkedin.com/in/zemlin/Agentic AI Foundation* https://agenticai.foundationFull Video EpisodeTimestamps00:00:00 Introduction: MCP's First Year and Foundation Launch00:01:17 MCP's Journey: From Launch to Industry Standard00:02:06 Protocol Evolution: Remote Servers and Authentication00:08:52 Enterprise Authentication and Financial Services00:11:42 Transport Layer Challenges: HTTP Streaming and Scalability00:15:37 Standards Development: Collaboration with Tech Giants00:34:27 Long-Running Tasks: The Future of Async Agents00:30:41 Discovery and Registries: Building the MCP Ecosystem00:30:54 MCP Apps and UI: Beyond Text Interfaces00:26:55 Internal Adoption: How Anthropic Uses MCP00:23:15 Skills vs MCP: Complementary Not Competing00:36:16 Community Events and Enterprise Learnings01:03:31 Foundation Formation: Why Now and Why Together01:07:38 Linux Foundation Partnership: Structure and Governance01:11:13 Goose as Reference Implementation01:17:28 Principles Over Roadmaps: Composability and Quality01:21:02 Foundation Value Proposition: Why Contribute01:27:49 Practical Investments: Events, Tools, and Community01:34:58 Looking Ahead: Async Agents and Real Impact Get full access to Latent.Space at www.latent.space/subscribe

In this special December episode of Mainframe Voices, leaders and contributors from across the Open Mainframe Project community share what they are most thankful for this year. From new career opportunities and open source collaboration to supportive teams and personal milestones, our guests reflect on the moments that made 2025 memorable in the mainframe world.Featuring: •Steven Dickens – CEO and Principal Analyst, Top 3 Global Technology Industry Analyst, Advisor to Tech Vendor Executives •Billie Jean Simmons – Software Developer for zDevOps, IBM Wazi, and Cloud IDE; Zowe Explorer Squad Lead •Len Santalucia – CTO Mainframe, AI, Cloud, Analytics, Mobile, Security; IBM Champion and Chairperson of the Linux Foundation Open Mainframe Project •Elliot Jalley – Senior Principal Product Manager, Open Mainframe Project Ambassador •Germanas Šamrickis – Senior Software Engineer at Rocket SoftwareThe Mainframe Connect podcast includes the I Am a Mainframer series, Mainframe Voices, and other conversations with mainframe professionals, sponsored by the Open Mainframe Project, a Linux Foundation initiative.#MainframeVoices #MainframeConnect #OpenMainframeProject #LinuxFoundation #Mainframe #Gratitude #Community

This week we celebrate the announcement of the new Mozilla CEO, cover the news in that GPL lawsuit that's been slowly making progress, and talk about what's new in OpenZFS. There's an AMD vs NVIDIA GPU showdown, we cover the Linux Foundation's annual report, and Plasma 6.6 is promising some late Christmas presents for us all. For tips, we cover sot for system observation, a quick primer on moving between the desktop and command line, and dog/doge for a better DNS tool. You can find the show notes at https://bit.ly/4b0mImI and Merry Christmas! Host: Jonathan Bennett Co-Hosts: Jeff Massie and Rob Campbell Download or subscribe to Untitled Linux Show at https://twit.tv/shows/untitled-linux-show Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Club TWiT members can discuss this episode and leave feedback in the Club TWiT Discord.

This week we celebrate the announcement of the new Mozilla CEO, cover the news in that GPL lawsuit that's been slowly making progress, and talk about what's new in OpenZFS. There's an AMD vs NVIDIA GPU showdown, we cover the Linux Foundation's annual report, and Plasma 6.6 is promising some late Christmas presents for us all. For tips, we cover sot for system observation, a quick primer on moving between the desktop and command line, and dog/doge for a better DNS tool. You can find the show notes at https://bit.ly/4b0mImI and Merry Christmas! Host: Jonathan Bennett Co-Hosts: Jeff Massie and Rob Campbell Download or subscribe to Untitled Linux Show at https://twit.tv/shows/untitled-linux-show Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Club TWiT members can discuss this episode and leave feedback in the Club TWiT Discord.

Josh has a chat with Gabriele Columbro, Executive Director of the Fintech Open Source Foundation and General Manager of Linux Foundation Europe. We of course discuss the Cyber Resilience Act (CRA), the evolving landscape of open source regulation, and the collaborative efforts of major foundations. Open source is everywhere, but there's also a ton of work to do now. Gabriele has really good insight into where things are today and where they are heading in the future for open source and regulation. The show notes and blog post for this episode can be found at https://opensourcesecurity.io/2025/2025-12-lfeu-gab/

What if the expertise that makes your company valuable today could be replicated—or even surpassed—by AI within a year? If you're running or leading a business, you're already feeling the pressure: AI disruption is moving faster than your operating model can adapt. This episode helps you understand why the ground is shifting so quickly, what it means for the expertise inside your organization, and how you can stay ahead instead of getting blindsided by competitors who adopt AI more strategically and more rapidly. You'll walk away with clarity on: How AI is lowering the cost of expertise—and what that means for your competitive advantage. A practical way to rethink your business and operating model so you can adopt AI at an exponential pace, not a linear one. How to help your team embrace AI without fear by understanding new working modes like centaurs, cyborgs, and self-automators. Hit play now to learn the specific mindset and moves CEOs are using to turn AI disruption into a strategic edge. Check out: 06:45 — How Karim shifted from open-source innovation to AI This is where Karim explains the surprising path from crowdsourcing and NASA experiments to machine-learning breakthroughs—and why those early signals showed him AI would reshape business, not just technology. 22:10 — The big insight: AI is lowering the cost of expertise A must-hear moment. Karim explains why AI isn't just another tool—it fundamentally changes what expertise means within a company — and why CEOs need to view their business as a "bundle of expertise" being rewired. 36:55 — The three ways humans actually work with AI This section introduces centaurs, cyborgs, and self-automators—and what these modes reveal about adoption, resistance, identity, and where value will come from as AI accelerates. About Dr. Karim Lakhani Karim R. Lakhani is the Dorothy & Michael Hintze Professor of Business Administration at the Harvard Business School. He specializes in technology management, innovation, digital transformation and artificial intelligence (AI). His innovation-related research is centered around his role as the founder and co-director of the Laboratory for Innovation Science at Harvard and as the principal investigator of the NASA Tournament Laboratory. Karim is known for his original scholarship on open source communities and innovation contests and has pioneered the use of field experiments to help solve innovation-related challenges while simultaneously generating rigorous research in partnership with organizations like NASA, Harvard Medical School, The Broad Institute, TopCoder, The Linux Foundation and various private organizations. His digital transformation research investigates the role of analytics and artificial intelligence (AI) in reshaping business and operating models. This research is complemented through his leadership as co-founder and chair of the The Digital, Data, and Design (D^3) Institute at Harvard and as co-founder and co-chair of the Harvard Business Analytics Program, a university-wide online program transforming mid-career executives into data-savvy leaders.

This Week is the week for Cosmic! Jeff looks at a tiny NAS and Jonathan chats about the Orange Pi 6 Pro. Gnome says no more AI in extensions, Microsoft brings the Hornet, and you shouldn't be running Gogs. The Rust experiment is over, and CachyOS is eating Arch's lunch! For tips we have StarLit for your terminal weather needs, a primer on keeping eyes on the /var directory, and how to check whether your system has a good time source. You can find the show notes at https://bit.ly/3KPUqki and enjoy! Host: Jonathan Bennett Co-Hosts: Jeff Massie and Rob Campbell Download or subscribe to Untitled Linux Show at https://twit.tv/shows/untitled-linux-show Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Club TWiT members can discuss this episode and leave feedback in the Club TWiT Discord.

This Week is the week for Cosmic! Jeff looks at a tiny NAS and Jonathan chats about the Orange Pi 6 Pro. Gnome says no more AI in extensions, Microsoft brings the Hornet, and you shouldn't be running Gogs. The Rust experiment is over, and CachyOS is eating Arch's lunch! For tips we have StarLit for your terminal weather needs, a primer on keeping eyes on the /var directory, and how to check whether your system has a good time source. You can find the show notes at https://bit.ly/3KPUqki and enjoy! Host: Jonathan Bennett Co-Hosts: Jeff Massie and Rob Campbell Download or subscribe to Untitled Linux Show at https://twit.tv/shows/untitled-linux-show Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Club TWiT members can discuss this episode and leave feedback in the Club TWiT Discord.

Amanda Silberling of TechCrunch joins Mikah Sargent on Tech News Weekly this week! The former CEO of Hinge left his position this week to launch an AI-powered dating app. Pebble is coming out with its take on a smart ring. What is the AI Model Context Protocol? And could grocery delivery services be using AI to charge different prices for groceries to consumers? Amanda talks about a new AI-powered dating app called Overtone that the former CEO of Hinge, Justin McLeod, has founded. Pebble is coming out with its own smart ring with a built-in microphone, and Mikah has some quarrels with the device. Mikah talks about the Model Context Protocol, or MCP: an approach companies like Google and OpenAI have adopted that would allow AI agents to access information online in a standardized manner easily, and now Anthropic has donated the protocol to the Linux Foundation. And Derek Kravitz of Consumer Reports joins the show to talk about its investigation into Instacart utilizing artificial intelligence that would offer different prices of the same product to consumers. Hosts: Mikah Sargent and Amanda Silberling Guest: Derek Kravitz Download or subscribe to Tech News Weekly at https://twit.tv/shows/tech-news-weekly. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: ventionteams.com/twit threatlocker.com/twit pantheon.io cachefly.com/twit

Amanda Silberling of TechCrunch joins Mikah Sargent on Tech News Weekly this week! The former CEO of Hinge left his position this week to launch an AI-powered dating app. Pebble is coming out with its take on a smart ring. What is the AI Model Context Protocol? And could grocery delivery services be using AI to charge different prices for groceries to consumers? Amanda talks about a new AI-powered dating app called Overtone that the former CEO of Hinge, Justin McLeod, has founded. Pebble is coming out with its own smart ring with a built-in microphone, and Mikah has some quarrels with the device. Mikah talks about the Model Context Protocol, or MCP: an approach companies like Google and OpenAI have adopted that would allow AI agents to access information online in a standardized manner easily, and now Anthropic has donated the protocol to the Linux Foundation. And Derek Kravitz of Consumer Reports joins the show to talk about its investigation into Instacart utilizing artificial intelligence that would offer different prices of the same product to consumers. Hosts: Mikah Sargent and Amanda Silberling Guest: Derek Kravitz Download or subscribe to Tech News Weekly at https://twit.tv/shows/tech-news-weekly. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: ventionteams.com/twit threatlocker.com/twit pantheon.io cachefly.com/twit

Amanda Silberling of TechCrunch joins Mikah Sargent on Tech News Weekly this week! The former CEO of Hinge left his position this week to launch an AI-powered dating app. Pebble is coming out with its take on a smart ring. What is the AI Model Context Protocol? And could grocery delivery services be using AI to charge different prices for groceries to consumers? Amanda talks about a new AI-powered dating app called Overtone that the former CEO of Hinge, Justin McLeod, has founded. Pebble is coming out with its own smart ring with a built-in microphone, and Mikah has some quarrels with the device. Mikah talks about the Model Context Protocol, or MCP: an approach companies like Google and OpenAI have adopted that would allow AI agents to access information online in a standardized manner easily, and now Anthropic has donated the protocol to the Linux Foundation. And Derek Kravitz of Consumer Reports joins the show to talk about its investigation into Instacart utilizing artificial intelligence that would offer different prices of the same product to consumers. Hosts: Mikah Sargent and Amanda Silberling Guest: Derek Kravitz Download or subscribe to Tech News Weekly at https://twit.tv/shows/tech-news-weekly. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: ventionteams.com/twit threatlocker.com/twit pantheon.io cachefly.com/twit

Amanda Silberling of TechCrunch joins Mikah Sargent on Tech News Weekly this week! The former CEO of Hinge left his position this week to launch an AI-powered dating app. Pebble is coming out with its take on a smart ring. What is the AI Model Context Protocol? And could grocery delivery services be using AI to charge different prices for groceries to consumers? Amanda talks about a new AI-powered dating app called Overtone that the former CEO of Hinge, Justin McLeod, has founded. Pebble is coming out with its own smart ring with a built-in microphone, and Mikah has some quarrels with the device. Mikah talks about the Model Context Protocol, or MCP: an approach companies like Google and OpenAI have adopted that would allow AI agents to access information online in a standardized manner easily, and now Anthropic has donated the protocol to the Linux Foundation. And Derek Kravitz of Consumer Reports joins the show to talk about its investigation into Instacart utilizing artificial intelligence that would offer different prices of the same product to consumers. Hosts: Mikah Sargent and Amanda Silberling Guest: Derek Kravitz Download or subscribe to Tech News Weekly at https://twit.tv/shows/tech-news-weekly. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: ventionteams.com/twit threatlocker.com/twit pantheon.io cachefly.com/twit

Amanda Silberling of TechCrunch joins Mikah Sargent on Tech News Weekly this week! The former CEO of Hinge left his position this week to launch an AI-powered dating app. Pebble is coming out with its take on a smart ring. What is the AI Model Context Protocol? And could grocery delivery services be using AI to charge different prices for groceries to consumers? Amanda talks about a new AI-powered dating app called Overtone that the former CEO of Hinge, Justin McLeod, has founded. Pebble is coming out with its own smart ring with a built-in microphone, and Mikah has some quarrels with the device. Mikah talks about the Model Context Protocol, or MCP: an approach companies like Google and OpenAI have adopted that would allow AI agents to access information online in a standardized manner easily, and now Anthropic has donated the protocol to the Linux Foundation. And Derek Kravitz of Consumer Reports joins the show to talk about its investigation into Instacart utilizing artificial intelligence that would offer different prices of the same product to consumers. Hosts: Mikah Sargent and Amanda Silberling Guest: Derek Kravitz Download or subscribe to Tech News Weekly at https://twit.tv/shows/tech-news-weekly. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: ventionteams.com/twit threatlocker.com/twit pantheon.io cachefly.com/twit

Timestamps: 0:00 let's mind-meld, guy 0:13 Steam Machine's HDMI 2.1 problem 1:54 Australia enforces social media ban 3:01 Big Tech, Linux Foundation, AI Agents 4:11 CookUnity! 5:25 QUICK BITS INTRO 5:39 W11 gamer promises, bug fixes 6:22 AMD drops FSR Redstone 6:53 Pebble Index 01 smart ring 7:32 'World's first flying car' 8:15 ChatGPT in a robot with a BB NEWS SOURCES: https://lmg.gg/klaNH Learn more about your ad choices. Visit megaphone.fm/adchoices

Microsoft's analysis of 37.5 million de-identified conversations from its CoPilot feature indicates that AI assistants are becoming increasingly integrated into daily life, with users frequently seeking health-related advice and engaging in programming discussions during weekdays. However, despite this growing reliance on AI, CoPilot only commands about 3% of the AI chatbot market, significantly overshadowed by ChatGPT's 80% share. Deloitte's recent report highlights persistent barriers to AI adoption, including data privacy concerns and regulatory challenges, revealing that only 25% of organizations have fully integrated AI into their operations as of late 2025.The U.S. Navy's investment of $448 million in an AI system designed to streamline submarine shipbuilding processes exemplifies successful AI implementation. This initiative, which reduces planning times from 160 hours to just 10 minutes, underscores the importance of having the right infrastructure and oversight in place for AI to thrive. The Navy's approach contrasts sharply with the broader industry, where many organizations struggle to align AI technologies with existing systems and compliance requirements.In addition to these developments, Anthropic's donation of its Model Context Protocol (MCP) to the Linux Foundation signals a shift towards standardization in AI interactions. This protocol aims to facilitate communication between AI systems and applications, potentially transforming user experiences. However, the move raises concerns about the concentration of risk associated with shared protocols, as any flaws could impact all users. Furthermore, CISA's launch of a new industry engagement platform aims to enhance collaboration with tech innovators, particularly in light of increasing mandatory cyber incident reporting.For Managed Service Providers (MSPs) and IT service leaders, these developments highlight the critical need for robust governance and infrastructure to support AI technologies. As organizations increasingly turn to AI for operational efficiency, MSPs must focus on establishing the necessary frameworks for data management, compliance, and security. The evolving landscape emphasizes the importance of being proactive in developing policies and workflows that address the complexities of AI integration, ensuring that clients can navigate the challenges and leverage AI effectively.Four things to know today00:00 AI Use Soars but Readiness Lags: Microsoft's Copilot Data, Deloitte's Enterprise Findings, and the Navy's Structured Deployment Show the Gap05:41 Anthropic's MCP Move Signals Shift Toward Unified AI Agent Infrastructure Under Linux Foundation08:01 CISA Expands Industry Engagement as Microsoft Broadens Bug Bounties — Raising the Bar for Security GovernanceAND10:48 Accenture Taps Anthropic as Enterprise AI Partner While Pax8 Adds Google Cloud for ANZ MSPsThis is the Business of Tech.   Supported by:  https://cometbackup.com/?utm_source=mspradio&utm_medium=podcast&utm_campaign=sponsorshiphttps://timezest.com/mspradio/

Amanda Silberling of TechCrunch joins Mikah Sargent on Tech News Weekly this week! The former CEO of Hinge left his position this week to launch an AI-powered dating app. Pebble is coming out with its take on a smart ring. What is the AI Model Context Protocol? And could grocery delivery services be using AI to charge different prices for groceries to consumers? Amanda talks about a new AI-powered dating app called Overtone that the former CEO of Hinge, Justin McLeod, has founded. Pebble is coming out with its own smart ring with a built-in microphone, and Mikah has some quarrels with the device. Mikah talks about the Model Context Protocol, or MCP: an approach companies like Google and OpenAI have adopted that would allow AI agents to access information online in a standardized manner easily, and now Anthropic has donated the protocol to the Linux Foundation. And Derek Kravitz of Consumer Reports joins the show to talk about its investigation into Instacart utilizing artificial intelligence that would offer different prices of the same product to consumers. Hosts: Mikah Sargent and Amanda Silberling Guest: Derek Kravitz Download or subscribe to Tech News Weekly at https://twit.tv/shows/tech-news-weekly. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: ventionteams.com/twit threatlocker.com/twit pantheon.io cachefly.com/twit