Technology-related news website
POPULARITY
For the last episode of 2023, TWiV describes how ancient chicken remains reveal the increase of fitness and virulence of Marek's disease virus, and the diversity and dissemination of Leishmania virus in the pathogenic protozoan Leishmania braziliensis. Hosts: Vincent Racaniello, Dickson Despommier, Kathy Spindler, Brianne Barker and Angela Mingarelli Subscribe (free): Apple Podcasts, Google Podcasts, RSS, email Become a patron of TWiV! Links for this episode MicrobeTV Discord Server MicrobeTV store at Cafepress Become a member of ASV (asv.org) Research assistant position in Rosenfeld Lab CBER/FDA (pdf) The New City by Dickson Despommier Ancient chickens and Marek's disease virus (Science) Diversity and dissemination of Leishmania virus and L. braziliensis (Nat Comm) Letters read on TWiV 1074 Timestamps by Jolene. Thanks! Weekly Picks Dickson – Addictive Mandelbrot video and Gore slams COP28 summit Angela – 10 top-trending health questions you had for Dr. Google in 2023 Brianne – Tomato lost in space has been found Kathy – Earthquakes of the 20th Century Vincent – Animator Chris Georgenes especially Tricycle animation study Listener Picks Jason – Spot-on, quick booster explainer and “Inverse” vaccine Slashdot's summary. the full article, primary research article Meika – Iceland earthquake site Intro music is by Ronald Jenkees Send your virology questions and comments to twiv@microbe.tv
Hey, it's 5:05 on Tuesday, May 9th, 2023. From the Sourced Podcast Network in New York City, this is your host, Pokie Huang. Stories into this episode come from Edwin Kwan in Sydney, Australia, Olimpiu Pop in Transylvania, Romania, Ian Garrett in Arlington, Virginia. And we will start with a message from the Executive Producer, Mark Miller. Let's get to it. Three podcasts you might find interesting
Today on The Professionally Evil Perspective, Kevin and Nathan throw it back to Slashdot. Get ready to be entertained by some rants about security stories plucked from the OG user-generated content and community-driven news website. Slashdot.org: News For Nerds, Stuff That Matters Got suggestions, complaints, or feedback? Tell us at podcast@secureideas.com or reach out on Twitter: @sweaney@darth_kevin @secureideas or find us on Mastadon: @secureideas Join our Professionally Evil Slack Team at www.professionallyevil.com Our real jobs pay for our time to do this, so if you have opportunities around penetration testing or risk management, we'd love the chance to work with you!
ShareChat, yesterday, joined a growing list of Indian startup unicorns that have laid off employees amid a funding winter. The company has laid off 20 percent of its workforce to conserve cash, as the current global economic slowdown has made it harder to raise funding, according to multiple reports. The desi social media venture is among the most funded startups in India. Also in this brief, a Swiss entrepreneur is launching a privacy-first smartphone operating system based on a version of Android, and a Chinese company has built the world's biggest wind turbine. Notes: ShareChat, yesterday, joined the growing list of Indian startup unicorns that have laid off employees amid a funding winter. The company has laid off 20 percent of its workforce to conserve cash, and as the current global economic slowdown has made it harder to raise funding, The Hindu reported on Jan. 16, citing the company. As many as 500-600 people may have been laid off, according to a report from Mint on Jan. 16. In December, ShareChat shut its fantasy gaming platform Jeet11, resulting in about 100 employees being laid off, according to Mint. Mohalla Tech, ShareChat's parent company, announced $520 million in funding led by Google, in June 2022, which privately valued the desi social media venture at $5 billion. ShareChat will provide employees total salary for notice periods, and two weeks' pay for every year served while allowing employees to retain their work assets. Employees will also receive health coverage until June 2023, with the ability to encash their leave balances of up to 45 days as per their gross salary. Employees' stock options will also continue to vest up till April 2023. The tech job scene continues to worsen globally as we head into 2023. For example, “the hiring party is over at Amazon,” Slashdot reported yesterday, citing the low number of open jobs in the Software Development category at Amazon. The number has declined to 299 in January 2023 from 32,692 in May 2022, according to Amazon's Jobs site, Slashdot reports. Apostrophy AG, a Swiss software startup, is set to unveil a smartphone operating system that puts privacy first, according to a Bloomberg report that appeared in SwissInfo on Jan. 16. Founder Petter Neby, who already has one company selling high-design, low-tech mobile phones, has put together more than 50 employees globally and is raising 10 million euros ($11 million) this year, according to the report. The company's software, named AphyOS, is built on an open-source version of Android called GrapheneOS. China's MingYang is launching its latest wind turbine with blades that span 140 meters, or about as tall as a 70-storey building, NewAtlas reports. The MySE 18X-28X will be the largest wind turbine ever built, and it is meant to be deployed in offshore wind farms, according to the report. The number of science and technology research papers published has soared over the past few decades, but the ‘disruptiveness' of those papers has dropped, according to an analysis of how radically papers depart from the previous literature, Nature reports. The researchers, Michael Park and Russell J Funk, from the University of Minnesota, and Erin Leahy from the University of Arizona, looked at data from millions of manuscripts. They published their findings in Nature on Jan. 4.
RobChrisRob started off by talking about Twitter Woes, from the auction sale of their office kitchen, to banning, unbanning, and rebanning the guy who posted the public FAA records for Elon's jet, to banning reporters and people who put mastadon contact info in their accounts... we unironically enjoyed the barbie trailer and then we talked about the Orion Splashdown, the Soyuz capsule leaking coolant at the ISS, a whole slew of changes at the DCU, a tipless propeller, then we used Chat GPT to write Slashdot stories and make jokes about the scientists that discovered a snake clitorism Trump's NFT, and a berlin lobby aquarium that burst.
Coming up in this episode 1. Network failures 2. Gaming wins 3. We get Emacs Pinky 4. A little browser watch 5. And we get a little manipulative 0:00 Cold Open 1:40 The Little Outage 7:45 Splitgate 10:25 The History of Emacs 23:51 Emacs, Emacs, Emacs 38:39 Browser Watch! 45:32 Kdenlive Fundraiser 47:58 Feedback 56:30 Community Focus: System Crafters 59:40 App Focus: GIMP 1:05:29 Next Time: Alpine Linux 1:09:17 Stinger Support us on Patreon! (https://www.patreon.com/linuxuserspace) Banter Dan re-installs his pfSense (https://www.pfsense.org) Splitgate on Steam (https://store.steampowered.com/app/677620/Splitgate/) Announcements Give us a sub on YouTube (https://linuxuserspace.show/youtube) You can watch us live on Twitch (https://linuxuserspace.show/twitch) the day after an episode drops. History Series on Text Editors - Emacs GNU Emacs (https://www.gnu.org/software/emacs/) TECO editor (https://dbpedia.org/page/TECO_(text_editor)) TECO-6, compatible with the PDP-6 (https://web.archive.org/web/20021001151829/http://www.transbay.net/~enf/lore/teco/teco-64.html) Gosling Emacs (https://youtu.be/TJ6XHroNewc?t=9896) Initially Gosling permitted unrestricted redistribution (https://youtu.be/TJ6XHroNewc?t=10519) Free software movement (https://en.wikipedia.org/wiki/Free_software_movement) UniPress began to redistribute and sell Gosling's Emacs on UNIX and VMS (https://archive.org/details/byte-magazine-1983-12/page/n335/mode/2up?view=theater&q=unipress+emacs) Interview in 2013 via Slashdot, Richard Stallman said: (https://features.slashdot.org/story/13/01/06/163248/richard-stallman-answers-your-questions) The Free Software Foundation is born (https://web.archive.org/web/20130525155859/http://corp.sec.state.ma.us/corp/corpsearch/CorpSearchSummary.asp?ReadFromDB=True&UpdateAllowed=&FEIN=042888848) Richard Gabriel's Lucid Inc needed version 19 to support their IDE, Energize C++. (https://www.jwz.org/doc/lemacs.html) Emacs 21.1 brought (http://mail.gnu.org/archive/html/info-gnu-emacs/2001-10/msg00009.html) Emacs 22.1 brought (http://lists.gnu.org/archive/html/info-gnu-emacs/2007-06/msg00000.html) The last official release (http://www.xemacs.org/Releases/21.4.22.html) of XEmacs Emacs 23.1 brought (http://lists.gnu.org/archive/html/info-gnu-emacs/2009-07/msg00000.html) Emacs 24.1 brought (http://lists.gnu.org/archive/html/info-gnu-emacs/2012-06/msg00000.html) Emacs 25.1 brought (https://lists.gnu.org/archive/html/emacs-devel/2016-09/msg00451.html) Emacs 26.1 brought (https://lists.gnu.org/archive/html/emacs-devel/2018-05/msg00765.html) Emacs 27.1 brought (https://lists.gnu.org/archive/html/emacs-devel/2020-08/msg00237.html) Emacs 28.1 brought (https://lists.gnu.org/archive/html/emacs-devel/2022-04/msg00093.html) September 12, 2022 Emacs 28.2, the latest maintenance release is out (https://lists.gnu.org/archive/html/emacs-devel/2022-09/msg00730.html) Further Reading The Beginnings of TECO (https://opost.com/tenex/anhc-31-4-anec.pdf) Real Programmers Don't Use PASCAL (https://web.archive.org/web/19991103221236/http://www.ee.ryerson.ca/~elf/hack/realmen.html) https://www.jwz.org/doc/emacs-timeline.html https://web.archive.org/web/20000819071104/http%3A//www.multicians.org/mepap.html https://www.gnu.org/software/emacs/history.html https://web.archive.org/web/20131024150047/http://www.codeartnow.com/hacker-art-1/macsimizing-teco https://web.archive.org/web/20101122021051/http://commandline.org.uk/2007/history-of-emacs-and-xemacs/ More Announcements Want to have a topic covered or have some feedback? - send us an email, contact@linuxuserspace.show Browser Watch Firefox 105 (https://9to5linux.com/firefox-105-is-now-available-for-download-brings-better-performance-on-linux-systems) Firefox release notes. (https://www.mozilla.org/en-US/firefox/105.0/releasenotes/) Microsoft Teams is going away (https://news.itsfoss.com/microsoft-linux-app-retire/) and being replaced by a PWA. Malware infested ads in Edge. (https://www.bleepingcomputer.com/news/security/microsoft-edge-s-news-feed-ads-abused-for-tech-support-scams/) This might be the push to move to a PWA? (https://www.bleepingcomputer.com/news/security/microsoft-teams-stores-auth-tokens-as-cleartext-in-windows-linux-macs/) Housekeeping Catch these and other great topics as they unfold on our Subreddit or our News channel on Discord. * Linux User Space subreddit (https://linuxuserspace.show/reddit) * Linux User Space Discord Server (https://linuxuserspace.show/discord) * Linux User Space Telegram (https://linuxuserspace.show/telegram) * Linux User Space Matrix (https://linuxuserspace.show/matrix) Kdenlive fundraiser is now live! Kdenlive fundraiser that is now live (https://dot.kde.org/2022/09/20/kdenlive-fundraiser-live) If you want to help too you can head over to their donation page (https://kdenlive.org/en/fund/?mtm_campaign=fund_dot) Feedback Mark (Youtube) Nice Green day shirt, and actually nice Nintendo shirt too, nice shirt all round. Larry (Email) How do you handle sharing things in multiple distros installed on the same machine? Bhiku (Email) Mozilla Neural Machine Translation Engine (https://hacks.mozilla.org/2022/06/neural-machine-translation-engine-for-firefox-translations-add-on/) Unleashing the power of GNU Nano (https://github.com/hakerdefo/GIGA-beest) Community Focus System Crafters (https://www.youtube.com/c/SystemCrafters) Check out the Absolute Beginners Guide to EMACS (https://youtu.be/48JlgiBpw_I) App Focus Gnu Image Manipulation Program (https://www.gimp.org) aka GIMP Next Time We will discuss Alpine Linux (https://www.alpinelinux.org) and the history. Come back in two weeks for more Linux User Space Stay tuned and interact with us on Twitter, Mastodon, Telegram, Matrix, Discord whatever. Give us your suggestions on our subreddit r/LinuxUserSpace Join the conversation. Talk to us, and give us more ideas. All the links in the show notes and on linuxuserspace.show. We would like to acknowledge our top patrons. Thank you for your support! Producer Bruno John Dave Co-Producer Johnny Sravan Tim Contributor Advait CubicleNate Eduardo S. Jill and Steve LiNuXsys666 Nicholas Paul sleepyeyesvince
Morgan Reed is the president of ACT | The App Association and one of the board members of the LESI SDOs. He specializes in issues involving application development relating to privacy, intellectual property, competition, and small business innovation. His expertise and knowledge have been sought by the House and Senate in multiple hearings while his commentary and insight are a major draw for news networks including Fox Business News, MSNBC, CNBC, CNN, and ABC, the Wall Street Journal, and The Washington Post to Ars Technica and Slashdot. Morgan has authored and contributed to several white papers and is a part of the developer team for the Linux Router Project (LEAF), and remains an active Apple and iOS licensed developer. Leading the App Association, Morgan has leveraged ACT's resources to host innovation workshops across the country. Organizing events with venture capitalists, business leaders, and attorneys, he helps to foster innovative new technologies by helping emerging businesses manage their intellectual property.Morgen learned how to program at a very young age and first got in touch with standards development as he was involved with the implementation of the 802.11b analytics kernel. And right from the beginning also back then the question of how Intellectual Property is handled by standards was one of the major discussions.In the podcast interview, Morgan elaborates on topics that concern SEPs and FRAND for his member companies, which are mostly innovative small medium-sized companies. Morgen stresses that the ACT members find IoT use cases increasingly important in developing software and products e.g. for agriculture, healthcare, or even firefighting. When looking at IoT and connectivity his members are concerned about SEP licensing practices and in particular that the SEP holders can choose where to license SEPs in the value chain no matter who actually implements a standard such as 5G. The ACT members are often small or medium-sized companies that source hardware and software from other companies to build a new product. But with a SEP license, they will always be in a position of legal uncertainty and will not know the price they may eventually have to pay at some point. Morgan explains that typically small players are not approached in the beginning but once you get bigger you get a call, which in his opinion, makes it worse.In another discussion, Morgen discussed injunctions in the context of SEPs. Here he stresses that injunctions are of course important to enforce IP rights, but injunctions should be very rare given the potential to put a level of pressure on companies to enforce prices for SEPs that are not FRAND anymore.ACT members need a balanced IP system and an ecosystem where standards work. ACT members will be the ones who will build and create the next new inventions the whole world will depend on and SEP holders should have the interest to let that happen.
Welcome to The Nonlinear Library, where we use Text-to-Speech software to convert the best writing from the Rationalist and EA communities into audio. This is: My Recollection of How This All Got Started, published by G Gordon Worley III on April 6, 2022 on LessWrong. I've told this story to various folks one-on-one. They usually want to know something like "how did you get into AI safety" or "how did you get into EA". And although I expect to keep telling it one-off, I'll write it down for those of you I'll never get to meet. Why should you read it? Because my story is partially the story of how all this got started: LessWrong, AI safety, EA, and so on. I'm not saying it's the whole story, I'm just saying I've been hanging around what I think of as this community for over 20 years now, so my story is one facet of how we got here. My story starts in the late 90s. I was hanging around this mailserv called "extropians". How I ended up there I don't recall, but my best guess is I wandered over directly or indirectly from something I found on Slashdot. I'm pretty sure nanobots or cryonics were involved. This guy Eli-something-or-other wrote some posts about how most people are unable to think coherently about future tech that's too many "shock levels" above what they already know about. He started a mailing list that split off from extropians to talk coherently about the most shocking stuff: the Shock Level 4 stuff. Thus the community began to come into existence with the creation of the SL4 mailserv. We talked about all kinds of wild ideas on there, but the big one was AGI. An important topic in those days was figuring out if AGI was default safe or dangerous. Eliezer said default dangerous and made lots of arguments that this was the case. I was eventually convinced. Some remain unconvinced to this day. Big names I remember from this time include Hal Finney, Christine Peterson, Max Moore, Eric Drexler, Ben Goertzel, and Robin Hanson. I'm not sure who was on the list and who wasn't. I also remember some other names but we were not among the big players. The list started to die down after a couple years, but around this time we started hanging out on IRC. It was a lot of fun, but a huge time suck. This helped bring the community more together in real time, but everyone was still spread out. Somewhere along the way the Singularity Institute started. Around this time Eliezer started to get really into heuristics and biases and Bayes' Theorem, claiming it was the secret of the universe or something. After I studied a bunch of information theory and thermodynamics I basically believed it, although I still prefer to think in the cybernetic terms I picked up from my engineering education. We also all got interested in quantum physics and evolutionary psychology and some other stuff. Eliezer was really on about building Friendly AI and had been since about the start of the SL4 mailing list. What that meant got clearer over time. What also got clearer is that we were all too stupid to help even though many of us were convinced AGI was going to be dangerous (I remember a particular exchange where Eliezer got so frustrated at my inability to do some basic Bayesian reasoning that he ended up writing a whole guide to Bayes' Theorem). Part of the problem seemed to be not that we lacked intelligence, but that we just didn't know how to think very good. Our epistemics were garbage and it wasn't very clear why. Eliezer went off into the wilderness and stopped hanging out on IRC. The channel kind of died down and went out with a whimper. I got busy doing other stuff but tried to keep track of what was happening. The community felt like it was in a lull. Then Overcoming Bias started! Eliezer and Robin posted lots of great stuff! There was an AI foom debate. Sequences of posts were posted. It was fun! Then at some point LessWrong started. Things really picked up. New people emerged in the community. I found myself busy and sidelined at this time,...
Link to original articleWelcome to The Nonlinear Library, where we use Text-to-Speech software to convert the best writing from the Rationalist and EA communities into audio. This is: My Recollection of How This All Got Started, published by G Gordon Worley III on April 6, 2022 on LessWrong. I've told this story to various folks one-on-one. They usually want to know something like "how did you get into AI safety" or "how did you get into EA". And although I expect to keep telling it one-off, I'll write it down for those of you I'll never get to meet. Why should you read it? Because my story is partially the story of how all this got started: LessWrong, AI safety, EA, and so on. I'm not saying it's the whole story, I'm just saying I've been hanging around what I think of as this community for over 20 years now, so my story is one facet of how we got here. My story starts in the late 90s. I was hanging around this mailserv called "extropians". How I ended up there I don't recall, but my best guess is I wandered over directly or indirectly from something I found on Slashdot. I'm pretty sure nanobots or cryonics were involved. This guy Eli-something-or-other wrote some posts about how most people are unable to think coherently about future tech that's too many "shock levels" above what they already know about. He started a mailing list that split off from extropians to talk coherently about the most shocking stuff: the Shock Level 4 stuff. Thus the community began to come into existence with the creation of the SL4 mailserv. We talked about all kinds of wild ideas on there, but the big one was AGI. An important topic in those days was figuring out if AGI was default safe or dangerous. Eliezer said default dangerous and made lots of arguments that this was the case. I was eventually convinced. Some remain unconvinced to this day. Big names I remember from this time include Hal Finney, Christine Peterson, Max Moore, Eric Drexler, Ben Goertzel, and Robin Hanson. I'm not sure who was on the list and who wasn't. I also remember some other names but we were not among the big players. The list started to die down after a couple years, but around this time we started hanging out on IRC. It was a lot of fun, but a huge time suck. This helped bring the community more together in real time, but everyone was still spread out. Somewhere along the way the Singularity Institute started. Around this time Eliezer started to get really into heuristics and biases and Bayes' Theorem, claiming it was the secret of the universe or something. After I studied a bunch of information theory and thermodynamics I basically believed it, although I still prefer to think in the cybernetic terms I picked up from my engineering education. We also all got interested in quantum physics and evolutionary psychology and some other stuff. Eliezer was really on about building Friendly AI and had been since about the start of the SL4 mailing list. What that meant got clearer over time. What also got clearer is that we were all too stupid to help even though many of us were convinced AGI was going to be dangerous (I remember a particular exchange where Eliezer got so frustrated at my inability to do some basic Bayesian reasoning that he ended up writing a whole guide to Bayes' Theorem). Part of the problem seemed to be not that we lacked intelligence, but that we just didn't know how to think very good. Our epistemics were garbage and it wasn't very clear why. Eliezer went off into the wilderness and stopped hanging out on IRC. The channel kind of died down and went out with a whimper. I got busy doing other stuff but tried to keep track of what was happening. The community felt like it was in a lull. Then Overcoming Bias started! Eliezer and Robin posted lots of great stuff! There was an AI foom debate. Sequences of posts were posted. It was fun! Then at some point LessWrong started. Things really picked up. New people emerged in the community. I found myself busy and sidelined at this time,...
0:00 Cold Open 1:44 Framing It Up 8:52 Slackware Preamble 12:59 History of Slackware's History 17:21 Slackware's History 1:13:25 Thoughts on Slackware 1:39:37 App Focus: lsd 1:45:46 Next Time 1:49:58 Stinger Coming up in this episode 1. Leo picked up a frame 2. Slackware. All the Slackware 3. How we blew up our Slackware 4. And we spruce up the terminal Banter The Framwork Laptop (https://frame.work) Slackware Linux (http://slackware.com/) Leadership: Patrick J. Volkerding (https://en.wikipedia.org/wiki/Patrick_Volkerding) Site: slackware.com Base System: Slackware Desktop Environment: XFCE, Plasma, etc., etc. File Manager: DE defaults Package Manager: slackpkg, pkgtool Kernel: 5.15.19 Display Manager: *lightdm, sddm, +, + * Display Protocol: X11 and Wayland Init System: rc init (BSD style) with SysVinit compatibility Fast Links SlackDocs (https://docs.slackware.com/start) SlackBuilds (http://slackbuilds.org) LinuxQuestions - Slackware Forum Section (https://www.linuxquestions.org/questions/forumdisplay.php?forumid=14) The Packages (https://packages.slackware.com) Live Slackware thanks to Alien BOB (https://download.liveslak.org) Slackware for ARM (https://arm.slackware.com) About Page (http://www.slackware.com/about/) History WikiPedia Page (https://en.wikipedia.org/wiki/Slackware) Release History (https://en.wikipedia.org/wiki/Slackware#Releases) Various ChangeLog, README, CHANGESANDHINTS and ANNOUNCE files on the mirrors (https://mirrors.slackware.com/slackware/) July 16th, 1993, Slackware was available via Anonymous FTP. (http://www.slackware.com/announce/1.0.php) Softlanding Linux System (https://en.wikipedia.org/wiki/Softlanding_Linux_System) Slackware 2.0 Released (https://www.linuxjournal.com/article/2795) Slackware 3.0 (https://web.archive.org/web/20050311213558/http://gus-br.linuxmag.com.br/it/artigos/30-nov-1995.html) Here is a picture of a CD sleeve (in Italian) signed by Patrick for Slackware 96 aka Slackware 3.1 (https://archive.org/details/slack96agosto_4cd) The weird version jump to 7.0 (http://www.slackware.com/faq/do_faq.php?faq=general#0) Slashdot interview with Patrick (https://slashdot.org/story/00/03/17/1120205/replies-from-slackware-founder-patrick-volkerding) userlocal.com/phorum (https://web.archive.org/web/20020816085044/http://www.userlocal.com/phorum/) interview with The Age in Australia (https://www.theage.com.au/technology/the-linux-distribution-thats-always-in-the-black-20021004-gdfp05.html) Slackware 9.0 (http://www.slackware.com/announce/9.0.php) Slackware 10.0 (http://www.slackware.com/announce/10.0.php) Eric Hameleers' (Alien BOB) Slackbuilds begins (http://www.slackware.com/~alien/slackbuilds/ChangeLog.txt) Slackware 11.0 (http://www.slackware.com/announce/11.0.php) Slackware 12.0 (http://www.slackware.com/announce/12.0.php) Slackware 13.0 (http://www.slackware.com/announce/13.0.php) Eric Hameleers interview with Linux Magazine (https://web.archive.org/web/20100720001002/http://www.linux-mag.com/id/7502) Alien BOB's presentation at T-Dose (http://www.slackware.com/~alien/tdose2009/t-dose-slackware.pdf) The video to go with it (https://www.youtube.com/watch?v=Xh2eah5L4b8) Slackware 14.0 (http://www.slackware.com/announce/14.0.php) Slackware 14.1 (http://www.slackware.com/announce/14.1.php) Slackware 14.2 (http://www.slackware.com/announce/14.2.php) Slackware for ARM (https://arm.slackware.com/) Slackware 15.0 is released (http://www.slackware.com/announce/15.0.php) Good nuggets in the changelog (https://mirrors.slackware.com/slackware/slackware-15.0/ChangeLog.txt) Some other links Eric Hameleers - Alien BOB's page (http://www.slackware.com/~alien/) Patrick Volkerding's page (http://www.slackware.com/~volkerdi/) Slackware Documentary made in 2019 (https://youtu.be/nhSHH8pY6uw) Slackware Patreon page (https://www.patreon.com/slackwarelinux/overview) Configuring SBo for current (https://github.com/Ponce/slackbuilds/wiki/configuring-the-current-repository-with-sbopkg) A helpful blog post for SBo (https://blog.jeaye.com/2015/07/09/sbopkg/) Housekeeping Slackware ARM Podcast (https://www.youtube.com/channel/UCabC1NZDGA3FZXf2hQ-6uyA) Email us - contact@linuxuserspace.show Linux User Space Discord Server (https://linuxuserspace.show/discord) Our Matrix room (https://linuxuserspace.show/matrix) Support us at Patreon (https://patreon.com/linuxuserspace) Join us on Telegram (https://linuxuserspace.show/telegram) Follow us on Twitter (https://twitter.com/LinuxUserSpace) Watch us on YouTube (https://linuxuserspace.show/youtube) Our latest social platform reddit (https://linuxuserspace.show/reddit) Check out our website https://linuxuserspace.show App Focus lsd This episode's app: * lsd (https://github.com/Peltoche/lsd) * Note Nerd Fonts are helpful (https://www.nerdfonts.com) Next Time With us trying out Slackware Linux for this past month, that means our next show will be topic based. We have a few topics planned for you and all of them will affect you in the Linux User Space. Join us in two weeks when we return to the Linux User Space Stay tuned on Twitter, Telegram, Matrix, Discord, Reddit whatever. Join the conversation. Talk to us, and give us more ideas. We would like to acknowledge our top patrons. Thank you for your support! Contributor Nicholas CubicleNate LiNuXsys666 Jill and Steve WalrusZ sleepyeyesvince Paul Curtis Eduardo Matt W. Co-Producer Donnie Johnny Producer Bruno John Josh
About SamA 25-year veteran of the Silicon Valley and Seattle technology scenes, Sam Ramji led Kubernetes and DevOps product management for Google Cloud, founded the Cloud Foundry foundation, has helped build two multi-billion dollar markets (API Management at Apigee and Enterprise Service Bus at BEA Systems) and redefined Microsoft's open source and Linux strategy from “extinguish” to “embrace”.He is nerdy about open source, platform economics, middleware, and cloud computing with emphasis on developer experience and enterprise software. He is an advisor to multiple companies including Dell Technologies, Accenture, Observable, Fletch, Orbit, OSS Capital, and the Linux Foundation.Sam received his B.S. in Cognitive Science from UC San Diego, the home of transdisciplinary innovation, in 1994 and is still excited about artificial intelligence, neuroscience, and cognitive psychology.Links: DataStax: https://www.datastax.com Sam Ramji Twitter: https://twitter.com/sramji Open||Source||Data: https://www.datastax.com/resources/podcast/open-source-data Screaming in the Cloud Episode 243 with Craig McLuckie: https://www.lastweekinaws.com/podcast/screaming-in-the-cloud/innovating-in-the-cloud-with-craig-mcluckie/ Screaming in the Cloud Episode 261 with Jason Warner: https://www.lastweekinaws.com/podcast/screaming-in-the-cloud/what-github-can-give-to-microsoft-with-jason-warner/ TranscriptAnnouncer: Hello, and welcome to Screaming in the Cloud with your host, Chief Cloud Economist at The Duckbill Group, Corey Quinn. This weekly show features conversations with people doing interesting work in the world of cloud, thoughtful commentary on the state of the technical world, and ridiculous titles for which Corey refuses to apologize. This is Screaming in the Cloud.Corey: This episode is sponsored in part by our friends at Redis, the company behind the incredibly popular open source database that is not the bind DNS server. If you're tired of managing open source Redis on your own, or you're using one of the vanilla cloud caching services, these folks have you covered with the go to manage Redis service for global caching and primary database capabilities; Redis Enterprise. Set up a meeting with a Redis expert during re:Invent, and you'll not only learn how you can become a Redis hero, but also have a chance to win some fun and exciting prizes. To learn more and deploy not only a cache but a single operational data platform for one Redis experience, visit redis.com/hero. Thats r-e-d-i-s.com/hero. And my thanks to my friends at Redis for sponsoring my ridiculous non-sense. Corey: Are you building cloud applications with a distributed team? Check out Teleport, an open source identity-aware access proxy for cloud resources. Teleport provides secure access to anything running somewhere behind NAT: SSH servers, Kubernetes clusters, internal web apps and databases. Teleport gives engineers superpowers! Get access to everything via single sign-on with multi-factor. List and see all SSH servers, kubernetes clusters or databases available to you. Get instant access to them all using tools you already have. Teleport ensures best security practices like role-based access, preventing data exfiltration, providing visibility and ensuring compliance. And best of all, Teleport is open source and a pleasure to use.Download Teleport at https://goteleport.com. That's goteleport.com.Corey: Welcome to Screaming in the Cloud, I'm Cloud Economist Corey Quinn, and recurring effort that this show goes to is to showcase people in their best light. Today's guest has done an awful lot: he led Kubernetes and DevOps Product Management for Google Cloud; he founded the Cloud Foundry Foundation; he set open-source strategy for Microsoft in the naughts; he advises companies including Dell, Accenture, the Linux Foundation; and tying all of that together, it's hard to present a lot of that in a great light because given my own proclivities, that sounds an awful lot like a personal attack. Sam Ramji is the Chief Strategy Officer at DataStax. Sam, thank you for joining me, and it's weird when your resume starts to read like, “Oh, I hate all of these things.”Sam: [laugh]. It's weird, but it's true. And it's the only life I could have lived apparently because here I am. Corey, it's a thrill to meet you. I've been an admirer of your public speaking, and public tweeting, and your writing for a long time.Corey: Well, thank you. The hard part is getting over the voice saying don't do it because it turns out that there's no real other side of public shutting up, which is something that I was never good at anyway, so I figured I'd lean into it. And again, I mean, that the sense of where you have been historically in terms of your career not, “Look what you've done,” which is a subtext that I could be accused of throwing in sometimes.Sam: I used to hear that a lot from my parents, actually.Corey: Oh, yeah. That was my name growing up. But you've done a lot of things, and you've transitioned from notable company making significant impact on the industry, to the next one, to the next one. And you've been in high-flying roles, doing lots of really interesting stuff. What's the common thread between all those things?Sam: I'm an intensely curious person, and the thing that I'm most curious about is distributed cognition. And that might not be obvious from what you see is kind of the… Lego blocks of my career, but I studied cognitive science in college when that was not really something that was super well known. So, I graduated from UC San Diego in '94 doing neuroscience, artificial intelligence, and psychology. And because I just couldn't stop thinking about thinking; I was just fascinated with how it worked.So, then I wanted to build software systems that would help people learn. And then I wanted to build distributed software systems. And then I wanted to learn how to work with people who were thinking about building the distributed software systems. So, you end up kind of going up this curve of, like, complexity about how do we think? How do we think alone? How do we learn to think? How do we think together?And that's the directed path through my software engineering career, into management, into middleware at BEA, into open-source at Microsoft because that's an amazing demonstration of distributed cognition, how, you know, at the time in 2007, I think, Sourceforge had 100,000 open-source projects, which was, like, mind boggling. Some of them even worked together, but all of them represented these groups of people, flung around the world, collaborating on something that was just fundamentally useful, that they were curious about. Kind of did the same thing into APIs because APIs are an even better way to reuse for some cases than having the source code—at Apigee. And kept growing up through that into, how are we building larger-scale thinking systems like Cloud Foundry, which took me into Google and Kubernetes, and then some applications of that in Autodesk and now DataStax. So, I love building companies. I love helping people build companies because I think business is distributed cognition. So, those businesses that build distributed systems, for me, are the most fascinating.Corey: You were basically handed a heck of a challenge as far as, “Well, help set open-source strategy,” back at Microsoft, in the days where that was a punchline. And credit where due, I have to look at Microsoft of today, and it's not a joke, you can have your arguments about them, but again in those days, a lot of us built our entire personality on hating Microsoft. Some folks never quite evolved beyond that, but it's a new ballgame and it's very clear that the Microsoft of yesteryear and the Microsoft of today are not completely congruent. What was it like at that point understanding that as you're working with open-source communities, you're doing that from a place of employment with a company that was widely reviled in the space.Sam: It was not lost on me. The irony, of course, was that—Corey: Well, thank God because otherwise the question where you would have been, “What do you mean they didn't like us?”Sam: [laugh].Corey: Which, on some levels, like, yeah, that's about the level of awareness I would have expected in that era, but contrary to popular opinion, execs at these companies are not generally oblivious.Sam: Yeah, well, if I'd been clever as a creative humorist, I would have given you that answer instead of my serious answer, but for some reason, my role in life is always to be the straight guy. I used to have Slashdot as my homepage, right? I love when I'd see some conspiracy theory about, you know, Bill Gates dressed up as the Borg, taking over the world. My first startup, actually in '97, was crushed by Microsoft. They copied our product, copied the marketing, and bundled it into Office, so I had lots of reasons to dislike Microsoft.But in 2004, I was recruited into their venture capital team, which I couldn't believe. It was really a place that they were like, “Hey, we could do better at helping startups succeed, so we're going to evangelize their success—if they're building with Microsoft technologies—to VCs, to enterprises, we'll help you get your first big enterprise deal.” I was like, “Man, if I had this a few years ago, I might not be working.” So, let's go try to pay it forward.I ended up in open-source by accident. I started going to these conferences on Software as a Service. This is back in 2005 when people were just starting to light up, like, Silicon Valley Forum with, you know, the CEO of Demandware would talk, right? We'd hear all these different ways of building a new business, and they all kept talking about their tech stack was Linux, Apache, MySQL, and PHP. I went to one eight-hour conference, and Microsoft technologies were mentioned for about 12 seconds in two separate chunks. So, six seconds, he was like, “Oh, and also we really like Microsoft SQL Server for our data layer.”Corey: Oh, Microsoft SQL Server was fantastic. And I know that's a weird thing for people to hear me say, just because I've been renowned recently for using Route 53 as the primary data store for everything that I can. But there was nothing quite like that as far as having multiple write nodes, being able to handle sharding effectively. It was expensive, and you would take a bath on the price come audit time, but people were not rolling it out unaware of those things. This was a trade off that they were making.Oracle has a similar story with databases. It's yeah, people love to talk smack about Oracle and its business practices for a variety of excellent reasons, at least in the database space that hasn't quite made it to cloud yet—knock on wood—but people weren't deploying it because they thought Oracle was warm and cuddly as a vendor; they did it because they can tolerate the rest of it because their stuff works.Sam: That's so well said, and people don't give them the credit that's due. Like, when they built hypergrowth in their business, like… they had a great product; it really worked. They made it expensive, and they made a lot of money on it, and I think that was why you saw MySQL so successful and why, if you were looking for a spec that worked, that you could talk through through an open driver like ODBC or JDBC or whatever, you could swap to Microsoft SQL Server. But I walked out of that and came back to the VC team and said, “Microsoft has a huge problem. This is a massive market wave that's coming. We're not doing anything in it. They use a little bit of SQL Server, but there's nothing else in your tech stack that they want, or like, or can afford because they don't know if their businesses are going to succeed or not. And they're going to go out of business trying to figure out how much licensing costs they would pay to you in order to consider using your software. They can't even start there. They have to start with open-source. So, if you're going to deal with SaaS, you're going to have to have open-source, and get it right.”So, I worked with some folks in the industry, wrote a ten-page paper, sent it up to Bill Gates for Think Week. Didn't hear much back. Bought a new strategy to the head of developer platform evangelism, Sanjay Parthasarathy who suggested that the idea of discounting software to zero for startups, with the hope that they would end up doing really well with it in the future as a Software as a Service company; it was dead on arrival. Dumb idea; bring it back; that actually became BizSpark, the most popular program in Microsoft partner history.And then about three months later, I got a call from this guy, Bill Hilf. And he said, “Hey, this is Bill Hilf. I do open-source at Microsoft. I work with Bill Gates. He sent me your paper. I really like it. Would you consider coming up and having conversation with me because I want you to think about running open-source technology strategy for the company.” And at this time I'm, like, 33 or 34. And I'm like, “Who me? You've got to be joking.” And he goes, “Oh, and also, you'll be responsible for doing quarterly deep technical briefings with Bill… Gates.” I was like, “You must be kidding.” And so of course I had to check it out. One thing led to another and all of a sudden, with not a lot of history in the open-source community but coming in it with a strategist's eye and with a technologist's eye, saying, “This is a problem we got to solve. How do we get after this pragmatically?” And the rest is history, as they say.Corey: I have to say that you are the Chief Strategy Officer at DataStax, and I pull up your website quickly here and a lot of what I tell earlier stage companies is effectively more or less what you have already done. You haven't named yourself after the open-source project that underlies the bones of what you have built so you're not going to wind up in the same glorious challenges that, for example, Elastic or MongoDB have in some ways. You have a pricing page that speaks both to the reality of, “It's two in the morning. I'm trying to get something up and running and I want you the hell out of my way. Just give me something that I can work with a reasonable free tier and don't make me talk to a salesperson.” But also, your enterprise tier is, “Click here to talk to a human being,” which is speaking enterprise slash procurement slash, oh, there will be contract negotiation on these things.It's being able to serve different ends of your market depending upon who it is that encounters you without being off-putting to any of those. And it's deceptively challenging for companies to pull off or get right. So clearly, you've learned lessons by doing this. That was the big problem with Microsoft for the longest time. It's, if I want to use some Microsoft stuff, once you were able to download things from the internet, it changed slightly, but even then it was one of those, “What exactly am I committing to here as far as signing up for this? And am I giving them audit rights into my environment? Is the BSA about to come out of nowhere and hit me with a surprise audit and find out that various folks throughout the company have installed this somewhere and now I owe more than the company's worth?” That was always the haunting fear that companies had back then.These days, I like the approach that companies are taking with the SaaS offering: you pay for usage. On some level, I'd prefer it slightly differently in a pay-per-seat model because at least then you can predict the pricing, but no one is getting surprise submarined with this type of thing on an audit basis, and then they owe damages and payment in arrears and someone has them over a barrel. It's just, “Oh. The bill this month was higher than we expected.” I like that model I think the industry does, too.Sam: I think that's super well said. As I used to joke at BEA Systems, nothing says ‘I love you' to a customer like an audit, right? That's kind of a one-time use strategy. If you're going to go audit licenses to get your revenue in place, you might be inducing some churn there. It's a huge fix for the structural problem in pricing that I think package software had, right?When we looked at Microsoft software versus open-source software, and particularly Windows versus Linux, you would have a structure where sales reps were really compensated to sell as much as possible upfront so they could get the best possible commission on what might be used perpetually. But then if you think about it, like, the boxes in a curve, right, if you do that calculus approximation of a smooth curve, a perpetual software license is a huge box and there's an enormous amount of waste in there. And customers figured out so as soon as you can go to a pay-per-use or pay-as-you-go, you start to smooth that curve, and now what you get is what you deserve, right, as opposed to getting filled with way more cost than you expect. So, I think this model is really super well understood now. Kind of the long run the high point of open-source meets, cloud, meets Software as a Service, you look at what companies like MongoDB, and Confluent, and Elastic, and Databricks are doing. And they've really established a very good path through the jungle of how to succeed as a software company. So, it's still difficult to implement, but there are really world-class guides right now.Corey: Moving beyond where Microsoft was back in the naughts, you were then hired as a VP over at Google. And in that era, the fact that you were hired as a VP at Google is fascinating. They preferred to grow those internally, generally from engineering. So, first question, when you were being hired as a VP in the product org, did they make you solve algorithms on a whiteboard to get there?Sam: [laugh]. They did not. I did have somewhat of an advantage [because they 00:13:36] could see me working pretty closely as the CEO of the Cloud Foundry Foundation. I'd worked closely with Craig McLuckie who notably brought Kubernetes to the world along with Joe Beda, and with Eric Brewer, and a number of others.And he was my champion at Google. He was like, “Look, you know, we need him doing Kubernetes. Let's bring Sam in to do that.” So, that was helpful. I also wrote a [laugh] 2000-word strategy document, just to get some thoughts out of my head. And I said, “Hey, if you like this, great. If you don't throw it away.” So, the interviews were actually very much not solving problems in a whiteboard. There were super collaborative, really excellent conversations. It was slow—Corey: Let's be clear, Craig McLuckie's most notable achievement was being a guest on this podcast back in Episode 243. But I'll say that this is a close second.Sam: [laugh]. You're not wrong. And of course now with Heptio and their acquisition by VMware.Corey: Ehh, they're making money beyond the wildest dreams of avarice, that's all well and good, but an invite to this podcast, that's where it's at.Sam: Well, he should really come on again, he can double down and beat everybody. That can be his landmark achievement, a two-timer on Screaming in [the] Cloud.Corey: You were at Google; you were at Microsoft. These are the big titans of their era, in some respect—not to imply that there has beens; they're bigger than ever—but it's also a more crowded field in some ways. I guess completing the trifecta would be Amazon, but you've had the good judgment never to work there, directly of course. Now they're clearly in your market. You're at DataStax, which is among other things, built on Apache Cassandra, and they launched their own Cassandra service named Keyspaces because no one really knows why or how they name things.And of course, looking under the hood at the pricing model, it's pretty clear that it really is just DynamoDB wearing some Groucho Marx classes with a slight upcharge for API level compatibility. Great. So, I don't see it a lot in the real world and that's fine, but I'm curious as to your take on looking at all three of those companies at different eras. There was always the threat in the open-source world that they are going to come in and crush you. You said earlier that Microsoft crushed your first startup.Google is an interesting competitor in some respects; people don't really have that concern about them. And your job as a Chief Strategy Officer at Amazon is taken over by a Post-it Note that simply says ‘yes' on it because there's nothing they're not going to do, or try, and experiment with. So, from your perspective, if you look at the titans, who is it that you see as the largest competitive threat these days, if that's even a thing?Sam: If you think about Sun Tzu and the Art of War, right—a lot of strategy comes from what we've learned from military environments—fighting a symmetric war, right, using the same weapons and the same army against a symmetric opponent, but having 1/100th of the personnel and 1/100th of the money is not a good plan.Corey: “We're going to lose money, going to be outcompeted; we'll make it up in volume. Oh, by the way, we're also slower than they are.”Sam: [laugh]. So, you know, trying to come after AWS, or Microsoft, or Google as an independent software company, pound-for-pound, face-to-face, right, full-frontal assault is psychotic. What you have to do, I think, at this point is to understand that these are each companies that are much like we thought about Linux, and you know, Macintosh, and Windows as operating systems. They're now the operating systems of the planet. So, that creates some economies of scale, some efficiencies for them. And for us. Look at how cheap object storage is now, right? So, there's never been a better time in human history to create a database company because we can take the storage out of the database and hand it over to Amazon, or Google, or Microsoft to handle it with 13 nines of durability on a constantly falling cost basis.So, that's super interesting. So, you have to prosecute the structure of the world as it is, based on where the giants are and where they'll be in the future. Then you have to turn around and say, like, “What can they never sell?”So, Amazon can never sell something that is standalone, right? They're a parts factory and if you buy into the Amazon-first strategy of cloud computing—which we did at Autodesk when I was VP of cloud platform there—everything is a primitive that works inside Amazon, but they're not going to build things that don't work outside of the Amazon primitives. So, your company has to be built on the idea that there's a set of people who value something that is purpose-built for a particular use case that you can start to broaden out, it's really helpful if they would like it to be something that can help them escape a really valuable asset away from the center of gravity that is a cloud. And that's why data is super interesting. Nobody wakes up in the morning and says, “Boy, I had such a great conversation with Oracle over the last 20 years beating me up on licensing. Let me go find a cloud vendor and dump all of my data in that so they can beat me up for the next 20 years.” Nobody says that.Corey: It's the idea of data portability that drives decision-making, which makes people, of course, feel better about not actually moving in anywhere. But the fact that they're not locked in strategically, in a way that requires a full software re-architecture and data model rewrite is compelling. I'm a big believer in convincing people to make decisions that look a lot like that.Sam: Right. And so that's the key, right? So, when I was at Autodesk, we went from our 100 million dollar, you know, committed spend with 19% discount on the big three services to, like—we started realize when we're going to burn through that, we were spending $60 million or so a year on 20% annual growth as the cloud part of the business grew. Thought, “Okay, let's renegotiate. Let's go and do a $250 million deal. I'm sure they'll give us a much better discount than 19%.” Short story is they came back and said, “You know, we're going to take you from an already generous 19% to an outstanding 22%.” We thought, “Wait a minute, we already talked to Intuit. They're getting a 40% discount on a $400 million spend.”So, you know, math is hard, but, like, 40% minus 22% is 18% times $250 million is a lot of money. So, we thought, “What is going on here?” And we realized we just had no credible threat of leaving, and Intuit did because they had built a cross-cloud capable architecture. And we had not. So, now stepping back into the kind of the world that we're living in 2021, if you're an independent software company, especially if you have the unreasonable advantage of being an open-source software company, you have got to be doing your customers good by giving them cross-cloud capability. It could be simply like the Amdahl coffee cup that Amdahl reps used to put as landmines for the IBM reps, later—I can tell you that story if you want—even if it's only a way to save money for your customer by using your software, when it gets up to tens and hundreds of million dollars, that's a really big deal.But they also know that data is super important, so the option value of being able to move if they have to, that they have to be able to pull that stick, instead of saying, “Nice doggy,” we have to be on their side, right? So, there's almost a detente that we have to create now, as cloud vendors, working in a world that's invented and operated by the giants.Corey: This episode is sponsored by our friends at Oracle HeatWave is a new high-performance accelerator for the Oracle MySQL Database Service. Although I insist on calling it “my squirrel.” While MySQL has long been the worlds most popular open source database, shifting from transacting to analytics required way too much overhead and, ya know, work. With HeatWave you can run your OLTP and OLAP, don't ask me to ever say those acronyms again, workloads directly from your MySQL database and eliminate the time consuming data movement and integration work, while also performing 1100X faster than Amazon Aurora, and 2.5X faster than Amazon Redshift, at a third of the cost. My thanks again to Oracle Cloud for sponsoring this ridiculous nonsense.Corey: When we look across the, I guess, the ecosystem as it's currently unfolding, a recurring challenge that I have to the existing incumbent cloud providers is they're great at offering the bricks that you can use to build things, but if I'm starting a company today, I'm not going to look at building it myself out of, “Ooh, I'm going to take a bunch of EC2 instances, or Lambda functions, or popsicles and string and turn it into this thing.” I'm going to want to tie together things that are way higher level. In my own case, now I wind up paying for Retool, which is, effectively, yeah, it runs on some containers somewhere, presumably, I think in Azure, but don't quote me on that. And that's great. Could I build my own thing like that?Absolutely not. I would rather pay someone to tie it together. Same story. Instead of building my own CRM by running some open-source software on an EC2 instance, I wind up paying for Salesforce or Pipedrive or something in that space. And so on, and so forth.And a lot of these companies that I'm doing business with aren't themselves running on top of AWS. But for web hosting, for example; if I look at the reference architecture for a WordPress site, AWS's diagram looks like a punchline. It is incredibly overcomplicated. And I say this as someone who ran large WordPress installations at Media Temple many years ago. Now, I have the good sense to pay WP Engine. And on a monthly basis, I give them money and they make the website work.Sure, under the hood, it's running on top of GCP or AWS somewhere. But I don't have to think about it; I don't have to build this stuff together and think about the backups and the failover strategy and the rest. The website just works. And that is increasingly the direction that business is going; things commoditize over time. And AWS in particular has done a terrible job, in my experience, of differentiating what it is they're doing in the language that their customers speak.They're great at selling things to existing infrastructure engineers, but folks who are building something from scratch aren't usually in that cohort. It's a longer story with time and, “Well, we're great at being able to sell EC2 instances by the gallon.” Great. Are you capable of going to a small doctor's office somewhere in the American Midwest and offering them an end-to-end solution for managing patient data? Of course not. You can offer them a bunch of things they can tie together to something that will suffice if they all happen to be software engineers, but that's not the opportunity.So instead, other companies are building those solutions on top of AWS, capturing the margin. And if there's one thing guaranteed to keep Amazon execs awake at night, it's the idea of someone who isn't them making money somehow somewhere, so I know that's got to rankle them, but they do not speak that language. At all. Longer-term, I only see that as a more and more significant crutch. A long enough timeframe here, we're talking about them becoming the Centurylinks of the world, the tier one backbone provider that everyone uses, but no one really thinks about because they're not a household name.Sam: That is a really thoughtful perspective. I think the diseconomies of scale that you're pointing to start to creep in, right? Because when you have to sell compute units by the gallon, right, you can't care if it's a gallon of milk, [laugh] or a gallon of oil, or you know, a gallon of poison. You just have to keep moving it through. So, the shift that I think they're going to end up having to make pragmatically, and you start to see some signs of it, like, you know, they hired but could not retain Matt [Acey 00:23:48]. He did an amazing job of bringing them to some pragmatic realization that they need to partner with open-source, but more broadly, when I think about Microsoft in the 2000s as they were starting to learn their open-source lessons, we were also being able to pull on Microsoft's deep competency and partners. So, most people didn't do the math on this. I was part of the field governance council so I understood exactly how the Microsoft business worked to the level that I was capable. When they had $65 billion in revenue, they produced $24 billion in profit through an ecosystem that generated $450 billion in revenue. So, for every dollar Microsoft made, it was $8 to partners. It was a fundamentally platform-shaped business, and that was how they're able to get into doctors offices in the Midwest, and kind of fit the curve that you're describing of all of those longtail opportunities that require so much care and that are complex to prosecute. These solved for their diseconomies of scale by having 1.2 million partner companies. So, will Amazon figure that out and will they hire, right, enough people who've done this before from Microsoft to become world-class in partnering, that's kind of an exercise left to the [laugh] reader, right? Where will that go over time? But I don't see another better mathematical model for dealing with the diseconomies of scale you have when you're one of the very largest providers on the planet.Corey: The hardest problem as I look at this is, at some point, you hit a point of scale where smaller things look a lot less interesting. I get that all the time when people say, “Oh, you fix AWS bills, aren't you missing out by not targeting Google bills and Azure bills as well?” And it's, yeah. I'm not VC-backed. It turns out that if I limit the customer base that I can effectively service to only AWS customers, yeah turns out, I'm not going to starve anytime soon. Who knew? I don't need to conquer the world and that feels increasingly antiquated, at least going by the stories everyone loves to tell.Sam: Yeah, it's interesting to see how cloud makes strange bedfellows, right? We started seeing this in, like, 2014, 2015, weird partnerships that you're like, “There's no way this would happen.” But the cloud economics which go back to utilization, rather than what it used to be, which was software lock-in, just changed who people were willing to hang out with. And now you see companies like Databricks going, you know, we do an amazing amount of business, effectively competing with Amazon, selling Spark services on top of predominantly Amazon infrastructure, and everybody seems happy with it. So, there's some hint of a new sensibility of what the future of partnering will be. We used to call it coopetition a long time ago, which is kind of a terrible word, but at least it shows that there's some nuance in you can't compete with everybody because it's just too hard.Corey: I wish there were better ways of articulating these things because it seems from the all the outside world, you have companies like Amazon and Microsoft and Google who go and build out partner networks because they need that external accessibility into various customer profiles that they can't speak to super well themselves, but they're also coming out with things that wind up competing directly or indirectly, with all of those partners at the same time. And I don't get it. I wish that there were smarter ways to do it.Sam: It is hard to even talk about it, right? One of the things that I think we've learned from philosophy is if we don't have a word for it, we can't be intelligent about it. So, there's a missing semantics here for being able to describe the complexity of where are you partnering? Where are you competing? Where are you differentiating? In an ecosystem, which is moving and changing.I tend to look at the tools of game theory for this, which is to look at things as either, you know, nonzero-sum games or zero-sum games. And if it's a nonzero-sum game, which I think are the most interesting ones, can you make it a positive sum game? And who can you play positive-sum games with? An organization as big as Amazon, or as big as Microsoft, or even as big as Google isn't ever completely coherent with itself. So, thinking about this as an independent software company, it doesn't matter if part of one of these hyperscalers has a part of their business that competes with your entire business because your business probably drives utilization of a completely different resource in their company that you can partner within them against them, effectively. Right?For example, Cassandra is an amazingly powerful but demanding workload on Kubernetes. So, there's a lot of Cassandra on EKS. You grow a lot of workload, and EKS business does super well. Does that prevent us from working with Amazon because they have Dynamo or because they have Keyspaces? Absolutely not, right?So, this is when those companies get so big that they are almost their own forest, right, of complexity, you can kind of get in, hang out, do well, and pretty much never see the competitive product, unless you're explicitly looking for it, which I think is a huge danger for us as independent software companies. And I would say this to anybody doing strategy for an organization like this, which is, don't obsess over the tiny part of their business that competes with yours, and do not pay attention to any of the marketing that they put out that looks competitive with what you have. Because if you can't figure out how to make a better product and sell it better to your customers as a single purpose corporation, you have bigger problems.Corey: I want to change gears slightly to something that's probably a fair bit more insulting, but that's okay. We're going to roll with it. That seems to be the theme of this episode. You have been, in effect, a CIO a number of times at different companies. And if we take a look at the typical CIO tenure, industry-wide, it's not long; it approaches the territory from an executive perspective of, “Be sure not to buy green bananas. You might not be here by the time they ripen.” And I'm wondering what it is that drives that and how you make a mark in a relatively short time frame when you're providing inputs and deciding on strategy, and those decisions may not bear fruit for years.Sam: CIO used to—we used say it stood for ‘Career Is Over' because the tenure is so short. I think there's a couple of reasons why it's so short. And I think there's a way I believe you can have impact in a short amount of time. I think the reason that it's been short is because people aren't sure what they want the CIO role to be.Do they want it to be a glorified finance person who's got a lot of data processing experience, but now really has got, you know, maybe even an MBA in finance, but is not focusing on value creation? Do they want it to be somebody who's all-singing, all-dancing Chief Data Officer with a CTO background who did something amazing and solved a really hard problem? The definition of success is difficult. Often CIOs now also have security under them, which is literally a job I would never ever want to have. Do security for a public corporation? Good Lord, that's a way to lose most of your life. You're the only executive other than the CEO that the board wants to hear from. Every sing—Corey: You don't sleep; you wait, in those scenarios. And oh, yeah, people joke about ablative CSOs in those scenarios. Yeah, after SolarWinds, you try and get an ablative intern instead, but those don't work as well. It's a matter of waiting for an inevitability. One of the things I think is misunderstood about management broadly, is that you are delegating work, but not the responsibility. The responsibility rests with you.So, when companies have these statements blaming some third-party contractor, it's no, no, no. I'm dealing with you. You were the one that gave my data to some sketchy randos. It is your responsibility that data has now been compromised. And people don't want to hear that, but it's true.Sam: I think that's absolutely right. So, you have this high risk, medium reward, very fungible job definition, right? If you ask all of the CIO's peers what their job is, they'll probably all tell you something different that represents their wish list. The thing that I learned at Autodesk, I was only there for 15 months, but we established a fundamental transformation of the work of how cloud platform is done at the company that's still in place a couple years later.You have to realize that you're a change agent, right? You're actually being hired to bring in the bulk of all the different biases and experiences you have to solve a problem that is not working, right? So, when I got to Autodesk, they didn't even know what their uptime was. It took three months to teach the team how to measure the uptime. Turned out the uptime was 97.7% for the cloud, for the world's largest engineering software company.That is 200 hours a year of unplanned downtime, right? That is not good. So, a complete overhaul [laugh] was needed. Understanding that as a change agent, your half-life is 12 to 18 months, you have to measure success not on tenure, but on your ability to take good care of the patient, right? It's going to be a lot of pain, you're going to work super hard, you're going to have to build trust with everyone, and then people are still going to hate you at the end. That is something you just have to kind of take on.As a friend of mine, Jason Warner joined Redpoint Ventures recently, he said this when he was the CTO of GitHub: “No one is a villain in their own story.” So, you realize, going into a big organization, people are going to make you a villain, but you still have to do incredibly thoughtful, careful work, that's going to take care of them for a long time to come. And those are the kinds of CIOs that I can relate to very well.Corey: Jason is great. You're name-dropping all the guests we've had. My God, keep going. It's a hard thing to rationalize and wrap heads around. It's one of those areas where you will not be measured during your tenure in the role, in some respects. And, of course, that leads to the cynical perspective as well, where well, someone's not going to be here long and if they say, “Yeah, we're just going to keep being stewards of the change that's already underway,” well, that doesn't look great, so quick, time to do a cloud migration, or a cloud repatriation, or time to roll something else out. A bit of a different story.Sam: One of the biggest challenges is how do you get the hearts and the minds of the people who are in the organization when they are no fools, and their expectation is like, “Hey, this company's been around for decades, and we go through cloud leaders or CIOs, like Wendy's goes through hamburgers.” They could just cloud-wash, right, or change-wash all their language. They could use the new language to describe the old thing because all they have to do is get through the performance review and outwait you. So, there's always going to be a level of defection because it's hard to change; it's hard to think about new things.So, the most important thing is how do you get into people's hearts and minds and enable them to believe that the best thing they could do for their career is to come along with the change? And I think that was what we ended up getting right in the Autodesk cloud transformation. And that requires endless optimism, and there's no room for cynicism because the cynicism is going to creep in around the edges. So, what I found on the job is, you just have to get up every morning and believe everything is possible and transmit that belief to everybody.So, if it seems naive or ingenuous, I think that doesn't matter as long as you can move people's hearts in each conversation towards, like, “Oh, this person cares about me. They care about a good outcome from me. I should listen a little bit more and maybe make a 1% change in what I'm doing.” Because 1% compounded daily for a year, you can actually get something done in the lifetime of a CIO.Corey: And I think that's probably a great place to leave it. If people want to learn more about what you're up to, how you think about these things, how you view the world, where can they find you?Sam: You can find me on Twitter, I'm @sramji, S-R-A-M-J-I, and I have a podcast that I host called Open||Source||Datawhere I invite innovators, data nerds, computational networking nerds to hang out and explain to me, a software programmer, what is the big world of open-source data all about, what's happening with machine learning, and what would it be like if you could put data in a container, just like you could put code in a container, and how might the world change? So, that's Open||Source||Data podcast.Corey: And we'll of course include links to that in the [show notes 00:35:58]. Thanks so much for your time. I appreciate it.Sam: Corey, it's been a privilege. Thank you so much for having me.Corey: Likewise. Sam Ramji, Chief Strategy Officer at DataStax. I'm Cloud Economist Corey Quinn, and this is Screaming in the Cloud. If you've enjoyed this podcast, please leave a five-star review on your podcast platform of choice, whereas if you've hated this podcast, please leave a five-star review on your podcast platform of choice, along with a comment telling me exactly which item in Sam's background that I made fun of is the place that you work at.Corey: If your AWS bill keeps rising and your blood pressure is doing the same, then you need The Duckbill Group. We help companies fix their AWS bill by making it smaller and less horrifying. The Duckbill Group works for you, not AWS. We tailor recommendations to your business and we get to the point. Visit duckbillgroup.com to get started.Announcer: This has been a HumblePod production. Stay humble.
LinkedIn has started supporting Hindi—the first Indian regional language on the professional network—to support 600 million Hindi language speakers globally, the company said in a press release. With the launch of Hindi, LinkedIn now supports 25 languages globally. As part of the phase 1 rollout of LinkedIn in Hindi, members will be able to access their feed, profile, jobs, messaging, and create content in Hindi on desktop and their Android and iOS phones. The platform will also continue to add more Hindi publishers and creators in the coming weeks to boost member engagement and conversations in Hindi. Big Tech is preparing to legally challenge certain provisions in India's data protection bill if lawmakers accept and adopt all the recommendations of the Joint Committee of Parliament in the final legislation, Economic Times reports. The biggest point of contention is a proposal to classify social media platforms as publishers as it places the onus for user-generated content on internet companies. That could impact companies including Facebook, Google's YouTube, Twitter, and WhatsApp—all of whom stand to lose the safe harbour or immunity currently provided by the Information Technology Act, 2000. Someone drained funds from multiple cryptocurrency wallets connected to the decentralised finance platform BadgerDAO on Wednesday, The Verge reports. According to the blockchain security and data analytics Peckshield, which is working with Badger to investigate the heist, the various tokens stolen in the attack are worth about $120 million. While the investigation is still ongoing, members of the Badger team have told users that they believe the issue came from someone inserting a malicious script in the UI of their website. Timnit Gebru, the Google AI researcher who was fired controversially a year ago, has launched a new research institute to ask questions about responsible use of artificial intelligence that she says Google and other tech companies won't, Wired reports. Gebru is now the founder and executive director of Distributed Artificial Intelligence Research. “Instead of fighting from the inside, I want to show a model for an independent institution with a different set of incentive structures,” she says. In more Google news, the internet search giant is planning to launch its smartwatch next year, Slashdot reports, citing a report from Insider, which is behind a paywall. "Two employees said a spring launch was possible if the latest testing round is a success, however, all sources stressed that details and timelines were subject to change depending on feedback from employees testing the device," reports Insider. The device, which is internally codenamed ‘Rohan,' (from the Lord of the Rings maybe) will showcase the latest version of Google's smartwatch software to customers and partners, according to Slashdot. Tesla says it plans to ship a smaller version of its Cyberquad EV, named 'Cyberquad for Kids' in four weeks, MobileSyrup reports. While the Cyberquad—which cost $1900—maybe targeted for kids, Tesla's Head of Design says that adults can ride it as well. The company's website states that the little quad has 15 miles (24 km) of range and can go up to 10mph (16km/h). Its battery takes around five hours to charge, according to the report.
Raj (00:10):(silence). Ooh, beautiful.Alexis (00:11):This is fun. Hey everybody.Raj (00:13):It's electric.Alexis (00:13):All right. All right. Nice to see you all too. Oh, there we go. Okay. This is big. This is just the building of a new internet. Probably nothing.Raj (00:26):Probably nothing. It's such an honor, Alexis, really, to be on stage with you. It's like a dream. I've been a power user of Reddit, and I saw the way that you created that and the intention that you brought into it, and the intention you've brought into how we build technology that connects people together, and the conviction you have about how you want it to connect them for good. Not pull them apart but pull them together. Three things that connect them, their interests, their common grounds, and give them the tools to do that.Alexis (00:59):Thank you, man.Raj (00:59):Yeah, it's been really awesome.Alexis (01:00):I feel grateful. I was a dumb college kid in 2005, starting Reddit. The inspiration were like message boards. And I ran a PHPBB forum. Shout out PHPBB. I think those bulletin boards are still cranking somewhere in parts of the internet, but it was a hope for a more connected internet. But I really had no idea what would come from it. I'm obviously grateful. Hopefully a few of you all are Redditors. Any? Couple, one or two? Thank you. Thank you for all of your upvotes and thank you for also admitting you're the least productive people here. So thank you for your candor. I got so excited as crypto started taking off because Reddit is where I dove in. R/Bitcoin is the community that inspired me to first invest in Coinbase back in 2012. R/Ethereum was the community that got me really excited about what could actually be done with programmable money and this concept of building an internet that was decentralized and truly in the hands of all the people creating content. And now what I am seeing here, especially within the Solana community, is nothing short of awesome.And we can just cut to chase and one of the reasons why I'm here is to announce a collaboration that we're doing. I have a venture fund called Seven Seven Six. We're earmarking with the Solana Foundation $50 million to invest in the next wave of social built on Solana. Because I think this new world... We were debating whether to do the announcement at the start or at the end, I'm happy we did at the start. It's good vibes. But my job these days is with our team to look for the next big thing, put our money into it, give our support, our advice, our feedback, and help build businesses that'll be even bigger than any of the ones I've created. And it's exciting because this actually fulfills ambitions that I remember having 16 years ago but that we just couldn't execute on because the technology did not exist. And so I'm going to take you down memory lane a little bit. We'll fire up some slides.This is actually the very first version of Reddit that went live in 2005. I was not a great web designer. I was not. I'm really proud of Snoo, our mascot. I created that while I was bored in marketing class. But this was the first version, and a couple of things to notice, karma score, absolutely stole that from Slashdot. But I realized, okay, if we can get people to be incentivized to post good stuff, we can get more people to post more good stuff. And we'll just use internet points. It'll just be made up. And so if you got an upvote, you would gain a karma point. If obviously you were downvoted, you'd lose one. As you can see here, I posted the first link to Reddit, the Downing Street memo, and I was promptly downvoted because my co-founder is a dick. I knew exactly who it was, because it was just the two of us in an apartment. I knew who did that, and I have -1 karma. But internet points were the way we got people to come together and produce high-quality content.If you could believe me, in 2005, no one believed me when I said that people would spend all this time on the internet creating content, sharing content, commenting on content, but clearly it worked. And as we saw more and more progress, I obsessed over even designing the up and down arrows. I probably did like 10 iterations. I'm embarrassed by how many different versions of up and down arrows I designed. But this was all with the idea that we could reward people and get them feeling like their contributions mattered and encourage the best behavior. You'll notice the leaderboard there, the stats. That little janky link was one of the most important part to the website back in 2005 because the top submitters cared so much where they were on the leaderboard that when the stats thing went down, we would get a flurry of emails from people saying, something's wrong. Fix the stats leaderboard. I grew up playing video games, probably like a lot of you, and this seemed like a pretty obvious mechanism to just motivate people to keep posting content.But again, we're talking about internet points that outside of the community don't really amount to much, even awards. So once karma points exceeded their value, because once people got far enough along on Reddit, a new user would come on and feel demoralized because the idea of one day getting a million karma points seemed impossible. So I had to create new games. These awards, I was inspired by GoldenEye on the N64 because the end of Deathmatch, even my friends who were terrible at the game and never won would still get a little fun award at the end, like most cowardly. And we would ridicule them for that. It turned out that's like you spend the least amount of time on the screen of other players during the match. And it was these novel awards that inspired the Reddit awards today. I literally have people who introduce themselves, not by their government name, not by their username, but by the fact that they are a 12-year Redditor or a 14-year Redditor.These badges, these awards that were just a game mechanic that I created 16 years ago without much thought have become a sense of pride. But I look at all these things and I think, damn, if only there was value beyond this world of this ecosystem, because there's clearly value there. And everything I've seen in the last few years, the reason I'm so excited about Web 3.0 is this is all the same mechanisms, except with real ownership. With real value gained by the people who did all the amazing work to make these platforms function. And then I can't not talk about swag. This was Reddit's original business model, and it was actually the first fight we had. So the first two months of Reddit, we got into a big fight because I really wanted sell merch. I knew that even though we had this burgeoning user base, that random strangers on the internet would want to buy t-shirts with our logo on it as a way to show solidarity with our tribe. It was a huge fight, finally won it, and I built a store. And this was before Shopify, before Stripe. This was like a janky PayPal. It was really hard to take money from strangers on the internet back in 2005, okay? But I get this janky storefront up. I filled the bedroom with probably like 300, 400 t-shirts and put it online, and within 24 hours, sold out. And then I spent the next day stuffing envelopes and taking garbage bags full of these t-shirts to the post office. And with every one of them I sent out, I felt a little bit validated because random people on the internet wanted to show their pride by making their torso into a billboard for us, and give us money for that privilege. Today, just seeing someone change their profile pic is an even bigger statement of that tribal solidarity. And again, maybe if you have one of these original 400 Reddit shirts, you could probably fence it on eBay for a few bucks, but you didn't actually capture the real value. There was tremendous value in being one of those early adopters and signing up to say, yes, I am a part of this. I want you to believe.And everything I see play out, even the most basic profile pic project, is a reminder that this is like the core atomic unit of building community online. And I just can't help but get even more excited because the rate at which this will grow is... it is hard to overstate. And even just thinking about where you all were, we were reminiscing backstage a year ago or two years ago with how far the Solana ecosystem has gone, I'm just very excited. So I'm thrilled to be announcing this fund with you. I hope we can do some amazing stuff together and fund the next generation of the social web.Raj (09:45):I think we totally will. It's totally going to happen.Alexis (09:47):Are you going to do that? Are you down with that?Raj (09:53):It's going to be incredible. I don't know if anyone was paying attention yesterday. Something interesting happens, right before Alexis and I went onto a... I think it was Fortune interview to talk about this... or Forbes, one or the other, to talk about this fund, I had gone on Twitter... GM everyone, by the way. GM.Alexis (10:20):Yes. Good morning.Raj (10:22):So someone who happens to be a good friend of mine, Sam Lessin, he used to run product at Facebook. I've known him for 10 years. He's the first person I've seen negatively respond to the idea of us all saying GM in crypto. And we all love GM. It's just good vibes, right? And so I went on Twitter and I said, "I'll kill you." But this wasn't me threatening Sam. I've known him for 10 years. We trust each other. Sam talks a lot about how... he was in the room when Venmo made the trust feature. I should be able to trust Alexis to be able to take as much money from me as he wants. We have a relationship. We should be able to flag that, right?All these little features, the nuances of how we connect with one another and how we trust each other and how we have relationships should be reflected in social. But right now there's only little pieces and it's the pieces that happened because one platform that becomes monolithic decides which features it's going to differentiate on. And so, yeah, I guess I should have expected this, and my comms people tell me that I should have expected it, but I got suspended on the first day of Breakpoint. And it was actually amazing because I'm super addicted to Twitter. This is the first time I've spent 24 hours not on Twitter in probably years.Alexis (11:44):Jack just wanted you to have a respite from [crosstalk 00:11:47].Raj (11:46):Jack's a meditator. He wanted me to just meditate on my feelings and beliefs and my actions, and I did. Just another point on this, it was a joke. It was a reference to this Costco founder who, when the CEO talked about increasing the cost of hot dogs, he said, "I will kill you." So this was sort of two ideas to get other in one tweet. There's a lot of nuance, like I said, in social. Sam and I know each other, so of course I would never kill him. And also if you know this joke, it's the idea that there are some things that are sacred, that are positive, that are inherently good. Like a chief hot dog for everyone that comes into Costco is like part of their belief system. GM is like part of our belief system. We should wake up every morning and talk to each other with good intentions. And if you're going to threaten that, I will kill you, right? And that joke...Alexis (12:47):Like a Costco hot dog.Raj (12:49):Like a Costco hot dog. And that joke, Twitter doesn't get it. The rules don't get it. It's going to be hard to regulate these things and moderate these things. But when all of it comes from one place, we just see that nobody's happy. Jack's not happy with the rules that he's been forced to put in place, which is why he's deciding to turn Twitter into a decentralized protocol. I think my fear, and I don't know if you agree, but Facebook's going to do the same thing. And Reddit's going to do the same thing. Everyone's going to do the same thing, but these things happen pretty slow, and there's opportunity to build from all directions. It doesn't have to be the old social platforms converting. We can build new ones and it doesn't have to be competition and it doesn't have to be winner take all.There will be hundreds of successful social media companies that are protocols and clients to those protocols, and choices will be made in programmable, modular ways between communities, just like Subreddits do that in certain ways. But it'll be much more fluid and we'll be able to govern these rules. I kind of see this pretty clearly, but I only see like maybe five or 10 companies trying it and building it. There should be 100. There should be 100 like tomorrow. So as we were talking with this reporter yesterday, it was a flurry of thesis. And even backstage, we just couldn't stop talking about all the ways that this future is going to happen. And I think it's going to happen quickly. And I realized $50 million is not that much for the number of teams and stabs at this problem that I think can happen in the next 12 months. So we're going to increase it to a $100 million.Alexis (14:31):That's right. See that, we lured you in with the 50. Surprised you with the hundo. And look, this is real. Normally, incumbents have had, and Zack has taken full advantage of this, incumbents have had a huge unfair advantage with the distribution. As social evolved, Facebook can gobble up, Instagram can gobble up, WhatsApp can get the economies to scale that distribution. But I would argue in Web 3.0 it's actually a liability because the intention with which you're building these new protocols and these new communities starts from the very beginning. It seeds the foundation of how people think about the platform. And the baggage of Web 2.0 infrastructure and the Web 2.0 precedent is that you're ultimately just harvested for an advertiser. And that factors into product decisions. That factors into design decisions.And what's really exciting is that there's a whole new slew of founders who have a chance to jump into a very energized community and actually start building something with a very different business model in mind and very different product instincts and very different design focus, and that's compelling. And I think we could see new platforms emerge very fast. We talked about Discord backstage and how... 2015, I think, I first started noticing them on the sidebars of gaming communities on Reddit and I thought, damn, they're onto something here. And as someone who's suffered through TeamSpeak, it was like, okay, clearly there's got to be a better way. But that was five years now, six years now Discord is the dominant platform for all the real-time conversation around NFTs and a lot of things in crypto. But that window for a new platform to emerge keeps getting smaller and smaller. It keeps moving faster and faster, and we haven't even seen what happens when people build this way first.Raj (16:33):Totally. Yeah, the cycles are getting faster. And we don't have to wait. And I think even just the rise of Solana and the cycles in the blockchain industry have been getting faster. And a lot of folks are surprised by how much and how fast so Solana has grown. I think this next wave of companies are going to get to a billion... we set it at the top of this whole conference, a billion users. And we didn't set a timeline. We set as fast as possible. I think it could happen in 12 months, 18 months. It's very feasible if we build that future. And I think it'll happen in waves. Applications protocols will be quickly saturating to a billion, 4 billion users in rapid succession because it doesn't have to be a competition of a monolith against another. It's just ideas and changes and protocol shifts and forks that can propagate very quickly.So I think this future's going to be happen very quickly and it's all connected. This is why we wanted to have Solana be one giant global state machine. A lot of people call it monolithic. Yeah, it's monolithic. That's the point. It's all one computer that we can build all of this together on because if you saw... I realized a lot of people miss some of the best talks here, but Jules Urbach from Render is making a photorealistic metaverse. We will be able to connect these social protocols to that rendering engine and we will be living in the metaverse faster than anyone thinks. It's going to happen.Alexis (18:04):And when that user experience hits, it will hit. In 16 years of designing product, of investing in product, I keep coming back to great user experiences, almost always end up winning. And that's broadly defined. That's the literal user experience as well as the figurative. How does it make customers or users feel? And what's exciting is we can do things on Solana that... and I'm not a maximalist in any regard. You'll see me, I'm very pragmatic on this stuff, but we can do things on Solana that just make so much more sense to create that amazing user experience that people have come to expect. And that's it at the end of the day. That's what wins. And you tie that in to being able to actually own the content you create and actually get rewarded for things like community building. It's going to be exhilarating.The second wave, Web 2.0, whatever we're calling it, I really believe it's going to look like this transition period, almost a bleep in the internet where we first got online, everyone's on the World Wide Web and we were making our geo cities' websites and just trying to build for what was largely a pretty read-only internet. And it's so obvious to me, even in these last few years now coming out of the crypto winter, that this era we're in now is going to define, really define the internet as we know it. And when I'm explaining to my daughter about these phases of the internet, she's going to look at me and be like, "Wow, dad. You played all those video games without being rewarded for any of your time or effort." And she'll be shocked. She'll be shocked that I bought things on the internet that I didn't really own. She'll be shocked that so many of the things that are really some of the most valuable work online, whether it's content creation or curation or community building weren't rewarded in any way, shape, or form.Alexis (20:07):It will seem like this weird, dismal, brief period of the internet. And I think we'll all be better off for it, ultimately, but I'm just excited to see what people build because we're all still in the very early days where we're actually just trying to take better versions of what we've known for Web 2.0, and I think things level up once we get out of that mindset and then eventually start building the things with a first principled look at what Web 3.0 really can unlock. But I'm already excited for this stuff that's coming, which is why we're going to put $100 million towards funding it.Raj (20:43):You know what else we should do is make sure the app stores allow NFTs and tokens. Are we really going to hold this back at the...Alexis (20:54):The good news is, look, Epic on the one hand has been fighting the good fight and on the other, not so much, but momentum here is on our side in a world where I know most of you all are probably default skeptical of regulators, which is a fine thing to be. I really do think though that the principles of what is getting built now are so aligned with the average person, with the consumer. And I still do believe that those people are represented by people in government who are at the end of the day beholden to the voters.I do think the more that we can tie the relevance and the value of crypto to the average American, especially beyond our initial early adopter community, the more we can make crypto a big part of people's lives, the better, because that ultimately is going to put leverage on the couple of monopolist or duopolist with their app stores. And I think it's still one of the strongest leverage points we have, which is it's just not good for consumers to have one of two app stores to choose from, and both that are pretty egregious in what they charge and the control they have.Raj (22:05):It's clear that social media affects government. It affects political movements. It's just very clear all of us. And I think one of the things that I always have tried to do, building products where people are taking on social behaviors, connecting is replicate what they're already doing, but do it in a positive way. I think you did that really well with Reddit. Focusing on upvotes, focusing on content creation and elevating each other and our creations and our content. And I'm curious, do you have any ideas about how the types of forces that have coalesced political movements in social media might be reflected in this next Web 3.0 Version of social media?Alexis (22:48):I really do think we're seeing some really interesting types of governance emerge. Look, for those of us, whether we're in European democracies, American democracies, these are global democracies, we ostensibly like these ideas of everyone gets a vote. And what's interesting now is you're even seeing what some of the recent ENS stuff and some of this... Just even the concept of vote delegation, being something that is getting more normalized. What I love about Web 3.0 broadly is we get a chance to think about, from first principles, how we can architect better and more representative systems. And so on the one hand I'm like, would I ever delegate my vote for a president of the United States? Would I ever delegate my vote for some company I'm a shareholder of? Maybe not, probably not, definitely not. There's a spectrum of answers to that. But what we get to build is whatever we think is the best tool for the job and then the broad market basically decides, okay, this is what wins.And this kind of experimentation, I think, tends to be among the most, or will ultimately reward the most egalitarian way possible because it's not controlled as basically every institution has been from the top down for so long. So I do think there is this pretty strong streak throughout the crypto community that almost by definition is built in opposition to institutions that have had top-down authority and plenty of times abused it. So I think when you combine community and capital, which we're seeing play out right now, really surreal things happen. And WallStreetBets is probably the most visceral example that I get asked about all the time back in the states. But that's one example of many where you are seeing a power shift from the traditional top-down structures to the bottom-up, where it's people who are connected online able to communicate in real time, at scale, for free, essentially, and now able to also move dollars. And even though those dollars individually may not be that much, in aggregate, especially when coordinated, can move markets, can shift all kinds of things. This is the experimental phase of it so I'm excited to see what's to come.Raj (25:16):The word delegation, I think, that I heard there is so important because delegation is happening, like you said, every day in crypto. We delegate to validators. In Solana there are stake pools and there's nested delegation that can happen. And our representative democracy is a delegation of responsibility and decision-making authority. But there are really only a few ways that you can do it and a few bodies that you delegate to and a few people. And then you mentioned this idea of would I delegate my presidential vote? Maybe not that one, but there's probably 100 offices that we're voting for. Right now we just go one side of the ticket. That's a pretty dumb way to do it. Not everyone's doing their research.Alexis (25:59):This is the opening of a lot of doors for a lot of people because with all the progress that we have made so far, we are still a pretty insular community. We are all still early. Just being here means you are in a very, very select group. Congratulations, you're going to make it. You're among the earliest adopters. Yes. It's true. And so you're among the earliest adopters of something that I... I've been on record. I was on Rogan CNBC 2014 saying that I was cautiously optimistic about crypto because it just felt like, no, this is too good to be true. Somehow it's going to get screwed up, someone's going to mess it up. But I've gone from that to pretty irrationally exuberant now in the last year. It now feels inevitable. And so everyone who is here, you are among the earliest adopters for this. You all have a mindset shaped by being immersed in this space for a little while now.There is a whole world, the vast majority of people still have not even started to think about the world the way that we do now by default. And that is going to unlock even more creativity and even more motivation and even more energy. And I'm excited to see that. And I encourage you, please, go out of your way to find people in your immediate community. Your friend group's an easy place to start. Don't be that person who just at every dinner just keeps talking about crypto, but please create this to be as welcoming and open as possible, because that is actually the long-term greedy move to make, because the faster that this adoption spreads beyond the early adopters in tech, especially the dudes who tend to look like me, the faster that this actually comes to fruition, and the more powerful it actually is.Alexis (27:54):And I'm excited because we get to rethink so many systems. And because finance is tied intrinsically into this, it means rewarding people for work, for effort, for creativity that historically have not been. And I get excited about that because selfishly, I just want better stuff. And so whether it is better democracy, whether it is better art, whether it's better social networking, we will get to see a flourishing, a literal Renaissance happening because of what is getting built here. And that is an amazing thing to be a part of because there will not be another time like this.Raj (28:31):There won't be. That's awesome, man. This is so cool. Look, I just want to close on one note. The one thing that came out of yesterday was this idea of #freeraj, which I love, but I'm back now. And so I don't need to be freed, but I do need to be freed from centralized social media. I want to get off Twitter. I want to get off. Help me do that. Build the next Twitter, build the next Facebook, build the next Instagram. I'm going to have a special prize for whoever helps me get off and delete my accounts from those centralized services.Alexis (29:16):Oh, the bounty is out there. I love it. Right on.Raj (29:20):You can come hang out with me and Alexis. Dude, thank you so much for coming, Alexis. This has been phenomenal.Alexis (29:25):Thank you.Raj (29:25):And I think we have many more great conversations to come and so many teams are going to form. It's going to be truly wonderful. I can't wait to do this with you. And thank you for committing capital and your time to these builders. It just means the world. Thank you.Alexis (29:37):I'm excited. Very grateful. Very grateful you all.
Before platforms like Facebook and Twitter, learning about current events online across a range of topics, subjects, and industries required visiting lots of different websites. That began to change thanks to platforms like Slashdot.Slashdot was one of the first -- if not the first -- popular social news aggregators. Readers would submit stories they thought were interesting, and then Slashdot's moderation team -- headed by Slashdot founder Rob Malda -- would select the best ones and display them on the homepage, which was a constantly updating feed of the aggregated stories. Users could then comment on the stories, discuss them, flag them, etc., and that would impact their popularity and how long they'd be featured.Of course, none of that sounds revolutionary. It was basically just a description of Reddit. But, again, there was a time when that concept didn't exist, and Rob Malda and Slashdot pioneered it. So why are platforms like Reddit and Twitter worth billions of dollars today and Slashdot isn't? That's what you're going to learn about in this episode of Web Masters.For a complete transcript of the episode, click here.
About MikeBeside his duties as The Duckbill Group's CEO, Mike is the author of O'Reilly's Practical Monitoring, and previously wrote the Monitoring Weekly newsletter and hosted the Real World DevOps podcast. He was previously a DevOps Engineer for companies such as Taos Consulting, Peak Hosting, Oak Ridge National Laboratory, and many more. Mike is originally from Knoxville, TN (Go Vols!) and currently resides in Portland, OR.Links: Software Engineering Daily podcast: https://softwareengineeringdaily.com/category/all-episodes/exclusive-content/Podcast/ Duckbillgroup.com: https://duckbillgroup.com TranscriptAnnouncer: Hello, and welcome to Screaming in the Cloud with your host, Chief Cloud Economist at The Duckbill Group, Corey Quinn. This weekly show features conversations with people doing interesting work in the world of cloud, thoughtful commentary on the state of the technical world, and ridiculous titles for which Corey refuses to apologize. This is Screaming in the Cloud.Corey: This episode is sponsored in part by Thinkst. This is going to take a minute to explain, so bear with me. I linked against an early version of their tool, canarytokens.org in the very early days of my newsletter, and what it does is relatively simple and straightforward. It winds up embedding credentials, files, that sort of thing in various parts of your environment, wherever you want to; it gives you fake AWS API credentials, for example. And the only thing that these things do is alert you whenever someone attempts to use those things. It's an awesome approach. I've used something similar for years. Check them out. But wait, there's more. They also have an enterprise option that you should be very much aware of canary.tools. You can take a look at this, but what it does is it provides an enterprise approach to drive these things throughout your entire environment. You can get a physical device that hangs out on your network and impersonates whatever you want to. When it gets Nmap scanned, or someone attempts to log into it, or access files on it, you get instant alerts. It's awesome. If you don't do something like this, you're likely to find out that you've gotten breached, the hard way. Take a look at this. It's one of those few things that I look at and say, “Wow, that is an amazing idea. I love it.” That's canarytokens.org and canary.tools. The first one is free. The second one is enterprise-y. Take a look. I'm a big fan of this. More from them in the coming weeks.Corey: This episode is sponsored in part by our friends at Lumigo. If you've built anything from serverless, you know that if there's one thing that can be said universally about these applications, it's that it turns every outage into a murder mystery. Lumigo helps make sense of all of the various functions that wind up tying together to build applications. It offers one-click distributed tracing so you can effortlessly find and fix issues in your serverless and microservices environment. You've created more problems for yourself; make one of them go away. To learn more, visit lumigo.io.Corey: This episode is sponsored in part by ChaosSearch. As basically everyone knows, trying to do log analytics at scale with an ELK stack is expensive, unstable, time-sucking, demeaning, and just basically all-around horrible. So why are you still doing it—or even thinking about it—when there's ChaosSearch? ChaosSearch is a fully managed scalable log analysis service that lets you add new workloads in minutes, and easily retain weeks, months, or years of data. With ChaosSearch you store, connect, and analyze and you're done. The data lives and stays within your S3 buckets, which means no managing servers, no data movement, and you can save up to 80 percent versus running an ELK stack the old-fashioned way. It's why companies like Equifax, HubSpot, Klarna, Alert Logic, and many more have all turned to ChaosSearch. So if you're tired of your ELK stacks falling over before it suffers, or of having your log analytics data retention squeezed by the cost, then try ChaosSearch today and tell them I sent you. To learn more, visit chaossearch.io.Corey: Welcome to Screaming in the Cloud. I'm Corey Quinn. I spent the past week guest hosting the Software Engineering Daily podcast, taking listeners over there on a tour of the clouds. Each day, I picked a different cloud and had a guest talk to me about their experiences with that cloud.Now, there was one that we didn't talk about, and we're finishing up that tour here today on Screaming in the Cloud. That cloud is the obvious one, and that is your own crappy data center. And my guest is Duckbill Group's CEO and my business partner, Mike Julian. Mike, thanks for joining me.Mike: Hi, Corey. Thanks for having me back.Corey: So, I frequently say that I started my career as a grumpy Unix sysadmin. Because it isn't like there's a second kind of Unix sysadmin you're going to see. And you were in that same boat. You and I both have extensive experience working in data centers. And it's easy sitting here on the tech coast of the United States—we're each in tech hubs cities—and we look around and yeah, the customers we talked to have massive cloud presences; everything we do is in cloud, it's easy to fall into the trap of believing that data centers are a thing of yesteryear. Are they?Mike: [laugh]. Absolutely not. I mean, our own customers have tons of stuff in data centers. There are still companies out there like Equinix, and CoreSite, and DRC—is that them? I forget the name of them.Corey: DRT. Digital Realty [unintelligible 00:01:54].Mike: Digital Realty. Yeah. These are companies still making money hand over fist. People are still putting new workloads into data centers, so yeah, we're kind of stuck with him for a while.Corey: What's fun is when I talked to my friends over in the data center sales part of the world, I have to admit, I went into those conversations early on with more than my own fair share of arrogance. And it was, “[laugh]. So, who are you selling to these days?” And the answer was, “Everyone, fool.” Because they are.People at large companies with existing data center footprints are not generally doing fire sales of their data centers, and one thing that we learned about cloud bills here at The Duckbill Group is that they only ever tend to go up with time. That's going to be the case when we start talking about data centers as well. The difference there is that it's not just an API call away to lease more space, put in some racks, buy some servers, get them racked. So, my question for you is, if we sit here and do the Hacker News—also known as the worst website on the internet—and take their first principles approach to everything, does that mean the people who are building out data centers are somehow doing it wrong? Did they miss a transformation somewhere?Mike: No, I don't think they're doing it wrong. I think there's still a lot of value in having data centers and having that sort of skill set. I do think the future is in cloud infrastructure, though. And whether that's a public cloud, or private cloud, or something like that, I think we're getting increasingly away from building on top of bare metal, just because it's so inefficient to do. So yeah, I think at some point—and I feel like we've been saying this for years that, “Oh, no, everyone's missed the boat,” and here we are saying it yet again, like, “Oh, no. Everyone's missing the boat.” You know, at some point, the boat's going to frickin' leave.Corey: From my perspective, there are advantages to data centers. And we can go through those to some degree, but let's start at the beginning. Origin stories are always useful. What's your experience working in data centers?Mike: [laugh]. Oh, boy. Most of my career has been in data centers. And in fact, one interesting tidbit is that, despite running a company that is built on AWS consulting, I didn't start using AWS myself until 2015. So, as of this recording, it's 2021 now, so that means six years ago is when I first started AWS.And before that, it was all in data centers. So, some of my most interesting stuff in the data center world was from Oak Ridge National Lab where we had hundreds of thousands of square feet of data center floor space across, like, three floors. And it was insane, just the amount of data center stuff going on there. A whole bunch of HPC, a whole bunch of just random racks of bullshit. So, it's pretty interesting stuff.I think probably the most really interesting bit I've worked on was when I was at a now-defunct company, Peak Hosting, where we had to figure out how to spin up a data center without having anyone at the data center, as in, there was no one there to do the spin up. And that led into interesting problems, like you have multiple racks of equipment, like, thousands of servers just showed up on the loading dock. Someone's got to rack them, but from that point, it all has to be automatic. So, how do you bootstrap entire racks of systems from nothing with no one physically there to start a bootstrap process? And that led us to build some just truly horrific stuff. And thank God that's someone else's problem, now. [laugh].Corey: It makes you wonder if under the hood at all these cloud providers if they have something that's a lot cleaner, and more efficient, and perfect, or if it's a whole bunch of Perl tied together with bash and hope, like we always built.Mike: You know what? I have to imagine that even at AWS at a—I know if this is true at Facebook, where they have a massive data center footprint as well—there is a lot of work that goes into the bootstrap process, and a lot of these companies are building their own hardware to facilitate making that bootstrap process easier. When you're trying to bootstrap, say, like, Dell or HP servers, the management cards only take you so far. And a lot of the stuff that we had to do was working around bugs in the HP management cards, or the Dell DRACs.Corey: Or you can wind up going with some budget whitebox service. I mean, Supermicro is popular, not that they're ultra-low budget. But yeah, you can effectively build your own. And that leads down interesting paths, too. I feel like there's a sweet spot where working on a data center and doing a build-out makes sense for certain companies.If you're trying to build out some proof of concept, yeah, do it in the cloud; you don't have to wait eight weeks and spend thousands of dollars; you can prove it out right now and spend a total of something like 17 cents to figure out if it's going to work or not. And if it does, then proceed from there, if not shut it down, and here's a quarter; keep the change. With data centers, a lot more planning winds up being involved. And is there a cutover at which point it makes sense to evacuate from a public cloud into a physical data center?Mike: You know, I don't really think so. This came up on a recent Twitter Spaces that you and I did around, at what point does it really make sense to be hybrid, or to be all-in on data center? I made the argument that a large-scale HPC does not fit cloud workloads, and someone made a comment that, like, “What is large-scale?” And to me, large-scale was always, like—so Oak Ridge was—or is famous—for having supercomputing, and they have largely been in the top five supercomputers in the world for quite some time. A supercomputer of that size is tens of thousands of cores. And they're running pretty much constant because of how expensive that stuff is to get time on. And that sort of thing would be just astronomically expensive in a cloud. But how many of those are there really?Corey: Yeah, if you're an AWS account manager listening to this and reaching out with, “No, that's not true. After committed spend, we'll wind up giving you significant discounts, and a whole bunch of credits, and jump through all these hoops.” And, yeah, I know, you'll give me a bunch of short-term contractual stuff that's bounded for a number of years, but there's no guarantee that stuff gets renewed at that rate. And let's face it. If you're running those kinds of workloads today, and already have the staff and tooling and processes that embrace that, maybe ripping all that out in a cloud migration where there's no clear business value derived isn't the best plan.Mike: Right. So, while there is a lot of large-scale HPC infrastructure that I don't think particularly fits well on the cloud, there's not a lot of that. There's just not that many massive HPC deployments out there. Which means that pretty much everything below that threshold could be a candidate for cloud workloads, and probably would be much better. One of the things that I noticed at Oak Ridge was that we had a whole bunch of SGI HPC systems laying around, and 90% of the time they were idle.And those things were not cheap when they were bought, and at the time, they're basically worth nothing. But they were idle most of the time, but when they were needed, they're there, and they do a great job of it. With AWS and GCP and Azure HPC offerings, that's a pretty good fit. Just migrate that whole thing over because it'll cost you less than buying a new one. But if I'm going to migrate Titan or Gaia from Oak Ridge over to there, yeah, some AWS rep is about to have a very nice field day. That'd just be too much money.Corey: Well, I'd be remiss as a cloud economist if I didn't point out that you can do this stuff super efficiently in someone else's AWS account.Mike: [laugh]. Yes.Corey: There's also the staffing question where if you're a large blue-chip company, you've been around for enough decades that you tend to have some revenue to risk, where you have existing processes and everything is existing in an on-prem environment, as much as we love to tell stories about the cloud being awesome, and the capability increase and the rest, yadda, yadda, yadda, there has to be a business case behind moving to the cloud, and it will knock some nebulous percentage off of your TCO—because lies, damned lies, and TCO analyses are sort of the way of the world—great. That's not exciting to most strategic-level execs. At least as I see the world. Given you are one of those strategic level execs, do you agree? Am I lacking nuance here?Mike: No, I pretty much agree. Doing a data center migration, you got to have a reason to do it. We have a lot of clients that are still running in data centers as well, and they don't move because the math doesn't make sense. And even when you start factoring in all the gains from productivity that they might get—and I stress the word might here—even when you factor those in, even when you factor in all the support and credits that Amazon might give them, it still doesn't make enough sense. So, they're still in data centers because that's where they should be for the time because that's what the finances say. And I'm kind of hard-pressed to disagree with them.Corey: While we're here playing ‘ask an exec,' I'm going to go for another one here. It's my belief that any cloud provider that charges a penny for professional services, or managed services, or any form of migration tooling or offering at all to their customers is missing the plot. Clearly, since they all tend to do this, I'm wrong somewhere. But I don't see how am I wrong or are they?Mike: Yeah, I don't know. I'd have to think about that one some more.Corey: It's an interesting point because it's—Mike: It is.Corey: —it's easy to think of this as, “Oh, yeah. You should absolutely pay people to migrate in because the whole point of cloud is that it's kind of sticky.” The biggest indicator of a big cloud bill this month is a slightly smaller one last month. And once people wind up migrating into a cloud, they tend not to leave despite all of their protestations to the contrary about multi-cloud, hybrid, et cetera, et cetera. And that becomes an interesting problem.It becomes an area—there's a whole bunch of vendors that are very deeply niched into that. It's clear that the industry as a whole thinks that migrating from data centers to cloud is going to be a boom industry for the next three decades. I don't think they're wrong.Mike: Yeah, I don't think they're wrong either. I think there's a very long tail of companies with massive footprint staying in a data center that at some point is going to get out of a data center.Corey: For those listeners who are fortunate enough not to have to come up the way that we did. Can you describe what a data center is like inside?Mike: Oh, God.Corey: What is a data center? People have these mythic ideas from television and movies, and I don't know, maybe some Backstreet Boys music video; I don't know where it all comes from. What is a data center like? What does it do?Mike: I've been in many of these over my life, and I think they really fall into two groups. One is the one managed by a professional data center manager. And those tend to be sterile environments. Like, that's the best way to describe it. They are white, filled with black racks. Everything is absolutely immaculate. There is no trash or other debris on the floor. Everything is just perfect. And it is freezingly cold.Corey: Oh, yeah. So, you're in a data center for any length of time, bring a jacket. And the soulless part of it, too, is that it's well-lit with fluorescent lights everywhere—Mike: Oh yeah.Corey: —and it's never blinking, never changing. There are no windows. Time loses all meaning. And it's strange to think about this because you don't walk in and think, “What is that racket?” But there's 10,000, 100,000 however many fans spinning all the time. It is super loud. It can clear 120 decibels in there, but it's a white noise so you don't necessarily hear it. Hearing protection is important there.Mike: When I was at Oak Ridge, we had—all of our data centers, we had a professional data center manager, so everything was absolutely pristine. And to get into any of the data centers, you had to go through a training; it was very simple training, but just, like, “These are things you do and don't do in the data center.” And when you walked in, you had to put in earplugs immediately before you walked in the door. And it's so loud just because of that, and you don't really notice it because you can walk in without earplugs and, like, “Oh, it's loud, but it's fine.” And then you leave a couple hours later and your ears are ringing. So, it's a weird experience.Corey: It's awful. I started wearing earplugs every time I went in, just because it's not just the pain because hearing loss doesn't always manifest that way. It's, I would get tired much more quickly.Mike: Oh, yeah.Corey: I would not be as sharp. It was, “What is this? Why am I so fatigued?” It's noise.Mike: Yeah. And having to remember to grab your jacket when you head down to the data center, even though it's 95 degrees outside.Corey: At some point, if you're there enough—which you probably shouldn't be—you start looking at ways to wind up storing one locally. I feel like there could be some company that makes an absolute killing by renting out parkas at data centers.Mike: Yeah, totally. The other group of data center stuff that I generally run into is the exact opposite of that. And it's basically someone has shoved a couple racks in somewhere and they just kind of hope for the best.Corey: The basement. The closet. The hold of a boat, with one particular client we work with.Mike: Yeah. That was an interesting one. So, we had a—Corey and I had a client where they had all their infrastructure in the basement of a boat. And we're [laugh] not even kidding. It's literally in the basement of a boat.Corey: Below the waterline.Mike: Yeah below the waterline. So, there was a lot of planning around, like, what if the hold gets breached? And like, who has to plan for that sort of thing? [laugh]. It was a weird experience.Corey: It turns out that was—was hilarious about that was while they were doing their cloud migration into AWS, their account manager wasn't the most senior account manager because, at that point, it was a small account, but they still stuck to their standard talking points about TCO, and better durability, and the rest, and it didn't really occur to them to come back with a, what if the boat sinks? Which is the obvious reason to move out of that quote-unquote, “data center?”Mike: Yeah. It was a wild experience. So, that latter group of just everything's an absolute wreck, like, everything—it's just so much of a pain to work with, and you find yourself wanting to clean it up. Like, install new racks, do new cabling, put in a totally new floor so you're not standing on concrete. You want to do all this work to it, and then you realize that you're just putting lipstick on a pig; it's still going to be a dirty old data center at the end of the day, no matter how much work you do to it. And you're still running on the same crappy hardware you had, you're still running on the same frustrating deployment process you've been working on, and everything still sucks, despite it looking good.Corey: This episode is sponsored in part by ChaosSearch. As basically everyone knows, trying to do log analytics at scale with an ELK stack is expensive, unstable, time-sucking, demeaning, and just basically all-around horrible. So why are you still doing it—or even thinking about it—when there's ChaosSearch? ChaosSearch is a fully managed scalable log analysis service that lets you add new workloads in minutes, and easily retain weeks, months, or years of data. With ChaosSearch you store, connect, and analyze and you're done. The data lives and stays within your S3 buckets, which means no managing servers, no data movement, and you can save up to 80 percent versus running an ELK stack the old-fashioned way. It's why companies like Equifax, HubSpot, Klarna, Alert Logic, and many more have all turned to ChaosSearch. So if you're tired of your ELK stacks falling over before it suffers, or of having your log analytics data retention squeezed by the cost, then try ChaosSearch today and tell them I sent you. To learn more, visit chaossearch.io.Corey: The worst part is playing the ‘what is different here?' Game. You rack twelve servers: eleven come up fine and the twelfth doesn't.Mike: [laugh].Corey: It sounds like, okay, how hard could it be? Days. It can take days. In a cloud environment, you have one weird instance. Cool, you terminate it and start a new one and life goes on whereas, in a data center, you generally can't send back a $5,000 piece of hardware willy nilly, and you certainly can't do it same-day, so let's figure out what the problem is.Is that some sub-component in the system? Is it a dodgy cable? Is it, potentially, a dodgy switch port? Is there something going on with that node? Was there something weird about the way the install was done if you reimage the thing? Et cetera, et cetera. And it leads down rabbit holes super quickly.Mike: People that grew up in the era of computing that Corey and I did, you start learning tips and tricks, and they sound kind of silly these days, but things like, you never create your own cables. Even though both of us still remember how to wire a Cat 5 cable, we don't.Corey: My fingers started throbbing when you said that because some memories never fade.Mike: Right. You don't. Like, if you're working in a data center, you're buying premade cables because they've been tested professionally by high-end machines.Corey: And you still don't trust it. You have a relatively inexpensive cable tester in the data center, and when—I learned this when I was racking stuff the second time, it adds a bit of time, but every cable that we took out of the packaging before we plugged it in, and we tested on the cable tester just to remove that problem. And it still doesn't catch everything because, welcome to the world of intermittent cables that are marginal that, when you bend a certain way, stop working, and then when you look at them, start working again properly. Yes, it's as maddening as it sounds.Mike: Yeah. And then things like rack nuts. My fingers hurt just thinking about it.Corey: Think of them as nuts that bolts wind up screwing into but they're square and they have clips on them so they clip into the standard rack cabinets, so you can screw equipment into them. There are different sizes of them, and of course, they're not compatible with one another. And you have—they always pinch your finger and make you bleed because they're incredibly annoying to put in and out. Some vendors have quick rails, which are way nicer, but networking equipment is still stuck in the ‘90s in that context, and there's always something that winds up causing problems.Mike: If you were particularly lucky, the rack nuts that you had were pliable enough that you could pinch them and pull them out with your fingers, and hopefully didn't do too much damage. If you were particularly unlucky, you had to reach for a screwdriver to try to pry it out, and inevitably stab yourself.Corey: Or sometimes pulling it out with your fingers, it'll—like, those edges are sharp. It's not the most high-quality steel in some cases, and it's just you wind up having these problems. Oh, one other thing you learn super quickly, is first, always have a set of tools there because the one you need is the one you don't have, and the most valuable tool you'll have is a pair of wire cutters. And what you do when you find a bad cable is you cut it before throwing it away.Mike: Yep.Corey: Because otherwise someone who is very well-meaning but you will think of them as the freaking devil, will, “Oh, there's a perfectly good cable sitting here in the trash. I'll put it back with the spares.” So you think you have a failed cable you grab another one from the pile of spares—remember, this is two in the morning, invariably, and you're not thinking on all cylinders—and the problem is still there. Cut the cable when you throw it away.Mike: So, there are entire books that were written about these sorts of tips and tricks that everyone working [with 00:19:34] data center just remembers. They learned it all. And most of the stuff is completely moot now. Like, no one really thinks about it anymore. Some people are brought up in computing in such a way that they never even learned these things, which I think it's fantastic.Corey: Oh, I don't wish this on anyone. This used to be a prerequisite skill for anyone who called themselves a systems administrator, but I am astonished when I talk to my AWS friends, the remarkably senior engineers I talk to who have never been inside of an AWS data center.Mike: Yeah, absolutely.Corey: That's really cool. It also means you're completely divorced from the thing you're doing with code and the rest, and the thing that winds up keeping the hardware going. It also leads to a bit of a dichotomy where the people racking the hardware, in many cases, don't understand the workloads that are on there because if you have the programming insight, and ability, and can make those applications work effectively, you're probably going to go find a role that compensates far better than working in the data center.Mike: I [laugh] want to talk about supply chains. So, when you build a data center, you start planning about—let's say, I'm not Amazon. I'm just, like, any random company—and I want to put my stuff into a data center. If I'm going to lease someone else's data center—which you absolutely should—we're looking at about a 180-day lead time. And it's like, why? Like, that's a long time. What's—Corey: It takes that long to sign a real estate lease?Mike: Yeah.Corey: No. It takes that long to sign a real estate lease, wind up talking to your upstream provider, getting them to go ahead and run the thing—effectively—getting the hardware ordered and shipped in the right time window, doing the actual build-out once everything is in place, and I'm sure a few other things I'm missing.Mike: Yeah, absolutely. So yeah, you have all these things that have to happen, and all of them pay for-freaking-ever. Getting Windstream on the phone to begin with, to even take your call, can often take weeks at a time. And then to get them to actually put an order for you, and then do the turnup. The turnup alone might be 90 days, where I'm just, “Hey, I've bought bandwidth from you, and I just need you to come out and connect the [BLEEP] cables,” might be 90 days for them to do it.And that's ridiculous. But then you also have the hardware vendors. If you're ordering hardware from Dell, and you're like, “Hey, I need a couple servers.” Like, “Great. They'll be there next week.” Instead, if you're saying, “Hey, I need 500 servers,” they're like, “Ooh, uh, next year, maybe.” And this is even pre-pandemic sort of thing because they don't have all these sitting around.So, for you to get a large number of servers quickly, it's just not a thing that's possible. So, a lot of companies would have to buy well ahead of what they thought their needs would be, so they'd have massive amounts of unused capacity. Just racks upon racks of systems sitting there turned off, waiting for when they're needed, just because of the ordering lead time.Corey: That's what auto-scaling looks like in those environments because you need to have that stuff ready to go. If you have a sudden inrush of demand, you have to be able to scale up with things that are already racked, provisioned, and good to go. Sometimes you can have them halfway provisioned because you don't know what kind of system they're going to need to be in many cases, but that's some up-the-stack level thinking. And again, finding failed hard drives and swapping those out, make sure you pull the right or you just destroyed an array. And all these things that I just make Amazon's problem.It's kind of fun to look back at this and realize that we would get annoyed then with support tickets that took three weeks to get resolved in hardware, whereas now three hours in you and I are complaining about the slow responsiveness of the cloud vendor.Mike: Yeah, the amount of quick turnaround that we can have these days on cloud infrastructure that was just unthinkable, running in data centers. We don't run out of bandwidth now. Like, that's just not a concern that anyone has. But when you're running in a data center, and, “Oh, yeah. I've got an OC-3 line connected here. That's only going to get me”—Corey: Which is something like—what is an OC-3? That's something like, what, 20 gigabit, or—Mike: Yeah, something like that. It's—Corey: Don't quote me on that.Mike: Yeah. So, we're going to have to look that up. So, it's equivalent to a T-3, so I think that's a 45 megabit?Corey: Yeah, that sounds about reasonable, yeah.Mike: So, you've got a T-3 line sitting here in your data center. Like that's not terrible. And if you start maxing that out, well, you're maxed out. You need more? Again, we're back to the 90 to 180 day lead time to get new bandwidth.So, sucks to be you, which means you'd have to start planning your bandwidth ahead of time. And this is why we had issues like companies getting Slashdotted back in the day because when you capped the bandwidth out, well, you're capped out. That's it. That's the game.Corey: Now, you've made the front page of Slashdot, a bunch of people visited your site, and the site fell over. That was sort of the way of the world. CDNs weren't really a thing. Cloud wasn't a thing. And that was just, okay, you'd bookmark the thing and try and remember to check it later.We talked about bandwidth constraints. One thing that I think the cloud providers do—at least the tier ones—that are just basically magic is full line rate between any two instances almost always. Well, remember, you have a bunch of different racks, and at the top of every rack, there's usually a switch called—because we're bad at naming things—top-of-rack switches. And just because everything that you have plugged in can get one gigabit to that switch—or 10 gigabit or whatever it happens to be—there is a constraint in that top-of-rack switch. So yeah, one server can talk to another one in a different rack at one gigabit, but then you have 20 different servers in each rack all trying to do something like that and you start hitting constraints.You do not see that in the public cloud environments; it is subsumed away, you don't have to think about that level of nonsense. You just complain about what feels like the egregious data transfer charge.Mike: Right. Yeah. It was always frustrating when you had to order nice high-end switching gear from Cisco, or Arista, or take your pick of provider, and you got 48 ports in the top-of-rack, you got 48 servers all wired up to them—or 24 because we want redundancy on that—and that should be a gigabit for each connection, except when you start maxing it out, no, it's nowhere even near that because the switch can't handle it. And it's absolutely magical, that the cloud provider's like, “Oh, yeah. Of course, we handle that.”Corey: And you don't have to think about it at all. One other use case that I did want to hit because I know we'll get letters if we don't, where it does make sense to build out a data center, even today, is if you have regulatory requirements around data residency. And there's no cloud vendor in an area that suits. This generally does not apply to the United States, but there are a lot of countries that have data residency laws that do not yet have a cloud provider of their choice region, located in-country.Mike: Yeah, I'll agree with that, but I think that's a short-lived problem.Corey: In the fullness of time, there'll be regions everywhere. Every build—a chicken in every pot and an AWS availability zone on every corner.Mike: [laugh]. Yeah, I think it's going to be a fairly short-lived problem, which actually reminds me of even our clients that have data centers are often treating the data center as a cloud. So, a lot of them are using your favorite technology, Corey, Kubernetes, and they're treating Kubernetes as a cloud, running Kube in AWS, as well, and moving workloads between the two Kube clusters. And to them, a data center is actually not really data center; it's just a private cloud. I think that pattern works really well if you have a need to have a physical data center.Corey: And then they start doing a hybrid environment where they start expanding to a public cloud, but then they treat that cloud like just a place to run a bunch of VMs, which is expensive, and it solves a whole host of problems that we've already talked about. Like, we're bad at replacing hard drives, or our data center is located on a corner where people love to get drunk on the weekends and smash into the power pole and take out half of the racks here. Things like that great, yeah, cloud can solve that, but cloud could do a lot more. You're effectively worsening your cloud experience to improve your data center experience.Mike: Right. So, even when you have that approach, the piece of feedback that we give the client was, you have built such a thing where you have to cater to the lowest common denominator, which is the constraints that you have in the data center, which means you're not able to use AWS the way that you should be able to use it so it's just as expensive to run as a data center was. If they were to get rid of the data center, then the cloud would actually become cheaper for them and they would get more benefits from using it. So, that's kind of a business decision for how they've structured it, and I can't really fault them for it, but there are definitely some downsides to the approach.Corey: Mike, thank you so much for joining me here. If people want to learn more about what you're up to, where can they find you?Mike: You know, you can find me at duckbillgroup.com, and actually, you can also find Corey at duckbillgroup.com. We help companies lower their AWS bills. So, if you have a horrifying bill, you should chat.Corey: Mike, thank you so much for taking the time to join me here.Mike: Thanks for having me.Corey: Mike Julian, CEO of The Duckbill Group and my business partner. I'm Cloud Economist Corey Quinn, and this is Screaming in the Cloud. If you've enjoyed this podcast, please leave a five-star review on your podcast platform of choice, whereas if you've hated this podcast, please leave a five-star review on your podcast platform of choice and then challenge me to a cable-making competition.Corey: If your AWS bill keeps rising and your blood pressure is doing the same, then you need The Duckbill Group. We help companies fix their AWS bill by making it smaller and less horrifying. The Duckbill Group works for you, not AWS. We tailor recommendations to your business and we get to the point. Visit duckbillgroup.com to get started.Announcer: This has been a HumblePod production. Stay humble.
About AustinAustin makes problems with computers, and sometimes solves them. He's an open source maintainer, observability nerd, devops junkie, and poster. You can find him ignoring HN threads and making dumb jokes on Twitter. He wrote a book about distributed tracing, taught some college courses, streams on Twitch, and also ran a DevOps conference in Animal Crossing.Links: Lightstep: https://lightstep.com/ Lightstep Sandbox: https://lightstep.com/sandbox Desert Island DevOps: https://desertedislanddevops.com lastweekinAWS.com Resources: https://lastweekinAWS.com/resources Distributed Tracing in Practice: https://www.amazon.com/Distributed-Tracing-Practice-Instrumenting-Microservices/dp/1492056634 Twitter: https://twitter.com/austinlparker Personal Blog: https://aparker.io TranscriptAnnouncer: Hello, and welcome to Screaming in the Cloud with your host, Chief Cloud Economist at the Duckbill Group, Corey Quinn. This weekly show features conversations with people doing interesting work in the world of cloud, thoughtful commentary on the state of the technical world, and ridiculous titles for which Corey refuses to apologize. This is Screaming in the Cloud.Corey: This episode is sponsored in part by Thinkst. This is going to take a minute to explain, so bear with me. I linked against an early version of their tool, canarytokens.org in the very early days of my newsletter, and what it does is relatively simple and straightforward. It winds up embedding credentials, files, that sort of thing in various parts of your environment, wherever you want to; it gives you fake AWS API credentials, for example. And the only thing that these things do is alert you whenever someone attempts to use those things. It's an awesome approach. I've used something similar for years. Check them out. But wait, there's more. They also have an enterprise option that you should be very much aware of canary.tools. You can take a look at this, but what it does is it provides an enterprise approach to drive these things throughout your entire environment. You can get a physical device that hangs out on your network and impersonates whatever you want to. When it gets Nmap scanned, or someone attempts to log into it, or access files on it, you get instant alerts. It's awesome. If you don't do something like this, you're likely to find out that you've gotten breached, the hard way. Take a look at this. It's one of those few things that I look at and say, “Wow, that is an amazing idea. I love it.” That's canarytokens.org and canary.tools. The first one is free. The second one is enterprise-y. Take a look. I'm a big fan of this. More from them in the coming weeks.Corey: This episode is sponsored by ExtraHop. ExtraHop provides threat detection and response for the Enterprise (not the starship). On-prem security doesn't translate well to cloud or multi-cloud environments, and that's not even counting IoT. ExtraHop automatically discovers everything inside the perimeter, including your cloud workloads and IoT devices, detects these threats up to 35 percent faster, and helps you act immediately. Ask for a free trial of detection and response for AWS today at extrahop.com/trial.Corey: Welcome to Screaming in the Cloud. I'm Corey Quinn. I'm joined this week by Austin Parker, who's a principal developer advocate at Lightstep. Austin, welcome to the show.Austin: Hey, it's great to be here.Corey: It really is. I love coming here. It's one of my favorite places to go. So, let's get the obvious stuff out of the way. You're a principal developer advocate at Lightstep. I know this because I said it a whole sentence ago, which is about the limit of my attention span. What is Lightstep? And what does your job mean?Austin: So, Lightstep is an observability platform. We take traces, and metrics, and logs, and all that good stuff, throw them together in a big old swamp of data, and then, kind of, give you some really cool workflows to help you make sense of it, figure out, hey, where is the slow SQL query? Where is the performance bad?Corey: The way to figure out, in most of my environments, where's the performance bad is git blame, figure out what part I wrote.Austin: But imagine there were, like, 1000, or 100,000 of you all working on this massive distributed system, and you didn't know half—Corey: It would snark itself to death before it ever got off the ground.Austin: Yeah. I mean, I think that's actually most large companies, right? We deliver shippable software only through inertia.Corey: Yeah. Just because at some point, it bounces off all the walls, there's nowhere else for it to go but to production.Austin: Yep. But yeah, you have thousands of people, hundreds of people, however many people, right? I think the whole distributed workforce thing that most people are dealing with now has really made observability rise to the top of your concern list because you don't have the luxury of just going and poking your head around the corner and saying, “Hey, Joanne. What the heck? Why did things break?” You can't just poke someone anymore. Or you can, but you never know what you're going to have to deal with.Corey: It feels weird to call them at home or bug their family members to poke them or whatnot. It just seems weird.Austin: It does. And until Amazon comes out with a minder drone that just, kind of like, hovers over your shoulder at all times, and pokes you, when someone is like, “Hey, you broke the build.” Then I think we're going to need observability so that people can sort of self-serve, figure out what's going on with their systems.Corey: Cool. One of the things I'm going to point out is that I've had a bunch of people attempt to explain what distributed tracing is and how observability works, and it never really stuck. And one of the things that I found that did help explain it—and we didn't even talk about this in the pre-show, while we figure out how to pronounce each other's names—but one of the things that has always stuck with me is the interactive sandbox on Lightstep, which used to be prominently featured on your page; now it's buried in the menu somewhere. But it's an interactive sandbox that sets up a scenario, problem you're trying to solve, gives you data—so it gets away from the problem of, “Step one, have a distributed application where it's all instrumented and reporting things in.” Because in a lot of shops, that's not exactly a small lift that you can do in an afternoon to start testing things like this out. It's genius. It shows what the product does, how it works, mapped to the type of problems people will generally encounter. And after I played with this, “Oh, my stars, I get it.”Austin: We actually just recently updated that to add some new stuff to it because we shipped a feature called ‘Change Intelligence' where you can take actual time-series metrics, and then overlay those on traces and say, “Hey, I saw a weird spike,” and highlight that, and then we go through, look at all the traces for that service and its related services during that time, and tell you, “Hey, we think it might be this. Here's things that are highly correlated in those time windows.” So, if you haven't checked it out recently, go back and check it out. It's—yeah, a little more hidden than it used to be, but I believe you can find it at lightstep.com/sandbox.Corey: Yeah. And there's no sign up to do this. It's free access. It asked for an email address, but that's okay, I just use yours. No, I'm not kidding. I actually did. And, yeah, it works; it shows exactly what it is. It even has, instead of ‘start' it says ‘play' because that's fundamentally what it is. If you're trying to wrap your head around distributed tracing, take a look at this.Austin: Yes, definitely. I have a long-standing Jira ticket to add achievements to that.Corey: Oh, that could be fun. You could bury some, too, like misusing services as databases—Austin: Ooh.Corey: —or most expensive query to get the right answer.Austin: Yeah. And then maybe, like, there's just one span, kind of, hidden there where it's ‘using Route 53 as a database.'Corey: I keep seeing that cropping up more and more places. That's something I get to own and that's an awful lot of fun. Speaking of gamification and playing in strange ways, one of the things you did last year that I wasn't paying attention to—because, you know, there was a pandemic on—was you were one of the organizers behind Desert Island DevOps which is a strange thing that I've only recently delved into—delven into—gone spelunking inside of. There we go.It wasn't instrumented for observability—buh-dum-tss. But it's fundamentally a DevOpsDays that takes place inside the animated world of Animal Crossing's New Horizon, which is apparently a Nintendo game, which is apparently a game company.Austin: Yeah.Corey: It is not really my space. I don't want to misspeak.Austin: No, you hit it. ‘Deserted.' Deserted Island [crosstalk 00:05:43].Corey: Oh, ‘Deserted.' Ah, got it. And don't spell it as ‘dessert' either, as in this would be a delicious game to play.Austin: I mean, it is a delicious and comforting sort of experience. If you aren't familiar with Animal Crossing, the short 30-second explanation is it is a life simulator, building game where, you as your character, you are on an island, and there are relatively adorable animal NPCs that are your villagers, and you can talk to them, and they will say funny things to you. You can go around and do chores like picking up fruit or fishing. And the purpose is, kind of, do these chores, get some in-game currency, and then go spend that in-game currency on furniture so that you can make a pretty house, or buy pretty clothing. And it came out at a perfect time last year because everyone was about to bundle inside for the—well, we're still inside—but everyone had to go inside. And suddenly, here's this like, “Oh, it's just this cute, sort of like, putz around and do whatever.”Corey: It was community-oriented. It was more of a building-oriented game than a destruction game.Austin: Yeah.Corey: It's the sort of thing that is a great way of taking your mind off your troubles. It is accessible to a bunch of people that aren't generally perceived as gamers when you think of that subculture. It really is an encompassing, warm, wonderful thing—by all accounts—and you looked at it and figured, “All right, how can we ruin something?” And the correct answer you got to is, “Let's pour DevOps on it.”Austin: Yeah. Let's use this as an event platform, and let's really just tech-bro this shit up.Corey: And it seems to work super well. At the time of this recording, I have submitted a talk that I live-streamed my submission around, and I have not heard in either direction. To be perfectly frank, I forget what I wound up submitting, which is always a bit of a challenge, just because I make so many throwaway random jokes that, cool. Well, we'll see how it plays out. I think you were even in the audience for that on the Twitch stream.Austin: Yeah. You found some bugs on the CFP form [laugh] that I had to fix.Corey: To be clear, the reason I do those things is not because it's a look how clever I am, but rather to instead talk about how it's not scary to submit a talk proposal. Everyone has a story that they can tell. And you don't need a big platform or decades of experience in this space to tell a story. And that was my goal, and I think I succeeded. You would have the numbers more than I do; I hope people wound up submitting based upon seeing that. I want to hear voices that, frankly, aren't ours all the time.Austin: I think in, like, a week, we basically got more submissions than we did for the entire CFP last year. One thing that I kind of think is interesting to bring up because you bring up, oh, we don't hear a variety of voices, right? One thing I tell people, and I know that it's not universally applicable advice, but I got into DevRel as a—not quite luck, but, like, everything in my life is luck, on some level. It always plays some level of importance. But I didn't go to school to get into DevRel, I didn't do a lot of things.I have actually been in tech, maybe—depending on how you want to count it—in terms of actually being in a software development job or primarily software development job, maybe, like, five or six years, give or take. And before that, I did a lot of stuff. I was a short-order cook; I worked at gas stations; I did tech support for Blackberry, and I did a lot of community organization. I was a union organizer for a little while. I like DevRel because it's like, oh, this kind of integrates a lot of things I'm interested in, right?I enjoy teaching, helping people, and helping people learn, but I also like talking; I like to go and be a public figure, and I like to build a platform and use that to get a message out. And I think what I did with Deserted Island, or what the impetus there was, we suddenly were in a situation where it's like, “Hey, there's a bunch of people that normally get together and they fly around the globe in decent airplane seats, and people come and see us talk.” Because why? Because they think we know what we're talking about, or because we have something that shows we know what we're talking about, or however you want to say it. But in a lot of cases, I think people are coming for that sort of community, they're coming because, “Hey, I can go to a room and I can sit in some weird little hotel, or conference center, or whatnot, and everyone I look at, everyone I see is someone that is doing what I'm doing, on some level. These are all people that are working in technology, they're building things, they're solving problems.”And that goes away really quickly when you get into this remote-first world, and when we can't travel, and we don't have that visual aspect. So, what I wanted to do with Deserted Island, what I thought what was important about it is, I was already sick of Zoom by the time, everyone went to Zoom; I was already sick of the idea of, oh my god, a year or two years of these sort of events and these community things just being, like, everyone's staring at a bunch of slides and a talking head. Didn't sound very appealing, so what if we try something different? What if we do something where it's like, look, we're going to take people out of their day; we're going to put them in somewhere else. And maybe that's somewhere else is just, hey, you're watching people run around on an Animal Crossing Island on a Twitch stream.But that sort of moment of just, like, this isn't what you would normally be doing, I think takes people's heads out of their normal routine and puts them in a place where they can learn, and they can feel community, and they can feel, like, a kinship. I also think it's really important because it's that whole stupid New Yorker joke of, “On the internet, nobody knows you're a dog.” We have this really cool opportunity to craft who we are as people, and how we present that to the world. And for a lot of people, you're stuck inside; you don't get that self-expression, so here's a way to be expressive, right? Here's a way to communicate who you are on a level that isn't just a profile picture or something, or things that don't work as well over Zoom.It's a way to help project your identity. And that, I think, gives more weight to what you're saying because when you feel like, “Hey, this is more of who I am,” or, “This is a representation of me. I can show something about who I am.” And that helps you speak. And that helps you deliver, I think, an effective talk. And that, again, builds community and builds these bonds.Corey: I want to talk to you about that, specifically because you are one of those people that aligns very much with my view of the world on developer marketing. But I don't want to lead you too much on this, so why don't you start? Take it away. Where do you stand on developer marketing? And what do people get wrong?Austin: I think the thing that a lot of people get wrong is that they try to monetize the idea of community. If you go and you search, insert major company name here; you search “Amazon community,” or you search “Microsoft community,” or you search “Google community,”—well, if you do that, you'll get no results, but whatever, right? You get the picture that marketers in a way have turned the idea of developer community into something that you can just throw a KPI or throw an OKR on and squeeze it for money. And I don't like that. I'm not very comfortable with that idea of community—because I think community in a lot of ways, it's like family. And the families that you like the best are the ones you choose. I think this is—Corey: The family you choose is an important concept.Austin: Right. And for the most part… so much of human experience activity is built around finding those people you choose, and those communities develop out of that. I use AWS sometimes, I don't necessarily know if I would put myself in a community with every other AWS user. I—Corey: Oh, I certainly wouldn't. This is the problem. Everyone thinks when you talk about community or a group of people doing something, they're ‘other people' that are in some level of otherness. And that's—like there are entire communities around AWS that I do not talk to, I do not see, I do not pretend to understand.Austin: Yeah, even at Lightstep. We're not a massive, massive company by any means, but we have a bunch of different users that are using our tool in different ways. And they all have different needs, and they all have different wants. So, I could say, “Oh, here's the Lightstep community.” But it's not a useful abstraction.It's not a useful way to abstract all of our users because any tool that's worth using is going to be this collection of other abstractions and building blocks. Like, you… I don't know, look at something like Notion, or look at something like Airtable, or the popularity of low or no-code stuff, where someone built a platform and then other people are building stuff on top of that platform, if you go to those user groups or you go to those forums, and it's just like, there's a million, million different varied use cases, and people are doing it in different ways, and some people are building this kind of application, or that kind of application, or whatever. So, the idea of, oh, there's a community and we can monetize that community somehow, I'm uncomfortable with that from, sort of, a base level. And I'm uncomfortable with the idea of the DevRel industry—or the developer marketing industry—kind of moving towards this idea of, like, we're going to become community marketers or whatever. I think you have to approach people as individuals.And individuals are motivated by a lot of things. They're motivated by, can you solve this problem? Do I like you? Are you funny? Whatever. And I believe that if you're a developer tool, and you are trying to attract developers, then [sigh] it works a lot better, I think, to have just individuals, to have people that can help influence the much broader—the superset of all developers that might have an interest in what you're doing by being different, I guess.Being something that's like, hey, this is entertaining, or this is informative, or this is interesting. The world is not a meritocracy. The world is governed by many, many different things. You're not going to win over the developer industry simply by going out and having the best white papers, or having one more ad read than your competitor. You need to do something to get people interested and excited in [sigh] a way that they can see themselves using it.It's like, why did Apple go and do ‘Think Different' ads? Because it's like, you using a Mac, that's kind of like being Einstein, or that's kind of like being Picasso. This is basic marketing stuff that I feel like a lot of technical marketers or developer marketers sort of leave at the door because they think the audience is too sophisticated for it, or their—Corey: I'll even soft-launch it here because I haven't at this point in time, talked about it in public, but if you go to lastweekinAWS.com/resources we wrote our own developer marketing guide because I got tired of explaining the same type of thing again, and again, and again. It asks for an email address and it sends it to you—I know, I'm as guilty as any. And I, of course, called it ‘Devreloper,' which is absolutely a problem with me and I talk about things. But I'm right.And it goes to an awful lot of what you're saying. An example that you just talked about of giving people something rather than trying to treat them as metrics, one of the best marketing things I've seen you do, for example, is you wrote O'Reilly's Distributed Tracing in Practice which means if someone has a question about distributed tracing and how it's supposed to work, well, that's not a half-bad resource. And okay, I've read it and I have some further questions. Let me track down the author and ask them. Oh, you work at a company that is in this space? Huh. Maybe I'll look into this. And it's a very long-tail story. And how do you attribute that as far as, did this lead come from someone who read your book or not will drive marketers crazy.Austin: Oh, it's super hard. And it does drive them crazy. [laugh].Corey: Yeah, my answer is, I don't know and I don't care. One of the early sponsors of this podcast sponsored for a month and then didn't continue because they saw no value. A month goes by, they bought out everything that held still long enough, and, “Thank you for your business.” “Can you explain to me what changed?” “Oh, we talked to some of our big customers and it turned out the two of them had heard about us for the first time on your show.”And that inspired them to start digging into it and reaching things out, but big companies, corporate games of telephone, there was no way to attribute that. My firm belief is, on some level, that if you get in front of an audience with a message that resonates and—and this is the part some people miss—is something that solves an actual problem that they have. It works. It's not necessarily predictable and it's hard to say that this thing is going to go big and this thing isn't. So, the solution, on some level is just keep publishing things that speak to your audience. But it works, long term. I'm living proof of this.Austin: Yeah. I think that it makes a lot more sense to… rather than to do, sort of, I don't want to say vanity metrics, but kind of vanity metrics around, like, oh, this many stars, or this many forks, or whatever. There's a lot of people, especially in this OSS proximate world. Where you have a lot of businesses that are implicitly or explicitly built on top of an open-source project, not everyone that is using your open-source project is going to, one, be capable of converting into a paid user, or two, be super interested in it. And I would rather spend time thinking about, well, what is the value someone gets out of this product?And even if that only thing is, is that, hey, we know what we're talking about because we've got a bunch of really smart people that are building this product that would solve their problem. If you want to go out and build your own internal observability solution using completely open-source tools Grafanas and Prometheuses of the world, great. Go for it. I'm not going to hold you back. And for a lot of people, if they come to me and say, “Well, this is what we got, and this what we're thinking about.”I'll say, “Yeah. Go for it. You don't need what we're offering.” But I can guarantee you that as it scales and as it grows, then you're going to have a moment where you have to ask yourself the question of, “Do I want to keep spending a bunch of time stitching together all these different data sources, and care and feeding of these databases, and this long term storage, and dealing with requests from end-users, or I just want to pay someone else to solve that problem for me? And if I'm going to pay someone else, shouldn't I pay the people who literally spend all day every day thinking about these problems and have had decades of experience solving these problems at really big companies that have a lot of time and effort to invest in this?”Corey: This episode is sponsored in part by our friends at Lumigo. If you've built anything from serverless, you know that if there's one thing that can be said universally about these applications, it's that it turns every outage into a murder mystery. Lumigo helps make sense of all of the various functions that wind up tying together to build applications. It offers one-click distributed tracing so you can effortlessly find and fix issues in your serverless and microservices environment. You've created more problems for yourself; make one of them go away. To learn more, visit lumigo.io.Corey: Oh, yeah. We're doing some new content experiments on our site, and what we're doing is we're having some folks write content for us. Now, when people hear that, what a lot of marketers will immediately do is dive down the path of, “Ah. I'm going to go ahead and hire some content farm.” Well, that doesn't work, I found that we wound up working with individual people that work super well.And these are people who are able to talk about these things because their day job is managing a team of 30 SREs or something like that, where they are very clearly experts in the space. And I want to be very clear, I'm not claiming credit for our content writers; they get their own bylines on these things.Austin: Yeah.Corey: And it turns out that that, over time, leads to good outcomes because it helps people what they need. There's the mystical SEO Juju that I don't pretend to understand, but okay, I'm told it's important, so fine, whatever. And it makes for an easier onboarding story, where there are now resources that I can trust and edit if I need to, as things change, that I can point people to, that isn't a rotating selection of sketchy sites.Austin: Mm-hm. I think that's one thing that I would love to see more of, just not in any one particular part of the tech industry, but overall, the one thing I've noticed, at least in the pandemic, during this whole work-from-home, whatever, whatever, we don't talk enough. And it sounds maybe weird, but I think this actually goes back to what you're saying earlier, about everyone having a story to tell. People don't feel comfortable, I think, putting their opinion out there or saying, “Hey, this is what worked. This is what didn't work.”And so if you want to go find that out—like, if I wanted to go write something about, hey, these are the five things you should do to ensure you have great observability, then that's going to involve a lot of me going around and sort of Sherlocking my way through StackOverflow posts, and forums, and reaching out to people individually for stories and comments and whatever. And I would love to see us get to a point where we're just like, “Actually, no. This isn't—we should just be sharing this. Let's write blogs about it.” If you're sitting there thinking no one's going to find this useful, right—like, you solve a problem, or you see something that could have worked better, and you're like, “Eh, no one else is going to find that valuable.”I can almost guarantee you that someone is going to find that valuable. Maybe not today, maybe not tomorrow, but go ahead and write about your experiences, write about the problems you've solved, write about the things that have vexed you, and put that on the internet because it's really easy to publish stuff on the internet.Corey: Yes. Which is a blessing and a curse. That is very much a double-edged sword.Austin: That very much is a double-edged sword. But I think that by biasing towards being more open, by biasing towards transparency and sharing what works, what doesn't work, and having that just kind of be the default state, I'm a big proponent of things like radical transparency in terms of incident reports, or outages, or hiring, or anything. The more information that you can put in the world is going to—it might not make it better, but it at least helps change the conversation, gives more data points. There was a whole blow-up on Twitter this week, where someone posted like, “Hey, this is a salary I'm looking for.” I think you—Corey: Oh, yeah. She's great.Austin: Yeah, she's worth it, right? And the thing that got everyone's bee in a bonnet was, like, she's saying, “Oh, I want $185k.” And it's like, “Well, why don't we just publish that information?” Why isn't everyone just very open and honest about their salary expectations? And I know why: because the paucity of information is a benefit to employers and it works against employees.There was a lady that left—gosh, where was it? [sigh] I forget the company, but she left because she found out she was systemically underpaid compared to their male peers. Having these sort of information imbalances don't really help the people at the bottom of the pyramid. They don't help the little guys. They really only help the people that are in the very large companies with a lot of clout and ability to control narratives.And they want it to stay that way; they don't necessarily want you to know what everyone's salary is because then it gives you, as someone trying to get a job, a better negotiating position because you know what someone with your level of experience is worth to them.Corey: It's important to understand the context behind these salary negotiations and how to go about getting interviews and the rest. The entire job-hunting process is heavily biased in favor of employers because, especially at large employers, they go through this multiple times a week, whereas we go through this, as employees basically, every time we change jobs. Which for most people is every couple of years and for me, because of my mouth, it's every three weeks.Austin: Yeah. I'm not saying it's a simple solution. I am advocating for, sort of, societal, or just cultural shifts, but I think that it all comes full circle in the sense that, hey, a big part of observability is the idea that you need to be able to ask arbitrary questions. You want to know about unknown unknowns. And maybe that's why I like it so much as a field, why I like tracing, why I like this idea.Because, yeah, a lot of things in the world would be interesting, and different, and maybe more equitable if we did have more observability about not just, hey, I use Kafka, I use these parameters on it, and that gives me better throughput, but what if you had observability for how HR runs? What if you had observability for how hiring is done? And that was something that you could see outside of the organization as well. What if we shared all this stuff more, and more, and more, and we treated a few less things as trade secrets? I don't know if that's ever going to happen in my lifetime, but it's my default position. Let's share more rather than less.Corey: Yes, absolutely. Especially those of us with inordinate amounts of privilege. And that privilege takes different forms; there's the usual stuff people are talking about in terms of the fact that we are over-represented in tech in many respects, but there are other forms of privilege, too. There's a privilege that comes with seniority in the space, there is a privilege with being a published author, in your case, there is privilege in having a broad audience, like I do. And it just becomes this incredibly nuanced story.The easiest part of it to lose sight of—at least for me—is I tell stories about what has worked for me and how I've done what I do, and I have to be constantly conscious of the fact that there is that privilege baked in and call it out where I can. I've gotten much better at that, but it's an ongoing process. Because what works for me does not work for other people across a wide variety of different axes. And I don't want people to feel bad based upon what I say.Austin: Oh, yeah, absolutely. I mean, I'm in the same boat. Like, I tend to be very irreverent and/or shitpost-y and I don't have much of an explanation other than, I learned at some point in my life, that it's just… [sigh] I would rather go through life shitposting on Twitter, rather than be employable. It's just who I am. There's—I'm sure some people think I come off as rude. I don't know. I also agree, you'd never punch down. You only punch up. But you never know how other people are going to take that, and I don't think that it always gets interpreted in the spirit it was meant. And I can always do better, right?Corey: As can we all. The hard part for, I think, a lot of us is to suppress that initial flash of defensiveness when someone says you didn't quite get there, and learn from the experience. One of the ways I do that, personally, is I walk away before responding, sometimes. I want to be a better version of myself, but when I get called out of—like, this tweet thread is the whitest thing I've seen since I redid my bathroom walls, and I get a flash of defensiveness, “Excuse me. That's not accurate.”And… and then I stop and I think, and then sanity prevails, where it's, yeah. There's a lot of privilege baked into my existence, and if I don't see it, that doesn't mean it's not there. I have made it a firm rule of not responding defensively to things like that, ever. And there are times when I get called out for aspects of how I present that I don't believe are justified, to be very honest. But that is a me thing; that is not them, and I welcome the feedback, regardless. If you make people feel like a jerk for giving you feedback, they stop giving you feedback. And then where are you?Austin: Yeah. Funny anecdote. I wrote a blog for my personal blog a little while ago about, oh, togetherness, community, something like that. But I wrote—the intro was something like, talking about why people love Sweet Caroline, right? Favorite song in the world.Corey: [sings].Austin: [joins in]. Yeah.Corey: Yeah. I'm not allowed to play with that song here at The Duckbill Group because one of our employees is named Caroline and, firm rule: don't make fun of people's names. They're sensitive about it, and let's not kid ourselves here, I own the company. Even if she says, “It's fine, I love it.” That doesn't help because I own the company. There is a power imbalance here.Austin: Yeah.Corey: I don't know that she would feel that she had the psychological safety to say, “That's not funny.” I absolutely hope she would because that's the culture that I spend significant effort on building, but I can't depend on that. So, I don't go down the path of making those jokes. But I—yes, I love the intro to the song. Please continue.Austin: It's great. Everyone loves it. So, the intro of my initial paragraph was ruminating on that. And this post went around enough that it got submitted to Hacker News a few times, and the only comment it got was some mendacious busybody Hacker News type going on about why I would be so racist against white people. [laugh]. And I was just like, “And this is why I don't come to this website at all.”Corey: Yeah. There are so many things on Twitter that are challenging and difficult and obnoxious, and it's still the best thing we have for a sense of community. This has replaced IRC for me, to be perfectly honest.Austin: Yeah. No, I used to be big on IRC, and then I left because [sigh], well, a couple reasons. One, I really liked being able to post gifs.Corey: Yeah, that is something where the IRC experience is substandard. I was Freenode network staff for years—Austin: Oh wow.Corey: —and that was the thing to do. Now, turns out that the open-source dialogue and the community dialogue have shifted form. And I still hang out there periodically for specific things, but by and large, it's not where the discourse is.Austin: Yeah, it is interesting. It's something that concerns me, kind of, in a long term sense about not only our identity but also, sort of, the actual organic communities we formed, we've put on to these extremely unaccountable privately held platforms whose goal is monetization and growth so that they can continue to make money. And for as much as anyone can rightfully say, “Hey, Twitter's missed the mark,” a lot of times, it is a hard balance to strike. They don't have simple questions to answer, and I don't necessarily know if the nuance of their solutions has really risen to the challenge of answering those well, but it's a hard thing for them to do. That said, I think we're in a really awkward position where suddenly you've got the world's collection of open-source software is being hosted on a platform that is run by Microsoft, and I am old enough to remember. “Embrace, extend, extinguish.”Corey: Oh, yeah. I made an entire personality out of hating Microsoft.Austin: Yeah. And I mean, a lot of people still do. I read MacRumors sometimes, and they're all posting there still. Or Slashdot.Corey: I wondered where they'd gone. I didn't think everyone had changed their mind.Austin: I had just a very out-of-body moment yesterday because someone replied to a comment on mine about Slashdot on it, and then the Slashdot Twitter account liked it. And there exists a photo of me from when I was a teenager, where I owned a Slashdot ballcap. And that picture is somewhere in the world. Probably not on the internet, though, for very good reason.Corey: I'm mostly just still reeling at the discovery that there's a Slashdot Twitter account. But I guess time does evolve.Austin: It does. It makes fools of us all.Corey: It really does. Well, Austin, thank you so much for taking the time to speak with me. If people want to learn more about what you're up to, how you view the world, et cetera, et cetera, et cetera. Where can they find you?Austin: So, you can find me on Twitter, mostly, at @austinlparker. You can find my blog with various musings that is updated frequently at aparker.io and you can learn more about Deserted Island DevOps 2021, coming on April 30th this year, at desertedislanddevops.com.Corey: Excellent. And we will put links to all of that in the [show notes 00:34:01]. Thank you so much for taking the time to speak with me. I appreciate it.Austin: Thank you for having me. This was a lot of fun.Corey: It really was. Austin Parker, principal developer advocate at Lightstep. I'm Cloud Economist Corey Quinn, and this is Screaming in the Cloud. If you've enjoyed this podcast, please leave a five-star review on your podcast platform of choice, whereas if you've hated this podcast, please leave a five-star review on your podcast platform of choice and then a giant series of comments that all reference one another and then completely lose track of how they all interrelate and be unable to diagnose performance issues.Corey: If your AWS bill keeps rising and your blood pressure is doing the same, then you need The Duckbill Group. We help companies fix their AWS bill by making it smaller and less horrifying. The Duckbill Group works for you, not AWS. We tailor recommendations to your business and we get to the point. Visit duckbillgroup.com to get started.This has been a HumblePod production. Stay humble.
A Slashdot reader shares a report: Amazon has a goal to get rid of a certain percentage of employees every year, and three managers told Insider they felt so much pressure to meet the goal that they hired people to fire them. "We might hire people that we know we're going to fire, just to protect the rest of the team," one manager told Insider. The practice is informally called "hire to fire," in which managers hire people, internally or externally, they intend to fire within a year, just to help meet their annual turnover target, called unregretted attrition (URA). A manager's URA target is the percentage of employees the company wouldn't regret seeing leave, one way or the other. Read more of this story at Slashdot.
How to manage your business & personal cyber riskJoin business insurance experts Heather & Seth as they welcome special guest Bill Kleyman (twitter & instagram @quadstack) to discuss how you can prevent a cyber attacked on your business with a bonus quick chat about the future of digital technology.Bill Kleyman, Executive Vice President of Digital Solutions, SwitchIndustry Analyst | Board Advisory Member | Writer/Blogger/Speaker | Executive | Millennial | TechieBill Kleyman brings more than 15 years of experience to his role as Executive Vice President of Digital Solutions at Switch. Using the latest innovations, such as AI, machine learning, data center design, DevOps, cloud, and advanced technologies, Mr. Kleyman delivers solutions to customers that help them achieve their business goals and remain competitive in their market. An active member in the technology industry, he was ranked #16 globally in the Onalytica study that reviewed the top 100 most influential individuals in the cloud landscape and #4 in another Onalytica study, which reviewed the industry's top Data Security Experts. Mr. Kleyman enjoys writing, blogging, and educating colleagues about everything related to technology. His work can be seen within thousands of articles, blogs, chapters in various books, white papers, journals, and more. His published and referenced work can be found on WindowsITPro, Data Center Frontier, Data Center Knowledge, InformationWeek, NetworkComputing, AFCOM, TechTarget, DarkReading, Forbes, CBS Interactive, Slashdot, and others.If you have any questions, comments, requests, or if you have any cyber liability insurance questions please ask below or email me at info@elevateglobalinsurance.comwww.elevateglobalinsurance.com/contact
Subscribe to TMI Newsletter for all updates: https://mcluhaninstitute.substack.com/welcome Clinton Ignatov was born in 1988 in Scarborough, Ontario. Growing up an hour's drive from Toronto in a small town, he developed an early interest in reading, computers, Star Trek, and karaoke. He began visiting the local library regularly to use the internet, eventually getting dial-up in his home around the year 2000. Some of his favourite websites to browse as a teenager were Fark.com, an American news aggregator, and Slashdot.org, a community revolving around the computer industry. The immersion in the daily discussions of politically and geographically diverse posters from Fark.com informs his understanding of American culture. And Slashdot.org developed his strong interest in Free computer culture leading him to erase Windows and begin using different versions of the GNU/Linux operating system on his desktop computer. His Computer Science studies at Carleton University in Ottawa were interrupted, and he acquired work first as a computer repair technician, and then full time selling magazines. Having witnessed the rise of the smartphone and social media industry, he now feels there is a need for voices who can provide informed perspectives on modern digital society and their effects on culture. By using old ideas to contextualize the present, such as cyberspace and the ideas of Marshall McLuhan, he hopes to offer some historical perspective which could make phenomena like "Twitter mobs" and contemporary polarized politics more easily understood. Clinton's YouTube Channel: https://www.youtube.com/user/clintonthegeek/videos Clinton's Blog: https://www.concernednetizen.com/ Intro Music is 'Radio McLuhan' by Annelise Noronha --- The McLuhan Institute exists to explore and understand the personal and social effects and implications of technology, following the pioneering work of Marshall McLuhan.
Baked and Awake Episode 111 November 23 2020 Today on the show: Intro, Disclaimer- we smoke weed on the show Youtube Channel Update- Closing in on 4K watch hours, a crucial threshold for becoming eligible for YT monetization. Let’s discuss twitch, YT, LBRY, and the coming year on Social Media. Check me out on a recent edition of The Talking Hedge Chronic Club here: https://www.youtube.com/watch?v=d-zQiACZg8E The Landmark Forum is a Cult (a reddit thread) https://www.reddit.com/r/cults/comments/js36s6/the_landmark_forum_is_a_cult/ Assholes Part One: https://www.youtube.com/watch?v=MtqYpvrzTu8 Assholes Part Two: https://www.youtube.com/watch?v=dVH-80GrcvM&t=3s French Documentary that was taken down about Landmark, Archive.org: https://archive.org/details/VoyageDesNouveauxGourous Searching for “Deepfakes” on Slashdot produces many interesting results https://www.technologyreview.com/2020/02/19/868173/an-indian-politician-is-using-deepfakes-to-try-and-win-voters/ Follow me on IG to see my recent posts about Deepfakes and more An American Scheme says he can Prove Diana Ross is MJ’s real mother. Check out my new official Web Store today where your secure purchases directly support the show, while shopping through online retailers you already trust: https://bakedandawake.com/the-shop My Website: www.bakedandawake.com Email me: talktous@bakedandawake.com Official Merch: https://www.teepublic.com/user/bakedandawake My Peertube Channel: https://peertube.co.uk/accounts/baked_and_awake/video-channels Twitter: https://twitter.com/stevecominski Insta: https://www.instagram.com/baked_and_awake/ Episode ambient Music generously provided by Antti Luode (http://www.soundclick.com/AnttiLuode),http://www.soundclick.com/_mobileFrame.cfm?bandID=1277008 Additional Music Provided with permission by Northwest Grab aka https://summoningsickness.bandcamp.com Baked and Awake Discord: https://discord.gg/BKJ52JQ DON’T CLICK THIS LINK: https://bit.ly/36towQy
Jed McCaleb is the co-founder and Chief Architect of the Stellar Development Foundation, an open network working to connect the world's financial infrastructure. In 2014, Jed created Stellar, an open-source blockchain network designed to democratize economic participation by making money more fluid, markets more open, and people more empowered. Why you should listen: Jed's history is the story of crypto itself. An early pioneer of decentralized systems, he created eDonkey2000 one of the first file-sharing networks. In July 2010, after reading about Bitcoin on Slashdot he became fascinated and founded the mtgox.com Bitcoin exchange. "I wanted to get some Bitcoin and the only way you could do that at the time was to mine it or go on internet forums. So I started the Gox exchange so I could learn more about Bitcoin as a system, and buy bitcoins. It was something that was needed by the community at the time and I knew it could build it so I did. I didn't run it for very long before Mark Karpeles took over and everyone knows what happened after that.” In 2011 McCaleb founded the crypto asset company Ripple and served as CTO until 2013. McCaleb then parted ways with Ripple but as part of a settlement, he was granted a large amount of XRP tokens. At the height of the January 2018 altcoin boom, McCaleb was briefly the 40th wealthiest person on the planet based on the value of his XRP tokens. McCaleb founded Ripple and then Stellar to try and improve on the promise of Bitcoin. “Bitcoin is an awesome idea,” says McCaleb, “But software is iterative and can always be improved. One of the things that bothered me about Bitcoin is the mining aspect. There are literally billions of dollars spent on mining which is a shame. I thought if there is another way we can solve the consensus problem, then we should explore it. So with Ripple and now Stellar, this is a way to solve consensus without the proof-of-work mining process so transactions can be sent in a much cheaper, faster, more energy-efficient way." Key takeaway: McCaleb says the current financial system is clunky and inefficient. “The problem with the way that money moves around the planet, is that the rails were built pre-internet so none of it was designed to interoperate. And the beauty of the internet is that with email, for example, it doesn't matter who runs your email server, they all speak the same language so you can seamlessly and instantly send an email to anyone in the world. There is really no reason why money can't work the same way. That's what Stellar is, it is an interoperable payment protocol between payment networks. McCaleb says that Stellar is intended to enhance rather than replace the existing financial system. Whereas, say, the Bitcoin network was made for trading only bitcoins, Stellar is a decentralized system that's built for trading any kind of money in a transparent and efficient way. “Stellar is designed as an upgrade to the existing financial structure,” says McCaleb. “It will be a long time, if ever before everyone is using one cryptocurrency. So instead, the better route is to build something that makes the current system easier, cheaper, reduces friction, and enables value transfer between people that wasn't possible before. Once we connect these networks of information in a frictionless way that will allow people to build all these interesting things on top of the network. Once you can send 10 cents from the U.S. to Vietnam, with no problem, that's when innovation happens. Right now we're building the plumbing for everything to be built on top of.” Supporting links: Stellar Stellar Meridian Conference The Three-Body Problem Andy on Twitter Brave New Coin on Twitter Brave New Coin If you enjoyed the show please subscribe to the Crypto Conversation and give us a 5-star rating and a positive review in whatever podcast app you are using.
Rob Malda (AKA: CmdrTaco) talks to Jim about the history & tech of Slashdot while speculating on what social media could learn from it. In this Currents episode, Jim talks to Rob Malda (AKA: CmdrTaco) about the history & creation of Slashdot, its opensource tech, rapid growth & eventual decline, unique moderation system & community involvement, utilization of … Continue reading Currents 013: Rob Malda on the Slashdot Story → The post Currents 013: Rob Malda on the Slashdot Story appeared first on The Jim Rutt Show.
Yesterday I talked about automation with Buffer so I thought I'd talk about another tool I use called OnlyWire. The name of the tool comes from the fact it's meant to share urls. The easiest thing is to share your blog posts and others you like. I use it to share my blog posts across a ton of other networks. Start a free trial at https://onlywire.com by clicking on the Sign Up Free button. What can you do with OnlyWire? You can share to 20+ social networks including the big 3 (Facebook, Twitter, LinkedIn) but also to Pinterest, WordPress, Redit, Blogger, Tumblr, Slashdot, Instapaper, Livewire and more! They even support MySpace and I was tempted to create an account just to see! So, you can create a new post and share it to all these networks at the same time! Start by clicking the New Post button on top right. You will see a popup to enter a new post. You can post it not or schedule it for later. The real power – RSS feeds Even... READ MORE and WATCH VIDEO at https://jeansergegagnon.com/course-income-secrets-225-how-to-automate-social-media-posts-with-onlywire/
Literally five minutes ago I updated to the new version of Safari, version 14. Then I browsed Forbes, hit up Techmeme, checked Twitter briefly, went to Fox News (first time, I think), clicked over to Slashdot, and finally read a story on ZDNet. Oh, and I checked for a picture for this story on Unsplash. In that five minutes, Safari prevented 90 trackers from profiling me. Let me repeat that. Five minutes, 90 trackers. Read this story in my Forbes column: https://www.forbes.com/sites/johnkoetsier/
On this week's episode, we cover our featured story, IFTTT goes pro, and other productivity and technology news from the past week! (If you’re reading this in a podcast directory/app, please visit https://anythingbutidle.com for clickable links and the full show notes and transcript of this cast.) Enjoy! Give us feedback! And, thanks for listening! If you'd like to continue discussing any news from this episode, please click here to leave a comment down below (this jumps you to the bottom of the post). In this Cast | IFTTT goes pro Ray Sidney-Smith Augusto Pinaud Headlines & Show Notes | IFTTT goes pro Resources we mention, including links to them, will be provided here. Please listen to the episode for context. https://www.macrumors.com/2020/09/09/google-maps-apple-watch-app-now-available/ http://rss.slashdot.org/~r/Slashdot/slashdot/~3/QVdTbJ7IpFw/windows-10-themes-can-be-abused-to-steal-windows-passwords https://www.theladders.com/career-advice/i-tried-the-5-highest-rated-productivity-hacks-heres-what-happened https://www.enr.com/articles/49935-unengaged-employees-sap-companies-of-productivity-innovation https://scientect.com/news/1118565/productivity-apps-market-may-see-a-big-move-by-2026/ https://www.streetinsider.com/Business+Wire/Stress%252C+Burnout+and+Technical+Issues+Threaten+the+Benefits+of+Working+From+Home%252C+According+to+Adaptavist+Study/17310099.html https://get.todoist.help/hc/en-us/articles/360015960599-Use-Microsoft-Teams-with-Todoist?s=09 https://twitter.com/kcase/status/1303795999735836672?s=09 https://twitter.com/kcase/status/1304114244099555328?s=09 https://www.forbes.com/sites/gordonkelly/2020/09/01/apple-iphone-12-pro-max-design-notch-display-charger-battery-upgrade-iphone-11-pro-max/#440929e82228 https://stacks.rocks https://apps.apple.com/us/app/muse-tool-for-thought/id1501563902 https://staceyoniot.com/everything-you-need-to-know-about-ifttt-pro/ https://ifttt.com/explore/introducing_ifttt_pro Apple Event. September 15th. Time Flies Apple Releases Safari Technology Preview 113 With Bug Fixes and Performance Improvements Raw Text Transcript | IFTTT goes pro Raw, unedited and machine-produced text transcript so there may be substantial errors, but you can search for specific points in the episode to jump to, or to reference back to at a later date and time, by keywords or key phrases. The time coding is mm:ss (e.g., 0:04 starts at 4 seconds into the cast’s audio). Read More Raymond Sidney-Smith 0:01 Hello personal productivity enthusiasts and community Welcome to anything but idle the productivity news podcast. I'm Ray Sidney-Smith Augusto Pinaud 0:06 I'm Augusto Pinaud Raymond Sidney-Smith 0:08 and we're your hosts for anything but idle. This is Episode 22. And we're recording this on September 11 2020. Each week, we cover the productivity news headlines of the week. So you know what's going on in the current tools, Research Services, products and more in the world of personal productivity. This week, we're going to be covering a story about if going pro. But first, let's talk about the headlines a gousto. What's our first headline this week? Augusto Pinaud 0:34 First headline is Google Maps for Apple Watch is now live. In the latest update, there is a big deal, you know that having the map on the watch, and the Apple Watch is really, really cool. But so far, you have been really limited to Apple Maps. So for those people who leave on the Google ecosystem, it's really cool to see that the Google Maps is now going to be able to give you that turn by turn into the watch and give you the those directions. So I think that is an incredible good news for everybody. Raymond Sidney-Smith 1:05 Next up, we have a story out of Slashdot that talks about Windows 10 themes, being able to be abused to grab windows passwords. And so this is just kind of a note to folks to be careful of with the d...
Patrocinador: Huawei te invita a participar otro año en su gran concurso de fotografía internacional. Tienes hasta el 31 de julio para entrar en sus seis categorías. Los premios son muy, muy golosos. … para mejorar Facebook y Twitter / … para proteger a los hongkoneses/ para mejorar la privacidad genética / … para luchar contra los chetos / … para mejorar la batería de Chrome…
The Tick is one of the weirdest comic book creations. It started first as a newsletter for a comic book shop and has since been rebooted countless times and none of them have really lasted more than a few seasons. Each one of those iterations is a little different than the last, and true fans have followed him every step of the way. On today's show we’re going to investigate how a character with so much awesome going for it is still SOMEHOW lurking in the shadow of greatness. Ben Edlund’s interview just before the 2001 Live action series debuted… http://www.thetick.ws/ben.html Ben’s Slashdot discussion with fan’s about his thoughts on The Tick… https://news.slashdot.org/story/01/11/26/2219219/thus-spake-tick-creator-ben-edlund Host: Fred Kennedy Twitter @Fearless_Fred Facebook @fearlessfredontheradio Guests: Zander Cannon @zander_cannon Susan Hurwitz Arneson @batdorkgirl
January 8th 2020 Baked and Awake Episode 096 Don’t worry, I never heard of Parallel Reality before, either Source: Fast Company, via Slashdot Original Article by Harry McCracken (https://www.fastcompany.com/90443495/deltas-parallel-reality-airport-display-sounds-like-sci-fi-but-its-real Misapplied Sciences: https://www.misappliedsciences.com/ Delta Airlines bought ($8million in a Series A) into a Redmond WA Based startup not at all ominously named Misapplied Sciences (MSFT Alums). Misapplied was operating in “Stealth Mode” (since 2014!) while building a new tech that Delta now intends to deploy ubiquitously throughout airports all over the world (presumably) that would create a new experience for its customers whereby the signage the traveler sees will be entirely personalized to each individual. From the story: “It’s almost limitless, the product map,” says COO Gil West. “Curb to gate, for things like wayfinding, boarding, upgrades, service recovery if your flight is delayed or canceled.” The tech accomplishes this seemingly miraculous feat by hyper focusing pixels on a special display, which depending on the viewers position will only beam specific images, colors, text (anything) to each individual user. Oh yeah, and AI and a bunch of video cameras mounted all over the place where the system is deployed. I choose that word for a reason. The screens, still early versions of the tech- currently have some limitations on the number of different subjects they can display unique information for, but even these limits are staggering: one iteration of the parallel reality screen can display unique information to 18,000 different points in front of it, while another is claimed to be able to split it’s display A MILLION times. I’m imagining billboards on roadways and window signs of businesses that deliver customized targeted ads. I’m also envisioning dystopian “Public Service” displays that beam reminders and warnings to people who have forgotten to pay a parking fine, or might be in the midst of considering other mundane civil infractions like jaywalking, littering, parking in the load zone, jumping a mass transit turnstyle etc. The Company’s CEO, in a quote for the Fast Company story said that “The system is agnostic to the tracking technology—all we need to know is a three-dimensional location that we want to send a piece of content to.” This statement I find concerning when referring to a technology that mostly relies on *many cameras being arrayed and networked together to follow the traveler around the airport so that the system can tell when someone is standing in front of one of the displays, and can then perform it’s magic. For the sake of clarity and in order to quell my initial weird feeling about this choice of words, I looked up the definition of agnostic: As applied it is an adjective, although a person can also be labeled “an agnostic” and in that case of course the word is a noun. Sticking to the adjective however we find, per Google, that: adjective adjective: agnostic- Relating to agnostics or agnosticism. Synonyms: skeptical, doubting, questioning, unsure, cynical, unbelieving, disbelieving, nonbelieving, faithless, irreligious, rationalist, nullifidian. Nevertheless, further clarity may be gained by also reading the noun’s definition, which reads: “A person who believes that nothing is known or can be known of the existence or nature of God or of anything beyond material phenomena; a person who claims neither faith nor disbelief in God” Speaking of magic, I saw some (weed and paranoia fueled no doubt) red flags in the language chosen by the article’s author, over and above Misappllied’s CEO’s glib take on his responsibility to acknowledge the true scope of their tech’s wider applications. The article opens with characterizing the airport traveling experience as a ritual. A couple paragraphs down, a statement about how the tech in question is being judged as “a technological magic trick”. There were references to the Startup being in “Stealth Mode”, and the choice to use phrases like Deployed and Deployment, which appear three times when referencing additional applications for the tech as well as where Delta is currently planning to test it (Detroit, by the way). To be fair, I assume Mr McCracken is a tech writer by trade,(UPDATE: Oh yeah is he ever) and in that realm, specifically in software development, “Deploy” is frequently used as a label for certain workflows including pushing updates to servers, handing off new builds from developers to Testers, etc. “We deployed the new build this morning so you clowns should be able to break it as soon as you’re ready” that sort of thing, so it could just be force of Techboy habit- but I don’t like the word here. Whenever your car’s infotainment system receives an OTA update, some Sys Admin somewhere a few hours before got a little IT Boner when they said “We’ve deployed the latest code to the Live Server”, or words to that effect. I don’t know, it all smacks of para militarism or something. The whole project was borne out of a 2014 Microsoft experiment with Spectators at a Pro Sports event where cell phones were used to signal individuals to sit or stand on command, effectively turning them into “Human Pixels” (Ahem- cybernetics- cough). Misapplied also has a connection to Walt Disney Imagineering, through Co Founder Dave Thompson, who previously worked in creating theme park experiences for Disney. (More pure psychology and cybernetics all with the express intent of getting you to stay longer and spend more in The Enchanted Kingdom) Delta will be showing a Future Visions video at CES that depicts a Parallel Reality powered security check-in experience that appears to be a seamless, hands free operation- something that I think will be leveraged heavily to push for widespread use of such systems in many other public spaces as well as secure buildings (Malls, Stadiums, High Rise Offices, Apartments, etc). The article closes with ...Future possibilities aside, once Delta’s beta experience is up and running, it should be worth at least a few minutes for anyone who travels through the airline’s Detroit terminal and wants to see something genuinely new. Ng, however, remains insistent that the ultimate goal isn’t to wow anybody. Like many a potential breakthrough before it, parallel reality will matter most if we start to take it for granted. “It’s not about people appreciating the technology,” he says. “It’s about people going through these venues and getting a seamless experience. And when we can get to that point, where the technology blends away, that means we made it. That means that we were successful.” Thanks for listening to today’s story, I hope you enjoyed it and it gives you something to think about as you continue your day. I also want to thank my instagram friends @melbournemudflood and Sean McCoy of the Come to The Table podcast for sharing my Guardians of the Galaxy meme over there yesterday- you guys are the real MVP’s! Honorable mention among my IG family for today also includes @itsyourgirlm7 who posts uncomfortable truths all day long on her account, and yet still manages to have a sense of humor about it, and @allenwolfphotos, who listens to the podcast, recently was traveling in Spain, and went a little mudflood crazy while he was there. Allan, I’m looking forward to poring over some of those images you took at full resolution soon brother! Only three more shows until episode 100- what do you think I should do for that milestone? Anything special? Get at me, always, at talktous@bakedandawakecom, and visit my permanent internet home at www.bakedandawake.com where you can always find the podcasts, learn more about me, connect with other listeners in The Smoking Lounge, and support the show by buying some podcast merch or checking out my Amazon affiliate links for my journal and daily planner and other fine products you probably need in your lives. Maybe. Alright everyone, that’ll do it for this episode of the Plagiarizing Slashdot Podcast, I’ve been your stoney host Steve, and you can make me happy this week by posting an image to your favorite social media platform and tagging it with our motto, #smokeindicadoshitanyway. Check out my new official Web Store today where your secure purchases directly support the show, while shopping through online retailers you already trust: https://bakedandawake.com/the-shop DON’T CLICK THIS LINK: https://bit.ly/36towQy My Website: www.bakedandawake.com Email me: talktous@bakedandawake.com Official Merch: https://www.teepublic.com/user/bakedandawake Baked and Awake Discord: https://discord.gg/BKJ52JQ My Peertube Channel: https://peertube.co.uk/accounts/baked_and_awake/video-channels Twitter: https://twitter.com/stevecominski Insta: https://www.instagram.com/baked_and_awake/ Episode ambient Music generously provided by Antti Luode Track: Datsun280zx (http://www.soundclick.com/AnttiLuode),http://www.soundclick.com/_mobileFrame.cfm?bandID=1277008 Additional Music Provided with permission by Northwest Grab aka https://summoningsickness.bandcamp.com
Joel Comm is a New York Times bestselling author, blockchain enthusiast, professional keynote speaker, social media marketing strategist, live video expert, technologist, brand influencer, futurist, and eternal 12-year-old. With over two decades of experience harnessing the power of the web, publishing, social media and mobile applications to expand reach and engage in active relationship marketing, Joel is a sought-after public speaker who leaves his audiences inspired, entertained, and armed with strategic tools to create highly effective new media campaigns. Travis Wright is a top marketing technologist, author, keynote speaker, blockchain advisor, tech journalist, and podcast host. He is the former global digital and social strategist at Symantec (Sa man tic) for the Norton brand. Wright is the co-founder & CMO of CCP Digital, a Kansas City & SF-based digital ad & content agency. Wright is the author of Wiley & Sons, Digital Sense, The Common Sense Approach to Social Business Strategy, Marketing Technologies, Customer Experience and Emerging Technologies, which was published in January 2017. These two gentlemen are the hosts of the podcast Crypto Curious and Crypto Serious. “The current paper currency model is going to go away. A big shift is going to happen. The paper money system is going to crumble.” Travis Wright Worst investment ever – Joel’s story of loss The big idea 2009 was a good year for Joel. He had a staff of about 38 people running several successful projects. The money was flowing, the business was good. So together with his team, Joel came up with one of the first pieces of technology that would bring email marketing type of delivery to mobile. Think of Constant Contact and AWeber, where you can send bulk emails to people that have subscribed to your list. They came up with technology that would allow you to do that to mobile phones. Blood, sweat, and money Joel put a lot into this project spending somewhere in the low six figures of his money. They did everything they could to promote the system. They showed up at trade shows and demonstrated it, but people didn't respond. He tried to raise venture capital to grow it but didn't get the response that he wanted. He even tried looking for partnerships, but no one was interested. Meanwhile, every month, he was pouring more money into it because once you set up shortcodes with the mobile services, you have to pay monthly to maintain them. Otherwise, you lose them. Hitting a wall Joel realized soon enough that what seemed like an opportunity and a cool idea had hit a wall. He then tried to sell the software that he had invested a lot of money into to somebody who could pick it up and run with it. But that too didn’t happen. So now he was left with a failed project, emotionally bruised, and six figures less. But he still held onto the system. Letting go The failure to successfully launch his system was hanging on him and crushing him. One day in 2013, he saw the bill for what it cost him to keep this thing running and was faced with the challenge of what to do. Does he keep paying for this, hoping he could salvage it and get something out of it and turn it around? Or does he pull the plug and flush the whole thing down the drain? Joel pulled the plug and thought that he would feel these waves of crushing defeat because he had made the worst investment of his life, and that loss had cost him a lot. But he experienced something different. When he pulled the plug, he felt this release like the burden was just instantly lifted. Now he could focus his attention and energy on things that he was far more passionate about. Letting go allowed him to put this failure in the past. Lessons learned Don’t do it just for the money If you're not passionate about something and planning to go all-in, then don’t do it. Money should not be your only motivator. Life is just so much more than how much money we make. It’s also about the people in our lives and the experiences we have and share. Andrew’s takeaways Don’t fall for the sunk cost fallacy Don’t let the sunk cost fallacy make you stay in a bad investment. Once we've invested a lot of money in something, we can be emotionally invested in it. But just because we invested money in it doesn't mean that it was the right thing and that we should hold on to it forever. Let it go You can instantly stop failing by letting go of that investment that is not bringing you any more value. Actionable advice Don’t focus on just the one investment that you have. Look around for other opportunities that might be there. In other words, don’t be laser-focused on your investment just because you need it to work. Be open to other opportunities and possibilities. No. 1 goal for the next 12 months Joel wants to stay open in 2020, live every day, and let the year surprise him. Worst investment ever – Travis’ story of loss Wetting his feet into digital currency In July of 2010, Travis read an article on Slashdot, a big tech publication that talked about this new Bitcoin 0.3 version that had just come into the digital currency space. What fascinated him was that he could find the new Bitcoin on his computer. So he decided to check it out. He mined a block of 50 Bitcoin. Then he went to a website where they were giving away Bitcoin every day and got five Bitcoins, so now he had 55 Bitcoins. Too much for his computer Mining the Bitcoins was causing too much stress on his computer. Eventually, his computer got fried. Fortunately, he was able to log in and get all his important files except his Bitcoin. So he ended up throwing the computer. So now there's a computer somewhere in a dumpster with 55 Bitcoin on it. Lack of knowledge is what cost him At the time, Travis didn’t know anything about cryptocurrency trading. He didn't have anybody who he could talk to about this new fad. Someone who had blockchain and understood Bitcoin and cryptocurrencies. He’d jump right into the new fad without doing any research. Had he done his homework first, he’d have known about buying Satoshis and putting them in a crypto wallet instead of on his computer. $1.1 million in the trash In January of 2018, the 55 Bitcoins, that were now in a dumpster somewhere, were worth a whopping $1.1 million! Yep, Travis had literally thrown $1.1 million into the trash bin. His ignorance had cost him $1.1 million. Lessons learned Keep your private keys to yourself When investing in crypto, make sure to store your crypto, not on your computer, but a hard crypto wallet without an internet connection. Keep all that stuff secure and private. That way, nobody can steal your stuff, and you have easy access to them. The market will get crazy When the markets are high, and the crypto prices are really good, sell some of your Bitcoins, take a little bit of the profits off the top and spend it on other investments because the market will sometimes dip. So don't just watch all your investments plummet down to near zero when the markets dip, make money during high markets. Andrew’s takeaways You’ve got to take it to the end Great investments have to work to the end. It's a little bit like playing basketball and you're good at dribbling and you're in the back of the court. But if you can't take it to the hoop to get the point, then all that work is useless. Actionable advice Don't be afraid to use your crypto once in a while. Don't just hold it as an investment. Remember to do your research and your due diligence into it and start to understand the best cryptocurrency, what is blockchain, and why blockchain works. No. 1 goal for the next 12 months Travis is working on a fun platform right now to help podcasters launch, manage, schedule, and organize their podcasts more effectively. Parting words “We're all human, flawed and fallible.” Joel Comm Andrew’s books How to Start Building Your Wealth Investing in the Stock Market My Worst Investment Ever 9 Valuation Mistakes and How to Avoid Them Transform Your Business with Dr. Deming’s 14 Points Andrew’s online programs Valuation Master Class Women Building Wealth The Build Your Wealth Membership Group Become a Great Presenter and Increase Your Influence Transform Your Business with Dr. Deming’s 14 Points Connect with Bad Crypto Podcast Twitter Facebook Instagram Website Connect with Joel Comm Twitter Facebook LinkedIn Connect with Travis Wright Twitter Facebook LinkedIn Connect with Andrew Stotz astotz.com LinkedIn Facebook Instagram Twitter YouTube My Worst Investment Ever Podcast
1) PSA: Google Drive and Pirated Movies by Patrick Cauley a) https://itbabble.com/2019/09/23/psa-google-drive-and-pirated-movies/ b) Digital Millennium Copyright Act - https://en.wikipedia.org/wiki/Digital_Millennium_Copyright_Act 2) Computer Science Empathy by Tony DePrato a) https://itbabble.com/2019/09/18/computer-science-empathy/ b) Great advice for getting started 3) Microsoft: We want you to learn Python by Liam Tung of ZDnet a) https://www.zdnet.com/article/microsoft-we-want-you-to-learn-python-programming-language-for-free/ 44 short beginner Python videos b) https://www.youtube.com/playlist?list=PLlrxD0HtieHhS8VzuMCfQD4uJ9yne1mE6 4) Slashdot.com Hidden Video Games a) https://games.slashdot.org/story/19/09/24/0143229/researchers-find-mystery-hidden-in-early-80s-atari-game 5) Stop having a love affair with your suppliers a) Remember they are in it to make money b) Keep it healthy
Bitcoin educator, developer, and entrepreneur Jimmy Song drops by to talk about his new book, The Little Bitcoin Book: Why Bitcoin Matters for Your Freedom, Finances, and Future. He and Gary discuss Jimmy's initial introduction to bitcoin, the new book, and the book sprint process that the eight coauthors used to collaborate on the project from inception to publication. Little Bitcoin Book: https://www.amazon.com/Little-Bitcoin-Book-Matters-Finances-ebook/dp/B07W957N7T ●▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬● ✅ CONTACT ✅ ► Off Chain with Jimmy Song: youtube.com/channel/UCEFJVYNiPp8xeIUyfaPCPQw ► Programming Bitcoin by Jimmy Song: https://www.amazon.com/gp/product/1492031496/ ► Jimmys’s Twitter: @jimmysong ●▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬● ✅ LINKS MENTIONED ✅ ► Book Sprint: wikipedia.org/wiki/Book_sprint ► ColdCard Wallet: coldcardwallet.com ► Human Rights Foundation: hrf.org ► Slashdot: slashdot.org ► Book Sprint: wikipe ●▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬● ✅ ANANT'S FAVORITE PODCASTS ✅ ► Tales from the Crypt: talesfromthecrypt.libsyn.com/ ► What Bitcoin Did: whatbitcoindid.com/podcast ► Let’s Talk Bitcoin: https://letstalkbitcoin.com/ ●▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬● ✅ SUBSCRIBE ANYWHERE ✅ ►https://CryptoCousins.com/Subscribe ●▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬● ✅ BITBLOCKBOOM ✅ ► Take a look at the Bitcoin Conference I am hosting in Dallas, Texas at https://BitBlockBoom.com ●▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬● ✅ UNSTOPPABLE DOMAINS ✅ ► Censorship resistant blockchain domains that double as a crypto wallet address https://4MinuteCrypto.com/zil ●▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬● ✅ MY WEBSITES ✅ ► https://4MinuteCrypto.com ► https://CryptoCousins.com ► https://ArlingtonCrypto.com ► https://CryptoPodcaster.com ► https://GaryLeland.com ► https://BitBlockBoom.com ●▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬● ✅ MY CONTACT INFO ✅ ► Email me at TheCryptoCousins@gmail.com ► Message me at https://Facebook.com/msg/GaryLeland ► Leave a voice comment at 817-476-0660 ●▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬● ✅ MY SOCIAL MEDIA ✅ ► https://Twitter.com/GaryLeland ► https://Facebook.com/GaryLelands ► https://Linkedin.com/in/GaryLeland ► https://Instagram.com/Gary_Leland ► https://Steemit.com/@CryptoCousins ► https://GaryLeland.Tumblr.com ► https://Minds.com/GaryLeland ► https://Gab.com/GaryLeland ► https://Pinterest.com/garyleland ●▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬● ✅ MY AUDIO PODCASTS ✅ ► https://4MinuteCrypto.com ► https://CryptoCousins.com ► https://BitBlockBoom.com/Podcast ► http://RailroadedPodcast.com ► http://WhatIsBitcoinPodcast.com ●▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬● ✅ SHOW YOUR SUPPORT ✅ ► https://Patreon.com/CryptoCousins ► https://4CousinsCrypto.com/Donate ► https://Tippin.me/@GaryLeland ► https://Cash.me/$CryptoCousins ► With Crypto - https://4MinuteCrypto.com/Donate ●▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬● ✅ USEFUL LINKS ✅ ► The best Bitcoin book - https://4MinuteCrypto.com/Bitcoin ► Subscribe to Alexa Flash Briefings - https://4MinuteCrypto.com/Alexa ► Get $10 in Bitcoin free at Coinbase -https://CryptoCousins.com/Coinbase ► Bitcoin Clothing & Gear - https://CryptoCrybaby.com ► Brave Browser - https://Brave.com/cry570 ●▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬● Gary is available to keynote or emcee or present at your Bitcoin/Crypto event. Contact Gary at GaryLeland@gmail.com for additional info. ●▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬● ✅ THIS IS A CRYPTO PODCASTER PRODUCTION ✅ ► Podcast edited by John Bukenas. ► Outro and intro by Elsie Escobar. ●▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬● ✅ DISCLAIMER ✅ This article should not be taken as is, and is not intended to provide, investment advice.
Welcome to the History of Computing Podcast, where we explore the history of information technology. Because understanding the past prepares us for the innovations of the future! Todays episode is on the history of Wikipedia. The very idea of a single location that could store all the known information in the world began with Ptolemy I, founder of the Greek dynasty that ruled Egypt following the death of Alexander the great. He and his son amassed 100s of thousands of scrolls in the Library and Alexandria from 331 BC and on. The Library was part of a great campus of the Musaeum where they also supported great minds starting with Ptolemy I's patronage of Euclid, the father of geometry, and later including Archimedes, the father of engineering, Hipparchus, the founder of trigonometry, Her, the father of math, and Herophilus, who gave us the scientific method and countless other great hellenistic thinkers. The Library entered into a slow decline that began with the expulsion of intellectuals from Alexandria in 145BC. Ptolemy VIII was responsible for that. Always be weary of people who attack those that they can't win over especially when they start blaming the intellectual elite for the problems of the world. This began a slow decline of the library until it burned, first with a small fire accidentally set by Caesar in 48BC and then for good in the 270s AD. In the centuries since there have been attempts here and there to gather great amounts of information. The first known encyclopedia was the Naturalis Historiae by Pliny the Elder, never completed because he was killed in the eruption of Vesuvius. One of the better known being the Encyclopedia Britannica, starting off in 1768. Mass production of these was aided by the printing press but given that there's a cost to producing those materials and a margin to be made in the sale of those materials that encouraged a somewhat succinct exploration of certain topics. The advent of the computer era of course led to encyclopedias on CD and then to online encyclopedias. Encyclopedias at the time employed experts in certain fields and paid them for compiling and editing articles for volumes that would then be sold. As we say these days, this was a business model just waiting to be disrupted. Jimmy Wales was moderating an online discussion board on Objectivism and happened across Larry Sanger in the early 90s. They debated and became friends. Wales started Nupedia, which was supposed to be a free encyclopedia, funded by advertising revenue. As it was to be free, they were to recruit thousands of volunteer editors. People of the caliber that had been previously hired to research and write articles for encyclopedias. Sanger, who was pursuing a PhD in philosophy from Ohio State University, was hired on as editor-in-chief. This was a twist on the old model of compiling an encyclopedia and a twist that didn't work out as intended. Volunteers were slow to sign up, but Nupedia went online in 2000. Later in the year there had only been two articles that made it through the review process. When Sanger told Ben Kovitz about this, he recommended looking at the emerging wiki culture. This had been started with WikiWikiWeb, developed by Ward Cunningham in 1994, named after a shuttle bus that ran between airport terminals at the Honolulu airport. WikiWikiWeb had been inspired by Hypercard but needed to be multi-user so people could collaborate on web pages, quickly producing content on new patterns in programming. He wanted to make non-writers feel ok about writing. Sanger proposed using a wiki to be able to accept submissions for articles and edits from anyone but still having a complicated review process to accept changes. The reviewers weren't into that, so they started a side project they called Wikipedia in 2001 with a user-generated model for content, or article, generation. The plan was to generate articles on Wikipedia and then move or copy them into Nupedia once they were ready. But Wikipedia got mentioned on Slashdot. In 2001 there were nearly 30 million websites but half a billion people using the web. Back then a mention on the influential Slashdot could make a site. And it certainly helped. They grew and more and more people started to contribute. They hit 1,000 articles in March of 2001 and that increased by 10 fold by September, By And another 4 fold the next year. It started working independent of Nupedia. The dot-com bubble burst in 2000 and by 2002 Nupedia had to lay Sanger off and he left both projects. Nupedia slowly died and was finally shut down in 2003. Eventually the Wikimedia Foundation was built to help unlock the world's knowledge, which now owns and operates Wikipedia. Wikimedia also includes Commons for media, Wikibooks that includes free textbooks and manuals, Wikiquote for quotations, Wikiversity for free learning materials, MediaWiki the source code for the site, Wikidata for pulling large amounts of data from Wikimedia properties using APIs, Wikisource, a library of free content, Wikivoyage, a free travel guide, Wikinews, free news, Wikispecies, a directory containing over 687,000 species. Many of the properties have very specific ways of organizing data, making it easier to work with en masse. The properties have grown because people like to be helpful and Wales allowed self-governance of articles. To this day he rarely gets involved in the day-to-day affairs of the wikipedia site, other than the occasional puppy dog looks in banners asking for donations. You should donate. He does have 8 principles the site is run by: 1. Wikipedia's success to date is entirely a function of our open community. 2. Newcomers are always to be welcomed. 3. “You can edit this page right now” is a core guiding check on everything that we do. 4. Any changes to the software must be gradual and reversible. 5. The open and viral nature of the GNU Free Documentation License and the Create Commons Attribution/Share-Alike License is fundamental to the long-term success of the site. 6. Wikipedia is an encyclopedia. 7. Anyone with a complaint should be treated with the utmost respect and dignity. 8. Diplomacy consists of combining honesty and politeness. This culminates in 5 pillars wikipedia is built on: 1. Wikipedia is an encyclopedia. 2. Wikipedia is written from a neutral point of view. 3. Wikipedia is free content that anyone can use, edit, and distribute. 4. Wikipedia's editors should treat each other with respect and civility. 5. Wikipedia has no firm rules. Sanger went on to found Citizendium, which uses real names instead of handles, thinking maybe people will contribute better content if their name is attached to something. The web is global. Throughout history there have been encyclopedias produced around the world, with the Four Great Books of Song coming out of 11th century China, the Encyclopedia of the Brethren of Purity coming out of 10th century Persia. When Wikipedia launched, it was in English. Wikipedia launched a German version using the deutsche.wikipedia.com subdomain. It now lives at de.wikipedia.com and Wikipedia has gone from being 90% English to being almost 90 % non-English, meaning that Wikipedia is able to pull in even more of the world's knowledge. Wikipedia picked up nearly 20,000 English articles in 2001, over 75,000 new articles in 2002, and that number has steadily climbed wreaching over 3,000,000 by 2010, and we're closing in on 6 Million today. The English version is 10 terabytes of data uncompressed. If you wanted to buy a printed copy of wikipedia today, it would be over 2500 books. By 2009 Microsoft Encarta shut down. By 2010 Encyclopedia Britannica stopped printing their massive set of books and went online. You can still buy encyclopedias from specialty makers, such as the World Book. Ironically, Encyclopedia Britannica does now put real names of people on articles they produce on their website, in an ad-driven model. There are a lot of ads. And the content isn't linked to as many places nor as thorough. Creating a single location that could store all the known information in the world seems like a pretty daunting task. Compiling the non-copywritten works of the world is now the mission of Wikipedia. The site receives the fifth most views per month and is read by nearly half a billion people a month with over 15 billion page views per month. Anyone who has gone down the rabbit hole of learning about Ptolemy I's involvement in developing the Library of Alexandria and then read up on his children and how his dynasty lasted until Cleopatra and how… well, you get the point… can understand how they get so much traffic. Today there are over 48,000,000 articles and over 37,000,000 registered users who have contributed articles meaning if we set 160 Great Libraries of Alexandria side-by-side we would have about the same amount of information Wikipedia has amassed. And it's done so because of the contributions of so many dedicated people. People who spend hours researching and building pages, undergoing the need to provide references to cite the data in the articles (btw wikipedia is not supposed to represent original research), more people to patrol and look for content contributed by people on a soapbox or with an agenda, rather than just reporting the facts. Another team looking for articles that need more information. And they do these things for free. While you can occasionally see frustrations from contributors, it is truly one of the best things humanity has done. This allows us to rediscover our own history, effectively compiling all the facts that make up the world we live in, often linked to the opinions that shape them in the reference materials, which include the over 200 million works housed at the US Library of Congress, and over 25 million books scanned into Google Books (out of about 130 million). As with the Great Library of Alexandria, we do have to keep those who seek to throw out the intellectuals of the world away and keep the great works being compiled from falling to waste due to inactivity. Wikipedia keeps a history of pages, to avoid revisionist history. The servers need to be maintained, but the database can be downloaded and is routinely downloaded by plenty of people. I think the idea of providing an encyclopedia for free that was sponsored by ads was sound. Pivoting the business model to make it open was revolutionary. With the availability of the data for machine learning and the ability to enrich it with other sources like genealogical research, actual books, maps, scientific data, and anything else you can manage, I suspect we'll see contributions we haven't even begun to think about! And thanks to all of this, we now have a real compendium of the worlds knowledge, getting more and more accurate and holistic by the day. Thank you to everyone involved, from Jimbo and Larry, to the moderators, to the staff, and of course to the millions of people who contribute pages about all the history that makes up the world as we know it today. And thanks to you for listening to yet another episode of the History of Computing Podcast. We're lucky to have you. Have a great day! Note: This work was produced in large part due to the compilation of historical facts available at https://en.wikipedia.org/wiki/History_of_Wikipedia
Chris and Serge have an exciting announcement in the form of a new project called Datashards!Datashards is a collaborative secure communication system that can be used online or offline and solves problems such as the Slashdot effects, offline data retrival, secure communication and more. Chris and Serge walk through the basic features of DataShards and why they're both working on it!Links:The DataShards WebsiteTahoe-LAFSFreenetJason Scott Talking about the Death of Geocities and Internet CultureDefinition of the Slashdot EffectIPFSThe original Freenet Paper
Chris and Serge have an exciting announcement in the form of a new project called Datashards!Datashards is a collaborative secure communication system that can be used online or offline and solves problems such as the Slashdot effects, offline data retrival, secure communication and more. Chris and Serge walk through the basic features of DataShards and why they're both working on it!Links:The DataShards WebsiteTahoe-LAFSFreenetJason Scott Talking about the Death of Geocities and Internet CultureDefinition of the Slashdot EffectIPFSThe original Freenet Paper
Chris and Serge have an exciting announcement in the form of a new project called Datashards!Datashards is a collaborative secure communication system that can be used online or offline and solves problems such as the Slashdot effects, offline data retrival, secure communication and more. Chris and Serge walk through the basic features of DataShards and why they're both working on it!Links:The DataShards WebsiteTahoe-LAFSFreenetJason Scott Talking about the Death of Geocities and Internet CultureDefinition of the Slashdot EffectIPFSThe original Freenet Paper
Ur veckans avsnitt: Kroppslig smärta, valsmärta, lagringssmärta, dietsmärta, Apple-eventsmärta. Smärta som Jocke aldrig upplevt det tidigare Proxmox-problem. Eller egentligen lagringsutmaningar. Fredrik roas av att expandera lagring på sin Synology Alla brev vi fått - roliga enkortsdatorer, problem med podden i diverse poddspelare Jocke ska gå på VA-mässa, vuxenpoäng! Det har visst varit val, Västlänk, och elfte september. Vad gjorde vi den elfte september 2001? Melin inför den fina traditionen rösttårta Dumma dieter och Apple-gissningar för ett event som redan varit Länkar Proxmox Grapefrukt Holedown RAID 5 Rockpro64 SATA - och M.2-adaptrar för Rockpro Video om Rockpro Bonusvideo från Jimmy Happy! Glusterfs Kvorum - quorum Odroid-HC2 Player FM Lineageos Elmia Västlänken - mejla inte Fredrik Slashdot Snowcrash Snow crash Apples septemberevent Airpower verkar vara … ännu senare Två nördar - en podcast. Fredrik Björeman och Joacim Melin diskuterar allt som gör livet värt att leva. Fullständig avsnittsinformation finns här: https://www.bjoremanmelin.se/podcast/avsnitt-138-panik-och-kannibalism.html.
NEW MIKE KANE CAST - iTunes|Android|Spotify In this special episode, I got the privilege of talking with Sam Ford, Director of Cultural Intelligence at Simon & Schuster. Sam's range of expertise is incredible, and includes a few shared passions: Intellectual life, Kentucky, and, of course, professional wrestling. Sam shares his small-town roots and early love of the USWA out of Memphis, and shows how he has combined that love of pro wrestling with a deep knowledge of comparative media to become an expert who remains a fan! If you've ever turned on a TV set, this episode will inform and entertain you! (From samford.wordpress.com) Sam Ford is Director of Cultural Intelligence for Simon & Schuster, a CBS company. In addition, he is leading various initiatives of the Future of Work in Kentucky with the MIT Open Documentary Lab, the University of Southern California Annenberg School’s Civic Paths team, and other partners, and is a member of the Kentucky team taking part in the MIT Regional Entrepreneurship Acceleration Program (REAP), the first U.S. region to ever be accepted to the program. As a Knight News Innovation Fellow with Columbia University’s Tow Center for Digital Journalism, he is co-leading the Community Stories Lab with Dr. Andrea Wenzel–work which received the inaugural Research Prize for Professional Relevance from the Association for Education in Journalism and Mass Communication (AEJMC) in 2018. Sam also serves as a research affiliate with MIT’s Program in Comparative Media Studies/Writing and as an instructor in Western Kentucky University’s Popular Culture Studies Program. He is also co-founder of the Artisanal Economies Project. With Henry Jenkins and Joshua Green, Sam co-authored the 2013 NYU Press book Spreadable Media: Creating Value and Meaning in a Networked Culture, which was released in paperback in Spring 2018. The book has also been translated into Spanish, Portuguese, Chinese, Korean, Italian, Swedish, and Polish. It was named one of Strategy+Business’ 2013 Best Business Books and voted as a “Top 10 Best Marketing Book You Read This Summer” by the readers of Advertising Age. He is also co-editor, with Abigail De Kosnik and C. Lee Harrington, of the 2011 book The Survival of Soap Opera: Transformations for a New Media Era as well. He frequently publishes academic work on media fandom, transmedia storytelling, professional wrestling, soap operas, the marketing and communications world, and a range of other subjects. In 2015, Sam launched and ran the Center for Innovation & Engagement at Univision’s Fusion Media Group (as FMG’s VP, Innovation & Engagement), which he ran through the end of 2016. In that role, he helped manage relationships with a range of academic, industry, nonprofit organizations, and other key communities that are focused on innovation and experimentation in storytelling or new ways of building deeper relationships with key audiences and communities. He also collaborated with teams throughout the portfolio company to foster, build, and scale new approaches to storytelling and audience engagement. The Center was the subject of a Harvard Nieman Lab feature, and projects the Center played a key role in designing were honored with a Shorty Social Good Award and a Robert F. Kennedy Journalism Award. Before joining Univision/Fusion Media Group, Sam worked for strategic communications and marketing firm Peppercomm from 2007-2015, where he was named both 2014 Digital Communicator of the Year and a 2014 Social Media MVP by PR News, as well as 2011 Social Media Innovator of the Year by Bulldog Reporter. During that time, Sam served as both a member of the Board of Directors of the Word of Mouth Marketing Association and as co-chair of their Ethics Committee. From 2005-2008, Sam was co-founder and later research manager of the MIT Convergence Culture Consortium. He also acted as co-organizer of the MIT Futures of Entertainment conference series from 2006-2012. Sam has been a contributor to Harvard Business Review, Fast Company, and Inc. He has also written for Wall Street Journal, Boston Globe, BusinessWeek, Advertising Age, The Huffington Post, The Christian Science Monitor, Harvard’s Nieman Lab, Knowledge@Wharton, Columbia Journalism Review, Poynter, Tribeca, Portfolio, Chief Marketer, CMO.com, PRWeek, PR News, The Public Relations Strategist, Communication World, O’Dwyer PR, Firm Voice, PropertyCasualty360, Global HR News, TABB Forum, SLAM! Sports, and various other publications. He began his career as a reporter and columnist for various Kentucky newspapers and, in 2006, won a Kentucky Press Association award for Best Feature. Sam has appeared in documentaries Soap Life, Who Shot the Daytime Soap?, and VICE’s Lil Bub and Friendz and has been quoted in/on, or had his work cited by, a wide range of publications/shows, including The New York Times, The New York Times Magazine, The Financial Times, The Los Angeles Times, Mashable, CNN, APM Marketplace, BBC World Service, PRI’s TheWorld, CNBC, The Australian Broadcasting Corporation, Quartz, Fortune, Forbes, Investor’s Business Daily, CIO, Hollywood Reporter, Les Inrocks, Asahi Shimbun, Nikkei, DePers, Harvard’s Nieman Lab, American Press Institute, Knowledge@Wharton, The Washington Times, HLN, Venture Beat, AdWeek, MediaShift, ESPN: The Magazine, Télérama, Mental Floss, Boing Boing, Slashdot, Buzzfeed, Metro, Reader’s Digest, CableFAX, Soap Opera Weekly, The San Jose Mercury-News, and MIT Slice of Life…and most proudly as trivia on Jeopardy! and NPR’s Ask Me Another, as well as The New York Times crossword. In addition to being a featured speaker at South by Southwest on several occasions, Sam has spoken or moderated at a wide range of in-person and virtual events, including National Association of Television Programming Executives (NATPE), Social Media Week NYC, Future of Storytelling, Front End of Innovation, Back End of Innovation, Media Insights & Engagement Conference, Planning-ness, Annual Insurance Executives Conference, Media Days Munich, NeoTVLab in Argentina, Cartagena Inspira in Colombia, Consumer Culture Theory conference, Console-ing Passions, Flow, and Social Media for Utilities, as well as events for MIT, the University of Southern California, Brown University, UC-Berkeley, Northeastern University, Aberystwyth University in Wales, Western Kentucky University, ESOMAR, the Public Relations Society of America, CTAM, the Advertising Research Foundation, the Association of Cable Communicators, the Word of Mouth Marketing Association, PR News, CableFAX, the Popular Culture Association, the Society for Cinema and Media Studies, the Association for Corporate Growth, the Luxury Marketing Council, the American Association of University Presses, the Association of Management Consulting Firms, the International Association of Business Communicators, the Association of National Advertisers, MarketingProfs, the Kentucky Press Association, the Kentucky Travel Industry Association, the Corporate Communication Leaders Forum, Donate Life America, Social Media Today, and a range of other forums. Sam received his Master’s degree from MIT’s Program in Comparative Media Studies/Writing and a Bachelor’s degree from Western Kentucky University as part of the Honors Program, where he majored in news/editorial journalism, communication studies, mass communication, and English, with a minor in film studies. Currently, he serves as a member of the inaugural MIT Graduate Alumni Council. He is also past chair of WKU’s Department of Communication Advisory Council and a member of WKU’s Popular Culture Studies Program Curriculum Committee and the WKU Department of Communication Ad Hoc Curriculum Committee. Previously, he served as a member of WKU’s Young Alumni Council and WKU’s Advertising+Public Relations Professional Advisory Committee. Sam is also on the editorial board of USC’s Case Studies in Strategic Communication, the Organization for Transformative Works’ Transformative Works and Cultures, and Soundings: An Interdisciplinary Journal. He lives between New York City and Bowling Green, Ky., with wife Amanda and daughters Emma and Harper.
Cyber attacks are getting more sophisticated and are being perpetrated on everyone and more often than ever before. Today we are going to discuss Security and Two-factor authentication schemes and what you can do to protect your self. Craig is putting up a new membership site (Yes, it is free, but you have to sign up) On it will have all his special reports that he puts out and you will be the first to get them. These and more tech tips, news, and updates visit - CraigPeterson.com --- Transcript: Below is a rush transcript of this segment, it might contain errors. Airing date: 08/018/2018 Two Factor Authentication. Security and Highlights from Defcon Conference Craig Peterson: [00:00:00] Hi, there everybody, Craig Peterson here, and as usual I've got a ton to talk about. We've got a special report about America's greatest threat. They're calling it a hurricane for cyber attacks. We've got an interesting hacker out there, who has allegedly stolen millions of dollars by hijacking phone numbers and in turn asking kids parents to send some money. Isn't that something. Another trick here. Your Voicemail. Did you know that hackers are seizing practically all online accounts just using your voicemail? We'll tell you how some practical security here for the prudent American, great little article that came out in medium, we'll be talking a little bit about that. Everything you want to know about VPN's but didn't want to ask. In fact, I had a request from one of our listeners this week about the VPN stuff because he's heading out of the country. I love this new Alexa skill, I've been playing a lot with my Alexa. You know about the timers, that people have been using for years to make their lights go on and off while they're out of the house. Well, listen to what you can do with your Alexa. And three trends that hackers, a Black Hat and DEFCON are watching. Did you know that just happened to hear about a week ago? So here we go. Of course, you're listening to Craig Peterson, right. So, we're playing around with some different things, let me know what you think? We've got some different bumper music and beds and things, and you'll hear some of the same stuff we've always been using, as well today. But, you know it's been years since we changed any of that stuff so, we'll just let it go for now, OK. So, our special report, to start things off here today. [00:01:51] We know about the security vulnerabilities, we've seen the vulnerabilities, we know what's up, and many of us have been hacked, right. Have you been hacked? You may not even know it. But almost every computer that's online that's running Windows has been hacked. If you've been online for more than a year. Well, what is ahead when we go forward? What are we looking at here? I did a really interesting interview this week for the FBI for their Infraguard program. It's with a company called Black Ops partners, and you might want to look them up. They've got just a ton of cool information. It's headed by the guy who started IBM Corporation's whole security division, which is really kind of neat here. He's won the cybersecurity excellence award, and everything else. So, he and I were talking about cybersecurity 3.0 and where's it going. What should we be doing? And, you know it's really interesting when we get right down to it. But, the bad guys are out there. They are coming after us, and they're coming after us in a big way. We've known that right. We've we know the Russians are coming after us. We know the Chinese, in fact, this customer I just picked up. We've been cleaning things up, and just yesterday we installed a brand new Next-Generation Firewall filter and Security Operations Center support for him. [00:03:19] And, this is just a small family-owned company. But, he had been compromised. They were able to get past his firewall, he had a great firewall. Yeah, yeah, yeah, I've heard that story before, and the bad guys got past it and got into his accounting system, found all of his clients, and managed to steal hundreds of thousands of dollars. It's just crazy what happened. He ended up going over to China. To try and find out. So, can we get our money back because the money got transferred over to China? Tens of thousands of dollars later and, of course, now there's lawsuits and legal fees involved and it's pretty crippling. So, that's not surprising, right. It's just like President Trump going out and saying something crazy on Twitter, right. We're used to hearing that new thing that he says out there, but it is not going to change our opinion about President Trump, right. If you had a pro-opinion, you have one after if you had an anti-opinion, you have the same one after, right. That's not going to change things. What changes things is a surprise. What changes things is wow, that's just not what I would expect. And if you had another President in there that didn't normally do the types of things President Trump does, you would be surprised maybe your opinion would change when he did something on Twitter that just shocks everybody in the whole nation or the whole world, [00:04:48] right. You kind of get used to it. Well, here's the big picture. The bad guys aren't just going after your money. They're not just trying to get at your clients, and not just trying to get that information. It turns out that the bad guys include nation-state actors. It's not just some kids in the basement somewhere over in Ukraine that is trying to hack in now. And, we're talking about the risk here of a crippling cyber attack. The Homeland Security secretary, Kirsten Nielson said just this last week, that the U.S. is in crisis mode comparing the dangers of a massive attack to a Category 5 hurricane looming on the horizon. You heard that right. Category 5 hurricane, and there is no graver threat to the United States. An interesting article that I posted up on my Web site by Axios. You can find it there. They've got some quotes from General David Petraeus. He's the former CIA director, and he's quoted as saying, what worries me most is a cyber equivalent of a weapon of mass destruction falling into the hands of extremists who would needless to say be very difficult to deter because of their willingness to blow themselves up on the battlefield and take us with them. Leon Panetta, of course, who was President Obama's former CIA director. [00:06:20] Quotes and On and on and on. But, the bottom line here is we not only have to protect our businesses from these bad guys that we're familiar with, that have been out there for a very long time, but in fact, we've got to protect our businesses from the nation-state actors, as well. Now, I know the FBI has been working closely with businesses to try and secure our infrastructure and headway is being made there. But, it's shocking to me more and more as I get into it, how many hospitals, clinics, doctors offices, small banks, et cetera don't have what's needed. And, they are part of the critical infrastructure. So, again looking into the FBI Infragard, if you're involved with one of these businesses and see if you can't join up if you can pass the Infragard background check and start getting some of this information firsthand that I'm providing and other people are providing to the Infragard members. It is so critically important. And if you're a regular business guy is, I'm just a business regular guy, What do people care? Think about losing everything. Think about your retirement caught up in the business. What's going to happen if that's all stolen from you? And that's what's going to happen, by the way, it's guaranteed. It's going to happen. It's happening every day. And you've got to reconsider your whole security infrastructure. [00:07:55] You've got to work with the company that knows what they're doing, and just a funny note here. I've got to add this in. I got an e-mail this week that came from a mailing list that I'm on, and they were promoting this two thousand dollar course, become a managed security services provider in six weeks. And, you know I have to chuckle because people have a hard time differentiating, right now. How would you differentiate between my company, Mainstream, and one of these guys that six weeks later puts up a shingle, saying yeah I'm a security services provider, right? And I started adding up the hours. And this is the part that really shocked me. Of course, it helps to be a little bit older and having done this for a long time. I have more than 100,000 hours in the I.T. business doing network related stuff including security. Personally, me personally. This isn't our company has a combined 20 years. Me personally, 100,000 hours and I have I just laughed when I saw this. Are you kidding me? People are going to be out there peddling themselves as security providers when all they have is a couple of certifications under their belt and a six-week course. Oh, man anyhow, so now let's go over to our next topic here. [00:09:33] Well, we kind of started out by talking about hackers and what they're doing. We've got a new problem up there, pretty darn big problem. frankly, and this is a phone hijacking now. [00:09:45] You know I've told you before that these two-factor authentication schemes that are using your phone where they send you a text are not terribly secure, right. In fact, they're not secure at all. Well, this is something that's just a little bit different. We've got an article here from Motherboard, talking about California authorities who are saying, that a 20-year-old college student has hijacked more than 40 phone numbers and stolen five million dollars, including some from cryptocurrency investors. Wow. OK, wow is all I have to say here. Here's what's happening this guy Joel Ortiz, he's a 20 year old from Boston. He's alleged to have hacked these victims, using some accomplices who are unnamed, at least as of yet. And, this is the first reported case against someone who's allegedly used a technique known as Sim swapping. So, in Sim swapping so, you know you get a phone, you have an unlocked phone you have a sim that Sim has your contacts and other stuff on it. And, that sim also was used to authorize you to the cellular network. So, now that's what you use to identify your phone, right. So, when someone calls your number it uses the sim, to identify you. That's how that all works. With sim hijacking what happens is they basically steal your sim. Now, they don't even have to have access to your sim. All, they have to do is trick your provider. You know like AT&T, T-Mobile, Verizon, and whatever trick your provider into transferring the target's phone number to a SIM card that's controlled by the bad guy. So, once they get that phone number and there's ways to do this, this is really, well documented where they will call up and pretend they're your wife, or your husband or even you. [00:11:52] And, so many of us are posting information online that makes it possible for them to be able to very easily impersonate you. So they know your wife's name your kid's names your dog's names where you work where you were born where you graduate from college. So, they can pass the so-called anti-fraud stuff when they call up the provider. So, once they get your phone number the bad guys are using it now to reset your passwords and break into your online accounts. Because remember I was saying that using a text message is not true two-factor authentication. In some cases even working, if you do have a separate type of two-factor authentication. And, its called a port-out scam. It's relatively easy to pull off, it's become widespread and that is where they say, yeah I am transferring my phone number from T-Mobile to Verizon, just as an example, right. And, you arrange for that. You're transferring your phone number and when you do that, you have to have a new sim. In many cases you have to, in this case, you'd have to have a Verizon type sim. And, obviously, you'd have to be working on the frequencies Verizon uses et cetera but easy enough to pull off. So, this guy Ortiz was arrested at the L.A. International Airport was on his way to Europe. He apparently had a Gucci bag that was part of a recent spending spree that, of course, they seized because they're alleging that it was financed by some of these scams. He's facing 28 charges, 13 counts of identity theft, 13 counts of hacking, and two counts of grand theft, according to a complaint that was filed. They're going after some of his co-conspirators apparently they have access to millions of dollars in cryptocurrency. [00:13:50] And the interesting quote in here, that I'm not going to quote because it is full of all kinds of nasty stuff. OK. So it's interesting. Think about that. There's a sim swapping community that's out there on the dark web, where people are swapping the information back and forth. At least three of the attacks that happened, he stole more than a half million from a cryptocurrency entrepreneur including a million he'd crowdfunded and an initial coin offering. And, you know I am absolutely against putting money into these things. I don't look at them as an investment. I look at them as highly, risky. It goes on and on. So, bottom line DO NOT tie it to your phone, into authentication for any of these Web sites. Use some of these some of these apps that are out there like Duo or Google authenticator, if you want to learn more about it let me know I'd be glad to put together a special little free mini-course on it, as to how to do all of that. But, that's what we do. We go even further. We not only use those types of apps, we have physical keys that we have to use in order to get on to certain Web sites. In fact, we're expert witnesses right now in a case involving a managed services provider, that they obviously they didn't go to the six week course or they would have known better, who messed up, and wow, major stuff, can't really talk about the case, but similar type of thing that happened with this other client, that we were talking about that we just picked up. It's happening every day. Now, you've got to pull up your socks and pay attention. All right. So, let's get on to the voicemail and how that ties into all of this as well. [00:15:46] Well, remember I was just saying that if you use your phone for authentication, where they send you a text message to make sure you, because you're logging into a new browser or you're logging in from a place that they're not familiar with, right. So, they'll send you a text message and then you enter that code in. Well, the same type of problem exists with your voicemail. Your Google, your Microsoft, Apple, WhatsApp, signal account, they all have an Achilles heel. Now, Signal is interesting because it is designed to keep things secure. WhatsApp is supposed to keep things secure, not as secure as Signal does. But, here is the weakness, and that weakness was disclosed this last week again in Vegas. In case you weren't aware of it, there was the Black Hat conference. And at that people were talking about different ways to hack, new things they found, Defcon as part of that, right. One right after the other, these two conferences out there in Vegas. So, this particular one was by Martin Vigo. He was over at the Defcon convention, and he explained how he managed to reset passwords for a whole bunch of different types of online accounts. So, he took advantage of the weakest link in the security chain which is. believe it or not, your voicemail. [00:17:17] So, what he did was he requested a password reset on some of these services, like WhatsApp, because you have the option of requesting you receive a call with the reset code. So, that's more than just receiving a text, it's actually a phone call. So, people think OK, well that's safe right. [00:17:40] Well, no it's even worse than getting a text message because all he had to do was hack the voicemail account first. [00:17:49] How does he do that? Well, he just wrote a little script that just brute force attacked the passwords. All right. Most people are using a four-digit password. And most of the voicemail systems don't have incremental backoffs, where they time out. You know where you get it wrong the first time you have to wait five seconds, you can try again, if you get it wrong three times you have to wait five minutes. Yet are wrong again. You might have to wait an hour etc.. No, no. They just let you hack, hack, hack, hack, hack, hack, hack. And, in fact, he did get access to the account's password reset codes. And, ultimately he got control of the account itself because they sent a reset code via voicemail called up your reset code as 1 2 3 4, and he had previously hacked that voicemail account, and many people it's easy to find. I was on again research for this case, where we are acting as a consultant to the law firm and we may end up on the stand, as an expert witness. But in that type of a situation, all that has to happen is you go to the website, you can find that person's password, you can be again password reset information by just finding what is their phone number. Because people are posting their personal cell phone numbers on websites, or they're posting their business work number on the website. Then I get it right. You [00:19:22] Want people to be able to contact you. But in this case, he got into all of these accounts and he was able to reset them because he got the password via voicemail reset. [00:19:32] Oh man, some of the stuff just never ends does it? All right. So let's talk a little bit about practical security. Got a lot of kids going back to school. [00:19:47] You've got college kids, of course, going back to school. We just had a client bring in a hard disk that was being used for backup. You know one of those pluggable USB drives and guess what it had failed and apparently, their daughter's dissertation was there on that hard drive. And so we took it apart, the case and everything and it looks like it's actually a problem with a hard disk itself might be the voice call. You can hear clicking. So, hopefully, that's what it is it's only going to cost about five thousand dollars to get that a hard disk fixed. We're going to send it out to a lab. We don't actually do that in-house right. Let the experts deal with it. So, guess what doctoral dissertation. Because the machine went south and the backup wasn't working. We hear that all the time. It's incredible. That's why you have multiple layers of backup as well not just one backup. Because in this case her machine failed and she didn't realize her backup wasn't working. Oh man. Anyhow it's really distressing when that happens to you. We've got kids now that are starting to get involved with politics for the 2018 election cycle, the same thing is going to be true with the 2020 cycle. We've got of course harassment hate campaigns. There's doxing going on. Russian hackers going on, and these same people that have been involved in trying to disrupt our elections, are going to be busy again this year and in 2020. [00:21:24] So, anyone who touches sensitive confidential documents, financial records, voter data, you have to protect yourselves. And you might not have thought about that when it comes to these kids, that are working as volunteers may be in election offices that are out there, right. Their favorite candidate left, or right, or center, whatever they might be. [00:21:47] There is a ton of bad advice out there because most of the security folklore that's out there in the I.T. industry really is wrong. It can be even dangerously incorrect. The security world five years ago, today, It's not the same thing, right. So, there are a few things you have to do. I've got a special report. You can no longer get it on my Web site. But it's all about passwords, PASSWORD managers. I give some reviews in there we have some links to using them if you want to find out about password managers e-mail me or just send me a text 8 5 5 3 8 5 55 53, send me a text asking for it. I'll send you the PDF. [00:22:33] I think it's like five or six pages, it's pretty detailed pretty in-depth, I'll send to you. It's something I use with my clients. But, you can you can get that from me. But number one user password manager again if you missed it 8 5 5 3 8 5 fifty-five fifty-three. So, anyhow you've got to generate passwords. Get a security key, a Yubi key is probably one of the better ones out there. But, be careful of using the security keys make sure you know what you're doing because you could break your computer completely if you lose the key. OK. It's kind of crazy but you know Yubi key is out there. There's a lot of other things there. Chrome browser has some really good extensions. HTTPS Everywhere is a good extension to use it. You can enroll Google's advanced program protection and a good article and Medium that I have put my Web site Craig Peterson dot com. You can go there and read up a little bit more. Well only got a few minutes left so, let's kind of whip through these last few things for this week again you will find all of this and more in the newsletter. Now, we sent out the newsletter on Thursday this week as opposed to Saturday morning. [00:23:51] We want to see if that's a little better if you guys pick it up that way. I think a lot of people are subscribed to their work e-mail address, which means you might not notice it when you come in on Monday morning. So, if you check your e-mail you'll see it's from me at Craig Peterson dot com. All of these articles with direct links to them so you can find out more. We also have special offers, from time to time, like a couple of months ago we offered that password special report, as well. But a VPN is very important. We use them all the time. We have our own VPN. And, the whole idea behind it is you have a tunnel, hopefully, a secure tunnel. Be careful where you are going, when it comes to VPNs. Geo-blocking is a good thing to get around with a VPN, but as I mentioned at the beginning of the show I have a client that is heading over to Europe and he was asking about VPNs and what he might want to do what he should do. So, I got good advice on that as well. I know I can send you more information. There's a cool new Alexa's skill. [00:25:02] Is really really neat. It's plain these fake stupid arguments to make people burglars think that you're at home. [00:25:10] Ok, so one of them is an emergency PTA meeting to discuss Memes, fidget spinner's, and other teen fads. There's another one where couples having a breakup while also trying to watch TV. Another one-two average guys brainstorm what's unique about themselves so, they can start a podcast about that. Oh man. There's another one that they can play where they have conversations from a book club, where no one discusses the book. A mom walking her daughter through Ikea assembly over the phone, a stay at home mom losing her mind, and an argument over a board game. Very cool you can. You can find those for Alexa. Great article in Slashdot. You'll find it on my Web site and cool for burglars keep them out of your home. Three trends that the hackers a black hat and DefCon were talking about and what they're watching. Mobile devices have moved up the list. The Internet of valuable things, IoT has become very, very big deal. I should do some special stuff on some of this for people and audio hacking. It is now a thing. So, you can find all of this and more details. CRAIG Peterson dot com check your e-mail if you're on my list. Also, I've been trying to send it out via a massive few are on my text list, a link I send out to everybody with this week's articles but you'll find all of this. Craig Peterson dot com, any questions any requests. Just text me. I've been answering people all week long and fact to getting more and more every week 8 5 5 3 8 5 55 fifty-three and I'll send you I'll put on my text list and let you know about current events what's happening and little reminders about the show and stop 8 5 5 3 8 5 55 53. Have a great week and we'll be back again next week and I'll be sure to let you know if anything big is hitting the fan during the week. Take care. Bye-bye. --- Related articles: Hackers can seize practically all your online accounts, and it’s your voicemail’s fault Practical Security for the Prudent American Ever left your lights on a timer to scare off burglars? Now you can use your Alexa Special Report: America’s Greatest Threat Is A Hurricane-Force Cyberattack How A Hacker Allegedly Stole Millions By Hijacking Phone Numbers Everything You Wanted To Know About VPNs (But Didn’t Want To Ask) 3 Trends Hackers At Black Hat And Defcon Are Watching --- More stories and tech updates at: www.craigpeterson.com Don't miss an episode from Craig. Subscribe and give us a rating: www.craigpeterson.com/itunes Message Input: Message #techtalk Follow me on Twitter for the latest in tech at: www.twitter.com/craigpeterson For questions, call or text: 855-385-5553
Tim Kelton is co-founder and cloud architect for Descartes Labs. Prior to starting Descartes Labs, he was a R&D engineer for 15 years at Los Alamos National Laboratory, working on problem areas such as deep learning, space systems, nuclear non-proliferation, and counterterrorism. Tim talks to Craig and Adam about the use of Kubernetes and Istio in geopolitics, machine learning and food supply. Do you have something cool to share? Some questions? Let us know: web: kubernetespodcast.com mail: kubernetespodcast@google.com twitter: @kubernetespod News of the week Cloud Native Computing Foundation Announces Prometheus Graduation OpenMetrics project accepted into CNCF Sandbox An Exciting New Direction for the Kubic project Demystifying RBAC in Kubernetes Kubebuilder 1.0 scaffolds (with a C) Kubernetes APIs and operators Getting Started GitHub Operator Lifecycle Management - it’s operators all the way down Links from the interview Descartes Labs Climate Change and Rising Food Prices Heightened Arab Spring Why DARPA Funded a Farm Tech Startup Announcing our $30M Series B Global-scale water monitoring in the cloud Beowulf clusters (a Slashdot meme) Omega and Borg papers Mountain biking in Sedona Descartes Labs Python client SRE books: Site Reliability Engineering The Site Reliability Workbook - free until August 23 Descartes Labs talks from Cloud Next ‘18: SRE Quality Operations for Your Services Using the Istio Service Mesh & Stackdriver - with Tim Kelton and Jay Judkowitz from Stackdriver Service Monitoring How Computers See the Earth: A ML Approach to Understanding Satellite Imagery with Kyle Story Building Multi-Tenancy ML Applications with GKE and Istio to Better Understand the Earth with Tim Kelton and Sam Skillman Descartes Labs GeoVisual Search - find the squares on the globe that look most like a given square Tim Kelton on Twitter
Welcome to episode 56 of The Bitcoin Game, I'm Rob Mitchell. I met Peter Kroll at a Bitcoin conference about a year ago. When I asked Peter what his involvement was with Bitcoin, he told me he created the original Bitcoin paper wallet at BitAddress.org. I was pretty impressed, having used his tool often! Peter had kept it a secret that he was behind BitAddress.org until late 2014, and even since then, he's kept a pretty low profile. We cover a ton of topics in this exclusive interview, including Peter's introduction to Bitcoin, his paper wallet system, Bitcoin's division, and much more. EPISODE LINKS The First Bitcoin Paper Wallet https://BitAddress.org Peter's SlashDot introduction to Bitcoin https://news.slashdot.org/story/11/05/19/0149234/mint-it-yourself-with-a-browser-based-bitcoin-miner Curaçao https://en.wikipedia.org/wiki/Curaçao Peter "PointBiz" Kroll on BitcoinTalk https://bitcointalk.org/index.php?action=profile;u=17857 First BitAddress.org thread on BitcoinTalk https://bitcointalk.org/index.php?topic=43496 BitcoinTalk BitAddress.org art contest posted by Mike "Casascius" Caldwellhttps://bitcointalk.org/index.php?topic=92969 BitAddress.org on GitHub https://github.com/pointbiz/bitaddress.org BitAddress Changelog https://www.bitaddress.org/CHANGELOG.txt.asc Entropy (Hackaday article) https://hackaday.com/2017/11/02/what-is-entropy-and-how-do-i-get-more-of-it BitcoinJS https://github.com/bitcoinjs/bitcoinjs-lib Tom Wu's JSBN Library http://www-cs-students.stanford.edu/~tjw/jsbn/ Live USB Linux https://www.linuxliveusb.com BitKey (bootable USB image for cold wallets) https://bitkey.io Tails https://tails.boum.org Canton Becker's Bitcoin Paper Wallet https://bitcoinpaperwallet.com Ian Coleman's BIP39 Mnemonic Converter Tool https://iancoleman.io/bip39/ Coldlar (new hardware wallet) https://www.coldlar.com Coinbin (offline transaction signing library, uses QR codes) https://coinb.in My interview with Jochen “Johoe” Hoenicke, who discovered Android RNG issues related to insecure Bitcoin wallets https://letstalkbitcoin.com/blog/post/the-bitcoin-game-7-bitcoin-hero-jochen-aka-johoe Estonia - National ID Card RNG Flaw https://www.schneier.com/blog/archives/2017/09/security_flaw_i.html Generating private keys with dice http://kiararobles.com/blog/generating-private-keys-with-bitcoin-dice.html Monero https://getmonero.org Decred https://www.decred.org The Future Of Bitcoin - Peter Kroll asks Craig Wright some questions @ 1:15:50 https://youtu.be/v1_gxvx_QGo?t=1h15m50s Counterparty https://counterparty.io ERC20 https://support.exodus.io/article/108-what-is-an-erc20-token-and-does-exodus-support-it Peter Kroll - Private Key Custody - Crypto Mexico - Ethereum Devcon 3 https://www.youtube.com/watch?v=idLaVk-3pDk Peter on Twitter https://twitter.com/pointbiz1 Peter on Reddit https://www.reddit.com/user/pointbiz STAY IN TOUCH Thanks so much for taking the time to listen to The Bitcoin Game! https://Twitter.com/TheBTCGame http://TheBitcoinGame.com Rob@TheBitcoinGame.com SPONSORS BTC Inc. is excited to announce its conference, Distributed 2018. Distributed 2018 is the result of three industry leaders bridging the gap between the Eastern and Western blockchain initiatives and unlocking the power of a global decentralized ecosystem, the conference is the ideal space to meet and network with the people of today influencing tomorrow's technology. An opportunity to deepen your understanding of blockchain technology, gain strategic insights, and grow your network, Distributed is dedicated to bringing the best minds in blockchain together. for more information or to order tickets, visit: https://2018.distributed.com. While much of a Bitcoiner's time is spent in the world of digital assets, sometimes it's nice to own a physical representation of the virtual things you care about. For just the price of a cup of coffee or two (at Starbucks), you can own the world famous Bitcoin Keychain, the growingly popular Litecoin Keychain, or even your own Bitcoin Fork - Pen. As Seen On The Guardian • TechCrunch • Engadget • Ars Technica • Popular Mechanics Inforwars • Maxim • Inc. • Vice • RT • Bitcoin Magazine • VentureBeat PRI • CoinDesk • Washington Post • Forbes • Fast Company Bitcoin Keychains - BKeychain.com Litecoin Keychains - LKeychain.com Bitcoin Fork Pens - BitcoinForks.com All of the above on Amazon - BitcoinNovelties.com Here are some tipping addresses (Lightning tipping, coming soon!) Bitcoin (Segwit) tipping address: 3AYvXZseExRn3Dum8z9tFUk9jtQK6KMU4g Litecoin tipping address: MCszxWfm4y4Ke39vJZLXwULLRgVmBfJy8z Bitcoin Cash tipping address: 1EXYkuuQ49uEioTpHY4ZY99edJczbUqQfu Ethereum tipping address: 0xB8b169192A74746050806671710aeB72F01F6ED1 CREDITS All music in this episode of The Bitcoin Game was created by Rob Mitchell. The Bitcoin Game box art was created from an illustration by Rock Barcellos. Note: We've recently migrated our RSS feed (and primary content host) from Soundcloud to Libsyn. So if you notice the Soundcloud numbers have dropped off recently, that's the reason.
OpenBSD 6.2 is here, style arguments, a second round of viewer interview questions, how to set CPU affinity for FreeBSD jails, containers on FreeNAS & more! Headlines OpenBSD 6.2 Released (https://www.openbsd.org/62.html) OpenBSD continues their six month release cadence with the release of 6.2, the 44th release On a disappointing note, the song for 6.2 will not be released until December Highlights: Improved hardware support on modern platforms including ARM64/ARMv7 and octeon, while amd64 users will appreciate additional support for the Intel Kaby Lake video cards. Network stack improvements include extensive SMPization improvements and a new FQ-CoDel queueing discipline, as well as enhanced WiFi support in general and improvements to iwn(4), iwm(4) and anthn(4) drivers. Improvements in vmm(4)/vmd include VM migration, as well as various compatibility and performance improvements. Security enhancements including a new freezero(3) function, further pledge(2)ing of base system programs and conversion of several daemons to the fork+exec model. Trapsleds, KARL, and random linking for libcrypto and ld.so, dramatically increase security by making it harder to find helpful ROP gadgets, and by creating a unique order of objects per-boot. A unique kernel is now created by the installer to boot from after install/upgrade. The base system compiler on the amd64 and i386 platforms has switched to clang(1). New versions of OpenSSH, OpenSMTPd, LibreSSL and mandoc are also included. The kernel no longer handles IPv6 Stateless Address Autoconfiguration (RFC 4862), allowing cleanup and simplification of the IPv6 network stack. Improved IPv6 checks for IPsec policies and made them consistent with IPv4. Enabled the use of per-CPU caches in the network packet allocators. Improved UTF-8 line editing support for ksh(1) Emacs and Vi input mode. breaking change for nvme(4) users with GPT: If you are booting from an nvme(4) drive with a GPT disk layout, you are affected by an off-by-one in the driver with the consequence that the sector count in your partition table may be incorrect. The only way to fix this is to re-initialize the partition table. Backup your data to another disk before you upgrade. In the new bsd.rd, drop to a shell and re-initialize the GPT: fdisk -iy -g -b 960 sdN Why we argue: style (https://www.sandimetz.com/blog/2017/6/1/why-we-argue-style) I've been thinking about why we argue about code, and how we might transform vehement differences of opinion into active forces for good. My thoughts spring from a very specific context. Ten or twelve times a year I go to an arbitrary business and spend three or more days teaching a course in object-oriented design. I'm an outsider, but for a few days these business let me in on their secrets. Here's what I've noticed. In some places, folks are generally happy. Programmers get along. They feel as if they are all "in this together." At businesses like this I spend most of my time actually teaching object-oriented design. Other places, folks are surprisingly miserable. There's a lot of discord, and the programmers have devolved into competing "camps." In these situations the course rapidly morphs away from OO Design and into wide-ranging group discussions about how to resolve deeply embedded conflicts. Tolstoy famously said that "Happy families are all alike; every unhappy family is unhappy in its own way." This is known as the Anna Karenina Principle, and describes situations in which success depends on meeting all of a number of criteria. The only way to be happy is to succeed at every one of them. Unhappiness, unfortunately, can be achieved by any combination of failure. Thus, all happy businesses are similar, but unhappy ones appear unique in their misery. Today I'm interested in choices of syntax, i.e whether or not your shop has agreed upon and follows a style guide. If you're surprised that I'm starting with this apparently mundane issue, consider yourself lucky in your choice of workplace. If you're shaking your head in rueful agreement about the importance of this topic, I feel your pain. I firmly believe that all of the code that I personally have to examine should come to me in a consistent format. Code is read many more times than it is written, which means that the ultimate cost of code is in its reading. It therefore follows that code should be optimized for readability, which in turn dictates that an application's code should all follow the same style. This is why FreeBSD, and most other open source projects, have a preferred style. Some projects are less specific and less strict about it. Most programmers agree with the prior paragraph, but here's where things begin to break down. As far as I'm concerned, my personal formatting style is clearly the best. However, I'm quite sure that you feel the same. It's easy for a group of programmers to agree that all code should follow a common style, but surprisingly difficult to get them to agree on just what that common style should be. Avoid appointing a human "style cop", which just forces someone to be an increasingly ill-tempered nag. Instead, supply programmers with the information they need to remedy their own transgressions. By the time a pull request is submitted, mis-stylings should long since have been put right. Pull request conversations ought to be about what code does rather than how code looks. What about old code? Ignore it. You don't have to re-style all existing code, just do better from this day forward. Defer updating old code until you touch it for other reasons. Following this strategy means that the code you most often work on will gradually take on a common style. It also means that some of your existing code might never get updated, but if you never look at it, who cares? If you choose to re-style code that you otherwise have no need to touch, you're declaring that changing the look of this old code has more value to your business than delivering the next item on the backlog. The opportunity cost of making a purely aesthetic change includes losing the benefit of what you could have done instead. The rule-of-thumb is: Don't bother updating the styling of stable, existing code unless not doing so costs you money. Most open source projects also avoid reformatting code just to change the style, because of the merge conflicts this will cause for downstream consumers If you disagree with the style guide upon which your team agrees, you have only two honorable options: First, you can obey the guide despite your aversion. As with me in the Elm story above, this act is likely to change your thinking so that over time you come to prefer the new style. It's possible that if you follow the guide you'll begin to like it. Alternatively, you can decide you will not obey the style guide. Making this decision demands that you leave your current project and find some other project whose guide matches your preferred style. Go there and follow that one. Notice that both of these choices have you following a guide. This part is not optional. The moral of this story? It's more important for all code to be formatted the same than it is for any one of us to get our own way. Commit to agreeing upon and following a style guide. And if you find that your team cannot come to an agreement, step away from this problem and start a discussion about power. There have been many arguments about style, and it can often be one of the first complaints of people new to any open source project This article covers it fairly well from both sides, a) you should follow the style guide of the project you are contributing to, b) the project should review your actual code, then comment on the style after, and provide gentle guidance towards the right style, and avoid being “style cops” *** Interview - The BSDNow Crew, Part II News Roundup Building FreeBSD for the Onion Omega 2 (https://github.com/sysadminmike/freebsd-onion-omega2-build) I got my Onion Omega 2 devices in the mail quite a while ago, but I had never gotten around to trying to install FreeBSD on them. They are a different MIPS SoC than the Onion Omega 1, so it would not work out of the box at the time. Now, the SoC is supported! This guide provides the steps to build an image for the Omega 2 using the freebsd-wifi-build infrastructure First some config files are modified to make the image small enough for the Omega 2's flash chip The DTS (Device Tree Source) files are not yet included in FreeBSD, so they are fetched from github Then the build for the ralink SoC is run, with the provided DTS file and the MT7628_FDT kernel config Once the build is complete, you'll have a tftp image file. Then that image is compressed, and bundled into a uboot image Write the files to a USB stick, and plug it into the Omega's dock Turn it on while holding the reset button with console open Press 1 to get into the command line. You will need to reset the usb: usb reset Then load the kernel boot image: fatload usb 0:1 0x80800000 kernel.MT7628_FDT.lzma.uImage And boot it: bootm 0x80800000 At this point FreeBSD should boot Mount a userland, and you should end up in multi-user mode Hopefully this will get even easier in the next few weeks, and we'll end up with a more streamlined process to tftp boot the device, then write FreeBSD into the onboard flash so it boots automatically. *** Setting the CPU Affinity on FreeBSD Jails with ezjail (https://www.neelc.org/setting-the-cpu-affinity-on-freebsd-jails-with-ezjail/) While there are more advanced resource controls available for FreeBSD jails, one of the most basic ways to control CPU usage is to limit the subset of CPUs that each jail can use. This can make sure that every jail has access to some dedicated resources, while at the same time doesn't have the ability to entirely dominate the machine I just got a new home server: a HP ProLiant ML110 G6. Being a FreeBSD person myself, it was natural that I used it on my server instead of Linux I chose to use ezjail to manage the jails on my ProLiant, with the initial one being a Tor middle node. Despite the fact that where my ML110 is, the upstream is only 35mbps (which is pretty good for cable), I did not want to give my Tor jail access to all four cores. Setting the CPU Affinity would let you choose a specific CPU core (or a range of cores) you want to use. However, it does not just let you pick the number of CPU cores you want and make FreeBSD choose the core running your jail. Going forward, I assumed that you have already created a jail using ezjail-admin. I also do not cover limiting a jail to a certain percentage of CPU usage. ezjail-admin config -c [CORENUMBERFIRST]-[CORENUMBERLAST] [JAIL_NAME] or ezjail-admin config -c [CORENUMBERFIRST],[CORENUMBERSECOND],...,[CORENUMBERN] [JAILNAME] And hopefully, you should have your ezjail-managed FreeBSD jail limited to the CPU cores you want. While I did not cover a CPU percentage or RAM usage, this can be done with rctl I'll admit: it doesn't really matter which CPU a jail runs on, but it might matter if you don't want a jail to have access to all the CPU cores available and only want [JAILNAME] to use one core. Since it's not really possible just specify the number of CPU cores with ezjail (or even iocell), a fallback would be to use CPU affinity, and that requires you to specify an exact CPU core. I know it's not the best solution (it would be better if we could let the scheduler choose provided a jail only runs on one core), but it's what works. We use this at work on high core count machines. When we have multiple databases colocated on the same machine, we make sure each one has a few cores to itself, while it shares other cores with the rest of the machine. We often reserve a core or two for the base system as well. *** A practical guide to containers on FreeNAS for a depraved psychopath. (https://medium.com/@andoriyu/a-practical-guide-to-containers-on-freenas-for-a-depraved-psychopath-c212203c0394) If you are interested in playing with Docker, this guide sets up a Linux VM running on FreeBSD or FreeNAS under bhyve, then runs linux docker containers on top of it You know that jails are dope and I know that jails are dope, yet no one else knows it. So here we are stuck with docker. Two years ago I would be the last person to recommend using docker, but a whole lot of things has changes past years… This tutorial uses iohyve to manage the VMs on the FreeBSD or FreeNAS There are many Linux variants you can choose from — RancherOS, CoreOS are the most popular for docker-only hosts. We going to use RancherOS because it's more lightweight out of the box. Navigate to RancherOS website and grab link to latest version sudo iohyve setup pool=zpool kmod=1 net=em0 sudo iohyve fetch https://releases.rancher.com/os/latest/rancheros.iso sudo iohyve renameiso rancheros.iso rancheros-v1.0.4.iso sudo pkg install grub2-bhyve sudo iohyve create rancher 32G sudo iohyve set rancher loader=grub-bhyve ram=8G cpu=8 con=nmdm0 os=debian sudo iohyve install rancher rancheros-v1.0.4.iso sudo iohyve console rancher Then the tutorial does some basic configuration of RancherOS, and some house keeping in iohyve to make RancherOS come up unattended at boot The whole point of this guide is to reduce pain, and using the docker CLI is still painful. There are a lot of Web UIs to control docker. Most of them include a lot of orchestrating services, so it's just overkill. Portainer is very lightweight and can be run even on Raspberry Pi Create a config file as described After reboot you will be able to access WebUI on 9000 port. Setup is very easy, so I won't go over it The docker tools for FreeBSD are still being worked on. Eventually you will be able to host native FreeBSD docker containers on FreeBSD jails, but we are not quite there yet In the meantime, you can install sysutils/docker and use it to manage the docker instances running on a remote machine, or in this case, the RancherOS VM running in bhyve *** Beastie Bits The Ghost of Invention: A Visit to Bell Labs, excerpt from the forthcoming book: “Kitten Clone: Inside Alcatel-Lucent” (https://www.wired.com/2014/09/coupland-bell-labs/) OpenBSD Cookbook (set of Ansible playbooks) (https://github.com/ligurio/openbsd-cookbooks) 15 useful sockstat commands to find open ports on FreeBSD (https://www.tecmint.com/sockstat-command-examples-to-find-open-ports-in-freebsd/) A prehistory of Slashdot (https://medium.freecodecamp.org/a-pre-history-of-slashdot-6403341dabae) Using ed, the unix line editor (https://medium.com/@claudio.santos.ribeiro/using-ed-the-unix-line-editor-557ed6466660) *** Feedback/Questions Malcolm - ZFS snapshots (http://dpaste.com/16EB3ZA#wrap) Darryn - Zones (http://dpaste.com/1DGHQJP#wrap) Mohammad - SSH Keys (http://dpaste.com/08G3VTB#wrap) Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv (mailto:feedback@bsdnow.tv)
Steve Klabnik @steveklabnik | Blog | GitHub Show Notes: 02:56 - Getting Into Rust 05:51 - Working on Rust for Mozilla 07:01 - Writing Documentation and Preventing Burnout 13:24 - The Rust Programming Language 18:45 - Rewriting Firefox in Rust 21:20 - High-level Functions 25:23 - Typesystem and Concurrency 36:35 - Rust and Web Developers; Digging Into Rust on a Deeper Level 43:46 - The Rust Ecosystem and Using Rust on a Day-to-Day Basis 48:38 - The Rust Book Resources: Rust For Rubyists Cargo Servo Application Binary Interface (ABI) MetaLanguage (ML) Tokio Systems Programming intermezzOS Steve Klabnik: Exploring Ruby Through Rust What's new with “The Rust Programming Language”? rustbook Transcript: CHARLES: Hello everybody and welcome to The Frontside Podcast episode 51. I'm here, my name is Charles Lowell. I'll be hosting today. With me is Chris Freeman, also of The Frontside and with us is Steve Klabnik. Now, most of you probably heard of Steve before. My first encounter with Steve was actually at the LoneStarRuby Conference back in... Gosh, I don't know. It was many, many years ago and he was giving a talk on Shoes, which I also had never heard of before. It was a wonderful story of a code archaeology project where he was kind of investigating, rehabilitating, and in carrying forward a project that the 'why the lucky stiff' had done. That was a wonderful introduction but it was certainly not the last time that I encountered him in his writings and in talks and stuff, mostly within the Ruby community. But it popped up again and again, talking about Rust APIs and always making a point to take a good knowledge that he'd learned and spread it around. Personally, I've lost track of Steve or hadn't really heard much of what he was doing for a while. But then Chris came into the office and he was always talking about this language called Rust. While I've heard Rust, Chris was just all about it and wanted to have Steve come on the show because it turns out that Steve, you've been really, really, really into Rust these last few years and sounds like concentrating most of your work there. STEVE: That is totally true and accurate. Also to go back a bit, that means that you are in attendance for my very first conference talk ever. CHARLES: Really? STEVE: That was literally the first one. CHARLES: Wow, it was a great start. That was a great story. It was educational and also touching. STEVE: Thank you. It's actually interesting because what happened was is that someone else who works on Shoes have encouraged me to submit to RubyConf and I was like, "Who would want to hear me talk at a conference?" I submitted the talk and RubyConf accepted it and I was really excited. Then a bunch of other conferences noticed and two other conferences had asked me to give a talk before RubyConf happens and LoneStar was one of them and it was the first one chronologically. That moment was also very special to me as well. CHARLES: Fantastic. What year was that? STEVE: I want to say it was like 2012 or 2011. It's really hard for me to pay attention to time and date. My history is so complicated that I often forget. I've literally told people that I'm 10 years old or younger than I am because I would like mess up to date on the things. It just happens. CHARLES: Yeah, but it was a while ago and it's been quite a journey, in between now and then. STEVE: Yeah, definitely and you're also definitely right. It is now literally my day job to work on Rust so it is definitely the focus of most of my efforts. Partly, why I made that happen was because it was the focus of all my hobby efforts before I made my job. It's definitely been a couple of years that I've been a full-time on all the Rust stuff. CHARLES: How was it that you actually got into Rust? How did you hear about it before everybody else and how did it capture your attention? STEVE: I've always liked programming languages and learning different programming languages. Ruby was sort of where I became known professionally. But it wasn't the first language that I knew and I knew it was never going to be the last. As much as I always loved Ruby and I'm like literally have a tattoo on my body so I will be with Ruby forever. I always try to learn new stuff and I find it exciting. I'm from middle of nowhere, Pennsylvania in the suburbs of Pittsburgh on a cattle farm and I was visiting my parents for Christmas one year. There's not really a whole lot to do out of the very small town so I was just reading the internet, as usual and it turns out that that was the day that Rust 0.5 had been released. I saw this release announcement go by and I was like, "I vaguely heard of this programming language once or twice maybe. I don't have anything to do. Let's give it a try." I downloaded and installed it. I looked at their tutorial and the tutorial has a problem that a lot of tutorials had, which is I read it, I said, "This all makes sense," I tried this down to write a program, and I had no idea how to actually write a program in it at all. I'm just completely confused. I couldn't actually apply the sort of syntax stuff that I learned. At the same time, I was going to be working on this hypermedia book -- that was my plans for that trip -- as always, you just rewrite your tooling over and over again. You [inaudible] like, "Just don't write the thing. Write the tools that make the thing," so I wanted to try out a new way to take mark down and generate PDFs in HTML, involving pandoc. I sort of had that all set up and I said, "Well, let me give this a try run. What I'm going to do is I'm going to write down what I learned in Rust as I learned it," and sort of from a Ruby programmers perspective, I'll use that and working with my new tooling to see if it works to actually work on the real book and it will also help me understand Rust better because one of the reasons why I do all this sort of teaching and advocacy is because I think it helps me learn. Just as much as I like helping other people learn stuff, I find that the repetition and being forced to explain something to someone else really make sure that I understand what I'm talking about. That's what the thing called Rust for Rubyist became boring. I'm a sucker for alliteration and that sort of became the first to tutorial for Rust from outside of the Rust projects proper. From there, I went on to submit some pull requests because everything's open source so I wrote some documentation and funny enough, my first ever pull request to Rust was actually rejected based on procedural grounds. At the time, they didn't actually accept pull request to master, they accept this other weird branch and GitHub don't have the ability to re-target the branch of the pull request. I also, always like this story because the thing that I now on the core team of, like my first attempt at getting involved was wrong and was turned down. But I'd fixed that pull request issue and got that in but it is kind of kept working on an open source capacity for a while and then decided to ask Mozilla if I can make it my job. Luckily they said yes. CHARLES: Wow, so what? Your job at Mozilla, like you just kind of showed up and said, "I would like to have a pretty cool, awesome job, working on this brand new language," and they were like, "Sure, come on in?" STEVE: To some degree, yes. That's one way of putting it. There is always the devil in these details. The first thing is that that wouldn't have worked if I had wanted a different kind of job. But when someone comes to you and says, "I would like to write documentation for you all day," you go, "Oh, my gosh. This literally never happens." If I had wanted to like work on the compiler, I'm pretty sure they would have said no. But because they knew documentation was important and they wanted documentation and because I had already been basically doing that job in an open source way, it's like I've had a year-long interview already. Then finally, they actually didn't have headcount at the time so I actually moved on as a contractor initially and had to do some freelance work and then eventually, once we were able to hire a new person kind of got it in. They're like a cool kid story. It's like, "Oh, yeah. I totally asked Mozilla for my perfect dream job and they just gave it to me," but like that's not really the way that it works. CHARLES: Got you. That actually leads me into a question that I have wanted to ask you. You write a very good documentation as your day job and documentation is extremely hard. For me, it is extremely hard to get and stay motivated to document something that I've worked on. I think that is probably a common enough experience for programmers. We don't recognize because we use documentation that it's extremely valuable and yet, it still this thing that is just a constant uphill battle. I'm curious, how do you manage to stay motivated to write documentation for an entire programming language over the span of years? STEVE: As I'm often want to do, this has like three or four different components. I guess, there's a couple of different things involved. The first one is that I actually got accepted to go to English grad school, although I ended up not pursuing that. Like writing, it's something I have just always enjoyed. I got a Bachelor in Computer Science but then I was going to go to grad school for English and due to university shenanigans, it didn't really work out. They told me I was going to get a free ride and then accepted me and then they were like, "Oh, wait sorry. You have to pay for this." And I was like, "Wait, sorry. No, I'm not doing this anymore. That's ridiculous." That's kind of always a predilection for writing and I think that the reason why that is because I grew up basically like on Slashdot and eventually then on Dig and Reddit and all these other things. I've kind of been writing a couple paragraphs a day, basically every day in my life since I was a little kid. I think that's something that's sort of like underappreciated. Documentation is hard but it's like a skill, like any other thing. Programmers will say, "I really want to learn TDD so I'm going to make myself do some TDD, I'm going to practice it, I'm going to focus on it and that's going to be a skill that I'm going to improve," and then they see documentation, and they kind of think it's this thing that you either have the skill or you don't. But writing is just another thing like anything else that you can practice at and get better. I think maybe it's because it's a little bit farther away from the wheel house of what you do day to day, that people aren't as interested in it but it is something you're truly interested in, I think the best way to get better is just to do it and do it a lot. I say this is I'm kind of in the middle of a little bit of writer's block at the moment to be honest. Then finally, I think the other reason that I'm motivated about docs is that I actually believe that documentation is an exercise in empathy. Like good documentation, the ideal as a programmer, the ideal thing that happens in documentation is I have a question about how to use something, I go to the documentation, and it says the exact sentence that answers my exact question. As those varying degrees of vaguely gives you the right idea, versus literally tells you exactly what to do. I think that the way that you can accomplish that excellent documentation is by understanding what your users need and then preemptively figuring it and/or writing that down. I think that that requires being able to put yourself in their shoes to some degree. I'm not going to say that that's a thing that I am perfect at but I think that a valuable skill when trying to improve docs's like figure out what they actually need and then give it to them. It's doesn't always have to be in that order, like sometimes people will fail to find the thing they need, tell you what you need, and then you give it to them. That's a strategy I've used a lot and that's one reason why I hang out in the Rust IRC all the time, helping people is for a very long time, I would like sit in IRC, someone would ask a question, I would answer the question, I'd go look in the docs and see if they could have figured out themselves. If they couldn't, that would be might next doc PR. It's just like even if it's just a couple sentences like add the question from IRC into the documentation and then just do that over and over and over again and then eventually, people start learning from the docs instead of actually ask questions because they already found what they needed. CHARLES: Right. I have a question about that because once you develop those skill, I think you also still run the risk of like burning out. I know that one of the reasons I tend to always fall back to like, "I'm going to spend my time doing coding instead of documentation," Or, "I'm going to spend my time --" Even with TDD is a great example is like with TDD you get to experience those short term wins. I think that kind of prevents you from burning out, where sometimes when I'm writing documentation, it feels like I'm screaming at the void. I might be screaming really loud and really, really well but I feel like a lot of times, I'm not experiencing those wins and I'm wondering if you have any tips for like experiencing those wins. Or getting that feedback to kind of keep you motivated and keep you doing the job. Also, trying to push the level of your own documentation skill and communications skill. STEVE: Yeah, experiencing the wins is definitely a part of it. But one of the other things that is sort of part of it is that like I do the opposite. I do a lot of coding but that's my side projects. When I get fed up with writing documentation, I maintain the [inaudible] implementation that Cargo uses to resolve Rust packages, for example. If I'm feeling a little stuck on docs, I'll go write some software and then come back to the docs so that kind of help with burnout. Another thing is that I think I'm just like perpetually in a state of just barely above burnout anyway so that also sort of factors in I guess. You know, it's like Bruce Banner. The secret is that I'm always angry so -- CHARLES: So you work on open source, is that what you're saying? STEVE: Yeah, exactly. We're working on open source all the time. I've been lucky enough to make open source as my job for, basically almost my entire professional career. Although not totally. You know, at some point, you just kind of get used to it. But in terms of experience and the wins, this is also one of the reasons why I like to teach beginners specifically is that beginners allow you to remember what it's like to be a beginner, which is also part of building the empathy. By interacting with beginners a lot, you also get a lot of those wins because beginners usually ask easy questions so it's easy to figure out the answer that stuff. Then you've got that positive feedback loop kind of going. To me it's maybe not IRC literally for every project but answering questions on Stack Overflow, or whatever message board forum you have, or Twitter, like actually interacting with other people. For me at least, that's how I get that kind of sense of not screaming into the void that you have to like go into the void and find the other people there, I guess, that I'm just like come to you necessarily. CHARLES: Speaking of empathy for beginners, it just occurred to me that we didn't actually talk about what Rust is. We probably should do that. Why don't you tell us a little bit about the Rust, language, as well as, you've mentioned Cargo and [inaudible] ecosystem for us as well? Let's talk about that. STEVE: Yeah, totally. Basically, Rust is a new-ish. I should stop saying new because it's almost not really at this point. A kind of new-ish programming language, heavily sponsored by Mozilla in development. Its idea is to become a new low-level programming language. But I always hesitate when I say this because one of my old pitches for Rust used to be like, "Rust could be used anywhere. You can use C." Then people go, "I would never write, C is so cool. Rust is not for me." I'm like not do that. But the reason that people don't use C is a lot of the problems that we are also trying to fix. I guess the primary differentiator for Rust in terms of like programming languages theory is that it is safe and safety as they got specific meaning. But basically C is a very dangerous sharp tool and you can cut yourself and people who use those tools often do cut themselves, whereas Rust is like it's got a safety guard on it. It's a compiled language so its compiler actively prevents you from making some of the worst mistakes that you can make in a low-level programming language like C. It turns out that when you start building up these sort of safe abstractions on top of these really fundamentally low-level details, you actually end up with a relatively high-level programming language. I talked to a lot of people, for example from JavaScript or Ruby world or Python world who come to Rust that are modulus, some libraries, and other things. This is actually high-level enough that I feel like I could do this instead of review JavaScript all day and I would be just as comfortable. The other day, I did a little bit pair programming and we actually recreated a JavaScript library in Rust that had virtually the same interface because like you can actually build relatively high-level things so pass an enclosure to a function that does some stuff is totally normal and Rust world. That's also very familiar to people that come from the Ruby, JavaScript, Python background. Also then, as part of that is we also culturally like Rust the projects, not Rust the programming language, really, really cares about helping people understand what systems programming and like lower-level programming means. A lot of people will not program and in C or C++ because they have no idea how to get help or to learn because many people in the low-level space have this RTFM attitude or like, "If you don't know what you're doing, then get out of here," whereas in Rust world, if you ask an extremely basic question, we're like, "Welcome. We would love to have you. I would be very happy to like walk you through," like explaining how that works on these kind of low-level details. Part of the culture of Rust is to bring this sort of low-level programming to people that have rejected it before for various reasons. The reason that Mozilla cares and the reason Mozilla sponsored the project is that Firefox is written in C++, so like four million lines of C++ last I checked. Last time we did a security audit of a really pants-on-fire, terrible security bugs in Firefox, I go to this website and now they run arbitrary code on my machine kinds of terrifying bugs. Basically happened because C++ is dangerous and sharp. If you screw up, there's the kind of bad things that can happen. About 50% of those security issues in Firefox would be eliminated at compile time by the Rust compiler. That's a really huge win in general so the idea is that we are slowly rewriting Firefox and Rust over time. That's one angle of why Mozilla cares about Rust. The second part is Servo, which is a rendering engine that's built in Rust from the ground up. If you think about Firefox proper, it's got Gecko as the rendering engine inside that actually determines where things go on the page and stuff. We're also writing a new one of those from scratch called Servo in Rust. That was also to prove that the language was doing the kind of things that we need it to do. But also Servo is an impressive piece of technology in its own right so it might become its own thing and/or bits and pieces of it are already making their way into Firefox. It's kind of also a way to improve our core products. That's why Mozilla cares. CHRIS: I was curious with Servo and Servo is the layout engine. Do you know if there are any plans to write a JavaScript runtime in Rust? STEVE: That question is complicated. Sort of what it boils down to is that a Git is inherently kind of unsafe by Rust definition of unsafety. It's actually controversial like when I talk to people that work on JavaScript engines, they're pretty much 50/50 split between, "Oh, yeah. Totally Let's absolutely rewrite the whole thing in Rust because we rewrite it every two or three years anyway from scratch so why not use Rust next time," to, "Since it's massively unsafe anyway, I don't see what benefit I would actually get so why not just stick with what we know." It's like very extreme ends. It's definitely feasible but I don't know if it's going to happen and/or when exactly. CHARLES: There were two questions that I had kind of to unpack some of the things that you said in there that were just really interesting to me. You said Mozilla plans to incrementally rewrite Firefox in Rust, where it's currently four million lines of C++. Now, how does that actually work where you're talking about swapping out large parts of the runtime with something that's written in a completely separate language? How does that communication happen between those language boundaries? STEVE: There's this concept called an ABI, not API. It may sound very similar -- Application Binary Interface. What this really boils down to is assembly language does not have function calls. That's not a concept, that's in assembly. People have come up with, "If I write a function and I map it to assembly code, what's the convention about how I do things like passing an argument and return values? How those all that stuff actually work?" Because assembly is so low-level, there are multiple different ways that you can make that happen. There's a number of different specifications how to make that work so C, the programming language, has a very straightforward ABI so any programming language that knows how to call C functions, uses these convention at the assembly level to do the function call. What you can do with Rust is you can say, "Please make this Rust function follow the C calling convention," in that way, any sort of thing that knows how to call C functions can call Rust functions directly. By doing that, you can sort of say like take a chunk of code, write it in Rust, expose a C interface, and then anything that knows how to talk to C, which is virtually everything, can talk to Rust equally as well. For example, one of the earliest production uses of Rust was actually inside of a Ruby gem because Ruby can be extended to C and Ruby knows how to have C extensions. It doesn't actually need to know that it's literally written in C. It just needs to know how to generate the assembly to call the correct functions. That's actually like a thing. Basically, the process is like write a component in Rust, expose this language independent wrapper, and then call into it like you would in C code. CHARLES: So it's really, just they're sharing memory and sharing is like right there in the process and there's no overhead for the intercommunication, it sounds like? STEVE: Yeah, exactly. You could also do all the regular things with JSON-RPC over a socket or whatever if you wanted to. The most efficient way is to literally include it as your binary just like anything else. CHARLES: Which kind of leads me into my next question, which is Rubyist and Pythonista people coming from JavaScript, one of the reasons we don't like to write in C is because, as you mentioned, they're so sharp so we have safety so that you don't have to worry about memory allocation for the most part, the garbage collector kind of has your back there. You access things by reference so you never have to worry about accessing memory. That's not there but kind of the conventional wisdom is that that all comes with a pretty big cost. It's like really, really expensive. I know when I was getting into Ruby and I was explaining a lot of the pushback I got from people doing C and even Java, it was like, "It's going to be super slow because all those high-level features that you love so much, you're paying a lot. A lot for them." My understanding is that's not really true with Rust. Is that fair to say? STEVE: Well, Rust does not have a garbage collector so, yes, it does not pay that cost because it doesn't exist. Now, that also raises a bunch of other interesting questions and basically what it boils down to is a compiler and especially one that has a typesystem, basically asks you to declare certain properties of your code like this function takes one argument only and it's always a string. That's sort of what type safety means. It kind of like a fundamental level. One of the ways that Rust uses type safety is to say, "This pointer to this memory always points to valid memory," and you have to be able to demonstrate that to me at compile time. From those couple of sentences, that sounds extremely complicated but it turns out that most programming code is written in a way that actually works this way. For example, like I'd talk to Yehuda Katz a number of times because we're friends, he also works on the Rust project and he's also well-known in JavaScript and to you all, I would assume. It turns out that the style of Rust code I write is actually extremely similar to the style of JavaScript code that I write is just sometimes there are some tweaks. It is true that those features often do take up a lot of memory and/or rely on any sort of expensive, from a low-level perspective, way of doing things. But it turns out that's actually more of a function of the way that the programming language is made in semantics. You could design a programming language that feels very similar but as very different underlying characteristics. For example, Closures in Rust, the compiler is smart enough to know that if you don't actually capture an environment. Say you're going to add one to every number in a list. You want to do like .map, pass in a closure that takes one argument X and adds one to every single X and then collect that up into like the map join kind of thing, to collect into a new array. That closure that you had passed a map, while it's a closure, it's taking that one argument X and doing X + 1, so it's not really capturing an environment at all. There's actually no reason to allocate a bunch of extra memory because it turns out, it's the same thing as a regular function. The compiler is able to optimize that call away completely to the same thing as if it was a normal function and not a closure, and therefore, you're paying no overhead. Even though, like syntactically, it looks kind of like a closure. Then you're kind of think of that applied to almost everything in Rust. For example, Rust has methods but almost all of them are actually statically dispatched at compile time, as supposed to dynamically dispatched, where you need to look through some sort of object hierarchy because we don't really have inheritance. There's no way to say like this might result to a colon, this class or this class is super class, or this class is super class so I have to do this runtime look up to call functions that just doesn't actually really exist. Part of it is through the fact that these coding patterns don't strictly require this stuff. It's just the way those languages are built and part of it is because as we were building a language, we were extremely sensitive to not include features that would require this really heavy overhead. In a language, that's like a low-level of focus on details, it's extremely hard to talk about the details without code. There's a lot of details, it turns out. CHRIS: One thing that I'm very curious about and one of the things that drew me to Rust actually is the fact that its typesystem is, I guess an ML typesystem. It is like much more [inaudible] to something that you would see in a functional programming language like Haskell, than you would like a regular C++ or Java. CHARLES: Now, a Chris-acronym alert. What is an ML-style typesystem? CHRIS: I'm sure Steve can answer this better than I can but it's a typesystem that uses the Hindley-Milner algorithm for type inference. It does a lot of the heavy lifting for you, in terms of correctness. Is that correct? STEVE: Yeah, I would say more accurately, ML is a programming language. It's the name of the language so by saying like an ML-like typesystem, he means like a Java-type typesystem. It's like a similar statement but about a different language. I always forget what ML stands for specifically but like OCaml has got ML at the end so like OCaml is one of the languages that sort of the family of ML. There's like two branches of functional programming, which of course everything is wrong when you try to organize things this way. Like you could also argue Lisp as a third but there's kind of like the Haskell-style and the ML-style are these two big pillars of functional language stuff and Rust tends to be in the ML sort of family. There's lots of common features between families of programming languages and all that kind of stuff. I think the ultimate point that Chris is trying to make is when I say that Rust is a typesystem, I do not mean it's like Java. There is a wide variety of typesystems and they do all sorts of different things and actually Java has been getting increasingly better over the years as well. But it is much more canned to a functional language in the typesystem, which I think is what you were getting at and serves the actual question, right? CHRIS: Yeah. Actually, I just looked it up and ML stands for MetaLanguage. It is actually is going to serve my question really well. ML was originally designed for theorem improving in math, which is part of why it works really well in functional programming languages. But it also makes sense if you use Rust, how the compiler work from the kinds of things that it catches, like a relatively low effort on your part because it is originally designed to completely prove out a theorem so the compiler is doing that to your program. That leads to my question which is I recently heard someone else on the Rust core team talk about one of the things that Rust really seeks to improve upon is concurrency and parallelism, which is historically very hard. To do that, you could use things like mutexes or reference counting, which Rust has. But they also lean extremely heavily on the typesystem itself to sort of guarantee that your concurrent code is actually going to run safely. On one hand, I'm interested in hearing you expound on that but I'm also really curious how the C, C++, Java programmers take to that sort of thing in Rust because as I understand it, that is a pretty novel approach to that kind of problem. I wonder if there's like pushback from the existing low-level systems community on that stuff. STEVE: I'll do the second part first because it's a little simpler. One thing that I will say is we sort of didn't appreciate over time because we were creating Rust for ourselves, roughly the C++ programmers are working on Firefox, which we had to say for ourselves because I was not literally one of those people but you get the idea, is like assuming that C++ people would be the primary audience. But it turns out that a lot of people that programming C or C++ are pretty happy with it and they like doing things that way. They're a lot smaller of a population than the number of programmers who do not program of those languages, which is true for any language, basically. The sum of all other people is bigger than your specific thing. What that means, I think that in retrospect this seems obvious but at the time, it was like hard to figure out or I definitely did not understand this at that time, that most people would come to Rust from not C or C++ than they would from C and C++, just even by virtue of numbers alone. A lot of the people who are not doing it are not doing it for reasons. They've already rejected it for some sort of purpose and the people who are still doing it often are like happy with what's going on. There's definitely a little skeptical at times of the kinds of things that we can accomplish. Also, our success has been pushing C++ specifically to grow a lot of safety things so we hear a lot of people say like, "In five years, C++ is going to have this tooling that's going to make it also pretty safe, even if it's not as safe as Rust. I'll just wait for that instead." Surprise, low-level programmers are extremely conservative bunch in many instances. The first part, which is the bigger and more interesting one, the typesystem is absolutely how concurrency works in Rust. This is extremely powerful for a number of different reasons. The first one, and I think the fundamental reason why it's done this way is that typesystems don't have any runtime overhead. When you're in a performance-heavy language, that's really the key. Originally, a long ago in Rust, we actually had a garbage collector even, like a very long time ago in Rust. The primary goal was always safety and we thought the only way to accomplish that was with lots of runtime checking, heavy runtime, and all these things. Over time, as the typesystem grew, we realized we could use more and more of a typesystem to eliminate more and more of the runtime because types are checked to compile time so they have no overhead cost, which is awesome. Like Rust references, doing this validation that they're always valid is completely a compile time construct that at runtime, they're literally the same thing as C pointers. That's one reason why the typesystem is really heavily useful for concurrency because you want things to be safe. We also don't want to slow them down. The whole point of concurrency in many instances is to get a speed up. If you introduce too many safety checks to make sure that your concurrency stuff works, you lose all the gains that you were trying to get from being concurrent in the first place. Having that like as low-cost as possible is extremely important. The second one is that concurrent problems are extremely difficult to debug because you need to recreate the exact set of circumstances under which the bug happens. If you have a bug because you have two threads that have a particular access pattern on a particular variable and that's where the bug is introduced, good luck coercing your operating system scheduler into scheduling those two threads at exactly the same way as when the bug happens. To some degree of the way that you fix a lot of concurrency bugs is by introducing an extreme amount of logging and then just kind of let it run and praying that you hit into the situation that causes the bug. That really brutal and doesn't really work. By using the typesystem and verifying it upfront, you just know it will work at runtime because you've already proved the concurrency property before your code even runs. It's also just like a better debugging experience, I think in general. The way that we accomplish this task is extremely novel. I guess I should also say extremely novel to working programmers, like almost all Rust is built off of existing research that has been known in academia for a relatively long time. That's actually one of the places where it gets the name from, it's like taking ten-year old ideas that have a little bit of rust on them, that have found usefulness and bringing them to [inaudible] research. Anyway, the way we accomplish this basically is the typesystem in the standard library, the way that you spin up a new thread, it has a particular type signature and the type signature says, "Only allow the types to be sent to this new thread. There are safe to pass between threads," and/or like, "Only allow references between this thread and that thread of types that are safe to use across thread." What that means is that when you try to spin up a thread and you passes a thing that doesn't work, you get a typesystem error. It turns out this is not concurrent safe collection so it does not have the prerequisite types so therefore, you cannot pass on this thread and you're done. That's sort of like at a core level of how these things work. Then for example, mutex is a type that does have that property so by sticking with non-concurrency thing into a mutex, now you can share it safely. That means we've guaranteed that the compile time that you'd safely done this transfer between threads and that kind of thing. It's not just about mutexes but that's sort of the general approach. The last thing I want to say briefly because I just said a whole bunch of things. I'm sure, I've raised a ton of questions here is that the other powerful thing about using the typesystem for concurrency guarantees is that other people can extend it. If you write a library in Rust, your library will be exactly as concurrency safe as the standard library and as the language itself. It's not like we provide the set of concurrent collections and then we vetted our own implementations and then you're kind of your own or building your own stuff. You can use those exact same types to help guarantee properties on your stuff. Also build alternate threading situations, as well that use the same things and the ecosystem all works together so everything is just concurrency safe by default because it's like a property of typesystems that are being built into the runtime or something. CHRIS: I know that recently, there's been a lot of, I guess excitement about this library called Tokio. It's not like there's future that kind of like promises in JavaScript, then there have been abstractions just kind of consistently being built up but it seems like Tokio is the next step and it's building towards a whole stack of higher-level concurrency things. Is what you just said enables that kind of thing to happen? STEVE: Yes. Tokio is using those exact same typesystem features in order to guarantee that when you have a chain of promises, to use the JavaScript terminology instead of future things, that you make sure that they're safe. This is not literally implemented yet but Tokio, for those who are not paid hyper attention to the Rust space because this is a cutting-edge, the library is gearing up for an initial release in the next week or two. Soon after you hear this or maybe right before you hear this, it's just going to be released. It's extremely cutting edge. But in some ways it follows sort of the node model of concurrency. There's event loops, you chained together, we call them futures, you call them promises together, you put that pile a future chain and do an event loop and watch the concurrency kind of go. One example of how Rust can do cool things is you could -- this is not implemented yet but it will be in the future -- run, let's say, five event loops on five different threads. Then you just tell the framework, "Please run this future chain onto one event loop. I don't care which one," and then it will automatically load balance across the five threads and five event loops because you've guaranteed the compile time that everything is safe to pass between threads so we know that that's just trivial to do and therefore it's like not a big deal. We can add those heavy duty features without worrying about introducing very subtle bugs, which is really cool. CHRIS: That kind of leads me to my next question, which is at The Frontside, we are pretty into web development, in case you didn't know. I am someone who follow Rust a lot and I find it very interesting. But for the most part, I don't have a need to do systems programming on a regular basis. I also wouldn't even really know where to start, if I wanted to do systems programming. As I learned Rust, I tend to always gravitate towards wanting to do things that I would probably do in Ruby or Python, like write the back-end for some web app or something. That goes okay but Rust is very much still in the process of building those abstractions to the point that it's relatively digestible. So I have a couple of questions. One is do you see Rust being a thing that would be used by web developers a lot more broadly and two, how would you recommend that people like me who aren't really familiar with systems programming start to really dig into Rust on a deeper level? STEVE: I would like to think that web programmers will use Rust more often and to be honest, originally, I was extremely skeptical of this. But it's been changing rapidly as time has gone on. Part of that is because as we've gained more experience, actually in programming in Rust, the fact is Rust used to be a lot less ergonomic than it is and now it's fairly ergonomic and will only get more so in the future. That's something that web people or at least, I come from Ruby so Rubyist care a lot about ergonomics, maybe more than anything else frankly. I'm not sure it's the first tool that you'll reach for but I do believe that sometimes, it makes a lot of sense. As one example that I will use, there's not a whole lot about this but basically, npm has started using Rust on the server side for powering the registry. They have three services in production now but they were basically like JavaScript as a language we all know what is the best language for doing this. We have a service that needs a little more oomph so maybe let's rewrite that in Rust instead and use it for those kind of things. I think that there's a lot of situations for web developers where they don't realize they have the power to make things faster without just adding on more servers. I think that's kind of like a compelling sort of [inaudible]. Any sort of background job like any sort of job queue thing is like often better written in a faster language but you would not reach for that faster language first because traditionally, those faster languages have been terrible to use. I think we continue to win on the ergonomics and continue to win the libraries that web developers will reach for Rust like more often than not. In terms of the learning rest on a deeper level, I think that one of the initial things and sounds like maybe you personally are a little past that but maybe not the people who listen this podcast is that I do think that sort of building the things that you would normally build in Ruby or JavaScript or Python is the good first step. For example, right now Advent of Code has been like a really fantastic way of having these little programming projects. If you haven't seen AdventOfCode.com, it's like every day in December up until Christmas, there's a new programming project that you can build the thing in. I've been doing those in Rust and that's a lot of fun and it's a good way to practice and gain some basic literacy. But after that moving at a low-level stuff, my personal thing and I know something you've expressed interest in the past is my side project is building an operating system in Rust. More so, than just that the pitch is, "You've written JavaScript before. Let's write an operating system together. Here is this companion book and I'll show you how," and that's called intermezzOS. It's like I'm basically trying to rebuild an operating systems curriculum but in Rust instead from nothing, like we start off with assembly code and move up into Rust code. CHARLES: Now, you can't even use anything like all the things that we've been describing like threads, kernel level callbacks. You get none of that, right? You have to implement it all from scratch. You can't use POSIX or whatever. You know, 90% of your code ends up going through. STEVE: It turns out that and it's sort of like for reasons that hopefully I'll be able to fix in the future, you need about like 200 lines of assembly code before you get into Rust and then you basically don't need to use assembly again, really. It's not that big of a barrier in terms of [inaudible] things and its copy-paste stuff that I explained extremely heavily so it's like totally an accomplished real thing. Then you're in a real programming language and you can do more normal things on top of it. But one thing about that because it is my side project, the kernel is actually farther along than the tutorial is and I actually need to find some time to write more of the freaking tutorial but this is kind of my personal long-term project over the next, let's say, decade and to have a completely free and open source tutorial for you to learn about operating system developments. That's one of the things I've been doing. Another one that I think that is really extremely useful is once you gain some amount of literacy on this, you can actually start to learn more about how your regular programming language works. I've been giving this conference talk recently. It's called 'Exploring Ruby Through Rust', and I'm like, "Once you know this low-level stuff and you gain this literacy, you can look at the source code of your language as interpreter and learn stuff about it and you can contribute to it maybe even." Maybe that's not the most practical thing or whatever but now that I've spent a bunch of time with Rust, I understand Ruby on a far, deeper level than I ever did before because now I'm not afraid to go poke around in the internals and learn how it really works under the hood and I understand what those internals do far better. Maybe five years ago, I could have told you like, "Ruby is garbage collector. It's extremely basic. But I don't really know what that means." And now I can be like, "Ruby has this mark and sweep generational garbage collector. But it's not compacting or concurrent yet but maybe in a year or two. Now, that's not just a bunch of buzzwords because I have this low-level literacy." CHRIS: Yeah, that's definitely something. I forgot about but every time I go learn something in Rust and initially this happens a lot. Every time I do that and I go back to JavaScript or something else, I find that Rust inadvertently taught me something about the language that I actually work on every day. Especially, when it comes to things like references, values, and the difference between them and debugging weird prototype behavior in JavaScript became so much easier after I had spent some time working with Rust and had had to like actually deal with passing around references or dealing with life times or having the compiler yell at me for a lot of things that I thought were totally normal. Then I'm going back to JavaScript, it's like, "Wait a second --" Suddenly a lot of these pieces are starting to fit together and before what was just as weird mystery, now I can totally see what is happening and start to think about how to fix it. Even though I don't even have the same tools that I do with Rust, it still is extremely useful from that perspective. STEVE: That's awesome. I'm glad to hear it. That's how I definitely felt with Ruby for sure. CHARLES: You know, in terms of actually using it for day to day stuff, is there other plans, is the ecosystem already supporting things, say, a web framework? Like a low-level web framework like Sinatra or Express or even higher one like Rails. STEVE: I guess, like you've already qualified it as web stuff. But I would say, in a broader sense, whether or not Rust is ready today for you, it depends entirely on the ecosystem. I feel like 80% is productive in Rust as I did ever in Ruby. But that's only if there's a library that I don't have to rewrite myself because it doesn't exist yet. That number is actually growing rapidly so I just look because it's like the end of the year and our package ecosystem is actually doubles. This is a request from earlier. I didn't expect Cargo so Rust basically has bundler or yarn/npm built into the language itself. We distribute it with Rust and we have all that great package ecosystem shenanigans. Another great example of Rust over a language like C is the tooling. Basically, what happened was Yehuda and I kind of showed up in Rust world and we're like, "Why are you still using make files. We know a better way." And they're like, "Okay." Then he builds the equivalent of bundler for Rust. Then everyone's like, "Oh, yeah. This is way better. We're not using make files anymore." The tooling situation is very familiar to a dynamic programming language person because we literally had the same people write the tools. That also means you can share packages freely and briefly so operating system development thing is totally intense to be able to use your package manager to download packages to help you build an operating system. For example, X86 has custom assembly instructions that you need to use when interacting with the hardware and someone has already built a package on [inaudible] that wraps the inline assembly up in a nice to use Rust functions. I can just include that package and use it when building my operating system, which is totally mind-blowing. The npm is sort of feel into OS development is just real intense and cool. Back to the ecosystem thing, though. For web application specifically, it's good and also bad. There's actually multiple different web frameworks already at different levels of comparison. For example, you have Nickle which is kind of like Sinatra and you have Pencil, which is kind of like Flask and Python, which is also kind of like Sinatra. Then you have Iron, which is kind of like expressed in JavaScript. There's also like I know of at least two. One of is has been worked on but it's not been actually released. But the code is at least open source yet. I know a second that is being developed fully in private that has not had any public release yet. Then when the Tokio stuff comes out, People are going to be building new frameworks on top of the new async shenanigans and/or porting the async stuff into the existing frameworks. We kind of have a lot of options but there's also a lot of churn and activity and stuff going on in that space so that either terrifies you or makes you enthusiastic. They're basically is like that. We definitely don't have a Rails yet. I don't think that's because a Rails will never exist but because it's a much bigger project to build a Rails than to build a Sinatra. CHARLES: Yeah, and you just need those foundational pieces there in place before you really want to attempt that. STEVE: And I think Tokio is the real foundational piece and it's just taken us a long time to put it all together. The initial tests in Tokio, we could do a 'Hello, World' benchmark like the tech and power benchmark. Some of you are already familiar with those things, or not, they're like 'Hello, World' benchmark. We actually got faster than they are fat than all of them. It just edged out the fastest Java, which is currently the reigning benchmark on it. That's like extremely compelling. Even if after all this stuff is built on top of it but it's taken us a while to build those foundations and we're just getting that point like Tokio is going to have a release, hopefully before Christmas. I've been assured by the end of the year and then people are going to build stuff on top of it and it's just going to explode from there. Here's another little interesting pitch. I'll give you for this, is that one of the things I like about Rust on early ecosystem is it means that if you want to be that person who built the library that does X that everyone uses, there's lots of opportunity in Rust world right now. Where there's a lot of foundational libraries that you could be the person who wrote that thing when everyone knows and loves and uses. Like JavaScript is still kind of there. In Ruby, every library basically exists already so there's no more room to build a foundational thing. But if you're someone who likes working on open source and that story is compelling to you like getting involved in a younger ecosystem, it means that you can have a much larger impact. I maintained the [inaudible] library that things used. The only reason that's true is because I was around before we had one and then Yehuda wrote the initial version and now, I'm maintaining it. There's tons of space out there so if writing a web framework is the thing that's interesting to you, Rust is a great place to explore and actually doing that at the moment. CHARLES: Steve, one of the things that I know you do is you actually write the Rust Book. I heard that you're also in the process of rewriting it along with Carol Goulding, I believe. I was wondering if you could tell us a little bit about that. STEVE: As part of this Steve getting the job right in the docs on Rust thing, I kind of working on lots of stuff so up to Rust 1.0, we knew we needed to have some long form explain all the things that Rust so that became what's called the Rust programming language which I named so because the C programming language and the C++ programming language, the names of the foundational books for those languages so I wanted to continue kind of in that tradition. But there is some problems with that which is I'll say that I'm a little harder on my own work than I think other people are so I hear people tell me all the time that they love the Rust Book and that it's like one of the best programming books that have ever written. But I think it's not that great. The reason why is also because I just know that the way in which I wrote it. You have to remember that Rust 1.0 happened in May of 2015. We were working on language for six or eight years before 1.0 happened so there was lots of changes, language is changing on a daily basis. Now, it's super stable like super, super, super stable. But what that also means is in some like deeper philosophical sense, nobody had had experience programming in what really was Rust yet because we were still like finishing building it's so like how do you write a book on a language that like the precursor language is what you're using and you're trying to see like what is it going to actually end up being like at 1.0. Because it's not like we can just say, "It's done. Now, go write a book, Steve and then we'll release it at that time." The circumstances in which I wrote the original book were I had a very intense deadline of this has to be done by the 15th of May. While the language was coming together, it takes a couple months to put together a book so I had to make sure that the stuff I was starting I would need to go back and re-fix. That also means that I was like much more vague in some places where pieces were still falling into place and you're like, "This is definitely going to be the same. But this might change so I'm going to leave that part off," and then I just have to plow through because the deadline. All those things coming together means that I kind of put together this book that while good and I'm proud of the work that I did, I can do much better. At this point in time, we now have a full year and a half after Rust 1.0 has come out. I know the struggles that people have when learning Rust. I know the ways in which they succeed or fail and I've talked to a lot of people so I'm sort of rewriting the book now, bringing that knowledge and understanding in as well as the fact that the language just been around for a minute so it's much easier. As part of that, I brought on Carol. She goes by Carol Nichols or Goulding. She both has her maiden name and her married name. She's been one of my best friends for a very long time so I'm extremely happy that she's my co-author on this book. The two of us together and working on doing the rewrite, I think that it is possibly the best thing I've ever done or worked on as far as books go, like I'm extremely happy with it and you can read it online right now, if you want to and see if I'm right or wrong about that. But I think it's a far better book than the original book was. It's actually going to publish at No Starch as well. We're donating all the proceeds to charities since we're being paid to actually write the book in the first place, like [inaudible]. It's going to be a much, much easier and better way to learn the language, I think as well. CHARLES: If we want to check that out, where can we find the new version? STEVE: I'll give you a link to put in show notes or whatever as well. But it's Rust-Lang.GitHub.io/book. There's also just like a book repo in the Rust Lang organization on GitHub. All things in Rust is being developed fully in the open so you can read the drafts and see what's been done where. We're getting towards the end, slowly but surely so I'm hoping that's going to be done relatively soon. CHRIS: Well, I'm looking forward to it. CHARLES: Fantastic. Sounds like the documentation is there. It's excellent. The community is there. It's excellent and from what I'm hearing like the kind of the tower of the ecosystem is really being built up. It's not as high as a bunch of other places but it's definitely high enough to jump in and get your feet wet. If you're you know coming from almost any walk of programming. STEVE: It's a lot of work but we seem to be doing good. CHARLES: All right. Well, thanks for stopping in and talking about this with us, Steve. STEVE: Thanks so much for having me. It's been a lot of fun. CHARLES: Yeah, and now Chris, we do need to kind of figure out what is going to be our Rust project here at The Frontside. CHRIS: I'm up for that challenge. CHARLES: Yeah, that'll be some Christmas homework. All right-y. Take care everybody and thanks, as always, for listening. We'll see you next week.
The wait is over, 11.0 of FreeBSD has (officially) launched. We'll have coverage of this, plus a couple looks back at UNIX history, and a crowd-favorite guest today. This episode was brought to you by Headlines FreeBSD 11.0-RELEASE Now Available (https://lists.freebsd.org/pipermail/freebsd-announce/2016-October/001760.html) FreeBSD 11.0-RELEASE is now officially out. A last minute reroll to pickup OpenSSL updates and a number of other security fixes meant the release was a little behind schedule, and shipped as 11.0-RELEASE-p1, but the release is better for it Improved support for 802.11n and various wifi drivers Support for the AArch64 (arm64) architecture has been added. Native graphics support has been added to the bhyve(8) hypervisor. A new flag, “onifconsole” has been added to /etc/ttys. This allows the system to provide a login prompt via serial console if the device is an active kernel console, otherwise it is equivalent to off. The xz(1) utility has been updated to support multi-threaded compression. A number of kernel panics related to VNET have been fixed The IMAGACT_BINMISC kernel configuration option has been enabled by default, which enables application execution through emulators, such as QEMU via binmiscctl(8). The GENERIC kernel configuration has been updated to include the IPSEC option by default. The kern.osrelease and kern.osreldate are now configurable jail(8) parameters A new sysctl(8), kern.racct.enable, has been added, which when set to a non-zero value allows using rctl(8) with the GENERIC kernel. A new kernel configuration option, RACCT_DISABLED has also been added. The minimum (arcmin) and maximum (arcmax) values for the ZFS adaptive replacement cache can be modified at runtime. Changes to watch out for: OpenSSH DSA key generation has been disabled by default. It is important to update OpenSSH keys prior to upgrading. Additionally, Protocol 1 support has been removed. By default, the ifconfig(8) utility will set the default regulatory domain to FCC on wireless interfaces. As a result, newly created wireless interfaces with default settings will have less chance to violate country-specific regulations. An issue was discovered with Amazon® EC2™ images which would cause the virtual machine to hang during boot when upgrading from previous FreeBSD versions. New EC2™ installations are not affected, but existing installations running earlier releases are advised to wait until the issue is resolved in an Errata Notice before upgrading. An Errata Notice to address this is planned following the release. *** process listing consistency (http://www.tedunangst.com/flak/post/process-listing-consistency) Ted Unangst asks: how consistent is the output of ps(1)? If processes are starting and exiting constantly, and you run ps(1), is the output guaranteed to reflect that exact moment in time, or might it include some processes that have gone away before ps(1) exited, and include some processes that did not exist when ps(1) was started? Ted provides a little example chicken/egg program to try to create such an inconsistency, so you can test out your OS On OpenBSD ps(1) was switched away from the reading kernel memory directly, and instead uses the KERNPROCALL sysctl Thus sysctl can iterate over the entire process list, copying out information to ps(1), without blocking. If we prevent processes from forking or exiting during this time, we get a consistent snapshot. The snapshot may be stale, but it will never show us a viewpoint that never happened. So, OpenBSD will always be consistent, or will it? Is there a way to trick ps on OpenBSD? Not everything is consistent. There's a separate sysctl, KERNPROCARGV, that reads the command line arguments for a process, but it only works on one process at a time. Processes can modify their own argv at any time. A second test program changes the process title of both the chicken and the egg, and if you run ps(1), you can get back a result that never actually happened. The argv of the first program is read by ps(1), and in the meantime, it changes to a different value. The second program also changes its value, so now when ps(1) reads it, it sees the new value, not the original value from when ps(1) was started. So the output is not that consistent, but is it worth the effort to try to make it so? DragonFlyBSD - if_iwm - Add basic powermanagement support via ifconfig wlan0 powersave (http://lists.dragonflybsd.org/pipermail/commits/2016-October/624673.html) WiFi can often be one of the biggest drains on your laptop battery, so anything we can do to improve the situation should be embraced. Imre Vadász over at the DragonFly project has done that, porting over a new set of power management support from Linux to the if_iwm driver. if_iwm - Add basic powermanagement support via ifconfig wlan0 powersave. The DEVICEPOWERFLAGSCAMMSK flag was removed in the upstream iwlwifi in Linux commit ceef91c89480dd18bb3ac51e91280a233d0ca41f. Add scpsdisabled flag to struct iwmsoftc, which corresponds to mvm->psdisabled in struct iwl_mvm in Linux iwlwifi. Adds a hw.iwm.powerscheme tunable which corresponds to the powerscheme module parameter in Linux iwlwifi. Set this to 1 for completely disabling power management, 2 (default) for balanced powermanagement, and 3 for lowerpower mode (which does dtim period skipping). Imports the constants.h file from iwlwifi as ifiwmconstants.h. This doesn't allow changing the powermanagement setting while connected, also one can only choose between enabled and disabled powersaving with ifconfig (so switching between balanced and low-power mode requires rebooting to change the tunable). After any changes to powermanagement (i.e. "ifconfig wlan0 powersave" to enable powermanagement, or "ifconfig wlan0 -powersave" for disabling powermanagement), one has to disconnect and reconnect to the accespoint for the change to take effect.“ Good stuff! These positive changes need to happen more often and sooner, so we can all eek out every drop of power from our respective laptops. *** Helping out an Internet Friend…Dual boot OpenBSD (https://functionallyparanoid.com/2016/10/03/helping-out-an-internet-friend/) Dual-booting OpenBSD and Linux, via UEFI. A year ago we wouldn't be discussing this, but today we have an article where somebody has done exactly that. This Journey was undertaken by Brian Everly (Indiana Bug), partly due to a friend who wanted to dual-boot his laptop which already has an existing UEFI install on it. As a proof of concept, he began by replicating the setup in VMware with UEFI He started by throwing Ubuntu into the VM, with some special attention paid to partitioning to ensure enough room left-over for OpenBSD later. I created a 64MB EFI partition at the front of the disk. Next, I created a 20GB primary partition at the beginning of the space, mounted as the root (/) filesystem. I then added a 4096MB swap partition for Ubuntu. Finally, I used the rest of the free space to create a Reserved BIOS Boot Area FAT32 partition that was not associated with a mount point – this is where I will be installing OpenBSD. With that done, he wrapped up the Ubuntu installation and then turned over to to the OpenBSD side. Some manual partitioning was required to install to the “Reserved FAT32” partition. I mashed through the defaults in the OpenBSD installer until I got to the disk partitioning. Since I told VMWare to make my hard drive an IDE one, I knew I was playing around with wd0 and not sd0 (my USB key). I dumped into fdisk by selecting to (E)dit the partition scheme and saw my setup from Linux. First was the EFI partition (I am guessing I'll have to copy my bootx64.efi file to that at some point), second was the Linux etx4 partition, third was my Linux swap partition and fourth was a weird looking one that is the “Reserved BIOS Boot” partition. That's the one I'll fiddle with. Issuing the command “edit 3” allowed me to fiddle with that partition #3 (remember, we start counting at zero). I set it's type to “A6” (OpenBSD) and then took the defaults with the exception of naming it “OpenBSD”. A quick “write” followed by a “quit” allowed me to update my new partition and get back to the installer. Once the installation was wrapped up (OpenBSD helpfully already created the /boot/EFI partition with the correct EFI loader installed) he was able to reboot and select between the two systems at the UEFI bios screen. For kicks, he lastly went into Ubuntu and grabbed refind. Installing refind provided a fancy graphical selector between the two systems without too much trouble. Next step will be to replicate this process on his friend's laptop. Wishing you luck with that journey! Interview - Bryan Cantrill - email@email (mailto:email@email) / @twitter (https://twitter.com/user) CTO of Joyent *** News Roundup After 22 Years, 386BSD Gets An Update (https://bsd.slashdot.org/story/16/10/09/0230203/after-22-years-386bsd-gets-an-update) Slashdot brings us an interesting mention this week, specifically that after 22 years, we now have an update to 386BSD. 386BSD was last released back in 1994 with a series of articles in Dr. Dobb's Journal -- but then developers for this BSD-based operating system started migrating to both FreeBSD and NetBSD. An anonymous Slashdot reader writes: The last known public release was version 0.1. Until Wednesday, when Lynne Jolitz, one of the co-authors of 386BSD, released the source code to version 1.0 as well as 2.0 on Github. 386BSD takes us back to the days when you could count every file in your Unix distribution and more importantly, read and understand all of your OS source code. 386BSD is also the missing link between BSD and Linux. One can find fragments of Linus Torvalds's math emulation code in the source code of 386BSD. To quote Linus: "If 386BSD had been available when I started on Linux, Linux would probably never had happened.” Though it was designed for Intel 80386 microprocessors, there's already instructions for launching it on the hosted hardware virtualization service Qemu. There you have it! Go grab the new hotness that is 386BSD and run it in 2016! Or perhaps you want FreeBSD 11, but to each their own. *** Progress of the OpenBSD Limited Edition Signed CD set (http://undeadly.org/cgi?action=article&sid=20160929230557&mode=expanded) An update from a story last week! We mentioned the “very” limited edition OpenBSD 6.0 signed CD sets that had gone up for Auction on Ebay. (With proceeds to support for Foundation) As of today, here's where we stand: CD set #1 (Sep 29th + 5 days) sold for $4200 (http://www.ebay.com/itm/-/331985953783) CD set #2 (Oct 4th + 3 days) sold for $3000 (http://www.ebay.com/itm/-/331990536246) CD set #3 (Oct 8th + 3 days) sold for $817 (http://www.ebay.com/itm/-/331994217419) CD set #4 (Oct 11th + 3 days) is currently up for bidding (http://www.ebay.com/itm/-/331997031152) There you have it! The 4th set is almost wrapped up bidding, and the 5th and last set is not far behind. Be sure to grab your piece of BSD history before its gone! PROTOTYPE FreeBSD Jail/ZFS based implementation of the Application Container Specification (https://github.com/3ofcoins/jetpack) “Jetpack is an experimental and incomplete implementation of the App Container Specification for FreeBSD. It uses jails as isolation mechanism, and ZFS for layered storage.” “This document uses some language used in Rocket, the reference implementation of the App Container Specification. While the documentation will be expanded in the future, currently you need to be familiar at least with Rocket's README to understand everything.” + A standard with multiple implementations, that allow substitution of components, such as FreeBSD Jails instead of docker/lxc etc, and ZFS instead of overlayfs etc, is very exciting Microsoft's Forgotten Unix-based Operating System (https://fossbytes.com/xenix-history-microsoft-unix-operating-system/) Do you remember the good old days. You know, when Microsoft was the driving force behind UNIX? Wait, what did you say you may be thinking? It's true, and lets sit back and let FossBytes tell us a tale of what once was reality. The story begins sometime in the late 70's: Turning back the pages to the late 1970's, Microsoft entered into an agreement with AT&T Corporation to license Unix from AT&T. While the company didn't sell the OS to public, it licensed it to other OEM vendors like Intel, SCO, and Tandy. As Microsoft had to face legal trouble due to “Unix” name, the company renamed it and came up with its own Unix distribution. So, AT&T licensed Unix to Redmond that was passed on to other OEMs as Xenix. It's interesting to recall a time when Microsoft enabled people to run Unix — an operating system originally designed for large and multiuser systems — on a microcomputer. Even though it came first, Unix was probably more powerful than MS-DOS. So whatever happened to this microsoft-flavored UNIX you may ask? Sadly it was ditched for DOS due to $REASONS: In early 1980's, IBM was looking for an OS to power its PC. As IBM didn't want to maintain any ties with the recently split AT&T, Xenix was automatically rejected. To fulfill, the tech giant's demand, Microsoft bought 86-DOS from Seattle Computer Products and managed to convince IBM to use it in their systems. Slowly, Microsoft started losing interest in Xenix and traded the full rights of Xenix with SCO, a Xenix partner company. The company filed bankruptcy in 2007 before taking the Xenix legacy to the 21st century in the form of Open Server, previously known as SCO Unix and SCO Open Desktop. An interesting chapter in UNIX history to be sure, and funny enough may come full-circle someday with Microsoft beginning to show interest in UNIX and BSD once again. *** Beastie Bits Ohio LinuxFest 2016 wrap-up (http://blather.michaelwlucas.com/archives/2791) Learn X in Y minutes Where X=zfs (https://learnxinyminutes.com/docs/zfs/) Add touchscreen support for the official 7" RPi touch display (https://svnweb.freebsd.org/base?view=revision&revision=306430) 64-bit U-Boot on Raspberry Pi 3 (https://kernelnomicon.org/?p=682) SNIA SDC 2016 Recap: Michael Dexter (https://www.ixsystems.com/blog/snia-sdc-2016-recap-michael-dexter/) OpenZFS: Stronger than ever (https://www.ixsystems.com/blog/openzfs-devsummit-2016/) Accurate, Traceable, and Verifiable Time Synchronization for World Financial Markets (http://nvlpubs.nist.gov/nistpubs/jres/121/jres.121.023.pdf) ON HOLY WARS AND A PLEA FOR PEACE (https://www.ietf.org/rfc/ien/ien137.txt) Feedback/Questions Morgan - Zero-Filling an VM (http://pastebin.com/CYcqmW7P) Charlie - ZFS Bit-Rot (http://pastebin.com/12mNW57h) Matias - TrueOS / Launchd (http://pastebin.com/NfYWt2cu) Dale - DO Feedback (http://pastebin.com/UvKh2WcF) James - DO / FreeBSD Locks? (http://pastebin.com/0cdMc88U) ***
This week on the show, we'll be chatting with Alex Reece and Matt Ahrens about what's new in the world of OpenZFS. After that, we're starting a new tutorial series on submitting your first patch. All the latest BSD news and answers to your emails, coming up on BSD Now - the place to B.. SD. This episode was brought to you by Headlines Revisiting FreeBSD after 20 years (http://changelog.complete.org/archives/9317-has-linux-lost-its-way-comments-prompt-a-debian-developer-to-revisit-freebsd-after-20-years) With comments like "has Linux lost its way?" floating around, a Debian developer was prompted to revisit FreeBSD after nearly two decades This blog post goes through his experiences trying out a modern BSD variant, and includes the good, the bad and the ugly - not just praise this time He loves ZFS and the beadm tool, and finds the FreeBSD implementation to be much more stable than ZoL On the topic of jails, he summarizes: "Linux has tried so hard to get this right, and fallen on its face so many times, a person just wants to take pity sometimes. We've had linux-vserver, openvz, lxc, and still none of them match what FreeBSD jails have done for a long time." The post also goes through the "just plain different" aspects of a complete OS vs. a distribution of various things pieced together Finally, he includes some things he wasn't so happy about: subpar laptop support, virtualization being a bit behind, a myriad of complaints about pkgng and a few other things There was some decent discussion (https://news.ycombinator.com/item?id=9063216) on Hacker News about this article too, with counterpoints from both sides *** s2k15 hackathon report: network stack SMP (http://undeadly.org/cgi?action=article&sid=20150218085759) The first trip report from the recent OpenBSD hackathon in Australia has finally been submitted One of the themes of this hackathon was SMP (symmetric multiprocessing) improvement, and Martin Pieuchot did some hacking on the network stack If you're not familiar with him, he gave a presentation (http://www.openbsd.org/papers/tamingdragons.pdf) at EuroBSDCon last year, titled Taming OpenBSD Network Stack Dragons (https://va.ludost.net/files/eurobsdcon/2014/Rodopi/03.Saturday/03.Taming%20OpenBSD%20Network%20Stack%20Dragons%20-%20Martin%20Pieuchot.mp4) Teaming up with David Gwynne, they worked on getting some bits of the networking code out of the big lock (https://en.wikipedia.org/wiki/Giant_lock) Hopefully more trip reports will be sent in during the coming weeks Most of the big code changes should probably appear after the 5.7-release testing period *** From BIND to NSD and Unbound (https://www.tumfatig.net/20150215/bind-nsd-unbound-openbsd-5-6/) If you've been running a DNS server on any of the BSDs, you've probably noticed a semi-recent trend: BIND being replaced with Unbound BIND was ripped out in FreeBSD 10.0 and will be gone in OpenBSD 5.7, but both systems include Unbound now as an alternative OpenBSD goes a step further, also including NSD in the base system, whereas you'll need to install that from ports on FreeBSD Instead of one daemon doing everything like BIND tried to do, this new setup splits the authoritative nameserver and the caching resolver into two separate daemons This post takes you through the transitional phase of going from a single BIND setup to a combination of NSD and Unbound All in all, everyone wins here, as there will be a lot less security advisories in both BSDs because of it... *** m0n0wall calls it quits (http://m0n0.ch/wall/end_announcement.php) The original, classic BSD firewall distribution m0n0wall (https://en.wikipedia.org/wiki/M0n0wall) has finally decided to close up shop For those unfamiliar, m0n0wall was a FreeBSD-based firewall project that put a lot of focus on embedded devices: running from a CF card, CD, USB drive or even a floppy disk It started over twelve years ago, which is pretty amazing when you consider that's around half of FreeBSD itself's lifespan The project was probably a lot of people's first encounter with BSD in any form If you were a m0n0wall user, fear not, you've got plenty of choices for a potential replacement: doing it yourself with something like FreeBSD (http://blog.pcbsd.org/2015/01/using-trueos-as-a-ipfw-based-home-router/) or OpenBSD (http://www.bsdnow.tv/tutorials/openbsd-router), or going the premade route with something like pfSense (http://www.bsdnow.tv/episodes/2014_02_19-a_sixth_pfsense), OPNsense (http://www.bsdnow.tv/episodes/2015_01_14-common_sense_approach) or the BSD Router Project (http://www.bsdnow.tv/episodes/2014_10_22-dont_buy_a_router) The founder's announcement includes these closing words: "m0n0wall has served as the seed for several other well known open source projects, like pfSense, FreeNAS and AskoziaPBX. The newest offspring, OPNsense, aims to continue the open source spirit of m0n0wall while updating the technology to be ready for the future. In my view, it is the perfect way to bring the m0n0wall idea into 2015, and I encourage all current m0n0wall users to check out OPNsense and contribute if they can." While m0n0wall didn't get a lot of on-air mention, surely a lot of our listeners will remember it fondly *** Interview - Alex Reece & Matt Ahrens - alex@delphix.com (mailto:alex@delphix.com) & matt@delphix.com (mailto:matt@delphix.com) / @openzfs (https://twitter.com/openzfs) What's new in OpenZFS Tutorial Making your first patch (OpenBSD) (http://www.bsdnow.tv/tutorials/patching-obsd) News Roundup Overlaying remote LANs with OpenBSD's VXLAN (http://www.echothrust.com/blogs/using-openbsd-and-vxlan-overlay-remote-lans) Have you ever wanted to "merge" multiple remote LANs? OpenBSD's vxlan(4) (http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man4/vxlan.4) is exactly what you need This article talks about using it to connect two virtualized infrastructures on different ESXi servers It gives a bit of networking background first, in case you're not quite up to speed on all this stuff This tool opens up a lot of very cool possibilities, even possibly doing a "remote" LAN party Be sure to check the AsiaBSDCon talk (https://www.youtube.com/watch?v=ufeEP_hzFN0) about VXLANs if you haven't already *** 2020, year of the PCBSD desktop (http://lukewolf.blogspot.com/2015/02/a-prediction-2020-year-of-pc-bsd-on.html) Here we have a blog post about BSD on the desktop, straight from a KDE developer He predicts that PCBSD is going to take off before the year 2020, possibly even overtaking Linux's desktop market share (small as it may be) With PCBSD making a preconfigured FreeBSD desktop a reality, and the new KMS work, the author is impressed with how far BSD has come as a viable desktop option ZFS and easy-to-use boot environments top the list of things he says differentiate the BSD desktop experience from the Linux one There was also some discussion on Slashdot (http://bsd.slashdot.org/story/15/02/16/2355236/pc-bsd-set-for-serious-growth) that might be worth reading *** OpenSSH host key rotation, redux (http://blog.djm.net.au/2015/02/hostkey-rotation-redux.html) We mentioned the new OpenSSH host key rotation and other goodies in a previous episode (http://www.bsdnow.tv/episodes/2015_02_04-from_the_foundation_1), but things have changed a little bit since then djm (http://www.bsdnow.tv/episodes/2013_12_18-cryptocrystalline) says "almost immediately after smugly declaring 'mission accomplished', the bug reports started rolling in." There were some initial complaints from developers about the new options, and a serious bug shortly thereafter After going back to the drawing board, he refactored some of the new code (and API) and added some more regression tests Most importantly, the bigger big fix was described as: "a malicious server (say, "host-a") could advertise the public key of another server (say, "host-b"). Then, when the client subsequently connects back to host-a, instead of answering the connection as usual itself, host-a could proxy the connection to host-b. This would cause the user to connect to host-b when they think they are connecting to host-a, which is a violation of the authentication the host key is supposed to provide." None of this code has been in a formal OpenSSH release just yet, but hopefully it will soon *** PCBSD tries out LibreSSL (https://github.com/pcbsd/pcbsd/commit/6ede13117dcee1272d7a7060b16818506874286e) PCBSD users may soon be seeing a lot less security problems because of two recent changes After switching over to OpenNTPD last week (http://www.bsdnow.tv/episodes/2015_02_11-time_for_a_change), PCBSD decides to give the portable LibreSSL (http://www.bsdnow.tv/episodes/2014_07_30-liberating_ssl) a try too Note that this is only for the packages built from ports, not the base system unfortunately They're not the first ones to do this - OPNsense has been experimenting with replacing OpenSSL in their ports tree for a little while now, and of course all of OpenBSD's ports are built against it A good number of patches (https://github.com/pcbsd/freebsd-ports/commit/2eee669f4d6ab9a641162ecda29b62ab921438eb) are still not committed in vanilla FreeBSD ports, so they had to borrow some from Bugzilla Look forward to Kris wearing a "keep calm and abandon OpenSSL (https://www.openbsdstore.com/cgi-bin/live/ecommerce.pl?site=shop_openbsdeurope_com&state=item&dept_id=01&sub_dept_id=01&product_id=TSHIRTOSSL)" shirt in the near future *** Feedback/Questions Benjamin writes in (http://slexy.org/view/s28nyJ5omV) Mike writes in (http://slexy.org/view/s2wYUmUmh0) Brad writes in (http://slexy.org/view/s2BAKAQvMt) *** Mailing List Gold Debian (https://lists.freebsd.org/pipermail/svn-src-head/2015-February/068405.html) Dejavu (https://lists.freebsd.org/pipermail/freebsd-current/2015-February/054580.html) Package gone missing (http://lists.dragonflybsd.org/pipermail/users/2015-February/207475.html) ***
This week on the show we'll be chatting with David Maxwell, a former NetBSD security officer. He's got an interesting project called Pipecut that takes a whole new approach to the commandline. We've also got answers to viewer-submitted questions and all this week's headlines, on BSD Now - the place to B.. SD. This episode was brought to you by Headlines FreeBSD quarterly status report (https://www.freebsd.org/news/status/report-2014-10-2014-12.html) The FreeBSD team has posted an updated on some of their activities between October and December of 2014 They put a big focus on compatibility with other systems: the Linux emulation layer, bhyve (http://www.bsdnow.tv/tutorials/bhyve), WINE and Xen all got some nice improvements As always, the report has lots of updates from the various teams working on different parts of the OS and ports infrastructure The release engineering team got 10.1 out the door, the ports team shuffled a few members in and out and continued working on closing more PRs FreeBSD's forums underwent a huge change, and discussion about the new support model for release cycles continues (hopefully taking effect after 11.0 is released) Git was promoted from beta to an officially-supported version control system (Kris is happy) The core team is also assembling a new QA team to ensure better code quality in critical areas, such as security and release engineering, after getting a number of complaints Other notable entries include: lots of bhyve fixes, Clang/LLVM being updated to 3.5.0, ongoing work to the external toolchain, adding FreeBSD support to more "cloud" services, pkgng updates, work on SecureBoot, more ARM support and graphics stack improvements Check out the full report for all the details that we didn't cover *** OpenBSD package signature audit (http://linux-audit.com/vulnerabilities-and-digital-signatures-for-openbsd-software-packages/) "Linux Audit" is a website focused on auditing and hardening systems, as well as educating people about securing their boxes They recently did an article about OpenBSD, specifically their ports and package system (http://www.bsdnow.tv/tutorials/ports-obsd) and signing infrastructure The author gives a little background on the difference between ports and binary packages, then goes through the technical details of how releases and packages are cryptographically signed Package signature formats and public key distribution methods are also touched on After some heckling, the author of the post said he plans to write more BSD security articles, so look forward to them in the future If you haven't seen our episode about signify (http://www.bsdnow.tv/episodes/2014_02_05-time_signatures) with Ted Unangst, that would be a great one to check out after reading this *** Replacing a Linux router with BSD (http://ask.slashdot.org/story/15/01/15/1547209/ask-slashdot-migrating-a-router-from-linux-to-bsd) There was recently a Slashdot discussion about migrating a Linux-based router to a BSD-based one The poster begins with "I'm in the camp that doesn't trust systemd. You can discuss the technical merits of all init solutions all you want, but if I wanted to run Windows NT I'd run Windows NT, not Linux. So I've decided to migrate my homebrew router/firewall/samba server to one of the BSDs." A lot of people were quick to recommend OPNsense (http://www.bsdnow.tv/episodes/2015_01_14-common_sense_approach) and pfSense, being that they're very easy to administer (requiring basically no BSD knowledge at all) Other commenters suggested a more hands-on approach, setting one up yourself with FreeBSD (http://blog.pcbsd.org/2015/01/using-trueos-as-a-ipfw-based-home-router/) or OpenBSD (http://www.bsdnow.tv/tutorials/openbsd-router) If you've been thinking about moving some routers over from Linux or other commercial solution, this might be a good discussion to read through Unfortunately, a lot of the comments are just Linux users bickering about systemd, so you'll have to wade through some of that to get to the good information *** LibreSSL in FreeBSD and OPNsense (http://bsdxbsdx.blogspot.com/2015/01/switching-to-openssl-from-ports-in.html) A FreeBSD sysadmin has started documenting his experience replacing OpenSSL in the base system with the one from ports (and also experimenting with LibreSSL) The reasoning being that updates in base tend to lag behind (http://www.openbsd.org/papers/eurobsdcon2014-libressl.html), whereas the port can be updated for security very quickly OPNsense developers are looking into (https://twitter.com/fitchitis/status/555625679614521345) switching away (http://forum.opnsense.org/index.php?topic=21.0) from OpenSSL to LibreSSL's portable version (http://www.bsdnow.tv/episodes/2014_07_30-liberating_ssl), for both their ports and base system, which would be a pretty huge differentiator for their project Some ports still need fixing (https://bugs.freebsd.org/bugzilla/buglist.cgi?order=Importance&query_format=advanced&short_desc=libressl&short_desc_type=allwordssubstr) to be compatible though, particularly a few (https://github.com/opnsense/ports/commit/c15af648e9d5fcecf0ae666292e8f41c08979057) python-related (https://github.com/pyca/cryptography/issues/928) ones If you're a FreeBSD ports person, get involved and help squash some of the last remaining bugs A lot of the work has already been done in OpenBSD's ports tree (http://cvsweb.openbsd.org/cgi-bin/cvsweb/ports/) - some patches just need to be adopted More and more upstream projects are incorporating LibreSSL patches in their code - let your favorite software vendor know that you're using it *** Interview - David Maxwell - david@netbsd.org (mailto:david@netbsd.org) / @davidwmaxwell (https://twitter.com/david_w_maxwell) Pipecut (https://www.youtube.com/watch?v=CZHEZHK4jRc), text processing, commandline wizardry News Roundup Jetpack, a new jail container system (https://github.com/3ofcoins/jetpack) A new project was launched to adapt FreeBSD jails to the "app container specification" While still pretty experimental in terms of the development phase, this might be something to show your Linux friends who are in love with docker It's a similar project to iocage (https://github.com/pannon/iocage) or bsdploy (https://github.com/ployground/bsdploy), which we haven't talked a whole lot about There was also some discussion (https://news.ycombinator.com/item?id=8893630) about it on Hacker News *** Separating base and package binaries (https://www.reddit.com/r/BSD/comments/2szofc) All of the main BSDs make a strong separation between the base system and third party software This is in contrast to Linux where there's no real concept of a "base system" - more recently, some distros have even merged all the binaries into a single directory A user asks the community about the BSD way of doing it, trying to find out the advantages and disadvantages of both hierarchies Read the comments for the full explanation, but having things separated really helps keep things organized *** Updated i915kms driver for FreeBSD (https://svnweb.freebsd.org/base?view=revision&revision=277487) This update brings the FreeBSD code closer inline with the Linux code, to make it easier to update going forward It doesn't introduce Haswell support just yet, but was required before the Haswell bits can be added *** Year of the OpenBSD desktop (http://zacbrown.org/2015/01/18/openbsd-as-a-desktop/) Here we have an article about using OpenBSD as a daily driver for regular desktop usage The author says he "ran fifty thousand different distributions, never being satisfied" After dealing with the problems of Linux and fragmentation, he eventually gave up and bought a Macbook He also used FreeBSD between versions 7 and 9, finding a "a mostly harmonious environment," but regressions lead him to give up on desktop *nix once again Starting with 2015, he's back and is using OpenBSD on a Thinkpad x201 The rest of the article covers some of his configuration tweaks and gives an overall conclusion on his current setup He apparently used our desktop tutorial (http://www.bsdnow.tv/tutorials/the-desktop-obsd) - thanks for watching! *** Unattended FreeBSD installation (http://louwrentius.com/freebsd-101-unattended-install-over-pxe-http-no-nfs.html) A new BSD user was looking to get some more experience, so he documented how to install FreeBSD over PXE His goal was to have a setup similar to Redhat's "kickstart" or OpenBSD's autoinstall (http://www.bsdnow.tv/tutorials/autoinstall) The article shows you how to set up DHCP and TFTP, with no NFS share setup required He also gives a mention to mfsbsd, showing how you can customize its startup script to do most of the work for you *** Feedback/Questions Robert writes in (http://slexy.org/view/s20UsZjN4h) Sean writes in (http://slexy.org/view/s219cMQz3U) l33tname writes in (http://slexy.org/view/s2EkzMUMyb) Charlie writes in (http://slexy.org/view/s2nq6L6H1n) Eric writes in (http://slexy.org/view/s21EGqUYLd) *** Mailing List Gold Clowning around (https://www.marc.info/?l=openbsd-cvs&m=142159202606668&w=2) Better than succeeding in this case (https://lists.freebsd.org/pipermail/freebsd-ports/2015-January/097734.html) ***
This week on the show, it's all about Lumina. We'll be giving you a visual walkthrough of the new BSD-exclusive desktop environment, as well as chatting with the main developer. There's also answers to your emails and all the latest news, on BSD Now - the place to B.. SD. This episode was brought to you by Headlines Portscout ported to OpenBSD (http://blog.jasper.la/portscout-for-openbsd/) Portscout is a popular utility used in the FreeBSD ports infrastructure It lets port maintainers know when there's a new version of the upstream software available by automatically checking the distfile mirror Now OpenBSD porters can enjoy the same convenience, as it's been ported over You can view the status online (http://portscout.jasper.la/) to see how it works and who maintains what (http://portscout.jasper.la/index-total.html) The developer who ported it is working to get all the current features working on OpenBSD, and added a few new features as well He decided to fork and rename it (https://jasperla.github.io/portroach/) a few days later *** Sysadmins and systemd refugees flocking to BSD (https://www.reddit.com/r/freebsd/comments/2fgb90/you_have_your_windows_in_my_linux_or_why_many/) With all the drama in Linux land about the rapid changes to their init system, a lot of people are looking at BSD alternatives This "you got your Windows in my Linux (http://www.infoworld.com/d/data-center/you-have-your-windows-in-my-linux-249483)" article (and accompanying comments) give a nice glimpse into the minds of some of those switchers Both server administrators and regular everyday users are switching away from Linux, as more and more distros give them no choice but to use systemd Fortunately, the BSD communities are usually very welcoming of switchers - it's pretty nice on this side! *** OpenBSD's versioning schemes (http://www.tedunangst.com/flak/post/OpenBSD-version-numbers) Ted Unangst explains the various versioning systems within OpenBSD, from the base to libraries to other included software In contrast to FreeBSD's release cycle, OpenBSD isn't as concerned with breaking backwards compatibility (but only if it's needed to make progress) This allows them to innovate and introduce new features a lot more easily, and get those features in a stable release that everyone uses He also details the difference between branches, their errata system and lack of "patch levels" for security Some other things in OpenBSD don't have version numbers at all, like tmux "Every release adds some new features, fixes some old bugs, probably adds a new bug or two, and, if I have anything to say about it, removes some old features." *** VAXstation 4000 Model 90 booting NetBSD (https://www.youtube.com/watch?v=zLsgFPaMPyg) We found a video of NetBSD booting on a 22 year old VAX workstation, circa 1992 This system has a monstrous 71 MHz CPU and 128MB of ECC RAM It continues in part two (https://www.youtube.com/watch?v=YKzDXKmn66U), where we learn that it would've cost around $25,000 when it was released! The uploader talks about his experiences getting NetBSD on it, what does and doesn't work, etc It's interesting to see that such old hardware isn't necessarily obsolete just because newer things have come out since then (but maybe don't try to build world on it...) *** Interview - Ken Moore - ken@pcbsd.org (mailto:ken@pcbsd.org) The Lumina desktop environment Special segment Lumina walkthrough News Roundup Suricata for IDS on pfSense (http://pfsensesetup.com/suricata-intrusion-detection-system-part-one) While most people are familiar with Snort as an intrusion detection system, Suricata is another choice This guide goes through the steps of installing and configuring it on a public-facing pfSense box Part two (http://pfsensesetup.com/suricata-intrusion-detection-system-part-two/) details some of the configuration steps One other cool thing about Suricata - it's compatible with Snort rules, so you can use the same updates There's also another recent post (http://www.allamericancomputerrepair.com/Blog/Post/29/Install-Snort-on-FreeBSD) about snort as well, if that's more your style If you run pfSense (or any BSD) as an edge router for a lot of users, this might be worth looking into *** OpenBSD's systemd API emulation project (http://bsd.slashdot.org/story/14/09/08/0250207/gsoc-project-works-to-emulate-systemd-for-openbsd) This story was pretty popular in the mainstream news this week For the Google Summer of Code, a student is writing emulation wrappers for some of systemd's functions (https://twitter.com/blakkheim/status/509092821773848577) There was consideration from some Linux users to port over the finished emulation back to Linux, so they wouldn't have to run the full systemd One particularly interesting Slashdot comment snippet (http://bsd.slashdot.org/comments.pl?sid=5663319&cid=47851361): "We are currently migrating a large number (much larger than planned after initial results) of systems from RHEL to BSD - a decision taken due to general unhappiness with RHEL6, but SystemD pushed us towards BSD rather than another Linux distro - and in some cases are seeing throughput gains of greater than 10% on what should be equivalent Linux and BSD server builds. The re-learning curve wasn't as steep as we expected, general system stability seems to be better too, and BSD's security reputation goes without saying." It will NOT be in the base system - only in ports, and only installed as a dependency for things like newer GNOME (http://blogs.gnome.org/ovitters/2014/09/07/systemd-in-gnome-3-14-and-beyond/) that require such APIs In the long run, BSD will still be safe from systemd's reign of terror, but will hopefully still be compatible with some third party packages like GNOME that insist on using it *** GhostBSD 4 previewed (http://www.linuxbsdos.com/2014/05/19/preview-of-ghostbsd-4-0/) The GhostBSD project is moving along, slowly getting closer to the 4 release This article shows some of the progress made, and includes lots of screenshots and interesting graphical frontends If you're not too familiar with GhostBSD, we interviewed the lead developer (http://www.bsdnow.tv/episodes/2014_03_12-ghost_of_partition) a little while back *** NetBSD on the Banana Pi (http://rizzoandself.blogspot.com/2014/09/netbsd-on-banana-pi.html) The Banana Pi is a tasty alternative to the Raspberry Pi, with similar hardware specs In this blog post, a NetBSD developer details his experiences in getting NetBSD to run on it After studying how the prebuilt Linux image booted, he made some notes and started hacking Ethernet, one of the few things not working, is being looked into and he's hoping to get it fully supported for the upcoming NetBSD 7.0 They're only about $65 as of the time we're recording this, so it might be a fun project to try *** Feedback/Questions Antonio writes in (http://slexy.org/view/s28iKdBEbm) Garegin writes in (http://slexy.org/view/s21Wfnv87h) Erno writes in (http://slexy.org/view/s2Fzryxhdz) Brandon writes in (http://slexy.org/view/s2ILcqdFfF) ***
This time on the show, we'll be looking at the new version of FreeNAS, a BSD-based network attached storage solution, as well as talking to Josh Paetzel - one of the key developers of FreeNAS. Actually, he's on the FreeBSD release engineering team too, and does quite a lot for the project. We've got answers to your viewer-submitted questions and plenty of news to cover, so get ready for some BSD Now - the place to B.. SD. This episode was brought to you by Headlines More faces of FreeBSD (http://freebsdfoundation.blogspot.com/2013/12/faces-of-freebsd-reid-linnemann.html) Another installment of the FoF series This time they talk with Reid Linnemann who works at Spectra Logic Gives a history of all the different jobs he's done, all the programming languages he knows Mentions how he first learned about FreeBSD, actually pretty similar to Kris' story "I used the system to build and install ports, and explored, getting actively involved in the mailing lists and forums, studying, passing on my own limited knowledge to those who could benefit from it. I pursued my career in the open source software world, learning the differences in BSD and GNU licensing and the fragmented nature of Linux distributions, realizing the FreeBSD community was more mature and well distributed about industry, education, and research. Everything steered me towards working with and on FreeBSD." Now works on FreeBSD as his day job The second one (http://freebsdfoundation.blogspot.com/2013/12/faces-of-freebsd-brooks-davis.html) covers Brooks Davis FreeBSD committer since 2001 and core team member from 2006 through 2012 He's helped drive our transition from a GNU toolchain to a more modern LLVM-based toolchain "One of the reasons I like FreeBSD is the community involved in the process of building a principled, technically-advanced operating system platform. Not only do we produce a great product, but we have fun doing it." Lots more in the show notes *** We cannot trust Intel and Via's chip-based crypto (https://www.freebsd.org/news/status/report-2013-09-devsummit.html#Security) We woke up to see FreeBSD on the front page of The Register (http://www.theregister.co.uk/2013/12/09/freebsd_abandoning_hardware_randomness/), Ars Technica (http://arstechnica.com/security/2013/12/we-cannot-trust-intel-and-vias-chip-based-crypto-freebsd-developers-say/), Slashdot (http://it.slashdot.org/story/13/12/11/1919201/freebsd-developers-will-not-trust-chip-based-encryption) and Hacker News (https://news.ycombinator.com/item?id=6880474) for their strong stance on security and respecting privacy At the EuroBSDCon dev summit, there was some discussion about removing support for hardware-based random number generators. FreeBSD's /dev/random got some updates and, for 10.0, will no longer allow the use of Intel or VIA's hardware RNGs as the sole point of entropy "It will still be possible to access hardware random number generators, that is, RDRAND, Padlock etc., directly by inline assembly or by using OpenSSL from userland, if required, but we cannot trust them any more" *** OpenSMTPD 5.4.1 released (http://article.gmane.org/gmane.mail.opensmtpd.general/1146) The OpenBSD developers came out with major a new version Improved config syntax (please check your smtpd.conf before upgrading) Adds support for TLS Perfect Forward Secrecy and custom CA certificate MTA, Queue and SMTP server improvements SNI support confirmed for the next version Check the show notes for the full list of changes, pretty huge release Watch Episode 3 (http://www.bsdnow.tv/episodes/2013-09-18_mx_with_ttx) for an interview we did with the developers *** More getting to know your portmgr (http://blogs.freebsdish.org/portmgr/2013/12/02/getting-to-know-your-portmgr-thomas-abthorpe/) The portmgr secretary, Thomas Abthorpe, interviews... himself! Joined as -secretary in March 2010, upgraded to full member in March 2011 His inspiration for using BSD is "I wanted to run a webserver, and I wanted something free. I was going to use something linux, then met up with a former prof from university, and shared my story with him. He told me FreeBSD was the way to go." Mentions how he loves that anyone can contribute and watch it "go live" The second one (http://blogs.freebsdish.org/portmgr/2013/12/09/getting-to-know-your-portmgr-baptiste-daroussin/) covers Baptiste Daroussin The reason for his nick, bapt, is "Baptiste is too long to type" There's even a video (https://www.youtube.com/watch?v=tZk__K8rqOg) of bapt joining the team! *** Interview - Santa Clause - josh@ixsystems.com (mailto:josh@ixsystems.com) / @freenasteam (https://twitter.com/freenasteam) FreeNAS 9.2.0 (http://www.freenas.org/whats-new/2013/12/freenas-9-2-0-rc-available.html) Note: we originally scheduled the interview to be with Josh Paetzel, but Santa showed up instead. Tutorial FreeNAS walkthrough News Roundup Introducing configinit (http://www.daemonology.net/blog/2013-12-09-FreeBSD-EC2-configinit.html) CloudInit is "a system originally written for Ubuntu which performs configuration of a system at boot-time based on user-data provided via EC2" Wasn't ideal for FreeBSD since it requires python and is designed around the concept of configuring a system by running commands (rather than editing configuration files) Colin Percival came up with configinit, a FreeBSD alternative Alongside his new "firstboot-pkgs" port, it can spin up a webserver in 120 seconds from "launch" of the EC2 instance Check the show notes for full blog post *** OpenSSH support for Ed25519 and bcrypt keys (http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/PROTOCOL.key?rev=1.1;content-type=text%2Fx-cvsweb-markup) New Ed25519 key support (hostkeys and user identities) using the public domain ed25519 reference code SSH private keys were encrypted with a symmetric key that's just an MD5 of their password Now they'll be using bcrypt by default (http://marc.info/?l=openbsd-cvs&m=138633721618361&w=2) We'll get more into this in next week's interview *** The FreeBSD challenge (http://thelinuxcauldron.com/2013/12/08/freebsd-challenge/) A member of the Linux foundation blogs about using FreeBSD Goes through all the beginner steps, has to "unlearn" some of his Linux ways Only a few posts as of this time, but it's a continuing series that may be helpful for switchers *** PCBSD weekly digest (http://blog.pcbsd.org/2013/12/pc-bsd-weekly-feature-digest-111513-2/) GNOME3, cinnamon and mate desktops are in the installer Compat layer updated to CentOS 6, enables newest Skype Looking for people to test printers and hplip Continuing work on grub, but the ability to switch between bootloaders is back *** Feedback/Questions Bostjan writes in (http://slexy.org/view/s20k2gumbP) Jason writes in (http://slexy.org/view/s2PM8tfKfe) John writes in (http://slexy.org/view/s2KgXIKqrJ) Kjell-Aleksander writes in (http://slexy.org/view/s20DLk8bac) Alexy writes in (http://slexy.org/view/s2nmmJHvgR) ***
Karen and Bradley discuss RMS' essay on FSF's website, Ubuntu SpyWare: What To Do, and Shuttleworth's Slashdot interview that responds somewhat to RMS' comments. Show Notes: Segment 0 (00:36) Karen and Bradley discuss RMS' essay on FSF's website, Ubuntu SpyWare: What To Do (08:50) Bradley mentioned how Fab discovered (and discussed on Linux Outlaws 280) how a search for “ter” in efforts to find a terminal window in Ubuntu yields [slightly NSFW] gives results for Rachel Ter Horst DVDs. (09:44) Bradley mentioned his blog post about Nokia's problems interfacing with Free Software communities. (14:50) Bradley and Karen discuss Shuttleworth's Slashdot interview (18:25). Bradley and Karen also briefly mentioned Jono Bacon's comments about RMS's essay and Jono's apology. (19:30) Bradley mentioned Shuttleworth's comments during his LinuxCon 2011 keynote. (20:14) Bradley mentioned Douglas Rushkoff's article, Teach U.S. kids to write computer code (29:30) Send feedback and comments on the cast to . You can keep in touch with Free as in Freedom on our IRC channel, #faif on irc.freenode.net, and by following Conservancy on identi.ca and and Twitter. Free as in Freedom is produced by Dan Lynch of danlynch.org. Theme music written and performed by Mike Tarantino with Charlie Paxson on drums. The content of this audcast, and the accompanying show notes and music are licensed under the Creative Commons Attribution-Share-Alike 4.0 license (CC BY-SA 4.0).
Karen and Bradley discuss Stormy Peters' departure from the GNOME Foundation, an issue of deep confusion regarding copyright licensing, and references to Spock in a recent court decision. Show Notes: Segment 0 (00:35) Bradley confirmed the entire show is licensed CC-By-SA 3.0. (02:30) Stormy Peters is leaving the position of GNOME Foundation's Executive Director. (04:10) The GNOME Advisory Board is a group of for-profit and non-profit organizations that meet regularly to give advice to GNOME Foundation. (04:34) Stormy is going to a job at the Mozilla Foundation. (09:10) You don't have to be a developer to become a member of the GNOME Foundation. (09:57) Bradley mentioned that he did an FSF booth at COMDEX Chicago in early 2001 (which Bradley incorrectly called CES Chicago in the recording). (12:20) Segment 1 (15:43) A LiveJournal post introduced an interesting issue of copyright confusion. (16:30) Karen mentioned there was discussion in other fora other than the original LiveJournal post, such as on the NY Frunch (Free Culture Lunch) mailing list and, since then, on NPR. (17:24) Bradley mentioned Fanzines, wondering if there are still fanzines. (18:57) Karen pointed out that both copyright infringement and plagiarism were at issue here. (20:25) Bradley is quite upset about the idea that people confuse public domain with FaiF licensing or any other actual license terms. (21:00) Karen notes that if you don't see a license, you have to assume it's all rights reserved. (23:10) Bradley described a Slashdot story that linked to a Techdirt article. (30:29) A footnote in the concurrence is what mentions Star Trek (33:03) . Bradley mentioned a mediocre novel he read in the 1990s called Brain Storm by Richard Dooling. (33:26) Send feedback and comments on the cast to . You can keep in touch with Free as in Freedom on our IRC channel, #faif on irc.freenode.net, and by following Conservancy on identi.ca and and Twitter. Free as in Freedom is produced by Dan Lynch of danlynch.org. Theme music written and performed by Mike Tarantino with Charlie Paxson on drums. The content of this audcast, and the accompanying show notes and music are licensed under the Creative Commons Attribution-Share-Alike 4.0 license (CC BY-SA 4.0).
Computer science evolves to application development, cell phone repeaters revisited, downloading XP device drivers, Profiles in IT (Rob Malda, founder of Slashdot, News for Nerds), Google voice update (beta features), another student ordered to pay damages to record labels ($675K for 30 songs), Book of the Week: What Would Google Do? (forming new relationships, becoming a platform, growing the customer network, being public, participating in the gift ecomomy, understanding its true business), DDOS attack on Georgian blogger by Russia brings down Twitter, and Dumb Patent of the Week (MS patents XML word doc). This show originally aired on Saturday, August 8, 2009, at 9:00 AM EST on WFED (1500 AM).