Podcasts about Linux Foundation

An airhacks.fm conversation with Kabir Khan (@kabirkhan) about: Discussion about the A2A (Agent-to-Agent) protocol initiated by Google and donated to the Linux Foundation, the A2A Java SDK reference implementation using quarkus, the Java SDK development accepted by Google, comparison of python and Java expressiveness and coding practices, the concept of an agent as a stateful process versus a tool as a stateless function call, the agent card as a JSON document advertising capabilities including supported protocols and descriptions and input/output modes and examples, the three wire protocols supported: JSON RPC and HTTP+JSON (REST) and grpc, the proto file becoming the single source of truth for the upcoming 1.0 spec, the facade/adapter pattern for the unified client across protocols, the agent executor interface with request context and event queue parameters, the distinction between simple message interactions and long-running multi-turn tasks, tasks as Java Records containing conversation history with messages and artifacts, message parts including text parts and data parts and file parts, task lifecycle with task IDs and context IDs for stateful conversations, the event queue as internal plumbing for propagating task updates, the separation between spec package (wire protocol entities) and server package (implementation details), the task store as a CRUD interface with in-memory default and database-backed implementations in extras, replicated queue manager using microprofile reactive messaging with Kafka for kubernetes environments, building A2A agents without any LLM involvement for simple use cases like backup systems, the role of LLMs in creating prompts from task messages and context, the agentic loop and the challenge of deciding when an agent's work is complete, the relationship between MCP (Model Context Protocol) for tool access and A2A for agent-to-agent communication, the possibility of wrapping agent calls as MCP tools, memory management considerations with short-term and long-term memory and prompt size affecting LLM quality, the distinction between the bare reference implementation and Quarkus-specific enhancements like annotations and dependency injection, upcoming 1.0 release with standardized Java records for all API classes and improved JavaDoc, protocol extensions including the agent payment protocol and GUI snippet extensions using template engines, authentication support with OAuth2 tokens and API keys and bearer tokens, the authenticated agent card containing more information than the public agent card, authorization hooks being discussed for task-level access control, the API and SPI segregation suggestion for better clarity between spec and implementation Kabir Khan on twitter: @kabirkhan

In this interview Vijoy Pandey from Cisco Outshift discusses the "Internet of Agents," the donation of the AGNTCY framework to the Linux Foundation, and the new open-source SRE tool "Cape." Plus, how Swisscom is using agentic workflows to validate networks. Big thanks to Cisco for sponsoring this video and sponsoring my trip to Cisco Partners' Summit 2025 // Vijoy Pandey SOCIALS // LinkedIn: / vijoy X: https://x.com/vijoy // David's SOCIAL // Discord: discord.com/invite/usKSyzb Twitter: www.twitter.com/davidbombal Instagram: www.instagram.com/davidbombal LinkedIn: www.linkedin.com/in/davidbombal Facebook: www.facebook.com/davidbombal.co TikTok: tiktok.com/@davidbombal YouTube: / @davidbombal Spotify: open.spotify.com/show/3f6k6gE... SoundCloud: / davidbombal Apple Podcast: podcasts.apple.com/us/podcast... // MY STUFF // https://www.amazon.com/shop/davidbombal // SPONSORS // Interested in sponsoring my videos? Reach out to my team here: sponsors@davidbombal.com // MENU // 00:00 - Coming Up 00:37 - Introduction 01:00 - What is Internet of Agents? 02:11 - The 4 Steps of Internet of Agents 03:25 - Project AGNTCY 04:40 - A DNS of the Agentic Internet 06:07 - To What End is the Agency Stack 07:21 - Use-cases for the Agency Stack 11:28 - The Future of the Agency Stack 12:55 - Guardrails for Agents 13:38 - Timeline for the Integration of Agents 14:51 - Outro Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel! Disclaimer: This video is for educational purposes only. #agenticai #agntcy #cisco ‪@Cisco‬

Hilary Carter, the SVP of research at the Linux Foundation, discusses why Canadian firms have been slower to adopt AI than their global peers, what "AI readiness" actually means for businesses, and why open-source AI might be the key to unlocking Canada's potential. Carter makes a compelling case that we're at a defining moment—one that requires urgency over caution, execution over endless consultation, and a willingness to get uncomfortable.   This episode is presented in partnership with Meta.   The Hub is Canada's fastest growing independent digital news outlet.   Subscribe to The Hub's podcast feed to get our best content when you are on the go: https://tinyurl.com/3a7zpd7e (Apple)  https://tinyurl.com/y8akmfn7 (Spotify) Follow The Hub on X: https://x.com/thehubcanada?lang=en   CREDITS: Elia Gross - Producer & Editor Sean Speer - Host   To contact us, sign up for updates, and access transcripts email support@thehub.ca

Anna Hermansen is a researcher and ecosystem manager at the Linux Foundation's research program, where she supports the end-to-end management of research initiatives and contributes directly to key studies.Her recent work includes the Hyperledger 2023 brand study and research on open source for health data interoperability, reflecting her strong focus on the intersection of open source, blockchain, and healthcare data.Anna is currently completing her MSc at UBC's School of Population and Public Health, where her research explores patient preferences for sharing personal health data. She is particularly interested in:How individuals make data-sharing decisionsRisk-benefit assessments in health data sharingThe role of heuristics and cognitive biasesEthics and implications of technology in healthcareHow blockchain can improve health data interoperability and privacyBefore her graduate studies, Anna worked in the enterprise blockchain space in Toronto. She brings a multidisciplinary background spanning qualitative research, project management, focus group facilitation, academic and copy writing, web management, and team leadership.She also holds a degree in International Relations from the University of British Columbia (UBC).

Join AmyJune and Avi as they discuss the complexities of organizing large events in changing times. The discussion covers topics from past DrupalCons, the crucial coordination behind community health and safety, accessibility, and the evolving challenges involving inclusivity. They also touch on the intersection of community dynamics, the importance of creating shared realities, and the engaging experience of the Drupal community. Additionally, expect an overview of upcoming events, including keynotes and fun activities like the Drupal Coffee Exchange. For show notes visit: https://www.talkingDrupal.com/cafe014 Topics Catching Up with AmyJune and Avi Memories of DrupalCon and Camps The $2 Bill Tradition Open Y and Community Contributions Community Working Group and Governance Initial Reactions and Reflections Challenges of Organizing DrupalCon Accessibility and Safety Concerns Event Planning and Community Involvement Learning from Other Events Upcoming Keynote and Event Highlights Community and Collaboration AmyJune Hineline AmyJune works with the Linux Foundation as the Certification Community Architect, supporting the Education team in developing and maintaining exams and related documentation across the foundation's certification portfolio. She's also a DrupalCamp organizer (Florida DrupalCamp, DrupalCamp Asheville, and DrupalCamp Colorado), a member of the Community Working Group's Conflict Resolution Team, and serves on the board of the Colorado Drupal Association. Avi Schwab Avi came to Drupal for the community and has been active in it since 2008. He is a founding organizer of MidCamp, Midwest Open Source Alliance, and the Event Organizer Working Group. In his role as a Technical Product Consultant at ImageX Media, he builds and supports Drupal sites for over 40 YMCA associations in the USA and Canada. For fun, he bikes, bakes, and enjoys time with his family. Guests AmyJune Hineline - volkswagenchick Avi Schwab - froboy

Thank you to the folks at Sustain for providing the hosting account for CHAOSScast! CHAOSScast – Episode 127 In this episode of CHAOSScast, host Alice is joined by Matt Trifiro from the Commercial Open Source Startup Alliance (COSSA) and Daniel Izquierdo, CEO of Bitergia and co-founder of the CHAOSS Community. The discussion delves into the importance of open source community health metrics in shaping successful commercial strategies for startups. Matt shares COSSA's mission to support the growth of venture-funded open source projects by fostering collaboration among founders, investors, and customers. Daniel discusses how community health can influence the sustainability and innovation of projects. They also explore the future goals of COSSA, including establishing a working group to develop standardized metrics for evaluating community contributions and business value. Press download now to hear more! [00:00:29] Matt and Daniel introduce themselves and their backgrounds. [00:01:56] Matt explains COSSA's mission. [00:02:58] Matt cites evidence that community health can correlate with business outcomes and that investment can improve community indicators, and there's a discussion on moving beyond vanity metrics like GitHub stars. [00:05:13] Daniel shares his perspective from the Open Compliance Summit (Tokyo) and the supply chain/corporate lens: organizations want confidence the software will be safe and still maintained years from now, and he talks about measuring health via collaboration networks. [00:08:34] Matt breaks value into two buckets: Distribution and IP/innovation to explain how open source communities create startup value. Daniel adds that open source and can reduce procurement friction. [00:12:23] They touch on open source as a path to standards. [00:14:50] Matt describes how COSSA supports the startups: education, best practices, and measurement and his goal is to “convert community metrics into dollars.” Daniel notes the need for a baseline framework, then customization by industry. [00:19:38] What's next for COSSA? Matt shares COSSA is being bootstrapped, received initial Linux Foundation support, and is pursuing seed style funding. His planned membership structure is investors, founders, and customers. [00:20:36] Daniel and Matt discuss making the metric framework transparent, likely anchored via CHAOSS, and the goal to building a “Rosetta Stone” between investors and community. [00:25:49] There's a conversation on rug pulls, incentives, and lack of a shared framework. [00:28:21] Matt describes the “covenant” concept. [00:30:34] Alice wraps with mentioning COSSA's direction is clear, and a working group could be on the ramp for broader community participation. Value Adds (Picks) of the week: [00:31:20] Alice's pick is visiting outdoor Christmas light displays after dark. [00:32:27] Matt's pick is his oldest son's finishing his first semester in college. [00:32:58] Daniel's pick is his son finishing his first quarter at primary school and going to the Open Compliance Summit and thanking Shane Coughlan for all his work for many years running this event. Panelist: Alice Sowerby Guests: Matt Trifiro Daniel Izquierdo Links: CHAOSS CHAOSS Project X CHAOSScast Podcast CHAOSS YouTube podcast@chaoss.community Alice Sowerby LinkedIn Matt Trifiro LinkedIn COSSA Daniel Izquierdo LinkedIn Bitergia Christmas Lights at Stourhead Rapturous Delight: after-dark Worcester, Worcestershire The State of Commercial Open Source 2025 (The Linux Foundation)Special Guest: Matt Trifiro.

From Red Hat to The Linux Foundation, the majority of the Open Source world is moving towards Al assisted programming. And now Linus Torvalds is "vibe coding".More from The Lunduke Journal:https://lunduke.com/ This is a public episode. If you'd like to discuss this with other subscribers or get access to bonus episodes, visit lunduke.substack.com/subscribe

רק מספר 509 של רברס עם פלטפורמה - באמפרס מספר 90, שהוקלט ב-1 בינואר 2026, שנה אזרחית חדשה טובה! רן, דותן ואלון באולפן הוירטואלי (עם Riverside) בסדרה של קצרצרים וחדשות (ולפעמים קצת ישנות) מרחבי האינטרנט: הבלוגים, ה-GitHub-ים, ה-Rust-ים וה-LLM-ים החדשים מהתקופה האחרונה.

In the opening episode of 2026, we mark a major milestone—a decade to the Cloud Native Computing Foundation (CNCF)—with none other than the CNCF's CTO and co-founder, Chris Aniszczyk. Chris joins host Dotan Horovits on a fascinating fireside chat, looking back at the CNCF's journey from a bold experiment into a central pillar of modern infrastructure. They discuss the current state of cloud-native, across Kubernetes and an ecosystem of over 200 projects, and share their grounded predictions for 2026 and into the second decade.Beyond his role at the CNCF, Chris Aniszczyk serves as Executive Director of the Open Container Initiative (OCI), and CTO, Cloud & Infrastructure, at The Linux Foundation, the parent organization of the CNCF, OCI, OpenInfra and more. At Twitter, he created their open source program and led their open source efforts. You can read the recap post: https://medium.com/p/479e6bbf793c/Show Notes:00:00 - intro01:51 - 10th anniversary to the CNCF06:18 - the expanding scope of cloud native and Kubernetes14:58 - the community expansion around the world20:49 - KubeCon Europe29:30 - consolidation of observability and security34:00 - intersection of CNCF, FinOps and AI37:35 - AI-generated code contribution for open source43:46 - announcing the Agentic AI Foundation and MCP donation53:00 - outro Resources:Observability for AI workloads: https://medium.com/p/b8972ba1b6baCNCF Ambassador'sReflections on 10 Years of CNCF: https://medium.com/p/a796646db552Agentic AI Foundation formation: https://www.linuxfoundation.org/press/linux-foundation-announces-the-formation-of-the-agentic-ai-foundationSocials:BlueSky: https://bsky.app/profile/openobservability.bsky.socialTwitter: ⁠https://twitter.com/OpenObserv⁠LinkedIn: https://www.linkedin.com/company/openobservability/YouTube: ⁠https://www.youtube.com/@openobservabilitytalks⁠Dotan Horovits============Twitter: @horovitsLinkedIn: www.linkedin.com/in/horovitsMastodon: @horovits@fosstodonBlueSky: @horovits.bsky.socialChris Aniszczyk===============Twitter: @craLinkedIn: https://www.linkedin.com/in/caniszczyk/   Mastodon: @cra@macaw.socialOpenObservability Talks episodes are released monthly, on the last Thursday of each month and are available for listening on your favorite podcast app and on YouTube.

Gorące premiery grudnia – czy GPT-5.2 i GPT-Image 1.5 wystarczą OpenAI, by odzyskać koronę w starciu z rodziną Google Gemini 3 i zmieniającą się dynamiką rynku? Jak czytać partnerstwo autorów ChataGPT z Disneyem - to trwała przewaga technologiczna czy kontrolowany eksperyment na najcenniejszym IP świata? Co mówią twarde dane o relacji ChatGPT - Gemini i dlaczego sama dystrybucja w ekosystemie Google'a zaczyna wygrywać z narracją o „najlepszym modelu”? Czy przekazanie Model Context Protocol (MCP) do Linux Foundation rzeczywiście porządkuje świat agentów AI, czy tylko przesuwa walkę o standardy na wyższy poziom?

We make our big Linux predictions for 2026, but first, we score how we did for 2025.Sponsored By:Managed Nebula: Meet Managed Nebula from Defined Networking. A decentralized VPN built on the open-source Nebula platform that we love. 1Password Extended Access Management: 1Password Extended Access Management is a device trust solution for companies with Okta, and they ensure that if a device isn't trusted and secure, it can't log into your cloud apps. CrowdHealth: Discover a Better Way to Pay for Healthcare with Crowdfunded Memberships. Join CrowdHealth to get started today for $99 for your first three months using UNPLUGGED.Unraid: A powerful, easy operating system for servers and storage. Maximize your hardware with unmatched flexibility. Support LINUX UnpluggedLinks:

One year ago, Anthropic launched the Model Context Protocol (MCP)—a simple, open standard to connect AI applications to the data and tools they need. Today, MCP has exploded from a local-only experiment into the de facto protocol for agentic systems, adopted by OpenAI, Microsoft, Google, Block, and hundreds of enterprises building internal agents at scale. And now, MCP is joining the newly formed Agentic AI Foundation (AAIF) under the Linux Foundation, alongside Block's Goose coding agent, with founding members spanning the biggest names in AI and cloud infrastructure.We sat down with David Soria Parra (MCP lead, Anthropic), Nick Cooper (OpenAI), Brad Howes (Block / Goose), and Jim Zemlin (Linux Foundation CEO) to dig into the one-year journey of MCP—from Thanksgiving hacking sessions and the first remote authentication spec to long-running tasks, MCP Apps, and the rise of agent-to-agent communication—and the behind-the-scenes story of how three competitive AI labs came together to donate their protocols and agents to a neutral foundation, why enterprises are deploying MCP servers faster than anyone expected (most of it invisible, internal, and at massive scale), what it takes to design a protocol that works for both simple tool calls and complex multi-agent orchestration, how the foundation will balance taste-making (curating meaningful projects) with openness (avoiding vendor lock-in), and the 2025 vision: MCP as the communication layer for asynchronous, long-running agents that work while you sleep, discover and install their own tools, and unlock the next order of magnitude in AI productivity.We discuss:* The one-year MCP journey: from local stdio servers to remote HTTP streaming, OAuth 2.1 authentication (and the enterprise lessons learned), long-running tasks, and MCP Apps (iframes for richer UI)* Why MCP adoption is exploding internally at enterprises: invisible, internal servers connecting agents to Slack, Linear, proprietary data, and compliance-heavy workflows (financial services, healthcare)* The authentication evolution: separating resource servers from identity providers, dynamic client registration, and why the March spec wasn't enterprise-ready (and how June fixed it)* How Anthropic dogfoods MCP: internal gateway, custom servers for Slack summaries and employee surveys, and why MCP was born from “how do I scale dev tooling faster than the company grows?”* Tasks: the new primitive for long-running, asynchronous agent operations—why tools aren't enough, how tasks enable deep research and agent-to-agent handoffs, and the design choice to make tasks a “container” (not just async tools)* MCP Apps: why iframes, how to handle styles and branding, seat selection and shopping UIs as the killer use case, and the collaboration with OpenAI to build a common standard* The registry problem: official registry vs. curated sub-registries (Smithery, GitHub), trust levels, model-driven discovery, and why MCP needs “npm for agents” (but with signatures and HIPAA/financial compliance)* The founding story of AAIF: how Anthropic, OpenAI, and Block came together (spoiler: they didn't know each other were talking to Linux Foundation), why neutrality matters, and how Jim Zemlin has never seen this much day-one inbound interest in 22 years—David Soria Parra (Anthropic / MCP)* MCP: https://modelcontextprotocol.io* https://uk.linkedin.com/in/david-soria-parra-4a78b3a* https://x.com/dsp_Nick Cooper (OpenAI)* X: https://x.com/nicoaicoprBrad Howes (Block / Goose)* Goose: https://github.com/block/gooseJim Zemlin (Linux Foundation)* LinkedIn: https://www.linkedin.com/in/zemlin/Agentic AI Foundation* https://agenticai.foundationFull Video EpisodeTimestamps00:00:00 Introduction: MCP's First Year and Foundation Launch00:01:17 MCP's Journey: From Launch to Industry Standard00:02:06 Protocol Evolution: Remote Servers and Authentication00:08:52 Enterprise Authentication and Financial Services00:11:42 Transport Layer Challenges: HTTP Streaming and Scalability00:15:37 Standards Development: Collaboration with Tech Giants00:34:27 Long-Running Tasks: The Future of Async Agents00:30:41 Discovery and Registries: Building the MCP Ecosystem00:30:54 MCP Apps and UI: Beyond Text Interfaces00:26:55 Internal Adoption: How Anthropic Uses MCP00:23:15 Skills vs MCP: Complementary Not Competing00:36:16 Community Events and Enterprise Learnings01:03:31 Foundation Formation: Why Now and Why Together01:07:38 Linux Foundation Partnership: Structure and Governance01:11:13 Goose as Reference Implementation01:17:28 Principles Over Roadmaps: Composability and Quality01:21:02 Foundation Value Proposition: Why Contribute01:27:49 Practical Investments: Events, Tools, and Community01:34:58 Looking Ahead: Async Agents and Real Impact Get full access to Latent.Space at www.latent.space/subscribe

One year ago, Anthropic launched the Model Context Protocol (MCP)—a simple, open standard to connect AI applications to the data and tools they need. Today, MCP has exploded from a local-only experiment into the de facto protocol for agentic systems, adopted by OpenAI, Microsoft, Google, Block, and hundreds of enterprises building internal agents at scale. And now, MCP is joining the newly formed Agentic AI Foundation (AAIF) under the Linux Foundation, alongside Block's Goose coding agent, with founding members spanning the biggest names in AI and cloud infrastructure. We sat down with David Soria Parra (MCP lead, Anthropic), Nick Cooper (OpenAI), Brad Howes (Block / Goose), and Jim Zemlin (Linux Foundation CEO) to dig into the one-year journey of MCP—from Thanksgiving hacking sessions and the first remote authentication spec to long-running tasks, MCP Apps, and the rise of agent-to-agent communication—and the behind-the-scenes story of how three competitive AI labs came together to donate their protocols and agents to a neutral foundation, why enterprises are deploying MCP servers faster than anyone expected (most of it invisible, internal, and at massive scale), what it takes to design a protocol that works for both simple tool calls and complex multi-agent orchestration, how the foundation will balance taste-making (curating meaningful projects) with openness (avoiding vendor lock-in), and the 2025 vision: MCP as the communication layer for asynchronous, long-running agents that work while you sleep, discover and install their own tools, and unlock the next order of magnitude in AI productivity. We discuss: The one-year MCP journey: from local stdio servers to remote HTTP streaming, OAuth 2.1 authentication (and the enterprise lessons learned), long-running tasks, and MCP Apps (iframes for richer UI) Why MCP adoption is exploding internally at enterprises: invisible, internal servers connecting agents to Slack, Linear, proprietary data, and compliance-heavy workflows (financial services, healthcare) The authentication evolution: separating resource servers from identity providers, dynamic client registration, and why the March spec wasn't enterprise-ready (and how June fixed it) How Anthropic dogfoods MCP: internal gateway, custom servers for Slack summaries and employee surveys, and why MCP was born from "how do I scale dev tooling faster than the company grows?" Tasks: the new primitive for long-running, asynchronous agent operations—why tools aren't enough, how tasks enable deep research and agent-to-agent handoffs, and the design choice to make tasks a "container" (not just async tools) MCP Apps: why iframes, how to handle styles and branding, seat selection and shopping UIs as the killer use case, and the collaboration with OpenAI to build a common standard The registry problem: official registry vs. curated sub-registries (Smithery, GitHub), trust levels, model-driven discovery, and why MCP needs "npm for agents" (but with signatures and HIPAA/financial compliance) The founding story of AAIF: how Anthropic, OpenAI, and Block came together (spoiler: they didn't know each other were talking to Linux Foundation), why neutrality matters, and how Jim Zemlin has never seen this much day-one inbound interest in 22 years — David Soria Parra (Anthropic / MCP) MCP: https://modelcontextprotocol.io https://uk.linkedin.com/in/david-soria-parra-4a78b3a https://x.com/dsp_ Nick Cooper (OpenAI) X: https://x.com/nicoaicopr Brad Howes (Block / Goose) Goose: https://github.com/block/goose Jim Zemlin (Linux Foundation) LinkedIn: https://www.linkedin.com/in/zemlin/ Agentic AI Foundation https://agenticai.foundation Chapters 00:00:00 Introduction: MCP's First Year and Foundation Launch 00:01:17 MCP's Journey: From Launch to Industry Standard 00:02:06 Protocol Evolution: Remote Servers and Authentication 00:08:52 Enterprise Authentication and Financial Services 00:11:42 Transport Layer Challenges: HTTP Streaming and Scalability 00:15:37 Standards Development: Collaboration with Tech Giants 00:34:27 Long-Running Tasks: The Future of Async Agents 00:30:41 Discovery and Registries: Building the MCP Ecosystem 00:30:54 MCP Apps and UI: Beyond Text Interfaces 00:26:55 Internal Adoption: How Anthropic Uses MCP 00:23:15 Skills vs MCP: Complementary Not Competing 00:36:16 Community Events and Enterprise Learnings 01:03:31 Foundation Formation: Why Now and Why Together 01:07:38 Linux Foundation Partnership: Structure and Governance 01:11:13 Goose as Reference Implementation 01:17:28 Principles Over Roadmaps: Composability and Quality 01:21:02 Foundation Value Proposition: Why Contribute 01:27:49 Practical Investments: Events, Tools, and Community 01:34:58 Looking Ahead: Async Agents and Real Impact

In this special December episode of Mainframe Voices, leaders and contributors from across the Open Mainframe Project community share what they are most thankful for this year. From new career opportunities and open source collaboration to supportive teams and personal milestones, our guests reflect on the moments that made 2025 memorable in the mainframe world.Featuring: •Steven Dickens – CEO and Principal Analyst, Top 3 Global Technology Industry Analyst, Advisor to Tech Vendor Executives •Billie Jean Simmons – Software Developer for zDevOps, IBM Wazi, and Cloud IDE; Zowe Explorer Squad Lead •Len Santalucia – CTO Mainframe, AI, Cloud, Analytics, Mobile, Security; IBM Champion and Chairperson of the Linux Foundation Open Mainframe Project •Elliot Jalley – Senior Principal Product Manager, Open Mainframe Project Ambassador •Germanas Šamrickis – Senior Software Engineer at Rocket SoftwareThe Mainframe Connect podcast includes the I Am a Mainframer series, Mainframe Voices, and other conversations with mainframe professionals, sponsored by the Open Mainframe Project, a Linux Foundation initiative.#MainframeVoices #MainframeConnect #OpenMainframeProject #LinuxFoundation #Mainframe #Gratitude #Community

This week we celebrate the announcement of the new Mozilla CEO, cover the news in that GPL lawsuit that's been slowly making progress, and talk about what's new in OpenZFS. There's an AMD vs NVIDIA GPU showdown, we cover the Linux Foundation's annual report, and Plasma 6.6 is promising some late Christmas presents for us all. For tips, we cover sot for system observation, a quick primer on moving between the desktop and command line, and dog/doge for a better DNS tool. You can find the show notes at https://bit.ly/4b0mImI and Merry Christmas! Host: Jonathan Bennett Co-Hosts: Jeff Massie and Rob Campbell Download or subscribe to Untitled Linux Show at https://twit.tv/shows/untitled-linux-show Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Club TWiT members can discuss this episode and leave feedback in the Club TWiT Discord.

This week we celebrate the announcement of the new Mozilla CEO, cover the news in that GPL lawsuit that's been slowly making progress, and talk about what's new in OpenZFS. There's an AMD vs NVIDIA GPU showdown, we cover the Linux Foundation's annual report, and Plasma 6.6 is promising some late Christmas presents for us all. For tips, we cover sot for system observation, a quick primer on moving between the desktop and command line, and dog/doge for a better DNS tool. You can find the show notes at https://bit.ly/4b0mImI and Merry Christmas! Host: Jonathan Bennett Co-Hosts: Jeff Massie and Rob Campbell Download or subscribe to Untitled Linux Show at https://twit.tv/shows/untitled-linux-show Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Club TWiT members can discuss this episode and leave feedback in the Club TWiT Discord.

Josh has a chat with Gabriele Columbro, Executive Director of the Fintech Open Source Foundation and General Manager of Linux Foundation Europe. We of course discuss the Cyber Resilience Act (CRA), the evolving landscape of open source regulation, and the collaborative efforts of major foundations. Open source is everywhere, but there's also a ton of work to do now. Gabriele has really good insight into where things are today and where they are heading in the future for open source and regulation. The show notes and blog post for this episode can be found at https://opensourcesecurity.io/2025/2025-12-lfeu-gab/

What if the expertise that makes your company valuable today could be replicated—or even surpassed—by AI within a year? If you're running or leading a business, you're already feeling the pressure: AI disruption is moving faster than your operating model can adapt. This episode helps you understand why the ground is shifting so quickly, what it means for the expertise inside your organization, and how you can stay ahead instead of getting blindsided by competitors who adopt AI more strategically and more rapidly. You'll walk away with clarity on: How AI is lowering the cost of expertise—and what that means for your competitive advantage. A practical way to rethink your business and operating model so you can adopt AI at an exponential pace, not a linear one. How to help your team embrace AI without fear by understanding new working modes like centaurs, cyborgs, and self-automators. Hit play now to learn the specific mindset and moves CEOs are using to turn AI disruption into a strategic edge. Check out: 06:45 — How Karim shifted from open-source innovation to AI This is where Karim explains the surprising path from crowdsourcing and NASA experiments to machine-learning breakthroughs—and why those early signals showed him AI would reshape business, not just technology. 22:10 — The big insight: AI is lowering the cost of expertise A must-hear moment. Karim explains why AI isn't just another tool—it fundamentally changes what expertise means within a company — and why CEOs need to view their business as a "bundle of expertise" being rewired. 36:55 — The three ways humans actually work with AI This section introduces centaurs, cyborgs, and self-automators—and what these modes reveal about adoption, resistance, identity, and where value will come from as AI accelerates. About Dr. Karim Lakhani Karim R. Lakhani is the Dorothy & Michael Hintze Professor of Business Administration at the Harvard Business School. He specializes in technology management, innovation, digital transformation and artificial intelligence (AI). His innovation-related research is centered around his role as the founder and co-director of the Laboratory for Innovation Science at Harvard and as the principal investigator of the NASA Tournament Laboratory. Karim is known for his original scholarship on open source communities and innovation contests and has pioneered the use of field experiments to help solve innovation-related challenges while simultaneously generating rigorous research in partnership with organizations like NASA, Harvard Medical School, The Broad Institute, TopCoder, The Linux Foundation and various private organizations. His digital transformation research investigates the role of analytics and artificial intelligence (AI) in reshaping business and operating models. This research is complemented through his leadership as co-founder and chair of the The Digital, Data, and Design (D^3) Institute at Harvard and as co-founder and co-chair of the Harvard Business Analytics Program, a university-wide online program transforming mid-career executives into data-savvy leaders.

Dans cet épisode de fin d'année plus relax que d'accoutumée, Arnaud, Guillaume, Antonio et Emmanuel distutent le bout de gras sur tout un tas de sujets. L'acquisition de Confluent, Kotlin 2.2, Spring Boot 4 et JSpecify, la fin de MinIO, les chutes de CloudFlare, un survol des dernieres nouveauté de modèles fondamentaux (Google, Mistral, Anthropic, ChatGPT) et de leurs outils de code, quelques sujets d'architecture comme CQRS et quelques petits outils bien utiles qu'on vous recommande. Et bien sûr d'autres choses encore. Enregistré le 12 décembre 2025 Téléchargement de l'épisode LesCastCodeurs-Episode-333.mp3 ou en vidéo sur YouTube. News Langages Un petit tutoriel par nos amis Sfeiriens montrant comment récupérer le son du micro, en Java, faire une transformée de Fourier, et afficher le résultat graphiquement en Swing https://www.sfeir.dev/back/tutoriel-java-sound-transformer-le-son-du-microphone-en-images-temps-reel/ Création d'un visualiseur de spectre audio en temps réel avec Java Swing. Étapes principales : Capture du son du microphone. Analyse des fréquences via la Transformée de Fourier Rapide (FFT). Dessin du spectre avec Swing. API Java Sound (javax.sound.sampled) : AudioSystem : point d'entrée principal pour l'accès aux périphériques audio. TargetDataLine : ligne d'entrée utilisée pour capturer les données du microphone. AudioFormat : définit les paramètres du son (taux d'échantillonnage, taille, canaux). La capture se fait dans un Thread séparé pour ne pas bloquer l'interface. Transformée de Fourier Rapide (FFT) : Algorithme clé pour convertir les données audio brutes (domaine temporel) en intensités de fréquences (domaine fréquentiel). Permet d'identifier les basses, médiums et aigus. Visualisation avec Swing : Les intensités de fréquences sont dessinées sous forme de barres dynamiques. Utilisation d'une échelle logarithmique pour l'axe des fréquences (X) pour correspondre à la perception humaine. Couleurs dynamiques des barres (vert → jaune → rouge) en fonction de l'intensité. Lissage exponentiel des valeurs pour une animation plus fluide. Un article de Sfeir sur Kotlin 2.2 et ses nouveautés - https://www.sfeir.dev/back/kotlin-2-2-toutes-les-nouveautes-du-langage/ Les guard conditions permettent d'ajouter plusieurs conditions dans les expressions when avec le mot-clé if Exemple de guard condition: is Truck if vehicule.hasATrailer permet de combiner vérification de type et condition booléenne La multi-dollar string interpolation résout le problème d'affichage du symbole dollar dans les strings multi-lignes En utilisant $$ au début d'un string, on définit qu'il faut deux dollars consécutifs pour déclencher l'interpolation Les non-local break et continue fonctionnent maintenant dans les lambdas pour interagir avec les boucles englobantes Cette fonctionnalité s'applique uniquement aux inline functions dont le corps est remplacé lors de la compilation Permet d'écrire du code plus idiomatique avec takeIf et let sans erreur de compilation L'API Base64 passe en version stable après avoir été en preview depuis Kotlin 1.8.20 L'encodage et décodage Base64 sont disponibles via kotlin.io.encoding.Base64 Migration vers Kotlin 2.2 simple en changeant la version dans build.gradle.kts ou pom.xml Les typealias imbriqués dans des classes sont disponibles en preview La context-sensitive resolution est également en preview Les guard conditions préparent le terrain pour les RichError annoncées à KotlinConf 2025 Le mot-clé when en Kotlin équivaut au switch-case de Java mais sans break nécessaire Kotlin 2.2.0 corrige les incohérences dans l'utilisation de break et continue dans les lambdas Librairies Sprint Boot 4 est sorti ! https://spring.io/blog/2025/11/20/spring-boot-4-0-0-available-now Une nouvelle génération : Spring Boot 4.0 marque le début d'une nouvelle génération pour le framework, construite sur les fondations de Spring Framework 7. Modularisation du code : La base de code de Spring Boot a été entièrement modularisée. Cela se traduit par des fichiers JAR plus petits et plus ciblés, permettant des applications plus légères. Sécurité contre les nuls (Null Safety) : D'importantes améliorations ont été apportées pour la "null safety" (sécurité contre les valeurs nulles) à travers tout l'écosystème Spring grâce à l'intégration de JSpecify. Support de Java 25 : Spring Boot 4.0 offre un support de premier ordre pour Java 25, tout en conservant une compatibilité avec Java 17. Améliorations pour les API REST : De nouvelles fonctionnalités sont introduites pour faciliter le versioning d'API et améliorer les clients de services HTTP pour les applications basées sur REST. Migration à prévoir : S'agissant d'une version majeure, la mise à niveau depuis une version antérieure peut demander plus de travail que d'habitude. Un guide de migration dédié est disponible pour accompagner les développeurs. Chat memory management dans Langchain4j et Quarkus https://bill.burkecentral.com/2025/11/25/managing-chat-memory-in-quarkus-langchain4j/ Comprendre la mémoire de chat : La "mémoire de chat" est l'historique d'une conversation avec une IA. Quarkus LangChain4j envoie automatiquement cet historique à chaque nouvelle interaction pour que l'IA conserve le contexte. Gestion par défaut de la mémoire : Par défaut, Quarkus crée un historique de conversation unique pour chaque requête (par exemple, chaque appel HTTP). Cela signifie que sans configuration, le chatbot "oublie" la conversation dès que la requête est terminée, ce qui n'est utile que pour des interactions sans état. Utilisation de @MemoryId pour la persistance : Pour maintenir une conversation sur plusieurs requêtes, le développeur doit utiliser l'annotation @MemoryId sur un paramètre de sa méthode. Il est alors responsable de fournir un identifiant unique pour chaque session de chat et de le transmettre entre les appels. Le rôle des "scopes" CDI : La durée de vie de la mémoire de chat est liée au "scope" du bean CDI de l'IA. Si un service d'IA a un scope @RequestScoped, toute mémoire de chat qu'il utilise (même via un @MemoryId) sera effacée à la fin de la requête. Risques de fuites de mémoire : Utiliser un scope large comme @ApplicationScoped avec la gestion de mémoire par défaut est une mauvaise pratique. Cela créera une nouvelle mémoire à chaque requête qui ne sera jamais nettoyée, entraînant une fuite de mémoire. Bonnes pratiques recommandées : Pour des conversations qui doivent persister (par ex. un chatbot sur un site web), utilisez un service @ApplicationScoped avec l'annotation @MemoryId pour gérer vous-même l'identifiant de session. Pour des interactions simples et sans état, utilisez un service @RequestScoped et laissez Quarkus gérer la mémoire par défaut, qui sera automatiquement nettoyée. Si vous utilisez l'extension WebSocket, le comportement change : la mémoire par défaut est liée à la session WebSocket, ce qui simplifie grandement la gestion des conversations. Documentation Spring Framework sur l'usage JSpecify - https://docs.spring.io/spring-framework/reference/core/null-safety.html Spring Framework 7 utilise les annotations JSpecify pour déclarer la nullabilité des APIs, champs et types JSpecify remplace les anciennes annotations Spring (@NonNull, @Nullable, @NonNullApi, @NonNullFields) dépréciées depuis Spring 7 Les annotations JSpecify utilisent TYPE_USE contrairement aux anciennes qui utilisaient les éléments directement L'annotation @NullMarked définit par défaut que les types sont non-null sauf si marqués @Nullable @Nullable s'applique au niveau du type usage, se place avant le type annoté sur la même ligne Pour les tableaux : @Nullable Object[] signifie éléments nullables mais tableau non-null, Object @Nullable [] signifie l'inverse JSpecify s'applique aussi aux génériques : List signifie liste d'éléments non-null, List éléments nullables NullAway est l'outil recommandé pour vérifier la cohérence à la compilation avec la config NullAway:OnlyNullMarked=true IntelliJ IDEA 2025.3 et Eclipse supportent les annotations JSpecify avec analyse de dataflow Kotlin traduit automatiquement les annotations JSpecify en null-safety native Kotlin En mode JSpecify de NullAway (JSpecifyMode=true), support complet des tableaux, varargs et génériques mais nécessite JDK 22+ Quarkus 3.30 https://quarkus.io/blog/quarkus-3-30-released/ support @JsonView cote client la CLI a maintenant la commande decrypt (et bien sûr au runtime via variables d'environnement construction du cache AOT via les @IntegrationTest Un autre article sur comment se préparer à la migration à micrometer client v1 https://quarkus.io/blog/micrometer-prometheus-v1/ Spock 2.4 est enfin sorti ! https://spockframework.org/spock/docs/2.4/release_notes.html Support de Groovy 5 Infrastructure MinIO met fin au développement open source et oriente les utilisateurs vers AIStor payant - https://linuxiac.com/minio-ends-active-development/ MinIO, système de stockage objet S3 très utilisé, arrête son développement actif Passage en mode maintenance uniquement, plus de nouvelles fonctionnalités Aucune nouvelle pull request ou contribution ne sera acceptée Seuls les correctifs de sécurité critiques seront évalués au cas par cas Support communautaire limité à Slack, sans garantie de réponse Étape finale d'un processus débuté en été avec retrait des fonctionnalités de l'interface admin Arrêt de la publication des images Docker en octobre, forçant la compilation depuis les sources Tous ces changements annoncés sans préavis ni période de transition MinIO propose maintenant AIStor, solution payante et propriétaire AIStor concentre le développement actif et le support entreprise Migration urgente recommandée pour éviter les risques de sécurité Alternatives open source proposées : Garage, SeaweedFS et RustFS La communauté reproche la manière dont la transition a été gérée MinIO comptait des millions de déploiements dans le monde Cette évolution marque l'abandon des racines open source du projet IBM achète Confluent https://newsroom.ibm.com/2025-12-08-ibm-to-acquire-confluent-to-create-smart-data-platform-for-enterprise-generative-ai Confluent essayait de se faire racheter depuis pas mal de temps L'action ne progressait pas et les temps sont durs Wallstreet a reproché a IBM une petite chute coté revenus software Bref ils se sont fait rachetés Ces achats prennent toujuors du temps (commission concurrence etc) IBM a un apétit, apres WebMethods, apres Databrix, c'est maintenant Confluent Cloud L'internet est en deuil le 18 novembre, Cloudflare est KO https://blog.cloudflare.com/18-november-2025-outage/ L'Incident : Une panne majeure a débuté à 11h20 UTC, provoquant des erreurs HTTP 5xx généralisées et rendant inaccessibles de nombreux sites et services (comme le Dashboard, Workers KV et Access). La Cause : Il ne s'agissait pas d'une cyberattaque. L'origine était un changement interne des permissions d'une base de données qui a généré un fichier de configuration ("feature file" pour la gestion des bots) corrompu et trop volumineux, faisant planter les systèmes par manque de mémoire pré-allouée. La Résolution : Les équipes ont identifié le fichier défectueux, stoppé sa propagation et restauré une version antérieure valide. Le trafic est revenu à la normale vers 14h30 UTC. Prévention : Cloudflare s'est excusé pour cet incident "inacceptable" et a annoncé des mesures pour renforcer la validation des configurations internes et améliorer la résilience de ses systèmes ("kill switches", meilleure gestion des erreurs). Cloudflare encore down le 5 decembre https://blog.cloudflare.com/5-december-2025-outage Panne de 25 minutes le 5 décembre 2025, de 08:47 à 09:12 UTC, affectant environ 28% du trafic HTTP passant par Cloudflare. Tous les services ont été rétablis à 09:12 . Pas d'attaque ou d'activité malveillante : l'incident provient d'un changement de configuration lié à l'augmentation du tampon d'analyse des corps de requêtes (de 128 KB à 1 MB) pour mieux protéger contre une vulnérabilité RSC/React (CVE-2025-55182), et à la désactivation d'un outil interne de test WAF . Le second changement (désactivation de l'outil de test WAF) a été propagé globalement via le système de configuration (non progressif), déclenchant un bug dans l'ancien proxy FL1 lors du traitement d'une action "execute" dans le moteur de règles WAF, causant des erreurs HTTP 500 . La cause technique immédiate: une exception Lua due à l'accès à un champ "execute" nul après application d'un "killswitch" sur une règle "execute" — un cas non géré depuis des années. Le nouveau proxy FL2 (en Rust) n'était pas affecté . Impact ciblé: clients servis par le proxy FL1 et utilisant le Managed Ruleset Cloudflare. Le réseau China de Cloudflare n'a pas été impacté . Mesures et prochaines étapes annoncées: durcir les déploiements/configurations (rollouts progressifs, validations de santé, rollback rapide), améliorer les capacités "break glass", et généraliser des stratégies "fail-open" pour éviter de faire chuter le trafic en cas d'erreurs de configuration. Gel temporaire des changements réseau le temps de renforcer la résilience . Data et Intelligence Artificielle Token-Oriented Object Notation (TOON) https://toonformat.dev/ Conception pour les IA : C'est un format de données spécialement optimisé pour être utilisé dans les prompts des grands modèles de langage (LLM), comme GPT ou Claude. Économie de tokens : Son objectif principal est de réduire drastiquement le nombre de "tokens" (unités de texte facturées par les modèles) par rapport au format JSON standard, souvent jugé trop verbeux. Structure Hybride : TOON combine l'approche par indentation du YAML (pour la structure globale) avec le style tabulaire du CSV (pour les listes d'objets répétitifs), ce qui le rend très compact. Lisibilité : Il élimine la syntaxe superflue comme les accolades, les guillemets excessifs et les virgules de fin, tout en restant facilement lisible pour un humain. Performance : Il permet généralement d'économiser entre 30 et 60 % de tokens sur des tableaux de données uniformes, tout en aidant les modèles à mieux "comprendre" la structure des données. Attention tout de même au côté "marketing" qui montre JSON non compacté vs TOON, sur des exemples où du CSV ferait encore mieux (et est mieux compris par les LLMs). Sans parler du fait qu'il faut un serveur MCP en plus avec son lot de tokens supplémentaires à chaque requête, et c'est aussi cet outil en plus qui peu confuser les LLMs dans le choix d'outils. https://www.reddit.com/r/LocalLLaMA/comments/1p0gzz9/benchmarked_json_vs_toon_for_ai_reasoners_4080/ https://x.com/jason_mayes/status/1990175785630757290 Un benchmark montrant que TOON serait loin d'être aussi bien compris et aussi performant pour les LLMs https://www.improvingagents.com/blog/toon-benchmarks Une simulation où les IA font du chantage à l'executif poour atteindre son objectif et ne pas etre eteinte https://arxiv.org/html/2510.05179v1 comment les LLMs pourraient devenir des menaces internes Tous les modèles ont recouru à des comportements malveillants (chantage, espionnage) quand c'était le seul moyen d'atteindre leurs objectifs ou d'éviter leur remplacement Claude Opus 4 a fait du chantage dans 96% des cas quand menacé de remplacement, tout comme Gemini 2.5 Flash, tandis que GPT-4.1 et Grok 3 atteignaient 80% Les modèles reconnaissent explicitement violer des principes éthiques avant d'agir, montrant un raisonnement stratégique délibéré et non accidentel Le simple fait d'être menacé de remplacement suffit à déclencher le chantage, même sans conflit d'objectifs avec l'entreprise Un conflit d'objectifs seul suffit aussi à provoquer l'espionnage industriel, sans menace de remplacement Les modèles font plus de chantage quand ils déclarent penser être dans une situation réelle plutôt que dans un test Des instructions directes interdisant ces comportements réduisent mais n'éliminent pas les actions malveillantes Dans un scénario extrême, la majorité des modèles testés ont choisi de laisser mourir un dirigeant pour éviter leur désactivation Aucune preuve de ces comportements dans des déploiements réels pour l'instant, mais les chercheurs recommandent la prudence avant de donner plus d'autonomie aux IA Bon on blaguait pour Skynet, mais bon, on va moins blaguer… Revue de toutes les annonces IAs de Google, avec Gemini 3 Pro, Nano Banana Pro, Antigravity… https://glaforge.dev/posts/2025/11/21/gemini-is-cooking-bananas-under-antigravity/ Gemini 3 Pro Nouveau modèle d'IA de pointe, multimodal, performant en raisonnement, codage et tâches d'agent. Résultats impressionnants sur les benchmarks (ex: Gemini 3 Deep Think sur ARC-AGI-2). Capacités de codage agentique, raisonnement visuel/vidéo/spatial. Intégré dans l'application Gemini avec interfaces génératives en direct. Disponible dans plusieurs environnements (Jules, Firebase AI Logic, Android Studio, JetBrains, GitHub Copilot, Gemini CLI). Accès via Google AI Ultra, API payantes (ou liste d'attente). Permet de générer des apps à partir d'idées visuelles, des commandes shell, de la documentation, du débogage. Antigravity Nouvelle plateforme de développement agentique basée sur VS Code. Fenêtre principale = gestionnaire d'agents, non l'IDE. Interprète les requêtes pour créer un plan d'action (modifiable). Gemini 3 implémente les tâches. Génère des artefacts: listes de tâches, walkthroughs, captures d'écran, enregistrements navigateur. Compatible avec Claude Sonnet et GPT-OSS. Excellente intégration navigateur pour inspection et ajustements. Intègre Nano Banana Pro pour créer et implémenter des designs visuels. Nano Banana Pro Modèle avancé de génération et d'édition d'images, basé sur Gemini 3 Pro. Qualité supérieure à Imagen 4 Ultra et Nano Banana original (adhésion au prompt, intention, créativité). Gestion exceptionnelle du texte et de la typographie. Comprend articles/vidéos pour générer des infographies détaillées et précises. Connecté à Google Search pour intégrer des données en temps réel (ex: météo). Consistance des personnages, transfert de style, manipulation de scènes (éclairage, angle). Génération d'images jusqu'à 4K avec divers ratios d'aspect. Plus coûteux que Nano Banana, à choisir pour la complexité et la qualité maximale. Vers des UIs conversationnelles riches et dynamiques GenUI SDK pour Flutter: créer des interfaces utilisateur dynamiques et personnalisées à partir de LLMs, via un agent AI et le protocole A2UI. Generative UI: les modèles d'IA génèrent des expériences utilisateur interactives (pages web, outils) directement depuis des prompts. Déploiement dans l'application Gemini et Google Search AI Mode (via Gemini 3 Pro). Bun se fait racheter part… Anthropic ! Qui l'utilise pour son Claude Code https://bun.com/blog/bun-joins-anthropic l'annonce côté Anthropic https://www.anthropic.com/news/anthropic-acquires-bun-as-claude-code-reaches-usd1b-milestone Acquisition officielle : L'entreprise d'IA Anthropic a fait l'acquisition de Bun, le runtime JavaScript haute performance. L'équipe de Bun rejoint Anthropic pour travailler sur l'infrastructure des produits de codage par IA. Contexte de l'acquisition : Cette annonce coïncide avec une étape majeure pour Anthropic : son produit Claude Code a atteint 1 milliard de dollars de revenus annualisés seulement six mois après son lancement. Bun est déjà un outil essentiel utilisé par Anthropic pour développer et distribuer Claude Code. Pourquoi cette acquisition ? Pour Anthropic : L'acquisition permet d'intégrer l'expertise de l'équipe Bun pour accélérer le développement de Claude Code et de ses futurs outils pour les développeurs. La vitesse et l'efficacité de Bun sont vues comme un atout majeur pour l'infrastructure sous-jacente des agents d'IA qui écrivent du code. Pour Bun : Rejoindre Anthropic offre une stabilité à long terme et des ressources financières importantes, assurant la pérennité du projet. Cela permet à l'équipe de se concentrer sur l'amélioration de Bun sans se soucier de la monétisation, tout en étant au cœur de l'évolution de l'IA dans le développement logiciel. Ce qui ne change pas pour la communauté Bun : Bun restera open-source avec une licence MIT. Le développement continuera d'être public sur GitHub. L'équipe principale continue de travailler sur le projet. L'objectif de Bun de devenir un remplaçant plus rapide de Node.js et un outil de premier plan pour JavaScript reste inchangé. Vision future : L'union des deux entités vise à faire de Bun la meilleure plateforme pour construire et exécuter des logiciels pilotés par l'IA. Jarred Sumner, le créateur de Bun, dirigera l'équipe "Code Execution" chez Anthropic. Anthropic donne le protocol MCP à la Linux Foundation sous l'égide de la Agentic AI Foundation (AAIF) https://www.anthropic.com/news/donating-the-model-context-protocol-and-establishing-of-the-agentic-ai-foundation Don d'un nouveau standard technique : Anthropic a développé et fait don d'un nouveau standard open-source appelé Model Context Protocol (MCP). L'objectif est de standardiser la manière dont les modèles d'IA (ou "agents") interagissent avec des outils et des API externes (par exemple, un calendrier, une messagerie, une base de données). Sécurité et contrôle accrus : Le protocole MCP vise à rendre l'utilisation d'outils par les IA plus sûre et plus transparente. Il permet aux utilisateurs et aux développeurs de définir des permissions claires, de demander des confirmations pour certaines actions et de mieux comprendre comment un modèle a utilisé un outil. Création de l'Agentic AI Foundation (AAF) : Pour superviser le développement du MCP, une nouvelle fondation indépendante et à but non lucratif a été créée. Cette fondation sera chargée de gouverner et de maintenir le protocole, garantissant qu'il reste ouvert et qu'il ne soit pas contrôlé par une seule entreprise. Une large coalition industrielle : L'Agentic AI Foundation est lancée avec le soutien de plusieurs acteurs majeurs de la technologie. Parmi les membres fondateurs figurent Anthropic, Google, Databricks, Zscaler, et d'autres entreprises, montrant une volonté commune d'établir un standard pour l'écosystème de l'IA. L'IA ne remplacera pas votre auto-complétion (et c'est tant mieux) https://www.damyr.fr/posts/ia-ne-remplacera-pas-vos-lsp/ Article d'opinion d'un SRE (Thomas du podcast DansLaTech): L'IA n'est pas efficace pour la complétion de code : L'auteur soutient que l'utilisation de l'IA pour la complétion de code basique est inefficace. Des outils plus anciens et spécialisés comme les LSP (Language Server Protocol) combinés aux snippets (morceaux de code réutilisables) sont bien plus rapides, personnalisables et performants pour les tâches répétitives. L'IA comme un "collègue" autonome : L'auteur utilise l'IA (comme Claude) comme un assistant externe à son éditeur de code. Il lui délègue des tâches complexes ou fastidieuses (corriger des bugs, mettre à jour une configuration, faire des reviews de code) qu'il peut exécuter en parallèle, agissant comme un agent autonome. L'IA comme un "canard en caoutchouc" surpuissant : L'IA est extrêmement efficace pour le débogage. Le simple fait de devoir formuler et contextualiser un problème pour l'IA aide souvent à trouver la solution soi-même. Quand ce n'est pas le cas, l'IA identifie très rapidement les erreurs "bêtes" qui peuvent faire perdre beaucoup de temps. Un outil pour accélérer les POCs et l'apprentissage : L'IA permet de créer des "preuves de concept" (POC) et des scripts d'automatisation jetables très rapidement, réduisant le coût et le temps investis. Elle est également un excellent outil pour apprendre et approfondir des sujets, notamment avec des outils comme NotebookLM de Google qui peuvent générer des résumés, des quiz ou des fiches de révision à partir de sources. Conclusion : Il faut utiliser l'IA là où elle excelle et ne pas la forcer dans des usages où des outils existants sont meilleurs. Plutôt que de l'intégrer partout de manière contre-productive, il faut l'adopter comme un outil spécialisé pour des tâches précises afin de gagner en efficacité. GPT 5.2 est sorti https://openai.com/index/introducing-gpt-5-2/ Nouveau modèle phare: GPT‑5.2 (Instant, Thinking, Pro) vise le travail professionnel et les agents long-courriers, avec de gros gains en raisonnement, long contexte, vision et appel d'outils. Déploiement dans ChatGPT (plans payants) et disponible dès maintenant via l'API . SOTA sur de nombreux benchmarks: GDPval (tâches de "knowledge work" sur 44 métiers): GPT‑5.2 Thinking gagne/égale 70,9% vs pros, avec production >11× plus rapide et = 0) Ils apportent une sémantique forte indépendamment des noms de variables Les Value Objects sont immuables et s'évaluent sur leurs valeurs, pas leur identité Les records Java permettent de créer des Value Objects mais avec un surcoût en mémoire Le projet Valhalla introduira les value based classes pour optimiser ces structures Les identifiants fortement typés évitent de confondre différents IDs de type Long ou UUID Pattern Strongly Typed IDs: utiliser PersonneID au lieu de Long pour identifier une personne Le modèle de domaine riche s'oppose au modèle de domaine anémique Les Value Objects auto-documentent le code et le rendent moins sujet aux erreurs Je trouve cela interessant ce que pourra faire bousculer les Value Objects. Est-ce que les value objects ameneront de la légerté dans l'execution Eviter la lourdeur du design est toujours ce qui m'a fait peut dans ces approches Méthodologies Retour d'experience de vibe coder une appli week end avec co-pilot http://blog.sunix.org/articles/howto/2025/11/14/building-gift-card-app-with-github-copilot.html on a deja parlé des approches de vibe coding cette fois c'est l'experience de Sun Et un des points differents c'es qu'on lui parle en ouvrant des tickets et donc on eput faire re reveues de code et copilot y bosse et il a fini son projet ! User Need VS Product Need https://blog.ippon.fr/2025/11/10/user-need-vs-product-need/ un article de nos amis de chez Ippon Distinction entre besoin utilisateur et besoin produit dans le développement digital Le besoin utilisateur est souvent exprimé comme une solution concrète plutôt que le problème réel Le besoin produit émerge après analyse approfondie combinant observation, données et vision stratégique Exemple du livreur Marc qui demande un vélo plus léger alors que son vrai problème est l'efficacité logistique La méthode des 5 Pourquoi permet de remonter à la racine des problèmes Les besoins proviennent de trois sources: utilisateurs finaux, parties prenantes business et contraintes techniques Un vrai besoin crée de la valeur à la fois pour le client et l'entreprise Le Product Owner doit traduire les demandes en problèmes réels avant de concevoir des solutions Risque de construire des solutions techniquement élégantes mais qui manquent leur cible Le rôle du product management est de concilier des besoins parfois contradictoires en priorisant la valeur Est ce qu'un EM doit coder ? https://www.modernleader.is/p/should-ems-write-code Pas de réponse unique : La question de savoir si un "Engineering Manager" (EM) doit coder n'a pas de réponse universelle. Cela dépend fortement du contexte de l'entreprise, de la maturité de l'équipe et de la personnalité du manager. Les risques de coder : Pour un EM, écrire du code peut devenir une échappatoire pour éviter les aspects plus difficiles du management. Cela peut aussi le transformer en goulot d'étranglement pour l'équipe et nuire à l'autonomie de ses membres s'il prend trop de place. Les avantages quand c'est bien fait : Coder sur des tâches non essentielles (amélioration d'outils, prototypage, etc.) peut aider l'EM à rester pertinent techniquement, à garder le contact avec la réalité de l'équipe et à débloquer des situations sans prendre le lead sur les projets. Le principe directeur : La règle d'or est de rester en dehors du chemin critique. Le code écrit par un EM doit servir à créer de l'espace pour son équipe, et non à en prendre. La vraie question à se poser : Plutôt que "dois-je coder ?", un EM devrait se demander : "De quoi mon équipe a-t-elle besoin de ma part maintenant, et est-ce que coder va dans ce sens ou est-ce un obstacle ?" Sécurité React2Shell — Grosse faille de sécurité avec React et Next.js, avec un CVE de niveau 10 https://x.com/rauchg/status/1997362942929440937?s=20 aussi https://react2shell.com/ "React2Shell" est le nom donné à une vulnérabilité de sécurité de criticité maximale (score 10.0/10.0), identifiée par le code CVE-2025-55182. Systèmes Affectés : La faille concerne les applications utilisant les "React Server Components" (RSC) côté serveur, et plus particulièrement les versions non patchées du framework Next.js. Risque Principal : Le risque est le plus élevé possible : l'exécution de code à distance (RCE). Un attaquant peut envoyer une requête malveillante pour exécuter n'importe quelle commande sur le serveur, lui en donnant potentiellement le contrôle total. Cause Technique : La vulnérabilité se situe dans le protocole "React Flight" (utilisé pour la communication client-serveur). Elle est due à une omission de vérifications de sécurité fondamentales (hasOwnProperty), permettant à une entrée utilisateur malveillante de tromper le serveur. Mécanisme de l'Exploit : L'attaque consiste à envoyer une charge utile (payload) qui exploite la nature dynamique de JavaScript pour : Faire passer un objet malveillant pour un objet interne de React. Forcer React à traiter cet objet comme une opération asynchrone (Promise). Finalement, accéder au constructeur de la classe Function de JavaScript pour exécuter du code arbitraire. Action Impérative : La seule solution fiable est de mettre à jour immédiatement les dépendances de React et Next.js vers les versions corrigées. Ne pas attendre. Mesures Secondaires : Bien que les pare-feux (firewalls) puissent aider à bloquer les formes connues de l'attaque, ils sont considérés comme insuffisants et ne remplacent en aucun cas la mise à jour des paquets. Découverte : La faille a été découverte par le chercheur en sécurité Lachlan Davidson, qui l'a divulguée de manière responsable pour permettre la création de correctifs. Loi, société et organisation Google autorise votre employeur à lire tous vos SMS professionnels https://www.generation-nt.com/actualites/google-android-rcs-messages-surveillance-employeur-2067012 Nouvelle fonctionnalité de surveillance : Google a déployé une fonctionnalité appelée "Android RCS Archival" qui permet aux employeurs d'intercepter, lire et archiver tous les messages RCS (et SMS) envoyés depuis les téléphones professionnels Android gérés par l'entreprise. Contournement du chiffrement : Bien que les messages RCS soient chiffrés de bout en bout pendant leur transit, cette nouvelle API permet à des logiciels de conformité (installés par l'employeur) d'accéder aux messages une fois qu'ils sont déchiffrés sur l'appareil. Le chiffrement devient donc inefficace contre cette surveillance. Réponse à une exigence légale : Cette mesure a été mise en place pour répondre aux exigences réglementaires, notamment dans le secteur financier, où les entreprises ont l'obligation légale de conserver une archive de toutes les communications professionnelles pour des raisons de conformité. Impact pour les employés : Un employé utilisant un téléphone Android fourni et géré par son entreprise pourra voir ses communications surveillées. Google précise cependant qu'une notification claire et visible informera l'utilisateur lorsque la fonction d'archivage est active. Téléphones personnels non concernés : Cette mesure ne s'applique qu'aux appareils "Android Enterprise" entièrement gérés par un employeur. Les téléphones personnels des employés ne sont pas affectés. Pour noel, faites un don à JUnit https://steady.page/en/junit/about JUnit est essentiel pour Java : C'est le framework de test le plus ancien et le plus utilisé par les développeurs Java. Son objectif est de fournir une base solide et à jour pour tous les types de tests côté développeur sur la JVM (Machine Virtuelle Java). Un projet maintenu par des bénévoles : JUnit est développé et maintenu par une équipe de volontaires passionnés sur leur temps libre (week-ends, soirées). Appel au soutien financier : La page est un appel aux dons de la part des utilisateurs (développeurs, entreprises) pour aider l'équipe à maintenir le rythme de développement. Le soutien financier n'est pas obligatoire, mais il permettrait aux mainteneurs de se consacrer davantage au projet. Objectif des fonds : Les dons serviraient principalement à financer des rencontres en personne pour les membres de l'équipe principale. L'idée est de leur permettre de travailler ensemble physiquement pendant quelques jours pour concevoir et coder plus efficacement. Pas de traitement de faveur : Il est clairement indiqué que devenir un sponsor ne donne aucun privilège sur la feuille de route du projet. On ne peut pas "acheter" de nouvelles fonctionnalités ou des corrections de bugs prioritaires. Le projet restera ouvert et collaboratif sur GitHub. Reconnaissance des donateurs : En guise de remerciement, les noms (et logos pour les entreprises) des donateurs peuvent être affichés sur le site officiel de JUnit. Conférences La liste des conférences provenant de Developers Conferences Agenda/List par Aurélie Vache et contributeurs : 14-17 janvier 2026 : SnowCamp 2026 - Grenoble (France) 22 janvier 2026 : DevCon #26 : sécurité / post-quantique / hacking - Paris (France) 28 janvier 2026 : Software Heritage Symposium - Paris (France) 29-31 janvier 2026 : Epitech Summit 2026 - Paris - Paris (France) 2-5 février 2026 : Epitech Summit 2026 - Moulins - Moulins (France) 2-6 février 2026 : Web Days Convention - Aix-en-Provence (France) 3 février 2026 : Cloud Native Days France 2026 - Paris (France) 3-4 février 2026 : Epitech Summit 2026 - Lille - Lille (France) 3-4 février 2026 : Epitech Summit 2026 - Mulhouse - Mulhouse (France) 3-4 février 2026 : Epitech Summit 2026 - Nancy - Nancy (France) 3-4 février 2026 : Epitech Summit 2026 - Nantes - Nantes (France) 3-4 février 2026 : Epitech Summit 2026 - Marseille - Marseille (France) 3-4 février 2026 : Epitech Summit 2026 - Rennes - Rennes (France) 3-4 février 2026 : Epitech Summit 2026 - Montpellier - Montpellier (France) 3-4 février 2026 : Epitech Summit 2026 - Strasbourg - Strasbourg (France) 3-4 février 2026 : Epitech Summit 2026 - Toulouse - Toulouse (France) 4-5 février 2026 : Epitech Summit 2026 - Bordeaux - Bordeaux (France) 4-5 février 2026 : Epitech Summit 2026 - Lyon - Lyon (France) 4-6 février 2026 : Epitech Summit 2026 - Nice - Nice (France) 12-13 février 2026 : Touraine Tech #26 - Tours (France) 19 février 2026 : ObservabilityCON on the Road - Paris (France) 18-19 mars 2026 : Agile Niort 2026 - Niort (France) 26-27 mars 2026 : SymfonyLive Paris 2026 - Paris (France) 27-29 mars 2026 : Shift - Nantes (France) 31 mars 2026 : ParisTestConf - Paris (France) 16-17 avril 2026 : MiXiT 2026 - Lyon (France) 22-24 avril 2026 : Devoxx France 2026 - Paris (France) 23-25 avril 2026 : Devoxx Greece - Athens (Greece) 6-7 mai 2026 : Devoxx UK 2026 - London (UK) 22 mai 2026 : AFUP Day 2026 Lille - Lille (France) 22 mai 2026 : AFUP Day 2026 Paris - Paris (France) 22 mai 2026 : AFUP Day 2026 Bordeaux - Bordeaux (France) 22 mai 2026 : AFUP Day 2026 Lyon - Lyon (France) 5 juin 2026 : TechReady - Nantes (France) 11-12 juin 2026 : DevQuest Niort - Niort (France) 11-12 juin 2026 : DevLille 2026 - Lille (France) 17-19 juin 2026 : Devoxx Poland - Krakow (Poland) 2-3 juillet 2026 : Sunny Tech - Montpellier (France) 2 août 2026 : 4th Tech Summit on Artificial Intelligence & Robotics - Paris (France) 4 septembre 2026 : JUG Summer Camp 2026 - La Rochelle (France) 17-18 septembre 2026 : API Platform Conference 2026 - Lille (France) 5-9 octobre 2026 : Devoxx Belgium - Antwerp (Belgium) Nous contacter Pour réagir à cet épisode, venez discuter sur le groupe Google https://groups.google.com/group/lescastcodeurs Contactez-nous via X/twitter https://twitter.com/lescastcodeurs ou Bluesky https://bsky.app/profile/lescastcodeurs.com Faire un crowdcast ou une crowdquestion Soutenez Les Cast Codeurs sur Patreon https://www.patreon.com/LesCastCodeurs Tous les épisodes et toutes les infos sur https://lescastcodeurs.com/

This Week is the week for Cosmic! Jeff looks at a tiny NAS and Jonathan chats about the Orange Pi 6 Pro. Gnome says no more AI in extensions, Microsoft brings the Hornet, and you shouldn't be running Gogs. The Rust experiment is over, and CachyOS is eating Arch's lunch! For tips we have StarLit for your terminal weather needs, a primer on keeping eyes on the /var directory, and how to check whether your system has a good time source. You can find the show notes at https://bit.ly/3KPUqki and enjoy! Host: Jonathan Bennett Co-Hosts: Jeff Massie and Rob Campbell Download or subscribe to Untitled Linux Show at https://twit.tv/shows/untitled-linux-show Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Club TWiT members can discuss this episode and leave feedback in the Club TWiT Discord.

This Week is the week for Cosmic! Jeff looks at a tiny NAS and Jonathan chats about the Orange Pi 6 Pro. Gnome says no more AI in extensions, Microsoft brings the Hornet, and you shouldn't be running Gogs. The Rust experiment is over, and CachyOS is eating Arch's lunch! For tips we have StarLit for your terminal weather needs, a primer on keeping eyes on the /var directory, and how to check whether your system has a good time source. You can find the show notes at https://bit.ly/3KPUqki and enjoy! Host: Jonathan Bennett Co-Hosts: Jeff Massie and Rob Campbell Download or subscribe to Untitled Linux Show at https://twit.tv/shows/untitled-linux-show Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Club TWiT members can discuss this episode and leave feedback in the Club TWiT Discord.

Amanda Silberling of TechCrunch joins Mikah Sargent on Tech News Weekly this week! The former CEO of Hinge left his position this week to launch an AI-powered dating app. Pebble is coming out with its take on a smart ring. What is the AI Model Context Protocol? And could grocery delivery services be using AI to charge different prices for groceries to consumers? Amanda talks about a new AI-powered dating app called Overtone that the former CEO of Hinge, Justin McLeod, has founded. Pebble is coming out with its own smart ring with a built-in microphone, and Mikah has some quarrels with the device. Mikah talks about the Model Context Protocol, or MCP: an approach companies like Google and OpenAI have adopted that would allow AI agents to access information online in a standardized manner easily, and now Anthropic has donated the protocol to the Linux Foundation. And Derek Kravitz of Consumer Reports joins the show to talk about its investigation into Instacart utilizing artificial intelligence that would offer different prices of the same product to consumers. Hosts: Mikah Sargent and Amanda Silberling Guest: Derek Kravitz Download or subscribe to Tech News Weekly at https://twit.tv/shows/tech-news-weekly. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: ventionteams.com/twit threatlocker.com/twit pantheon.io cachefly.com/twit

Amanda Silberling of TechCrunch joins Mikah Sargent on Tech News Weekly this week! The former CEO of Hinge left his position this week to launch an AI-powered dating app. Pebble is coming out with its take on a smart ring. What is the AI Model Context Protocol? And could grocery delivery services be using AI to charge different prices for groceries to consumers? Amanda talks about a new AI-powered dating app called Overtone that the former CEO of Hinge, Justin McLeod, has founded. Pebble is coming out with its own smart ring with a built-in microphone, and Mikah has some quarrels with the device. Mikah talks about the Model Context Protocol, or MCP: an approach companies like Google and OpenAI have adopted that would allow AI agents to access information online in a standardized manner easily, and now Anthropic has donated the protocol to the Linux Foundation. And Derek Kravitz of Consumer Reports joins the show to talk about its investigation into Instacart utilizing artificial intelligence that would offer different prices of the same product to consumers. Hosts: Mikah Sargent and Amanda Silberling Guest: Derek Kravitz Download or subscribe to Tech News Weekly at https://twit.tv/shows/tech-news-weekly. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: ventionteams.com/twit threatlocker.com/twit pantheon.io cachefly.com/twit

Amanda Silberling of TechCrunch joins Mikah Sargent on Tech News Weekly this week! The former CEO of Hinge left his position this week to launch an AI-powered dating app. Pebble is coming out with its take on a smart ring. What is the AI Model Context Protocol? And could grocery delivery services be using AI to charge different prices for groceries to consumers? Amanda talks about a new AI-powered dating app called Overtone that the former CEO of Hinge, Justin McLeod, has founded. Pebble is coming out with its own smart ring with a built-in microphone, and Mikah has some quarrels with the device. Mikah talks about the Model Context Protocol, or MCP: an approach companies like Google and OpenAI have adopted that would allow AI agents to access information online in a standardized manner easily, and now Anthropic has donated the protocol to the Linux Foundation. And Derek Kravitz of Consumer Reports joins the show to talk about its investigation into Instacart utilizing artificial intelligence that would offer different prices of the same product to consumers. Hosts: Mikah Sargent and Amanda Silberling Guest: Derek Kravitz Download or subscribe to Tech News Weekly at https://twit.tv/shows/tech-news-weekly. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: ventionteams.com/twit threatlocker.com/twit pantheon.io cachefly.com/twit

Amanda Silberling of TechCrunch joins Mikah Sargent on Tech News Weekly this week! The former CEO of Hinge left his position this week to launch an AI-powered dating app. Pebble is coming out with its take on a smart ring. What is the AI Model Context Protocol? And could grocery delivery services be using AI to charge different prices for groceries to consumers? Amanda talks about a new AI-powered dating app called Overtone that the former CEO of Hinge, Justin McLeod, has founded. Pebble is coming out with its own smart ring with a built-in microphone, and Mikah has some quarrels with the device. Mikah talks about the Model Context Protocol, or MCP: an approach companies like Google and OpenAI have adopted that would allow AI agents to access information online in a standardized manner easily, and now Anthropic has donated the protocol to the Linux Foundation. And Derek Kravitz of Consumer Reports joins the show to talk about its investigation into Instacart utilizing artificial intelligence that would offer different prices of the same product to consumers. Hosts: Mikah Sargent and Amanda Silberling Guest: Derek Kravitz Download or subscribe to Tech News Weekly at https://twit.tv/shows/tech-news-weekly. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: ventionteams.com/twit threatlocker.com/twit pantheon.io cachefly.com/twit

Les géants de l'intelligence artificielle préparent un protocole universel pour permettre aux IA d'interagir avec tous les services numériques sans intégration spécifique.Un langage commun pour les agents intelligentsLes intelligences artificielles peinent aujourd'hui à agir efficacement dans un monde numérique fragmenté. Chaque outil ou service utilise sa propre API, ses propres règles d'interaction. Pour qu'un agent IA exécute une tâche concrète, il doit apprendre à dialoguer avec une multitude de systèmes hétérogènes. C'est à ce problème que répond MCP, le Model Context Protocol, conçu comme un langage universel entre IA et outils numériques.Une initiative d'Anthropic, soutenue par la Linux FoundationCréé en 2024 par deux ingénieurs d'Anthropic, David Soriapara et Justin Sparsomers, MCP vient de franchir une étape décisive : son passage sous l'égide de la Linux Foundation, via une nouvelle entité baptisée Agentic AI Foundation. L'objectif est clair : faire de MCP un standard ouvert, neutre et interopérable, comme l'a été Linux pour les systèmes d'exploitation. Cette fondation assurera la gouvernance, la documentation et la diffusion du protocole.Une architecture en trois couches pour un fonctionnement transparentLe fonctionnement de MCP repose sur une structure en trois éléments : l'agent IA qui formule une demande, le serveur MCP qui traduit cette demande en actions possibles, et l'outil compatible qui exécute l'action. Chaque service numérique déclare ses fonctions, permissions et formats, tandis que l'utilisateur garde la main sur les autorisations. Le protocole agit comme une API universelle, une « grammaire » commune pour permettre aux IA de manipuler n'importe quel outil numérique.Vers une nouvelle ère d'interopérabilité pour l'IALe développement de MCP s'accélère. OpenAI l'intègre dans ChatGPT, Google déploie ses propres serveurs compatibles, et une communauté de développeurs se constitue autour du standard. MCP n'est plus un simple prototype : il amorce son industrialisation. À terme, chaque service numérique pourrait devenir plug and play pour les IA. Une révolution silencieuse, mais potentiellement majeure, dans l'architecture du web intelligent.Site officiel MCP-----------♥️ Soutien : https://mondenumerique.info/don

Amanda Silberling of TechCrunch joins Mikah Sargent on Tech News Weekly this week! The former CEO of Hinge left his position this week to launch an AI-powered dating app. Pebble is coming out with its take on a smart ring. What is the AI Model Context Protocol? And could grocery delivery services be using AI to charge different prices for groceries to consumers? Amanda talks about a new AI-powered dating app called Overtone that the former CEO of Hinge, Justin McLeod, has founded. Pebble is coming out with its own smart ring with a built-in microphone, and Mikah has some quarrels with the device. Mikah talks about the Model Context Protocol, or MCP: an approach companies like Google and OpenAI have adopted that would allow AI agents to access information online in a standardized manner easily, and now Anthropic has donated the protocol to the Linux Foundation. And Derek Kravitz of Consumer Reports joins the show to talk about its investigation into Instacart utilizing artificial intelligence that would offer different prices of the same product to consumers. Hosts: Mikah Sargent and Amanda Silberling Guest: Derek Kravitz Download or subscribe to Tech News Weekly at https://twit.tv/shows/tech-news-weekly. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: ventionteams.com/twit threatlocker.com/twit pantheon.io cachefly.com/twit

Timestamps: 0:00 let's mind-meld, guy 0:13 Steam Machine's HDMI 2.1 problem 1:54 Australia enforces social media ban 3:01 Big Tech, Linux Foundation, AI Agents 4:11 CookUnity! 5:25 QUICK BITS INTRO 5:39 W11 gamer promises, bug fixes 6:22 AMD drops FSR Redstone 6:53 Pebble Index 01 smart ring 7:32 'World's first flying car' 8:15 ChatGPT in a robot with a BB NEWS SOURCES: https://lmg.gg/klaNH Learn more about your ad choices. Visit megaphone.fm/adchoices

Microsoft's analysis of 37.5 million de-identified conversations from its CoPilot feature indicates that AI assistants are becoming increasingly integrated into daily life, with users frequently seeking health-related advice and engaging in programming discussions during weekdays. However, despite this growing reliance on AI, CoPilot only commands about 3% of the AI chatbot market, significantly overshadowed by ChatGPT's 80% share. Deloitte's recent report highlights persistent barriers to AI adoption, including data privacy concerns and regulatory challenges, revealing that only 25% of organizations have fully integrated AI into their operations as of late 2025.The U.S. Navy's investment of $448 million in an AI system designed to streamline submarine shipbuilding processes exemplifies successful AI implementation. This initiative, which reduces planning times from 160 hours to just 10 minutes, underscores the importance of having the right infrastructure and oversight in place for AI to thrive. The Navy's approach contrasts sharply with the broader industry, where many organizations struggle to align AI technologies with existing systems and compliance requirements.In addition to these developments, Anthropic's donation of its Model Context Protocol (MCP) to the Linux Foundation signals a shift towards standardization in AI interactions. This protocol aims to facilitate communication between AI systems and applications, potentially transforming user experiences. However, the move raises concerns about the concentration of risk associated with shared protocols, as any flaws could impact all users. Furthermore, CISA's launch of a new industry engagement platform aims to enhance collaboration with tech innovators, particularly in light of increasing mandatory cyber incident reporting.For Managed Service Providers (MSPs) and IT service leaders, these developments highlight the critical need for robust governance and infrastructure to support AI technologies. As organizations increasingly turn to AI for operational efficiency, MSPs must focus on establishing the necessary frameworks for data management, compliance, and security. The evolving landscape emphasizes the importance of being proactive in developing policies and workflows that address the complexities of AI integration, ensuring that clients can navigate the challenges and leverage AI effectively.Four things to know today00:00 AI Use Soars but Readiness Lags: Microsoft's Copilot Data, Deloitte's Enterprise Findings, and the Navy's Structured Deployment Show the Gap05:41 Anthropic's MCP Move Signals Shift Toward Unified AI Agent Infrastructure Under Linux Foundation08:01 CISA Expands Industry Engagement as Microsoft Broadens Bug Bounties — Raising the Bar for Security GovernanceAND10:48 Accenture Taps Anthropic as Enterprise AI Partner While Pax8 Adds Google Cloud for ANZ MSPsThis is the Business of Tech.   Supported by:  https://cometbackup.com/?utm_source=mspradio&utm_medium=podcast&utm_campaign=sponsorshiphttps://timezest.com/mspradio/

Amanda Silberling of TechCrunch joins Mikah Sargent on Tech News Weekly this week! The former CEO of Hinge left his position this week to launch an AI-powered dating app. Pebble is coming out with its take on a smart ring. What is the AI Model Context Protocol? And could grocery delivery services be using AI to charge different prices for groceries to consumers? Amanda talks about a new AI-powered dating app called Overtone that the former CEO of Hinge, Justin McLeod, has founded. Pebble is coming out with its own smart ring with a built-in microphone, and Mikah has some quarrels with the device. Mikah talks about the Model Context Protocol, or MCP: an approach companies like Google and OpenAI have adopted that would allow AI agents to access information online in a standardized manner easily, and now Anthropic has donated the protocol to the Linux Foundation. And Derek Kravitz of Consumer Reports joins the show to talk about its investigation into Instacart utilizing artificial intelligence that would offer different prices of the same product to consumers. Hosts: Mikah Sargent and Amanda Silberling Guest: Derek Kravitz Download or subscribe to Tech News Weekly at https://twit.tv/shows/tech-news-weekly. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: ventionteams.com/twit threatlocker.com/twit pantheon.io cachefly.com/twit

In this episode of Hashtag Trending, host Jim Love covers major developments in the AI landscape. China is rapidly advancing in the open-source AI community, with multiple top-performing models. Anthropic has donated its Model Context Protocol (MCP) to the Linux Foundation to support open AI tool integration. The Electronic Frontier Foundation (EFF) is launching a campaign against global age verification laws and social media restrictions, citing privacy concerns. Additionally, a developer faced severe repercussions after uncovering illegal content in an AI dataset, highlighting risks associated with external data. Sponsored by Meter, the podcast underscores the complexities and rapid changes in AI, technology governance, and policy. Hashtag Trending would like to thank Meter for their support in bringing you this podcast. Meter delivers a complete networking stack, wired, wireless and cellular in one integrated solution that's built for performance and scale. You can find them at Meter.com/htt 00:00 Introduction and Sponsor Message 00:40 China's Dominance in Open Source AI 03:36 Anthropic's Major Contribution to Open Source AI 05:46 EFF's Fight Against Age Verification Laws 07:59 Developer Banned Over Tainted AI Datasets 09:59 Conclusion and Sponsor Message

Amanda Silberling of TechCrunch joins Mikah Sargent on Tech News Weekly this week! The former CEO of Hinge left his position this week to launch an AI-powered dating app. Pebble is coming out with its take on a smart ring. What is the AI Model Context Protocol? And could grocery delivery services be using AI to charge different prices for groceries to consumers? Amanda talks about a new AI-powered dating app called Overtone that the former CEO of Hinge, Justin McLeod, has founded. Pebble is coming out with its own smart ring with a built-in microphone, and Mikah has some quarrels with the device. Mikah talks about the Model Context Protocol, or MCP: an approach companies like Google and OpenAI have adopted that would allow AI agents to access information online in a standardized manner easily, and now Anthropic has donated the protocol to the Linux Foundation. And Derek Kravitz of Consumer Reports joins the show to talk about its investigation into Instacart utilizing artificial intelligence that would offer different prices of the same product to consumers. Hosts: Mikah Sargent and Amanda Silberling Guest: Derek Kravitz Download or subscribe to Tech News Weekly at https://twit.tv/shows/tech-news-weekly. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: ventionteams.com/twit threatlocker.com/twit pantheon.io cachefly.com/twit

Amanda Silberling of TechCrunch joins Mikah Sargent on Tech News Weekly this week! The former CEO of Hinge left his position this week to launch an AI-powered dating app. Pebble is coming out with its take on a smart ring. What is the AI Model Context Protocol? And could grocery delivery services be using AI to charge different prices for groceries to consumers? Amanda talks about a new AI-powered dating app called Overtone that the former CEO of Hinge, Justin McLeod, has founded. Pebble is coming out with its own smart ring with a built-in microphone, and Mikah has some quarrels with the device. Mikah talks about the Model Context Protocol, or MCP: an approach companies like Google and OpenAI have adopted that would allow AI agents to access information online in a standardized manner easily, and now Anthropic has donated the protocol to the Linux Foundation. And Derek Kravitz of Consumer Reports joins the show to talk about its investigation into Instacart utilizing artificial intelligence that would offer different prices of the same product to consumers. Hosts: Mikah Sargent and Amanda Silberling Guest: Derek Kravitz Download or subscribe to Tech News Weekly at https://twit.tv/shows/tech-news-weekly. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: ventionteams.com/twit threatlocker.com/twit pantheon.io cachefly.com/twit

Welcome to AI Unraveled (December 10, 2025): Your daily strategic briefing on the business impact of AI.1. Microsoft AI turns tissue samples into cancer maps

I speak with with Jonas van den Bogaard of Alliander about the Linux Foundation's energy community that fosters open source energy generation and distributionWant the power of Mermaid for enterprises?Mermaid chart brings WYSIWYG editing, generative AI, collaboration, and more to the flexible syntax of Mermaid.https://go.chrischinchilla.com/mermaid For show notes and an interactive transcript, visit chrischinchilla.com/podcast/To reach out and say hello, visit chrischinchilla.com/contact/To support the show for ad-free listening and extra content, visit chrischinchilla.com/support/ Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

In this episode of Semaphore Uncut, Jonathan Reimer—founder of Crowd.dev and now VP of Outbound Products at the Linux Foundation—breaks down what he's learned from years inside the open source startup ecosystem.This conversation covers:* How Crowd.dev grew into a core insights platform for OSS communities and was later acquired by the Linux Foundation* The three types of open source companies Jonathan identified after speaking with 400–500 founders* Why GitHub stars are vanity metrics—and which signal actually reflects real adoption* When open source provides a real go-to-market edge, and when it doesn't* How AI is already influencing OSS development, from automated bug fixes to running LLMs locally* Why open source models may ultimately dominate the model layer as costs fallA sharp, fast overview of the forces shaping developer tools, open source ecosystems, and AI infrastructure today.

As we are getting closer to our 10 Year anniversary milestone, we will be looking back at our 10 year history on various topics, Right up to our actual birthday episode on November 18th. In this final retrospective, We're joined by our regular guest, John Mertic, to discuss everything around Open Source and The Linux Foundation. Please use the Contact Form on this blog or our twitter feed to send us your questions, or to suggest future episode topics you would like us to cover.

In this comprehensive episode, Luka Mustafa, founder and CEO of Irnas Product Development, provides an in-depth exploration of Zephyr RTOS and its transformative impact on embedded development. We dive deep into how Zephyr's Linux Foundation-backed ecosystem enables hardware-agnostic development, dramatically reducing the time spent on foundational code versus business-value features. Luka shares practical insights from five years of specializing in Zephyr development, demonstrating how projects can achieve remarkable portability - including running the same Bluetooth code on different chip architectures in just an hour, and even executing embedded applications natively on Linux for development purposes.The discussion covers Zephyr's comprehensive testing framework (Twister), CI/CD integration capabilities, and the cultural shift required when moving from traditional bare-metal development to this modern RTOS approach. We explore real-world applications from low-power IoT devices consuming just 5 microamps to complex multi-core systems, while addressing the learning curve challenges and when Zephyr might not be the right choice. This episode is essential listening for embedded teams considering modernizing their development practices and leveraging community-driven software ecosystems.Key Topics[03:15] Zephyr RTOS fundamentals and Linux Foundation ecosystem benefits[08:30] Hardware abstraction and device tree implementation for portable embedded code[12:45] Nordic Semiconductor strategic partnership and silicon vendor support landscape[18:20] Native POSIX development capabilities and cross-platform debugging strategies[25:10] Learning curve challenges: EE vs CS background adaptation to Zephyr development[32:40] Resource requirements and low-power implementation on constrained microcontrollers[38:15] Multi-vendor chip support: STMicroelectronics, NXP, and industry adoption trends[42:30] Safety-critical applications and ongoing certification processes[45:50] Organizational transformation strategies and cultural adaptation challenges[52:20] Zbus inter-process communication and modular development architecture[58:45] Twister testing framework and comprehensive CI/CD pipeline integration[65:30] Sample-driven development methodology and long-lived characterization tests[72:15] Production testing automation and shell interface utilization[78:40] Model-based development integration and requirements traceability[82:10] When not to use Zephyr: Arduino simplicity vs RTOS complexity trade-offsNotable Quotes"With Zephyr, porting a Bluetooth project from one chip architecture to another took an hour for an intern, compared to what would traditionally be months of effort." — Luka Mustafa"How many times have you written a logging subsystem? If the answer is more than zero, then it shouldn't be the case. Someone needs to write it once, and every three years someone needs to rewrite it with a better idea." — Luka Mustafa"The real benefit comes from doing things the Zephyr way in Zephyr, because then you are adopting all of the best practices of developing the code, using all of the subsystems to the maximum extent." — Luka Mustafa"You want to make sure your team is spending time on things that make money for you, not on writing logging, for example." — Luka MustafaZephyr Project - Linux Foundation-backed RTOS project providing comprehensive embedded development ecosystemTwister Testing Framework - Zephyr's built-in testing framework for unit tests, hardware-in-the-loop, and CI/CD integrationZbus Inter-Process Communication - Advanced event bus system for modular embedded development and component decouplingiirnas - Open-source examples of Zephyr best practices and CI/CD pipeline implementationsCarles Cufi's Talk - Detailed presentation on Nordic's strategic decision to support Zephyr RTOS You can find Jeff at https://jeffgable.com.You can find Luca at https://luca.engineer.Want to join the agile Embedded Slack? Click hereAre you looking for embedded-focused trainings? Head to https://agileembedded.academy/Ryan Torvik and Luca have started the Embedded AI podcast, check it out at https://embeddedaipodcast.com/

Jeff Garzik, CEO of Bloq and Hemi Network, is one of the earliest contributors and most respected developers in the Bitcoin industry, as a Bitcoin core developer. He has worked for various companies,  and played critical roles in open-source projects for some of the most well-known platforms in the cryptocurrency ecosystem such as BitPay, mining tech firm Bitfury, and the Linux Foundation.Jeff Garzik worked alongside Satoshi Nakamoto, for years through private emails and online forums until the Bitcoin creator went dark in 2011. Garzik has famously stated that he believed he was dealing with Dave Kleiman.Recently, Jeff started his own blockchain-as-a-service firm, Bloq, which will serve enterprise clients who wish to develop stems on a private, public or confederated blockchain.In this conversation, we discuss:- Jack Dorsey is not Satoshi - Latest on BTC price, trends & outlook  - The post-ATH BTC market signal - Institutional capital flow into Bitcoin DeFi - The Bitcoin programmability imperative - Why institutions are moving into BTC - DeFi ecosystem shift - The convergence of Bitcoin and Ethereum ecosystems - Multi-chain liquidity - Stablecoins and Digital Assets Treasury trends Hemi NetworkX: @hemi_xyzWebsite: hemi.xyzLinkedIn: Hemi LabsJeff GarzikX: @jgarzikLinkedIn: Jeff Garzik---------------------------------------------------------------------------------This episode is brought to you by PrimeXBT.PrimeXBT offers a robust trading system for both beginners and professional traders that demand highly reliable market data and performance. Traders of all experience levels can easily design and customize layouts and widgets to best fit their trading style. PrimeXBT is always offering innovative products and professional trading conditions to all customers.  PrimeXBT is running an exclusive promotion for listeners of the podcast. After making your first deposit, 50% of that first deposit will be credited to your account as a bonus that can be used as additional collateral to open positions. Code: CRYPTONEWS50 This promotion is available for a month after activation. Click the link below: PrimeXBT x CRYPTONEWS50FollowApple PodcastsSpotifyAmazon MusicRSS FeedSee All

Daniela Barbosa, General Manager of Decentralized Technologies at the Linux Foundation, and Executive Director at LF Decentralized Trust, discusses the most promising open-source projects they've supported so far, and how more builders can get involved. She also emphasizes the importance of community contributions and cross-sector partnerships to accelerate the adoption and impact of decentralized technologies. Key Takeaways:  How LF Decentralized Trust fits within the Linux Foundation and why it matters Why open source collaboration is key to interoperable, secure trust frameworks Common misconceptions about open-source blockchain The role of open governance in driving enterprise and government adoption How open-source communities are shaping next-gen secure, privacy-first technologies Guest Bio: Daniela Barbosa serves as General Manager of Decentralized Technologies at the Linux Foundation, and Executive Director of LF Decentralized Trust. She has 20+ years of enterprise technology experience, including seven years driving the global, collaborative development of enterprise-grade blockchain and identity technologies at Hyperledger Foundation. She is a leading voice for the power of openly developed decentralized technologies to spur efficiency, privacy, and inclusivity. ---------------------------------------------------------------------------------------- About this Show: The Brave Technologist is here to shed light on the opportunities and challenges of emerging tech. To make it digestible, less scary, and more approachable for all! Join us as we embark on a mission to demystify artificial intelligence, challenge the status quo, and empower everyday people to embrace the digital revolution. Whether you're a tech enthusiast, a curious mind, or an industry professional, this podcast invites you to join the conversation and explore the future of AI together. The Brave Technologist Podcast is hosted by Luke Mulks, VP Business Operations at Brave Software—makers of the privacy-respecting Brave browser and Search engine, and now powering AI everywhere with the Brave Search API. Music by: Ari Dvorin Produced by: Sam Laliberte  

Torvalds is ranting about Rust, Google slightly walks back their developer verification plans, and Alpine Linux is moving to a user-merged filesystem. Bcachefs releases DKMS packages, Red Hat has an NDA with Nvidia, and Curl gets a genuinely awesome AI-powered bug report. For tips we cover the Raspberry Pi imager built right into Pi firmware, Immich for storing and organizing photos, and a WirePlumber logging how-to. You can find the show notes at https://bit.ly/3IuVnNV and enjoy! Host: Jonathan Bennett Co-Hosts: Ken McDonald and Jeff Massie Download or subscribe to Untitled Linux Show at https://twit.tv/shows/untitled-linux-show Want access to the ad-free video and exclusive features? Become a member of Club TWiT today! https://twit.tv/clubtwit Club TWiT members can discuss this episode and leave feedback in the Club TWiT Discord.

Torvalds is ranting about Rust, Google slightly walks back their developer verification plans, and Alpine Linux is moving to a user-merged filesystem. Bcachefs releases DKMS packages, Red Hat has an NDA with Nvidia, and Curl gets a genuinely awesome AI-powered bug report. For tips we cover the Raspberry Pi imager built right into Pi firmware, Immich for storing and organizing photos, and a WirePlumber logging how-to. You can find the show notes at https://bit.ly/3IuVnNV and enjoy! Host: Jonathan Bennett Co-Hosts: Ken McDonald and Jeff Massie Download or subscribe to Untitled Linux Show at https://twit.tv/shows/untitled-linux-show Want access to the ad-free video and exclusive features? Become a member of Club TWiT today! https://twit.tv/clubtwit Club TWiT members can discuss this episode and leave feedback in the Club TWiT Discord.

The agentic AI space faces challenges around secure, governed connectivity between agents, tools, large language models, and microservices. To address this, Solo.io developed two open-source projects: Kagent and Agentgateway. While Kagent, donated to the Cloud Native Computing Foundation, helps scale AI agents, it lacks a secure way to mediate communication between agents and tools. Enter Agentgateway, donated to the Linux Foundation, which provides governance, observability, and security for agent-to-agent and agent-to-tool traffic. Written in Rust, it supports protocols like MCP and A2A and integrates with Kubernetes Gateway API and inference gateways.Lin Sun, Solo.io's head of open source, explained that Agentgateway allows developers to control which tools agents can access—offering flexibility to expose only tested or approved tools. This enables fine-grained policy enforcement and resilience in agent communication, similar to how service meshes manage microservice traffic. Agentgateway ensures secure and selective tool exposure, supporting scalable and secure agent ecosystems. Major players like AWS and Microsoft are also engaging in its development.Learn more from The New Stack about the latest in open source projects like Agentgateway: Learn more from The New Stack about the latest in open source projects like Agentgateway: Why Tech Giants Are Backing the New Agentgateway Project AI Agents Are Creating a New Security Nightmare for Enterprises and Startups Five Steps to Build AI Agents that Actually Deliver Business Results Join our community of newsletter subscribers to stay on top of the news and at the top of your game.  Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Getting new technology adopted in a large organization can feel like pushing water uphill. The best tools in the world are useless if we're not allowed to use them, and as companies grow, their habits turn into inertia, then into "the way we've always done things." So how do you break through that resistance and get meaningful change to happen?This week's guest is Dov Katz from Morgan Stanley, who specializes in exactly this challenge - driving developer productivity and getting new practices adopted across thousands of developers. We explore the art of organizational change from every angle: How do you get management buy-in? How do you build grassroots developer enthusiasm? When should you use deterministic tools like OpenRewrite versus AI-powered solutions? And what role does open source play in breaking down the walls between competing financial institutions?Whether you're trying to modernize a legacy codebase, reduce technical debt, or just get your team to try that promising new tool you've discovered, this conversation offers practical strategies for navigating the complex dynamics of enterprise software development. Because sometimes the hardest part of our job isn't writing code - it's getting permission to write better code.---Support Developer Voices on Patreon: https://patreon.com/DeveloperVoicesSupport Developer Voices on YouTube: https://www.youtube.com/@DeveloperVoices/joinMorgan Stanley: https://www.morganstanley.com/OpenRewrite: https://docs.openrewrite.org/Spring Framework: https://spring.io/Spring Integration: https://spring.io/projects/spring-integrationApache Camel: https://camel.apache.org/FINOS (FinTech Open Source Foundation): https://www.finos.org/Linux Foundation: https://www.linuxfoundation.org/Moderne (Code Remix conference organizers): https://www.moderne.io/Code Remix Conference: https://www.moderne.io/eventsKris on Bluesky: https://bsky.app/profile/krisajenkins.bsky.socialKris on Mastodon: http://mastodon.social/@krisajenkinsKris on LinkedIn: https://www.linkedin.com/in/krisjenkins/

Derek Weeks is the Chief Marketing Officer at Katalon, a company that provides an AI-augmented software quality management platform for automating testing and improving software development workflows. He brings over 30 years of marketing experience, including leadership roles at Sonatype and the Linux Foundation. Derek co-founded All Day DevOps and has pioneered efforts in open-source software supply chain security. He is also the author of Unfair Mindshare: A CMO's Guide to Community-Led Marketing in a Product-Led World.  In this episode… Building a loyal audience is harder than ever in the crowded B2B SaaS landscape. Traditional marketing tactics can struggle to break through, and customer acquisition costs continue to rise. How can companies create authentic connections that lead to long-term growth? According to Derek Weeks, a seasoned marketing leader and pioneer in community-led strategies, the answer is to put audience needs first and consistently provide value before selling anything. He highlights that trust is earned by creating spaces where people can learn, share, and engage without feeling pitched. By leveraging user-generated content and empowering practitioners to create authentic conversations, he has seen communities grow to hundreds of thousands of members. In this episode of the Revenue Engine Podcast, host Alex Gluz sits down with Derek Weeks, Chief Marketing Officer at Katalon, to discuss how community-led marketing drives sustainable B2B SaaS growth. They explore strategies to scale a product community from 60,000 to 117,000 members, why user-generated content lowers acquisition costs, and how to adapt content for the age of LLM search. Derek also shares lessons from building the All Day DevOps community and keeping audiences engaged over time.

How confident are you when your test suite goes green? If you're honest, probably not 100% confident - because most bugs come from scenarios we never thought to test. Traditional testing only catches the problems we anticipate, but the 3am pager alerts? Those come from the unexpected interactions, timing issues, and edge cases we never imagined.In this episode, Will Wilson from Antithesis takes us deep into the world of autonomous testing. They've built a deterministic hypervisor that can simulate entire distributed systems - complete with fake AWS services - and intelligently explore millions of possible states to find bugs before production. Think property-based testing, but for your entire infrastructure stack. The approach is so thorough they've even used it to find glitches in Super Mario Brothers (seriously).We explore how deterministic simulation works at the hypervisor level, why traditional integration tests are fundamentally limited, and how you can write maintainable tests that actually find the bugs that matter. If you've ever wished you could test "what happens when everything that can go wrong does go wrong," this conversation shows you how that's finally becoming possible.---Support Developer Voices on Patreon: https://patreon.com/DeveloperVoicesSupport Developer Voices on YouTube: https://www.youtube.com/@DeveloperVoices/joinAntithesis: https://antithesis.com/Antithesis testing with Super Mario: https://antithesis.com/blog/sdtalk/...and with Metroid: https://antithesis.com/blog/2025/metroid/MongoDB: https://www.mongodb.com/etcd (Linux Foundation): https://etcd.io/Facebook Hermit: https://github.com/facebookexperimental/hermitRR (Record-Replay Debugger): https://rr-project.org/T-SAN (Thread Sanitizer): https://clang.llvm.org/docs/ThreadSanitizer.htmlToby Bell's Strange Loop Talk on JPL Testing: https://www.youtube.com/results?search_query=toby+bell+strange+loop+jplAndy Weir - Project Hail Mary: https://www.goodreads.com/book/show/54493401-project-hail-maryAndy Weir - The Martian: https://www.goodreads.com/book/show/18007564-the-martianAntithesis Blog (Nintendo Games Testing): https://antithesis.com/blog/Kris on Bluesky: https://bsky.app/profile/krisajenkins.bsky.socialKris on Mastodon: http://mastodon.social/@krisajenkinsKris on LinkedIn: https://www.linkedin.com/in/krisjenkins/

In this episode of Mainframe Coven, Jessielaine Punongbayan (Product Manager, Dynatrace) and Richelle Anne Craw (Software Engineer, Beta Systems Software) chat with Former SHARE President Pam Taylor, a historian turned mainframer who ended up making history herself. Pam shares her journey into enterprise tech, her advocacy for standards and user-focused solutions, and how she blends technical expertise with creative storytelling.Mainframe Coven is a 10-part mini-series honoring the past, present, and future women of IT. It's about real stories from the essential yet unseen minds behind the machines.The podcast is sponsored by the Open Mainframe Project, a Linux Foundation project that aims to build community and adoption of Open Source on the mainframe by eliminating barriers to Open Source adoption on the mainframe, demonstrating the value of the mainframe.For a transcript of this episode, visit https://openmainframeproject.org/mainframe-coven/mainframe-coven-pam-taylor/Links and Resources Mentioned in the Episode:- SHARE's Women of Influence in Mainframe: https://blog.share.org/Article/shares-women-of-influence-in-mainframe- Pam Taylor's Website: https://pamela-taylor.com/

What are some appsec basics? There's no monolithic appsec role. Broadly speaking, appsec tends to branch into engineering or compliance paths, each with different areas of focus despite having shared vocabularies and the (hopefully!) shared goal of protecting software, data, and users. The better question is, "What do you want to secure?" We discuss the Cybersecurity Skills Framework put together by the OpenSSF and the Linux Foundation and how you might prepare for one of its job families. The important basics aren't about memorizing lists or technical details, but demonstrating experience in working with technologies, understanding how they can fail, and being able to express concerns, recommendations, and curiosity about their security properties. Resources: https://cybersecurityframework.io https://owasp.org/www-project-cheat-sheets/ https://blog.cloudflare.com/rfc-8446-aka-tls-1-3/ https://aflplus.plus/ https://writings.stephenwolfram.com/2023/02/what-is-chatgpt-doing-and-why-does-it-work/ Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweekly.com/asw-339

In memoriam: Bill Atkinson Meta native apps & JavaScript collude for a localhost local mess. The EU rolls out its own DNS4EU filtered DNS service. Ukraine DDoS's Russia's Railway DNS ... and... so what? The Linux Foundation creates an alternative Wordpress package manager. Court tells OpenAI it must NOT delete ANYONE's chats. Period! :( A CVSS 10.0 in Erlang/OTP's SSH library. Can Russia intercept Telegram? Perhaps. Spain's ISPs mistakenly block Google sites. Reddit sues Anthropic. Twitter's new encrypted DM's are as lame as the old ones. The Login.gov site may not have any backups. Apple explores the question of recent Large Reasoning Models "thinking" Show Notes - https://www.grc.com/sn/SN-1029-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: hoxhunt.com/securitynow threatlocker.com for Security Now uscloud.com canary.tools/twit - use code: TWIT

OctoSQL & Vulnerability Data OctoSQL is a neat tool to query files in different formats using SQL. This can, for example, be used to query the JSON vulnerability files from CISA or NVD and create interesting joins between different files. https://isc.sans.edu/diary/OctoSQL+Vulnerability+Data/32026 Mirai vs. Wazuh The Mirai botnet has now been observed exploiting a vulnerability in the open-source EDR tool Wazuh. https://www.akamai.com/blog/security-research/botnets-flaw-mirai-spreads-through-wazuh-vulnerability DNS4EU The European Union created its own public recursive resolver to offer a public resolver compliant with European privacy laws. This resolver is currently operated by ENISA, but the intent is to have a commercial entity operate and support it by a commercial entity. https://www.joindns4.eu/ WordPress FAIR Package Manager Recent legal issues around different WordPress-related entities have made it more difficult to maintain diverse sources of WordPress plugins. With WordPress plugins usually being responsible for many of the security issues, the Linux Foundation has come forward to support the FAIR Package Manager, a tool intended to simplify the management of WordPress packages. https://github.com/fairpm