Podcasts about Telnet

You can install Linux in your PDF, just upload everything to AI, hackers behind the forum, TP-Link's taking security seriously, patche Tuesday for everyone including Intel, AMD, Microsoft, Fortinet, and Ivanti, hacking your space heater for fun and fire, Cybertrucks on fire (or not), if you could just go ahead and get rid of the buffer overflows, steam deck hacking and not what you think, Prompt Injection and Delayed Tool Invocation, new to me Ludus, Contec patient monitors are just insecure, Badbox carries on, the compiler saved me, and Telnet command injection! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw-861

You can install Linux in your PDF, just upload everything to AI, hackers behind the forum, TP-Link's taking security seriously, patche Tuesday for everyone including Intel, AMD, Microsoft, Fortinet, and Ivanti, hacking your space heater for fun and fire, Cybertrucks on fire (or not), if you could just go ahead and get rid of the buffer overflows, steam deck hacking and not what you think, Prompt Injection and Delayed Tool Invocation, new to me Ludus, Contec patient monitors are just insecure, Badbox carries on, the compiler saved me, and Telnet command injection! Show Notes: https://securityweekly.com/psw-861

You can install Linux in your PDF, just upload everything to AI, hackers behind the forum, TP-Link's taking security seriously, patche Tuesday for everyone including Intel, AMD, Microsoft, Fortinet, and Ivanti, hacking your space heater for fun and fire, Cybertrucks on fire (or not), if you could just go ahead and get rid of the buffer overflows, steam deck hacking and not what you think, Prompt Injection and Delayed Tool Invocation, new to me Ludus, Contec patient monitors are just insecure, Badbox carries on, the compiler saved me, and Telnet command injection! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw-861

You can install Linux in your PDF, just upload everything to AI, hackers behind the forum, TP-Link's taking security seriously, patche Tuesday for everyone including Intel, AMD, Microsoft, Fortinet, and Ivanti, hacking your space heater for fun and fire, Cybertrucks on fire (or not), if you could just go ahead and get rid of the buffer overflows, steam deck hacking and not what you think, Prompt Injection and Delayed Tool Invocation, new to me Ludus, Contec patient monitors are just insecure, Badbox carries on, the compiler saved me, and Telnet command injection! Show Notes: https://securityweekly.com/psw-861

So many ways to enjoy The Lunduke Journal now -- X, YouTube, Rumble, Substack, Podcast & more -- plus two new (self-hosted) ways to interact with the community. More from The Lunduke Journal: https://lunduke.com/ This is a public episode. If you'd like to discuss this with other subscribers or get access to bonus episodes, visit lunduke.substack.com/subscribe

The 16:9 PODCAST IS SPONSORED BY SCREENFEED – DIGITAL SIGNAGE CONTENT The UK software firm Evexi has an interesting story behind its move into digital signage - in that it was more a pull from a client than a push by the company itself. They got deeper into it because of a client's needs, and then a change in technology support that really forced the hand of the customer and Evexi. A few years on from that big moment, Evexi is growing out its CMS software business based around a very modern, headless platform and tools that the company says manage to bridge a need for being dead-simple to use but also deeply sophisticated and hyper-secure. CEO Andrew Broster relates in this podcast the story behind Evexi, and how it goes to market. There's also a very interesting anecdote in there about how lift and learn tech is more than just a visual trick for retail merchandising - with Broster telling how it was driving serious sales lift for a big whiskey brand. Subscribe from wherever you pick up new podcasts. TRANSCRIPT Andrew, thank you for coming on this podcast. Can you give me a rundown, like the elevator ride story of Evexi?  Andrew Broster: Sure. Thanks for having me, Dave. My background is very technical. I spent about ten years prior to setting up Evexi running a managed service for a private cloud-based business. In 2015, Sky came to us through a partner and asked for an advertising platform to be built into pub networks, where they had 10,000 pubs under contract to sell Sky Sports to.  We walked away and said, what was the question? But eight months later, the product was released into the pub network and it has nearly 2,700 pubs going live within just under 12 months and really from there, we were working with an existing CMS provider, Scala and we learned a lot of the pains with integrating into third-party systems, platforms, building, customer portals, because the traditional CMSs are not user friendly, and as a result, that was our first digital signage customer and our first project that we launched. So what would you call yourself when you were getting into this with Sky, were you like an independent software vendor who just did custom work for customers?  Andrew Broster: Correct. Yeah, it was literally, “Hey, Andrew, we need to build this workflow portal.” We were trying to solve problems at a software level for end users through, in those days, it was actually still the channel and that was the first exposure we ever had to the channel.  Okay. Now, though, you have your own product.  Andrew Broster: Yes, at the end of 2018, early 2019, we launched Evexi, purely on the grounds of Sky needing a different CMS vendor because Scala was the end-of-life Samsung system on chip support and yeah, Evexi came live and we flipped 2,700 pubs overnight onto our platform, and we were talking about taking a big leap, that was a big leap for and a big learning curve  And how do you do that overnight? The common perception would be if you're going to change 2,000 devices over you've got to visit 2,000 devices or you've got to Telnet into them or something or other and monkey around with each of them  Andrew Broster: No, what we ended up doing was as we created a reboot script that was rewriting the URL from the URL launcher on a Samsung screen and instead of Scala, we flipped them remotely to ourselves.  So with this business, you were asked to develop something for a specific client. Did you look at the marketplace and go, all right, we can do this for sure. We've got a client who wants it We can turn this into a larger business, but boy, there are already a lot of CMS software platforms out there, how do we differentiate ourselves? Andrew Broster: I don't think it was even that really. I think right back in the beginning my other shareholder said to me, is this a mistake? Are we going to just generate a lot of debt within the business? Is this a hard business to get into? I spent probably about three to four months, looking at the landscape, looking at companies, competitors, and companies that basically had one successful client and then struggled to grow out of the single client, and really from my point of view, it was, because I was very technical by nature, I wanted to be able to build a platform that was using the latest technologies. A lot of our competitors, less so now, but at the time in 2018-2019, were using a lot of aging software technologies, and scaling issues, so just single servers.  I'm a network architect by trade. I wanted to build a cloud-based platform that uses the same technologies as Amazon AWS and Netflix, and that really for me was the ability to have what I call a native cloud product and not make the same mistakes that everybody else does, because when you're building a product and trying to go to market, you have to really try and avoid making all your competitors' mistakes. So you ended up with what I believe you describe as a headless CMS, right?  Andrew Broster: Yeah, it's a headless CMS. By design it was headless, and then we put in a very simple UI because we had right back in those days, about 2,300 landlords wanting to publish their own content. So it really had to be very straightforward to use and we wanted to automate everything else in the backend. So things like rendering automatic web content, being able to have a platform that's open that anyone can build onto.  I'm from an open-source background originally, so I wanted to make these tools readily available to all of the partners and the ecosystem we're working in. So when you say headless CMS, what does that mean for a typical end user?  What I think about is that you've got creatives, people who are working on online products and so on, who don't want to back out of their normal workflow, platforms and log into something separate just to do digital signage. Andrew Broster: Correct, and for the larger companies integrating into our APIs, which are publicly available, means that we become an extension of their product suite rather than copy and pasting and moving content around. We just end up at the end of the line of the production, and then content gets scheduled, instead of having to log into another system. I'm a big fan of automating and integrating everything. What would be a good kind of reference example of companies that you're working with that you're allowed to talk about?  Andrew Broster: Sky is the obvious one. We did a lot of work with David Lloyd, on some projects for their gyms. Johnny Walker and Diageo in South Africa. And they've integrated into our APIs as well, whereby, they had a lift and learn solution using Nexomsphere integrated into Evexi. They built their own web apps sitting on top of a platform for the customer user journey, and then every time you want to go and change products, they have their own merchandising platform. So it gives the whole user journey without even touching a backseat, to be honest with you, and we just turn into ultimately a distribution engine because what we're doing is providing the player to be sophisticated and be able to play whatever content has been built and developed, but the changing the scheduling and interaction of it is all done through our APIs. So you mentioned the Sky project. That's still fully going. What kind of footprint does that have at the moment?  Andrew Broster: It still has around 2,000 screens. I think they're very heavily looking at the market at the moment, and seeing who else is doing it. Stone Gates are doing a great job at the moment, running out of a media platform into a pub network and I think it's fair to say we all collectively are just watching that to be honest with  You're all watching it for?  Andrew Broster: To see how that project evolves and whether it's going to be a success. I mean Sky were the early adopters of this in pub networks and I think like anything in this world, to be able to attract the big liquor brands and the beverage brands, you need to have a reasonable footfall, and that was always the argument right back in the beginning. How do you pump advertising revenue into your advertising network, unless you've got a footfall of half a million to three quarters of a million people.  Right. You're doing a lot of work with Nexonsphere. I just did a podcast with them a couple of weeks ago.  Andrew Broster: I know them well.  I like what they do and it's interesting that “Lift and Learn” is something that's been around for 20 years, but it used to be really hard to do. Is that what's being used for Johnny Walker and could you describe it?  Andrew Broster: Yes, it is exactly that. So if you walk into a liquor store in South Africa, you can pick up a product. It'll tell you about the product. You can pick up another product. It'll compare the two products, and then you follow the user journey on a screen after you've picked up the products to be able to inquire or pick up more information about the product. So in the Johnny Walker world, it's about understanding the different flavors of Johnny Walker and what the blend and what the mixes you have with the alcohol and the key to all of that is to understand who's using the product and to be able to provide that information back to the brand.  For me, that was a great project for us because we had so little involvement. I know that sounds ridiculous, but when you have a technical partner who is very tech focused, very marketing focused and who knows how to build apps using documentation, we have very little interaction, but I think really the beauty of it is the numbers that are coming back now is that they're seeing across, I think it's about 160 to 180 sites, they're seeing between a 40 and 42 percent uplift in sales and the tills as a result of using learned because they're doing a lot of A/B testing. So we know it works, and for us, it's making the next must be integration. Now, you don't have these drop down menus, don't have a CMS that's completely and utterly configure-centric, just need to be able to build out your solution because no Lift and Learn solution is the same and you need to be able to get there in 5 or 10 minutes. Right, because you want this to be largely in the hands of the integrator, the provider, whoever.  Andrew Broster: Our objective is to make the integrators' lives easy. If we can't make their lives easy, what's the point really from my point of view, frankly, of existing. They need to make money like we need to make money and the easiest way of doing that is just to make their lives easy. When you're on a journey of looking at getting into space and analyzing the other platforms that are out there, the other approaches and so on, what kind of conclusions did you draw about what you needed to do? Andrew Broster: How I looked at it was: We have many small customers and we have some very nice blue chip, large customers, and ultimately you need to make the small customers' lives very easy, three steps to be able to publish content and manage your content, and then when it comes to the big boys, you need to be able to become an extension of their existing workflows. Our goal really was, is to just build something that one is open, and two is very easy for an end user to use, because ultimately, in our space, we have systems integrators that are ultimately just resellers and they just resell the service and they're not technical, and then we have other integrators that we call our technical partners that are hugely technical. I want to be able to do stuff that we haven't even dreamt of yet, and it's the ability for them to be able to have that platform to do what they want.  So if you're going to do headless, it sounds like you have to have that capability, but for the small to medium business customer, they're probably not going to use the headless element so you've got to have a full UX for them, right?  Andrew Broster: But you've just got to give them a really easy journey. If they can use Facebook or they can use Instagram, they should be able to use a CMS. It should be as simple as that. Ultimately, our goal is login.  In our world, it's, you've got three things. You've got a player, you've got media, and you've got to be able to publish it, and it shouldn't be more complicated than that because that's what the smaller clients want. They want to be able to schedule content and they want to be able to update content very easily.  Is there a particular market vertical that you guys are strong in? Is it retail or is it QSR?  Andrew Broster: It's a fight between the two at the moment. We're doing a lot more work with Elo, Micro Touch in the U.S. at the moment. So we are using Blue Star in the U.S. to sell through to the channel, and so QSR is an interesting space because of the Square integration. You can plug a square device in and a touch screen in and within 20 minutes you can have QSR running on a touch screen to be able to do the ordering. It's four clicks in our system. You authenticate against the Square, you choose your products and off you go. So that space for us is very exciting for us. In the retail side, I think predominantly because of the way we position our product for integrations into Nexomsphere and stuff like that, that makes it quite an attractive offering.  With kiosk, and point of sale, I don't know that world all that well, but, Square, I think about it as transaction processing. Do you still have to jack into a point of sale system or is that something you can provide?  Andrew Broster: No, we are ultimately like a silent salesman sitting there. So we're literally integrated straight into Square's APIs. We pull up the products and we're just another method of ordering. So we work and the integration works just like online ordering, but we're just presenting it on a pretty screen, which is touch enabled. So that integration for us Is key, but actually very simplistic  Because you're doing from what I can tell on the web, a lot of kinds of interactive work and use portrait screens to do that. I see most digital science platforms as being very distinctly oriented around landscape and large format displays that don't have interactive. Is it hard to straddle the two?  Andrew Broster: No, not really. At the end of the day, it's a player for us. We have customers who've got large LED screens which is great, works very well. I would say we're particularly strong in the portrait side of the world.  But at the end of the day, all this technology doesn't work without any content creators. So we've got some very nice strategic content partners that do all of this work, which worked very well with our systems integrators.  So you would just point to them when a customer asks, you say, “These guys can help you out?”  Andrew Broster: Yeah, so if they don't have it in house and we say look, sure, no problem. We've got three or four of our preferred content partners who are actually quite tech and web app enabled, so they like to do some of the experiential stuff which ultimately then boils back down into the Nexomsphere world. So there again, it's a nice blend.  I believe you got into this in part, to do the Sky thing, that at that point it was a system on chip displays. Is that accurate?  Andrew Broster: Yes. So Sky has a very close relationship with Samsung, and the remit was that they had to be a Samsung screen system on chip. Now we're going back to 2015-2016 models, the very first generation way before Tizen. So yeah, that was the requirement, and off the back of that, it was, which CMS vendor can support these screens? Because in those days, system on ships didn't support portraits. You had to do clever stuff to make the content play in portrait in those days. That was the reality of it, and then, yes, in those early days, it was Scala that we originally integrated into. Then once Chris Regal and Stratacash bought Scala, that was the end of Samsung and SoC, right?  Andrew Broster: It absolutely was. It was, I think the initial shock was, what do we do next? But as I said before, Sky came to us and said, look, we have to keep this advertising network running. We need it supported. We need a platform that can scale a lot further than it currently runs at the moment, and we welcome that challenge, really. Don't forget we, at the time we were only seven or eight strong, we're now nineteen strong straddling three countries. So we've grown up a lot since then, but for a company of that size at the time, it was quite a big challenge. One of the things that I've heard through the years with system on chip smart displays is as you alluded to when they first came out, they weren't very powerful, weren't very capable.  I heard, as subsequent generations came along, they got quite good, they got quite powerful, but more recently, I've heard the opposite that because of the demands that are out there now for end devices that they can't handle everything, that they don't have the processing power to maybe do stuff that has aspects of AI related to it or anything else. I'm curious about your experience.  Andrew Broster: I think if you look at it from a HD point of view, no issues, 4k, don't see any issues. We saw some early issues in around Tizen 4 particularly. So we're talking about three or four years ago. Tizen 6, 6. 5 and 7 have been reasonably good.  Don't forget, we now integrate using Nexomsphere controllers, we're doing a lot of work with LIDAR, with Nexomsphere as well and predominantly these Tizen screens, they're just very dependent, not only on the processor, but on the Chromium version. If you're running a screen that's running a four year old Chromium version, you're going to have a whole ball ache when it comes to doing some cool stuff. But the later the Chromium release, the more feature rich, it actually becomes.  So there's no issue handling the complexity of content?  Andrew Broster: No, we have thousands of Samsung screens on our estate. They are in our world probably the most reliable devices. I have heard that there's been a push lately amongst end users to go to independent standalone media players and to decouple from the displays and not be relying on them. Are you hearing that in the community?  Andrew Broster: Yep, we are.  What's driving that?  Andrew Broster: So just to summarize we support anything Tizen, let's just say anything Samsung WebOS. We support Linux, Windows, Pi5 as well but I wouldn't run an estate on a Pi5. We're seeing a lot of drive now down the Android route, and my background is security, and I've always had a huge aversion to going near Android players. But there are a couple of new parties involved in the market that we're starting to work with who are releasing what we call their own orchestration platform for supporting Android so they can roll out thousands of these devices, keep them updated, keep them online and healthy and I'm actually quite receptive to it because I've always been very allergic to it, but going back to your point, I think a lot of it is possibly some of the integration issues or some of the requirements for external devices to function.  It took us nearly two years to get Samsung to open a USB port for us. People don't hang around for two years just to be able to have an integration port, being able to have an external device using that, which natively support, is actually a huge stepping stone and a huge advantage.  Why is that?  Andrew Broster: Because there's no compatibility issues. if I have to keep going back to Samsung every time I want to be able to have another driver to support over USB, and they turn around and say, two years later, yeah, guys, we finally decided that there's a big enough opportunity in the market to do it. We will consider it. That's all well and good, but the smaller, external media player companies, can move a lot quicker than that.  Right. I did an event where I was supposed to be using Samsung kiosk for checkin…  Andrew Broster: Oh, don't I know it.  I just wanted to use a little thermal printer and they said, we don't have that because that needs a Windows driver and we don't have that, so too bad, so sad.  Andrew Broster: Yep, absolutely.  But just leave it at that.  Andrew Broster: Put it this way. I mean we support the Samsung Kiosk on Tizen. They have a barcode and QR scanner. Does it work? Not really. They have a printer. Does it work? Yes, but it's only that printer. You can't plug anything else in it and it'd be supported because the Tizen operating system doesn't support it. So it's hardly surprising that people just go out and say, actually life's so much easier if I just plug another device into it, because I just know that the peripherals of work, and that for me is probably the approach I'd look at too.  If I'm a large brand and I just want to roll out 1500s, let's call them devices, and then all of a sudden, the panel vendor says, no, we don't support that device. You can't wait for a decision to be made. You just got to get on with your project, and yes, that's a perfect space for media players.  Because you've now been in this industry for some time, but spent a lot of time looking at it, where do you think things are at? Because I see far too many software competitors out there and I'm always amazed when a small startup contacts me and says, we're doing this too, here's what we're up to, and I'm thinking, why did you start this? There's so many competitors to begin with.  What do you see and what will happen? Because I just see the herd being thinned out.  Andrew Broster: I think what I'm carefully observing at the moment is the number of acquisitions that are taking place. We see it, if we look at grass, fish and dice, and the aggregation and the buying up of what I look at as like the supply chain and ultimately trying to go direct.  I think that's for me, I think that opens more doors than it closes for us. Not only on the fact that, ultimately my business needs to have a value and it needs to be able to be, one day, I would like to walk away from this. From my point of view, looking at it and seeing one, competitor being swallowed up or acquired by systems integrators is a great thing. But two, it also leaves a very open to us because what then happens is you've got a UK based company buying from fragments like a what was a European digital signage software platform who's now actually realistically going to become a direct competitor because they will then start competing in the same space for the same customer base. For me, that's great. We get calls quite regularly saying, oh yeah, but yeah, we can't buy those licenses anymore because they're now a competitor. The board won't approve it.  So from my point of view, it's great, and it's exciting, and for us, we're picking up new businesses as a result of it. What I'm seeing, which I'm quite enjoying at the moment is a lot of the hype around retail media. I did a podcast couple of weeks ago about it, with one of our systems integrators. Chris Regal is doing a great job of talking and educating the market. I think his insights are very valuable. I have a lot of respect for Chris. I have done all of these, even going back to when he acquired Scala, but I haven't yet seen a very good implementation of a retail media network. I don't travel the globe every day, but I do a fair amount of travel. But I think really for my business and other businesses our side, the retail media side of it is purely targeted messaging, ultimately, if you want me to look at it that way. I don't think that's exciting. Who would you describe as a good partner company and a channel to work with, because there are some integrators who I tend to call solutions providers because they truly understand it versus AV systems integrators who are really good at deploying stuff in workplaces and other kinds of spaces like that, but they don't understand content, they don't understand the software. They just put stuff in.  Andrew Broster: Yeah, hang and bang as I call it.  Yeah. I don't like to use that term because they don't like it, but that's...  Andrew Broster: There's no disrespect. Yeah, to it, to any of those guys, everybody has their business model, right? We have this really nice blend of very sophisticated system integrators down to the ones that just want to look after the smaller end users, and they're as valuable to us as anybody, because we give them tools that they just go in and plug in and exercise. That's an easy route for us really, because we were selling a box product with an add on, and they can go in and install a box product with an add on and it's just two pieces of software for us. That's perfect.  I think about end users and the enterprise level ones often wanting a fully managed solution where, look, we're going to outsource this thing to you guys, we'll give you direction and everything else, what we need, but you guys do it.  Are you also seeing that with some of your channel partners that even relatively small deployments, they want that full managed solution?  Andrew Broster: We are, and we're seeing more and more of it, and that's exactly where our systems integrators sit in that space, and that's great. More and more to be honest with you, I think, we saw years ago, like everybody wanting to move to the cloud and just push the problem away and trying to lower the cost of IT systems, right?  I think what they're also trying to do now, certainly in the marketing side of these brands, is they want to be able to push that out and just know it's going to be looked after. It's easier to have a fully managed service for the systems integrator that has a help desk, a support system, people on the ground, technical experts and the partners that we work with, they're all certified Evexi Partners.  We get maybe two or three calls a week from an escalation point of view with something, but the rest of it is handled by our systems integrators.  That's a good situation.  Andrew Broster: I always look at it erctainly the channel is we're like the software guys, we're not the help desk guys. We're the guys that want to build the software, look after the software and release more features in the software. The systems integrators are great at looking after the customer, supporting the customer and delivering everything to the customer. We fit in quite nicely.  So it's either two things. Everything's going well, or they've given up on you.  Andrew Broster: No, it's not, because I keep buying licenses, and that's a good thing.  Absolutely. I believe you have a busy next few weeks coming up here. You're at NRF and then ISE. Andrew Broster: Yeah. So we're at four trade shows in the space of four months. Next year we are with our partner's Ergonomic Solutions, NRF, which will be great, really looking forward to that. Our US market footprint's growing, so we're enjoying that relationship, Blue Star is an integral part of that. We enjoy working with those guys.  ISE, again, the Ergonomic's stand, we're showcasing a lot of new tech. So a lot of it is nice integrations with Nexomsphere as well. A lot of touch applications, experiential stuff. We're on the Nexomsphere stand with them as one of their supporting partners and we're on the Samsung stand, and then at the end of February, we go to Eurosys, which I find fascinating because it's a very different market and it's very retail focused. So we're there for a week and then we're at the Retail Tech Show again, and we'll be supporting three or four of our UK partners as well as Ergonomic Solutions as well at the Retail Tech Show. So it's a very busy beginning to the year.  All right. I will let you get organized for all that. Thank you for taking some time with me.  Andrew Broster: No problem at all. Thank you very much for having me.

Every week here on the show we talk about vulnerabilities and exploits. Typically we recommend that organizations remediate these vulnerabilities in some way. But how? And more importantly, which ones? Some tools we have to help us are actually not all that helpful at time, such as: Mitre Att&ck - Don't get me wrong, this is a great project and Adam and team is doing a great job. However, its not a complete picture as we can't possibly know about every attack vector (or can we?). People seem to think if they cover everything in the framework they will be secure. You can't cover everything in the framework because each technique can be utilized by an attack in a hundred different ways. CVSS - Anyone can apply a score, but who is correct? Good that we have a way to score things, but then people will just use this as a basis for what they patch and what they do not. Also, chaining vulnerabilities is a thing, but we seem to lack any way to assign a score to multiple vulnerabilities at once (different from a technique). Also, some things don't get a CVE, how are you tracking, assessing risk, and patching these? CISA KEV - Again, love the project and Tod is doing amazing work. However, what about things that do not get a CVE? Also, how do you track every incident of an attacker doing something in the wild? Also, there is frequency, just because something got exploited once, does that mean you need to patch it right away? How are we tracking how often something is exploited as it is not just a binary "yes, its exploited" or "no, it is not". EPSS - I do like the concept and Wade and Jay are doing amazing work. However, there seems to be a "gut reaction" thing going on where we do see things being exploited, but the EPSS score is low. How can we get better at predicting? We certainly have enough data, but are we collecting the right data to support a model that can tell us what the attackers will do next? This week: YAVD: Yet Another Vulnerable Driver, why bring your own when one already exists, backdoors in MIFARE Classic, wireless hacking tips, AMD sinkclose vulnerability will keep running, you down with SLDP yea you know me, Phrack!, IoTGoats, Pixel vulnerabilities, leaking variables, a DEF CON talk that was not cancelled, Telnet is still a thing, More CNAs, and the last thing Flint Michigan needed was a ransomware attack! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw-840

This week: YAVD: Yet Another Vulnerable Driver, why bring your own when one already exists, backdoors in MIFARE Classic, wireless hacking tips, AMD sinkclose vulnerability will keep running, you down with SLDP yea you know me, Phrack!, IoTGoats, Pixel vulnerabilities, leaking variables, a DEF CON talk that was not cancelled, Telnet is still a thing, More CNAs, and the last thing Flint Michigan needed was a ransomware attack! Show Notes: https://securityweekly.com/psw-840

Every week here on the show we talk about vulnerabilities and exploits. Typically we recommend that organizations remediate these vulnerabilities in some way. But how? And more importantly, which ones? Some tools we have to help us are actually not all that helpful at time, such as: Mitre Att&ck - Don't get me wrong, this is a great project and Adam and team is doing a great job. However, its not a complete picture as we can't possibly know about every attack vector (or can we?). People seem to think if they cover everything in the framework they will be secure. You can't cover everything in the framework because each technique can be utilized by an attack in a hundred different ways. CVSS - Anyone can apply a score, but who is correct? Good that we have a way to score things, but then people will just use this as a basis for what they patch and what they do not. Also, chaining vulnerabilities is a thing, but we seem to lack any way to assign a score to multiple vulnerabilities at once (different from a technique). Also, some things don't get a CVE, how are you tracking, assessing risk, and patching these? CISA KEV - Again, love the project and Tod is doing amazing work. However, what about things that do not get a CVE? Also, how do you track every incident of an attacker doing something in the wild? Also, there is frequency, just because something got exploited once, does that mean you need to patch it right away? How are we tracking how often something is exploited as it is not just a binary "yes, its exploited" or "no, it is not". EPSS - I do like the concept and Wade and Jay are doing amazing work. However, there seems to be a "gut reaction" thing going on where we do see things being exploited, but the EPSS score is low. How can we get better at predicting? We certainly have enough data, but are we collecting the right data to support a model that can tell us what the attackers will do next? This week: YAVD: Yet Another Vulnerable Driver, why bring your own when one already exists, backdoors in MIFARE Classic, wireless hacking tips, AMD sinkclose vulnerability will keep running, you down with SLDP yea you know me, Phrack!, IoTGoats, Pixel vulnerabilities, leaking variables, a DEF CON talk that was not cancelled, Telnet is still a thing, More CNAs, and the last thing Flint Michigan needed was a ransomware attack! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw-840

This week: YAVD: Yet Another Vulnerable Driver, why bring your own when one already exists, backdoors in MIFARE Classic, wireless hacking tips, AMD sinkclose vulnerability will keep running, you down with SLDP yea you know me, Phrack!, IoTGoats, Pixel vulnerabilities, leaking variables, a DEF CON talk that was not cancelled, Telnet is still a thing, More CNAs, and the last thing Flint Michigan needed was a ransomware attack! Show Notes: https://securityweekly.com/psw-840

NetBSD 9.4, FreeBSD SSDF Attestation to Support Cybersecurity Compliance, The Lost Worlds of Telnet, alter file ownership and permissions with a feedback information, parallel raw IP input, OpenBSD routers on AliExpress mini PCs, FreeBSD for Devs. Plus a special interview with the organizers of BSDCAN 2024. NOTES This episode of BSDNow is brought to you by Tarsnap (https://www.tarsnap.com/bsdnow) and the BSDNow Patreon (https://www.patreon.com/bsdnow) Headlines NetBSD 9.4 (https://www.netbsd.org/releases/formal-9/NetBSD-9.4.html) FreeBSD Foundation Delivers V1 of FreeBSD SSDF Attestation to Support Cybersecurity Compliance (https://freebsdfoundation.org/blog/freebsd-foundation-delivers-v1-of-freebsd-ssdf-attestation-to-support-cybersecurity-compliance/) News Roundup The Lost Worlds of Telnet (https://thenewstack.io/the-lost-worlds-of-telnet/) How to alter file ownership and permissions with a feedback information (https://sleeplessbeastie.eu/2024/04/18/how-to-alter-file-ownership-and-permissions-with-a-feedback-information/) Coming soon to a -current system near you: parallel raw IP input (https://www.undeadly.org/cgi?action=article;sid=20240418050520) OpenBSD routers on AliExpress mini PCs (https://www.srcbeat.com/2024/02/aliexpress-openbsd-router/) FreeBSD for Devs (https://dev.to/scovl/freebsd-for-devs-3n0k) Tarsnap This weeks episode of BSDNow was sponsored by our friends at Tarsnap, the only secure online backup you can trust your data to. Even paranoids need backups. Feedback/Questions Daniel - jail issue (https://github.com/BSDNow/bsdnow.tv/blob/master/episodes/556/feedback/Daniel%20-%20jail%20issue.md) Rick - ZFS (https://github.com/BSDNow/bsdnow.tv/blob/master/episodes/556/feedback/Rick%20-%20ZFS.md) Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv (mailto:feedback@bsdnow.tv) Join us and other BSD Fans in our BSD Now Telegram channel (https://t.me/bsdnow)

Mark Iannuzzi of TelNet Worldwide takes a fresh look at a long-term challenge, calls for changes “Our telecommunication policy that started in 1996 and how service providers interconnect their network was based upon TDM technology, but here we are in 2024 and we know that IP is the rule of the roost,” says Mark Iannuzzi, President of TelNet Worldwide. We need the FCC to step up and to update the regulations so that the carriers, in fact, do play by a new playbook for interconnecting their network on an IP basis. And if we do that, now you have an end-to-end system.” Recorded just before last month's Cloud Connections Conference, and just after a committee of the CCA met with the FCC, this podcast covers some of the stickier challenges of the STIR/SHAKEN era. Along with the benefits and steps forward of STIR/SHAKEN, Mark discusses how a legitimate organization with legitimate needs to call contacts, can be labeled spam, and not know it. Mark explores these problems along with a call for policy reforms and refresh. The CCA's Government Affairs Committee, which Mark discusses, is a key and core activity of the CCA, as the CCA works to retain communication by phone as a critical link for organizations and people. Visit www.telnetww.com

Unwanted robocalls and text messages plague the PSTN, wasting time and potentially leading to scams. While the STIR/SHAKEN and Campaign Registry frameworks promise a solution, incomplete and onerous implementation leaves us vulnerable. This podcast dives into the fight against illegal robocalling/texting and spoofing. We'll explore the limitations of STIR/SHAKEN and the TCR, discuss the need for a strong caller name labeling system, and how regulators and the industry can work together to finally silence these unwanted calls. Visit www.telnetww.com

Fredrik får besök av Joakim Melin, chefredaktör för Datormagazin retro: den numera årliga retrodatortidningen vars sjunde nummer kommer i mitten av december. Jocke berättar om tidningens bakgrund - från Datormagazins gamla versioner, via en kickstarter, till många matiga artiklar som varit med i tidigare nummer. Och några teasers för vad som kommer i nummer sju nu i december! Var med och tävla om en Datormagazin retro-tröja! Instruktioner - och en rabattkod till Datormagazins shop - finns i avsnittet! Ett stort tack till Cloudnet som sponsrar vår VPS! Har du kommentarer, frågor eller tips? Vi är @kodsnack, @thieta, @krig, och @bjoreman på Mastodon, har en sida på Facebook och epostas på info@kodsnack.se om du vill skriva längre. Vi läser allt som skickas. Gillar du Kodsnack får du hemskt gärna recensera oss i iTunes! Du kan också stödja podden genom att ge oss en kaffe (eller två!) på Ko-fi, eller handla något i vår butik. Länkar Joakim “Den andra podden” - Björeman // Melin // Åhs Senaste avsnittet av BMÅ Sveriges geologiska undersökning Delta city Datormagazins BBS - använd Telnet och koppla upp dig till dmzbbs.se på port 2333. Du kan även SSH:a till dmzbbs.se på port 2222 och ange “bbs” som användarnamn och lösenord! Datormagazin Datormagazin retro Retrogathering Historien om Datormagazin - hela historien fanns med i nummer ett av Datormagazin Retro Svenska hemdatornytt MSX Genesis project Atari Pontus Enhörning OS/2 Commodore 65 G4-kuben Bebox Nextkuben Beos Cobalt qube Gamecube Commodore 128 Denise - Amiga 500 plus-remake Commodoredagarna Svenska Commodoreklubben Iggy Drougge SUGA - Swedsh user group of Amiga Tidningen Okej Infocom Clive Sinclair KOM-system ftp.melin.org melin.org/bbs Delta citys instruktionssida Fabbes BBS Datormagazinshopen Julkalsongerna Titlar Vi har övat sedan 2015 Proffs i sammanhanget Låta artiklarna spänna ut Skriv tills du är klar Den osmiknkade varianten CD-ROM-redaktör Tidningen blev 200 sidor lång Sedan hörde posten av sig En hackerblaska Egen “kickstarter” Hemdatornyttsyndromet Retrofönstret I've seen Amigas you people wouldn't believe Jag känner sysop

Bartek får besök av Joakim Melin - bland annat chefredaktör för Datormagazin Retro (en tidning aktuell med sitt sjunde nummer som du kan boka nu!) Det blir en skönt retrodatordoftande diskussion om Datormagazins historia, tidiga datorupplevelser, att skriva papperstidningar så rejäla att man bestraffas av Posten, och mycket mer.Sist men inte minst: var med och tävla om en finfin Datormagazin retro-tröja!TävlingFör att delta i tävlingen, skicka ditt svar på dessa två frågor till hej@kompilator.se. Första pris är en Datormagazin-tshirt, 5 tröstpris med Kompilator-stickers delas också ut!Fråga 1: När kom det första numret av Datormagazin? Svara med år och månad.Fråga 2: Bartek har hållt på att bygga ett hönshus ett tag nu. Originalestimatet var "12-16 veckor", något som har överskridits med råge. Hur många dagar har bygget pågått till dagens datum?LänkarTsundoku - köpa böcker och lägga på högFernwehJoakim MelinMacproJockes podd från skogen - samma sida som ovan, scrolla nerMacradionFredrik Björeman - Jocke och Fredrik sprang på varandra i podden AppsnackBjöreman // Melin // ÅhsChristianKodsnackDatormagazin RetroAnders ÖhmanGamla nummer av DatormagazinArtikeln om Datormagazins historia - hela historien fanns med i nummer ett av Datormagazin RetroChrister RindebladCommodore 64VIC-20Commodore 128Amiga 500Svenska hemdatornyttPontus EnhörningLotta BroméJack TramielAmstrad CPCC/PMPagemakerCorel drawSparcstation 5RetrogatheringSwedish user group of AmigaBeställ Datormagazin Retro #7!Datormagazins BBS - använd Telnet och koppla upp dig till dmzbbs.se på port 2333. Du kan även SSH:a till dmzbbs.se på port 2222 och ange “bbs” som användarnamn och lösenord!Var med i tröjtävlingen!CitatNostalgi för någonting som man aldrig har upplevtDrevs litegrann som en fritidsgårdEn retrodatortidningHur det var när det fanns papperstidningarFörsiktigt röra vid AmiganJättemycket nostalgiska känslorAnnonser är fortfarande drivkraftenStraffaktura från Posten

Bartek får besök av Joakim Melin - bland annat chefredaktör för Datormagazin Retro (en tidning aktuell med sitt sjunde nummer som du kan boka nu!) Det blir en skönt retrodatordoftande diskussion om Datormagazins historia, tidiga datorupplevelser, att skriva papperstidningar så rejäla att man bestraffas av Posten, och mycket mer.Sist men inte minst: var med och tävla om en finfin Datormagazin retro-tröja!TävlingFör att delta i tävlingen, skicka ditt svar på dessa två frågor till hej@kompilator.se. Första pris är en Datormagazin-tshirt, 5 tröstpris med Kompilator-stickers delas också ut!Fråga 1: När kom det första numret av Datormagazin? Svara med år och månad.Fråga 2: Bartek har hållt på att bygga ett hönshus ett tag nu. Originalestimatet var "12-16 veckor", något som har överskridits med råge. Hur många dagar har bygget pågått till dagens datum?LänkarTsundoku - köpa böcker och lägga på högFernwehJoakim MelinMacproJockes podd från skogen - samma sida som ovan, scrolla nerMacradionFredrik Björeman - Jocke och Fredrik sprang på varandra i podden AppsnackBjöreman // Melin // ÅhsChristianKodsnackDatormagazin RetroAnders ÖhmanGamla nummer av DatormagazinArtikeln om Datormagazins historia - hela historien fanns med i nummer ett av Datormagazin RetroChrister RindebladCommodore 64VIC-20Commodore 128Amiga 500Svenska hemdatornyttPontus EnhörningLotta BroméJack TramielAmstrad CPCC/PMPagemakerCorel drawSparcstation 5RetrogatheringSwedish user group of AmigaBeställ Datormagazin Retro #7!Datormagazins BBS - använd Telnet och koppla upp dig till dmzbbs.se på port 2333. Du kan även SSH:a till dmzbbs.se på port 2222 och ange “bbs” som användarnamn och lösenord!Var med i tröjtävlingen!CitatNostalgi för någonting som man aldrig har upplevtDrevs litegrann som en fritidsgårdEn retrodatortidningHur det var när det fanns papperstidningarFörsiktigt röra vid AmiganJättemycket nostalgiska känslorAnnonser är fortfarande drivkraftenStraffaktura från Posten

Om Shownotes ser konstiga ut (exempelvis om alla länkar saknas. Det ska finnas MASSOR med länkar) så finns de på webben här också: https://www.enlitenpoddomit.se    Avsnitt 431 spelades in den 18 oktober och därför så handlar dagens avsnitt om: INTRO: - Alla har haft en vecka... David har börjat göra musik igen, byggt på altanen, och testat att fotografera natthimlen. Björn har jobbat, firat sin fru, haft utvecklingssamtal på skola, och tittat på "A Man Called Otto". Johan har tittat klart på Asohka, ska få fiber, hållit presentation om dataverse som integrations plattform, och har syster på besök.  BONUSLÖNK 1: "A Man Called Otto": https://www.imdb.com/title/tt7405458/  BONUSLÖNK 2: "Ahoska" https://www.imdb.com/title/tt13622776/  FEEDBACK AND BACKLOG: - En liten rättelse om Pixel 8   128 GB: 9590 kr   256 GB: 10390 kr - Osäker på om vi sa rätt pris på dessa i förra avsnittet:   Apple AirPods (gen 2), 3301kr. - Google gör som Microsoft   https://www.thurrott.com/cloud/290910/google-will-indemnify-customers-for-generative-ai-use  ALLMÄNT NYTT - 23andme  har läckt kunddata   https://www.bleepingcomputer.com/news/security/23andme-hit-with-lawsuits-after-hacker-leaks-stolen-genetics-data/  - Vi firar att "patch Tuesday" firar 20 år. Och visst är det skönt att patchning numera inte längre är en issue!   https://www.theregister.com/2023/10/11/microsoft_patch_tuesday_turns_20/  MICROSOFT - Activision/Blizzare går igenom (Bobby Kotick slutar)   https://arstechnica.com/gaming/2023/10/microsoft-finally-owns-candy-crush-as-it-closes-69b-activision-blizzard-deal/    - Trailer: https://www.youtube.com/watch?v=AYU4q594LJ0    - https://arstechnica.com/gaming/2023/10/ceo-bobby-kotick-will-leave-activision-blizzard-on-january-1-2024/  - I kategorin har inte detta hänt för länge sedan   https://www.bleepingcomputer.com/news/security/microsoft-plans-to-kill-off-ntlm-authentication-in-windows-11/  APPLE - Nya pennor   https://www.apple.com/newsroom/2023/10/apple-introduces-new-apple-pencil-bringing-more-value-and-choice-to-the-lineup/    https://www.apple.com/se/shop/product/MUWA3ZM/A/apple-pencil-usb-c  - Cool grej:   https://appleinsider.com/articles/23/10/15/apple-plans-to-update-iphones-in-store-without-opening-the-boxes  GOOGLE: - Jag vill att denna kommer till Sverige (Svenska)   https://9to5google.com/2023/10/13/pixel-recorder-favorites/  EXTRA NYHETER:  - IP-adresser kostar pengar, och om man gör olagliga saker så kan man hamna i fängelse   https://krebsonsecurity.com/2023/10/tech-ceo-sentenced-to-5-years-in-ip-address-scheme/  - Skattbot.se   (som BORDE ha hetat "skattGPT")   https://www.linkedin.com/posts/kevenqiwang_privat-activity-7115227104740323329-FMkh/  PRYLLISTA - Björn: Elgato Teleprompter: https://www.elgato.com/eu/en/p/prompter  - Johan härmar Björn och vill ha samma. :)   (men björn paxade först) - David: Peak Design Pixel 8 Pro-skal, https://www.peakdesign.com/products/everyday-case-pixel?variant=40166731186253 och ett stativfäste https://www.cyberphoto.se/mobiltelefoni/tillbehor/hallare-bordstall/peak-design-mobile-creator-kit-black   EGNA LÄNKAR - En Liten Podd Om IT på webben,      http://enlitenpoddomit.se/  - En Liten Podd Om IT på Facebook,      https://www.facebook.com/EnLitenPoddOmIt/  - En Liten Podd Om IT på Youtube,      https://www.youtube.com/enlitenpoddomit  - Ge oss gärna en recension    - https://podcasts.apple.com/se/podcast/en-liten-podd-om-it/id946204577?mt=2#see-all/reviews      - https://www.podchaser.com/podcasts/en-liten-podd-om-it-158069  LÄNKAR TILL VART MAN HITTAR PODDEN FÖR ATT LYSSNA: - Apple Podcaster (iTunes), https://itunes.apple.com/se/podcast/en-liten-podd-om-it/id946204577  - Overcast, https://overcast.fm/itunes946204577/en-liten-podd-om-it  - Acast, https://www.acast.com/enlitenpoddomit  - Spotify, https://open.spotify.com/show/2e8wX1O4FbD6M2ocJdXBW7?si=HFFErR8YRlKrELsUD--Ujg%20  - Stitcher, https://www.stitcher.com/podcast/the-nerd-herd/en-liten-podd-om-it  - YouTube, https://www.youtube.com/enlitenpoddomit  LÄNK TILL DISCORD DÄR MAN HITTAR LIVE STREAM + CHATT - http://discord.enlitenpoddomit.se  (Och glöm inte att maila bjorn@enlitenpoddomit.se  om du vill ha klistermärken, skicka med en postadress bara. :) 

In this extremely cultured and refined episode of the STAB! show, pottery enthusiast and host Jesse Jones welcomes a panel of museum goes in Kim Martel, Jillian Marie & Nick Pettigrew to share their three takes on TELNET, nine items on the break room bulletin board of Contentment, closing arguments in defense of socks & … Continue reading »

Sans Trizeal, gekko revient sur l'actualité du site (), la sortie Arcade Archive (), Trouble Witches Final sur PlayStation 4 et Nintendo Switch (), GUNSTREAM sur Richard Game Geare daté au Japon (), Limited Run Game avec la compilation Telnet et Tiger Heli () et Cosmo Machia qui s'attaque à TriggerHeart Exelica (). Il sera … L'article Le Podcast Shmup'Em-All n°119 – gekko solo est apparu en premier sur Shmup'Em-All.

Episode #9 wikipedia: MS-DOS is an operating system for x86-based personal computers mostly developed by Microsoft. freedos: FreeDOS is a complete, free, DOS-compatible operating system. While we provide some utilities, you should be able to run any program intended for MS-DOS. wikipedia: Linux (/ˈliːnʊks/ (listen) LEE-nuuks or /ˈlɪnʊks/ LIN-uuks) is a family of open-source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991, by Linus Torvalds. wikipedia: Token Ring is a computer networking technology used to build local area networks. It was introduced by IBM in 1984, and standardized in 1989 as IEEE 802.5. wikipedia: The BNC connector (initialism of "Bayonet Neill–Concelman") is a miniature quick connect/disconnect radio frequency connector used for coaxial cable. wikipedia: GPRS core network. wikipedia: Novell, Inc. /noʊˈvɛl/ was an American software and services company headquartered in Provo, Utah, that existed from 1980 until 2014. wikipedia: BITNET. wikipedia: DECnet. wikipedia: 3Com. realtek: realtek. tp: TP-Link Vastly Expands Smart Home Lineup With Tapo Full Home Security Solutions, Tapo Robot Vacuums and Various Matter Compatible Products. cisco: Cisco Systems, Inc., commonly known as Cisco, is an American-based multinational digital communications technology conglomerate corporation headquartered in San Jose, California. wikipedia: The International Business Machines Corporation (IBM), nicknamed Big Blue, is an American multinational technology corporation headquartered in Armonk, New York, with operations in over 175 countries. It specializes in computer hardware, middleware and software and provides hosting and consulting services in areas ranging from mainframe computers to nanotechnology. duckduckgo: Bootleg stuff search. wikipedia: VM (often: VM/CMS) is a family of IBM virtual machine operating systems used on IBM mainframes System/370, System/390, zSeries, System z and compatible systems, including the Hercules emulator for personal computers. wikipedia: Disk partitioning or disk slicing is the creation of one or more regions on secondary storage, so that each region can be managed separately. wikipedia: The IBM System/360 is a family of mainframe computer systems that was announced by IBM on April 7, 1964, and delivered between 1965 and 1978. wikipedia: The IBM System/370 (S/370) is a model range of IBM mainframe computers announced on June 30, 1970, as the successors to the System/360 family. cisco: What Is Routing? wikipedia: The Internet protocol suite, commonly known as TCP/IP, is a framework for organizing the set of communication protocols used in the Internet and similar computer networks according to functional criteria. wikipedia: The Open Systems Interconnection protocols are a family of information exchange standards developed jointly by the ISO and the ITU-T. The standardization process began in 1977. perl: Perl is a highly capable, feature-rich programming language with over 30 years of development. wikipedia: An FTP server is computer software consisting of one or more programs that can execute commands given by remote client(s) such as receiving, sending, deleting files, creating or removing directories, etc. wikipedia: The Defense Advanced Research Projects Agency (DARPA) is a research and development agency of the United States Department of Defense responsible for the development of emerging technologies for use by the military. wikipedia: The Advanced Research Projects Agency Network (ARPANET) was the first wide-area packet-switched network with distributed control and one of the first networks to implement the TCP/IP protocol suite. wikipedia: A modulator-demodulator or modem is a computer hardware device that converts data from a digital format into a format suitable for an analog transmission medium such as telephone or radio. wikipedia: Telnet (short for "teletype network") is a client/server application protocol that provides access to virtual terminals of remote systems on local area networks or the Internet. wikipedia: Remote Function Call is a proprietary SAP interface. icannwiki: BBN (Bolt, Beranek and Newman Inc.), now Raytheon BBN Technologies, is one of the leading Research and Development companies in the United States, dedicated to providing high-technology products and services to consumers. wikipedia: A punched card (also punch card or punched-card) is a piece of stiff paper that holds digital data represented by the presence or absence of holes in predefined positions. wikipedia: Punched tape or perforated paper tape is a form of data storage that consists of a long strip of paper in which holes are punched. wikipedia: A teleprinter (teletypewriter, teletype or TTY) is an electromechanical device that can be used to send and receive typed messages through various communications channels, in both point-to-point and point-to-multipoint configurations. wikipedia: Teletype Model 33. wikipedia: Teletype Model 37. wikipedia: Unix (/ˈjuːnɪks/; trademarked as UNIX) is a family of multitasking, multiuser computer operating systems that derive from the original AT&T Unix, whose development started in 1969 at the Bell Labs research center by Ken Thompson, Dennis Ritchie, and others. wikipedia: Wang Laboratories was a US computer company founded in 1951 by An Wang and G. Y. Chu. wikipedia: Library (computing). wikipedia: Magnetic-core memory was the predominant form of random-access computer memory for 20 years between about 1955 and 1975. BASIC BASIC (Beginners' All-purpose Symbolic Instruction Code) is a family of general-purpose, high-level programming languages designed for ease of use. The original version was created by John G. Kemeny and Thomas E. Kurtz at Dartmouth College in 1963. wikipedia: Microsoft BASIC is the foundation software product of the Microsoft company and evolved into a line of BASIC interpreters and compiler(s) adapted for many different microcomputers. It first appeared in 1975 as Altair BASIC, which was the first version of BASIC published by Microsoft as well as the first high-level programming language available for the Altair 8800 microcomputer. wikipedia: A floppy disk or floppy diskette (casually referred to as a floppy, or a diskette) is an obsolescent type of disk storage composed of a thin and flexible disk of a magnetic storage medium in a square or nearly square plastic enclosure lined with a fabric that removes dust particles from the spinning disk. wikipedia: A tape drive is a data storage device that reads and writes data on a magnetic tape. wikipedia: In computer engineering, microarchitecture, also called computer organization and sometimes abbreviated as µarch or uarch, is the way a given instruction set architecture (ISA) is implemented in a particular processor. wikipedia: A microsleep is a sudden temporary episode of sleep or drowsiness which may last for a few seconds where an individual fails to respond to some arbitrary sensory input and becomes unconscious. clevo: We offer over 50 models from CLEVO. wikipedia: Clevo is a Taiwanese OEM/ODM computer manufacturer which produces laptop computers exclusively. wikipedia: Rapid transit or mass rapid transit (MRT), also known as heavy rail or metro, is a type of high-capacity public transport generally found in urban areas. wikipedia: Cracker Jack is an American brand of snack food that consists of molasses-flavored, caramel-coated popcorn, and peanuts, well known for being packaged with a prize of trivial value inside. gov: UK Driver's Licence. gov: Legal obligations of drivers and riders. sheilaswheels: We keep our Sheilas happy by supplying fabulous 5 Star Defaqto rated car and home insurance, and that's helped us to become one of the UK's leading direct insurers. nestle: Yorkie was launched in 1976 by Rowntree's of York hence the name. wikipedia: Joyriding refers to driving or riding in a stolen vehicle, most commonly a car, with no particular goal other than the pleasure or thrill of doing so or to impress other people. oggcamp: OggCamp is an unconference celebrating Free Culture, Free and Open Source Software, hardware hacking, digital rights, and all manner of collaborative cultural activities and is committed to creating a conference that is as inclusive as possible. ubuntu: Ubuntu is a Linux distribution based on Debian and composed mostly of free and open-source software. wikipedia: Ubuntu. wikipedia: Mark Shuttleworth. ubuntu: Ubuntu tablet press pack. stallman: Richard Stallman's Personal Site. elementary: The thoughtful, capable, and ethical replacement for Windows and macOS. slackware: The Slackware Linux Project. wikipedia: identi.ca was a free and open-source social networking and blogging service based on the pump.io software, using the Activity Streams protocol. wikipedia: GNU social (previously known as StatusNet and once known as Laconica) is a free and open source software microblogging server written in PHP that implements the OStatus standard for interoperation between installations. wikipedia: Friendica (formerly Friendika, originally Mistpark) is a free and open-source software distributed social network. lugcast: We are an open Podcast/LUG that meets every first and third Friday of every month using mumble. toastmasters Toastmasters International is a nonprofit educational organization that teaches public speaking and leadership skills through a worldwide network of clubs. wikipedia: Motorola, Inc. (/ˌmoʊtəˈroʊlə/) was an American multinational telecommunications company based in Schaumburg, Illinois, United States. volla: Volla Phone. ubports: We are building a secure & private operating system for your smartphone. sailfishos: The mobile OS with built-in privacy. calyxos: CalyxOS is an operating system for smartphones based on Android with mostly free and open-source software. wikipedia: WhatsApp. IRC IRC is short for Internet Relay Chat. It is a popular chat service still in use today. zoom: Unified communication and collaboration platform. jitsi: Jitsi Free & Open Source Video Conferencing Projects. joinmastodon: Mastodon is free and open-source software for running self-hosted social networking services. wikipedia: Karen Sandler is the executive director of the Software Freedom Conservancy, former executive director of the GNOME Foundation, an attorney, and former general counsel of the Software Freedom Law Center. fosdem: FOSDEM is a free event for software developers to meet, share ideas and collaborate. southeastlinuxfest: The SouthEast LinuxFest is a community event for anyone who wants to learn more about Linux and Open Source Software. olfconference: OLF (formerly known as Ohio LinuxFest) is a grassroots conference for the GNU/Linux/Open Source Software/Free Software community that started in 2003 as a large inter-LUG (Linux User Group) meeting and has grown steadily since. linuxfests: A home for educational programs focused on free and open source software & culture. wikipedia: Notacon (pronounced "not-a-con") was an art and technology conference which took place annually in Cleveland, Ohio from 2003 to 2014. penpalworld: a place where you can meet over 3,000,000 pen pals from every country on the planet. redhat: Red Hat Enterprise Linux. openssl: The OpenSSL Project develops and maintains the OpenSSL software - a robust, commercial-grade, full-featured toolkit for general-purpose cryptography and secure communication. STEM wikipedia: Obsessive–compulsive disorder. cdc: Autism. wikipedia: Asperger syndrome. askubuntu: Manual partitioning during installation. wikipedia: Colon cancer staging. cdc: Get Vaccinated Before You Travel. sqlite: SQLite is a C-language library that implements a small, fast, self-contained, high-reliability, full-featured, SQL database engine. wikipedia: Facial recognition system. wikipedia: Tribalism is the state of being organized by, or advocating for, tribes or tribal lifestyles. wikipedia: Southern hospitality. wikipedia: The Kroger Company, or simply Kroger, is an American retail company that operates (either directly or through its subsidiaries) supermarkets and multi-department stores throughout the United States. wikipedia: Prosopagnosia, more commonly known as face blindness, is a cognitive disorder of face perception in which the ability to recognize familiar faces, including one's own face, is impaired, while other aspects of visual processing and intellectual functioning remain intact. wikipedia: T-Mobile is the brand name used by some of the mobile communications subsidiaries of the German telecommunications company Deutsche Telekom AG in the Czech Republic, Poland, the United States and by the former subsidiary in the Netherlands. stackexchange: Where did the phrase "batsh-t crazy" come from? wikipedia: A conspiracy theory is an explanation for an event or situation that asserts the existence of a conspiracy by powerful and sinister groups, often political in motivation, when other explanations are more probable. brigs: At Brigs, we want everyone to get exactly what they're craving! papajohns: Papa Johns. dominos: Domino's Pizza, Inc., trading as Domino's, is a Michigan-based multinational pizza restaurant chain founded in 1960 and led by CEO Russell Weiner. wikipedia: Loitering is the act of remaining in a particular public place for a prolonged amount of time without any apparent purpose. wikipedia: Psychiatric hospitals, also known as mental health hospitals, behavioral health hospitals, are hospitals or wards specializing in the treatment of severe mental disorders, such as schizophrenia, bipolar disorder, eating disorders, dissociative identity disorder, major depressive disorder and many others. wikipedia: Therapist is a person who offers any kinds of therapy. Thanks To: Mumble Server: Delwin HPR Site/VPS: Joshua Knapp - AnHonestHost.com Streams: Honkeymagoo EtherPad: HonkeyMagoo Shownotes by: Sgoti and hplovecraft

Loads of discoveries including picking the best DNS server for your connection, Telnet on the Amiga, some synth thing, markdown notes, and fixing downloaded Twitter data. Plus your feedback about Red Hat and IBM, containers and firewalls, Signal alternatives, and more.   Discoveries dnsdiag ZiModem KnobKraft twitter-archive-parser silverbullet One Thing Well   Feedback ksuperkey Firewalld... Read More

Loads of discoveries including picking the best DNS server for your connection, Telnet on the Amiga, some synth thing, markdown notes, and fixing downloaded Twitter data. Plus your feedback about Red Hat and IBM, containers and firewalls, Signal alternatives, and more.   Discoveries dnsdiag ZiModem KnobKraft twitter-archive-parser silverbullet One Thing Well   Feedback ksuperkey Firewalld... Read More

Auch, wenn gerade nur eine Kommandozeile zur Verfügung steht, soll der Spaß nicht zu kurz kommen. Heute stellen wir euch einige spaßige Tools und Spiele vor, die keine grafische Oberfläche benötigen. Pokete: https://github.com/lxgr-linux/poketeDwarf Fortress: https://www.bay12games.com/dwarves/older_versions.htmlasciiquarium: https://robobunny.com/projects/asciiquarium/html/StarWars via Telnet: telnet telehack.com → starwarsNudoku: https://github.com/jubalh/nudokuMyMan: https://myman.sourceforge.io/NetHack: https://www.nethack.org/

Auch, wenn gerade nur eine Kommandozeile zur Verfügung steht, soll der Spaß nicht zu kurz kommen. Heute stellen wir euch einige spaßige Tools und Spiele vor, die keine grafische Oberfläche benötigen. Pokete: https://github.com/lxgr-linux/poketeDwarf Fortress: https://www.bay12games.com/dwarves/older_versions.htmlasciiquarium: https://robobunny.com/projects/asciiquarium/html/StarWars via Telnet: telnet telehack.com → starwarsNudoku: https://github.com/jubalh/nudokuMyMan: https://myman.sourceforge.io/NetHack: https://www.nethack.org/

Staff from 1987-2007 (with over 35 years combined experience) talk about their experience while working at AOL. You will hear about the Eworld, Tandylink, Commodore 64, Telnet, RAINMAN, Jay Levitt, Hackers, Q-Guides, scalability issues, and more. Guests: Craig Braquet Jan DeLucien Bryan Teague Erci Stern Host: Steve Stonebraker CoverArt: Created by Broast (https://broast.org), original idea by LampGold. -- Craig Braquet Craig's famous Quora post - https://bit.ly/3OOeijL All of Us: https://bit.ly/3JibxWA https://allofus.nih.gov/about/who-we-are/all-us-participant-partners?page=1 -- Jan DeLucien Surviving a brain injury, my story --Trying to be Virtuous About Brain Injury Services - An Interview Click here to donate your brain (posthumously, or course) -- Bryan Teague https://bryanteague.com https://medium.com/@bryanlteague -- Erci Stern Fancy Cats and Dogs Rescue - I foster for them each year and adopt all my personal pets from them. They are a truly caring and amazing animal rescue organization. www.fancycats.org Doctors without Borders - I give to this organization because there are so many people around the world who don't have access to western style medicine for whom what we consider simple procedures would be life altering benefits. https://www.doctorswithoutborders.org/ -- AOL Underground Podcast Follow us on twitter - @AOLUnderground @brakertech Merch - https://www.redbubble.com/people/AOL-Underground/shop Donate - https://www.buymeacoffee.com/AOLUnderground Contact the Host - https://aolunderground.com/contact-host/ Reconnect with old AOLers - https://discord.gg/reaol https://aolunderground.com/community/

In this episode we are going to look at configuring Configure SSH.SSH should replace Telnet for management connections. Telnet uses insecure plain text communications. SSH provides security for remote connections by providing strong encryption of all transmitted data between devices. In this activity, we will secure a remote switch with password encryption and SSH. We will be discussing Secure Passwords, Encrypt Communications, and Verify SSH Implementation.Thank you so much for watching this episode of my series on Configuration Examples for the Cisco Certified Network Associate (CCNA).Once again, I'm Kevin and this is KevTechify. Let's get this adventure started.All my details and contact information can be found on my website, https://KevTechify.comYouTube Channel: https://YouTube.com/KevTechify-------------------------------------------------------Cisco Certified Network Associate (CCNA)Configuration Examples for Switching, Routing, and Wireless Essentials v2 (SRWE)Basic Device ConfigurationLab 1.3.6 - Configure SSHPod Number: 31Season: 1-------------------------------------------------------Equipment I like.Home Lab ►► https://kit.co/KevTechify/home-labNetworking Tools ►► https://kit.co/KevTechify/networking-toolsStudio Equipment ►► https://kit.co/KevTechify/studio-equipment  

One of my first jobs out of college was ripping Banyan VINES out of a company and replacing it with LAN Manager. Banyan VINES was a network operating system for Unix systems. It came along in 1984. This was a time when minicomputers running Unix were running at most every University and when Unix offered far more features that the alternatives. Sharing files was as old as the Internet. Telnet was created in 1969. FTP came along in 1971. SMB in 1983. Networking computers together had evolved from just the ARPANET to local protocols like ALOHAnet, which inspired Bob Metcalfe to start work on the PARC Universal Packet protocol with David Boggs, which evolved into the Xerox Network Systems, or XNS, suite of networking protocols that were developed to network the Xerox Alto. Along the way the two of them co-invented Ethernet. But there were developments happening in various locations in silos. For example, TCP was more of an ARPANET then NSFNET project so wasn't used for computers on their own networks to communicate yet. Data General was founded in 1968 when Edson de Castro, the project manager for the PDP-8 at Digital Equipment Corporation, grew frustrated that the PDP wasn't evolving fast enough. He, Henry Burkhardt, and Richard Sogge of Digital would be joined by Herbert Richman, who did sales for Fairchild Semiconductor. They were proud of the PDP-8. It was a beautiful machine. But they wanted to go even further. And they didn't feel like they could do so at Digital. A few computers later, Within a year, they shipped the next generation machine, which they called the Nova. They released more computers but then came the explosion of computers that was the personal computing market. Microcomputers showed up in offices around the world and on multiple desks. And it didn't take long before people started wondering if it wouldn't be faster to run a cable between computers than it was to save a file to a floppy and get on an elevator. By the 1970s, Data General had been writing software for customers, mostly for the rising tide of UNIX System V implementations. But just giving customers a TCP/IP stack or an application that could open a socket over an X.25 network, which was later replaced with Frame Relay networks run by phone systems and for legacy support on those X.25 was streamed over TCP/IP. Some of the people from those projects at Data General saw an opportunity to build a company that focused on a common need, moving files back and forth between the microcomputers that were also being connected to these networks. David Mahoney was a manager at Data General who saw what customers were asking for. And he saw an increasing under of those microcomputers needed a few common services to connect to. So he left to form Banyan Systems in 1983, bringing Anand Jagannathan and Larry Floryan with him. They built Banyan VINES (Virtual Integrated NEtwork Service) in 1984, releasing version 1. Their client software could run on DOS and connect to X.25, Token Ring (which IBM introduced in 1984), or the Ethernet networks Bob Metcalfe from Xerox and then 3Com was a proponent of. After all, much of their work resembled the Xerox Network Systems protocols, which Metcalfe had helped develop. They used a 32-bit address. They developed an Address Resolution Protocol (or ARP) and Routing Table Protocol (RTP) that used tables on a server. And they created a file services application, print services application, and directory service they called StreetTalk. To help, they brought in Jim Allchin, who eventually did much of the heavy lifting. It was similar enough to TCP/IP, but different. Yet as TCP/IP became the standard, they added that at a cost. The whole thing came in at $17,000 and ran on less bandwidth than other services, and so they won a few contracts with the US State Deparment, US Marine Corps, and other government agencies. Many embassies used 300 baud phone lines with older modems and the new VINES service allowed them to do file sharing, print sharing, and even instant messaging throughout the late 80s and early 90s. The Marine Corp used it during the Gulf War and in an early form of a buying tornado, they went public in 1992, raising $28 million through NASDAQ. They grew to 410 employees and peaked at around $75 million in sales, spread across 7000 customers. They'd grown through word of mouth and other companies with strong marketing and sales arms were waiting in the wings. Novel was founded in 1983 in Utah and they developed the IPX network protocol. Netware would eventually become one of the most dominant network operating systems for Windows 3 and then Windows 95 computers. Yet, with incumbents like Banyan VINES and Novel Netware, this is another one of those times when Microsoft saw an opening for something better and just willed it into existence. And the story is similar to that of dozens of other companies including Novell, Lotus, VisiCalc, Netscape, Digital Research, and the list goes on and on and on. This kept happening because of a number of reasons. The field of computing had been comprised of former academics, many of whom weren't aggressive in business. Microsoft ended up owning the operating system and so had selling power when it came to cornering adjacent markets because they could provide the cleanest possible user experience. People seemed to underestimate Microsoft until it was too late. Inertia. Oh, and Microsoft could outspend on top talent and offer them the biggest impact for their work. Whatever the motivators, Microsoft won in nearly every nook and cranny in the IT field that they pursued for decades. The damaging part for Banyan was when they teamed up with IBM to ship LAN Manager, which ultimately shipped under the name of each company. Microsoft ended up recruiting Jim Allchin away and with network interface cards falling below $1,000 it became clear that the local area network was really just in its infancy. He inherited LAN Manager and then NT from Dave Cutler and the next thing we knew, Windows NT Server was born, complete with file services, print services, and a domain, which wasn't a fully qualified domain name until the release of Active Directory. Microsoft added Windsock in 1993 and released their own protocols. They supported protocols like IPX/SPX and DECnet but slowly moved customers to their own protocols. Banyan released the last version of Banyan VINES, 7.0, in 1997. StreetTalk eventually became an NT to LDAP bridge before being cancelled in the end. The dot com bubble was firmly here, though, so all was not lost. They changed their name in 1999 to ePresence, shifting their focus to identity management and security, officially pulling out of the VINES market. But the dot com bubble burst, so they were acquired in 2003 by Unisys. There were other companies in different networking niches along the way. Phil Karn wrote KA9Q NOS to connect CP/M and then DOS to TCP/IP in 1985. He wrote it on a Xerox 820, but by then Xerox was putting Zilog chips in computers and running CP/M, seemingly with little of the flair the Alto could have had. But with KA9Q NOS any of the personal computers on the market could get on the Internet and that software helped host many a commercial dialup connection and would go on to be used for years in small embedded devices that needed IP connectivity. Those turned out to be markets overtaken by Banyan who was overtaken by Novel, who was overtaken by Microsoft when they added WinSock. There are a few things to take away from this journey. The first is that when IBM and Microsoft team up to develop a competing product, it's time to pivot when there's plenty of money left in the bank. The second is that there was an era of closed systems that was short lived when vendors wanted to increasingly embrace open standards. Open standards like TCP/IP. We also want to keep our most talented team in place. Jim Allchin was responsible for those initial Windows Server implementations. Then SQL Server. He was the kind of person who's a game changer on a team. We also don't want to pivot to the new hotness because it's the new hotness. Customers pay vendors to solve problems. Putting an e in front of the name of a company seemed really cool in 1998. But surveying customers and thinking more deeply about problems they face - that's where magic can happen. Provided we have the right talent to make it happen.

»Einblick – Der Podcast«, der Podcast für den tieferen aber knackigen Einblick in die relevanten Ereignisse des Gesundheitswesens der vergangenen Woche vom Gesundheitsmanagement der Berlin-Chemie. Immer freitags um 12 Uhr. In dieser Ausgabe: Telemedizin soll in die Regelversorgung integriert werden, das Projekt Telnet@NRW konnte gute Ergebnisse präsentieren. Die steigende Zahl chronisch Erkrankter fordert Hausärzt:innen künftig – diese brauchen mehr Beratungsangebote. Der Lorbeer zum Amtsantritt ist verwelkt – die Corona-Maßnahmen von Karl Lauterbach sind umstritten und die Einführung der einrichtungsbezogenen Impfpflicht ab März wackelt. Wie wirksam sind Genesene vor einer erneuten Infektion geschützt und wie wollen wir uns vor weiteren Pandemien schützen?

Are You Ready For the Next Hacker Wave? It's Going to Be Brutal! Right now, we're going to talk about this vulnerability, this huge vulnerability in almost the entire internet that will affect your life over the following number of years. And if you're a business, you better pay close attention. [Following is an automated transcript] [00:00:16] Well, we are looking at what is being called the single most significant, most critical vulnerability ever. [00:00:24] And if you want more information on this, have a look at last week's show, you'll find it up on my website. I talked quite a bit about it. You can email me M e@craigpeterson.com. I've put together a little cheat sheet that you can use to find out. What should I do? If you're an IT professional, this isn't something that you can do if you're a regular home user because you probably don't have any software your maintaining that has this log for J vulnerability. [00:00:59] But I do have to warn you that you probably do have a little bit of hardware that might have it in there. Many of these firewalls used in homes have it, not all of them, uh, I'm, a minority of them, but here's why this is the single most significant and most critical vulnerability ever. There is a programming lab library that is used in the job. [00:01:26] Programming language that logs events, if you're writing software and let's say their software is running a website, it could be almost anything. And do you notice a condition that's not quite right? What should you do while you should log it? And then, hopefully, the people that are running your software are monitoring the logs. [00:01:49] See the logs? No. Oh my gosh. Uh, there is something wrong here. One of the logs that I keep an eye on that just absolutely amazes me, frankly, is the SSH Daemon logs. Now SSH is a protocol. It uses encryption to get onto other machines using the command line. Now I've used a lot of protocols over the years to do this. [00:02:17] Telnet was the first, and SSH is something that I've been using for a very long time. You might remember the Heartbleed bug from a few years back. That nailed a lot of people, but I keep an eye on that SSH log because. If someone's trying to log into my system from the internet, that log will show it. [00:02:39] It's going to say that someone to try to use this username; they were coming from this IP address, and they failed to get in. And I have software that automatically monitors that log and says, well, if someone's coming from the same. Address multiple times. And they are unsuccessful at logging in add their internet address to my firewall blocking rules. [00:03:09] So what ends up happening is. Well, they just can't even get to my machine anymore. They're trying to hack me. same thing's true with the web blogs. If we have people who are trying to, for instance, kind of put us out of business doing what's called a denial of service attack, where they are sending us a lot of data. [00:03:31] Well, we can at our site or upstream from us have that IP address. Block. And that stops the attack, distributed denial of service attacks, or are a little bit more complicated. So all of this gets logged. It all gets written to a file, or it gets pushed off to a server that keeps track of the logs. And, and then there's analysis software, the looks at logs for. [00:03:57] Anomalies, all of that sort of stuff. It makes a lot of sense. Right. But this particular library that's used by Java programmers has a bug in it that allows a remote user to send just a small string, nothing fancy at all that can command. The web server that is using the logging function to go ahead and download malware. [00:04:28] Well, the easiest low-hanging fruit, when it comes to what kind of malware can we put onto a computer is quite simply crypto mining. So the bad guys they'll go ahead and they'll just send a small string, very simple. They don't have to compile a program. They don't have to do much of anything. They just send this little small. [00:04:50] And if that string gets logged, for instance, by my SSH, my remote access demon, or gets logged by the web server or something else, all of a sudden that wonderful little feature that allowed you to easily log things. Is your enemy because that feature is going to interpret that particular string that was sent to the log and try and be helpful. [00:05:18] But in fact, it could be given a command to download this remote file. Ran, then run that remote file. And that remote file initially here has primarily been crypto mining soft. So now your computer's being used by someone else. Your electricity's being used to mine. Things like Bitcoins or some of these other cryptocurrencies that are out. [00:05:45] Now the real reason, this is a huge, huge problem. Again, let me quote here. This is from Ahmad, a mate. I should say you're an over a tenable. It is by far the single biggest, most critical vulnerability ever. Why is that true? There's a couple of reasons. Ease of use is the obvious reason. It is so easy to use, not just for crypto mining, but for hacking any machine you would care to hack. [00:06:19] And then the second reason is it is in bedded everywhere. There are millions of computers that are vulnerable. We're seeing a hundred. Computers per minute, being hacked using this vulnerable. And if you are running, let's say a firewall that has this vulnerability. We have some clients that had this vulnerability and it is obviously a bit of a problem, right? [00:06:51] Well, that vulnerability now allows bad guys to get onto that firewall. And perhaps beyond that firewall, in order to do pretty much whatever they want. To do. This is huge, huge, huge, lots of software has flaws, and you need to be able to recover from the flaws. I've talked many times about how there are only two types of software. [00:07:23] There are software that has been hacked and there are software that will be hacked. So you need to make sure you know, that if someone gets into your network or gets into your computer, that you can restrict the damages, you can keep it under control. But with this log for J vulnerability, B. Everywhere in, not just that one library, but remember that one library is used all over the place. [00:07:52] It's in hundreds of thousands of pieces of software. Now, every one of these vendors has to grab the most recent version, recompile their software and send and re link it in deep pans. Right. I understand this is Java and then send it out to all of their customers to install the software. This is the second reason. [00:08:15] It is such a big. There will be sites. There will be pieces of software that have this vulnerability for years to come. And one of the biggest examples of this vulnerability is almost every Android device out there. Think of all of the phones. People have Androids being used for tablets it's in televisions, it's everywhere. [00:08:40] And with this particular vulnerability. Being everywhere. Every vendor that uses Android is going to have to release patches that you're going to have to install. Now it's one thing to have a brand new TV, and we've got a brand new Samsung TV and it's hooked up to the internet. It streams, Disney and discovery. [00:09:05] And it's just a wonderful thing. I love my TV, right then of course you probably realize I don't use smart TV features because of this particular type of person. What ends up happening? Well, how long is Samsung actually going to support updates for your television or Vizio who, by the way, one of the worst companies, when it comes to your privacy of your information on your television, how long, uh, how about your Android phones? [00:09:39] More than half of all Android smartphones out there, we'll never get another software. If you are still using Android smartphones now is the time to switch to an iPhone. I have been talking about this for years. I am not like the world's biggest apple fan. I'm not trying to make everybody an apple fan. I really don't care. [00:10:06] What I do care about is the ability of the software designers, those software implementers and the hardware manufacturers, the people that are in the supply chain on that Android device. I care that they do. Provide updates when it comes to security problems. And if you're using an iPhone, yeah. Again, two types of software right now, like phones have had vulnerabilities that can be vulnerable, but apple is supporting right now, still the iPhone six S which came out what five or six years. [00:10:46] With full security updates. They've even gone back further. Sometimes the Nat. So make the switch right now. If you are an it professional, I've got this whole list of resources that I vetted, I know are good that you can use to scan for this vulnerability in your network or on your. To where just email me M e@craigpeterson.com. [00:11:12] And if you have any questions about this or cybersecurity in general, just reach out again. me@craigpeterson.com. [00:11:21] Did you know that cyber flashing is a thing. We talked about it a couple of years ago, but it's back in the news this week and also apple air tags. They just released a new feature for our friends with Android. We'll tell you why. [00:11:38] Have you seen these air tags? Have you used them? They came from an idea that was really pioneered by company. Tile. And I guess they, I don't know what happened with the patent. I guess it didn't have one or apple wouldn't have been able to do this, but then again, you know, you've got a really big company you're up against a, it doesn't matter whether you're in the right. [00:12:02] Sometimes I'm not sure what happened there, but they have. These trackers called air tags. And I mentioned before on the show that my daughters have a total of five cats, well, actually six cats. Now I think of it. And what they've done is bought air tags and put them on. All of the cats callers. So they took them, they they've got them fastened on with this little holder. [00:12:31] You can get all kinds of holders. The air tags themselves are just little round buttons, really, and you can stick them into your wallet. For instance, in case you keep forgetting or losing your wallet, you can also put them into a holder. So they go on a key chain. I have a couple of flashlights at the house. [00:12:50] And if you're like me and you have other people around and it's dark and they know where your flashlight is, they'll take and borrow it right now. You don't get your flashlight back. It kind of bothers me. I probably shouldn't bother me as much as it does, but then when I need the flashlight, I just can't find this. [00:13:12] So, what did we put on the flashlight? We put an air tag on there. So the airtight ties into your iPhone. And if you have a newer iPhone, it's just absolutely amazing because the, the airtight will tell you where it is, but the newer iPhone, you can use it and it will walk you through. Up to the air tag, like, okay, it's a foot in front of you on the left-hand side or whatever, it'll take you there. [00:13:42] It's very cool. It's like these futuristic scifi movies. The problem with air tags that we discussed on the air here is that they have been used for evil. And what the bad guys have been doing is they'll take an air tag. They might drop it in your purse in order to follow you. Isn't that scary. They also have been taking the air tags and putting them on expensive cars so that they can follow you home. [00:14:16] Now, obviously nowadays it's extremely hard to steal one of the more expensive cars cause they've got all of this automation in them. The fancy systems do stop you from stealing it. Even my old F150 had a little chip built into the key so that it wouldn't start and less, that key that was starting. It actually had that RFID chip in it so that this technology. [00:14:45] Isn't being used so much to steal the car, but to know where you live and when you are home and when you're not home, you know, I've been warning everybody for many years, not to post on social media about vacation saying, oh, we're leaving. We're going to be gone in the Caribbean for two weeks. We're going for new year's party here, Christmas there, Hanukkah celebration, whatever it is you're doing, because the bad guys use that information to. [00:15:19] I'm break into your home and to steal things from your business. And I'm, I'm going to get into all of the details right now of how they do that. I've talked about it on the show before, and I'm sure I will talk about it again. And you'll even see some of the references on my website@craigpeterson.com. [00:15:36] If you're interested, there's some real interesting stories up there. What's happened to people. That particular problem of having an air tag and then having it put on to you to track you, or do you track your car or other devices is a huge potential problem. Now, apple built into the iPhone, a special little feature some time ago that when they, in fact, when they came out with the air. [00:16:11] So that when an airtight is following you, in other words, someone dropped it into your purse or your pocket or on your car. And that air tag is moving with you. It says, Hey guy, uh, there is an air tag following you. And at that point you can say, wait a minute, uh, what's going on here now? It's not going to warn you about your own air tags. [00:16:35] You know, the ones that you own. It's going to warn you about an, a foreign air tag one. That's not yours. In other words, someone's trying to track you so brilliant. Move on. Apple's part to get that out right away before there were any really scary, bad news stories about the same thing happened. How about Android users? [00:16:57] That's where the problem really is starting to come up. If you're an Android user, you don't have the ability to detect an air tag. Well until now. So if an air tag was following you, it wouldn't. Let you know, it couldn't let you know it didn't know. So apple is now offering what's called tracker detect. [00:17:21] It's an app on the Google play store, a free app that you can download if you using Android. And, you know, there are many, many, many, many reasons not to use Android and there's. Are almost as many to use iPhones. Okay. So if you use an Android switched to an iPhone, but if you're stuck on Android, because that's what your business gave you until you have to use it, have a look for tracker detect to end the apps description on the play store says tracker detect looks for item trackers that are separated from their owner, and that are compatible with Apple's find mine network. [00:18:02] These items, trackers include air tags and compatible devices from other companies. If you think someone is using air tag or another device to track your location, you can scan, scan to try and. So, I'm not sure that it's as good as the apple implementation, where the apple will pop up and say, even though you're not scanning for an air tag, say, Hey, somebody's tracking you. [00:18:31] It sounds like you have to actually use. Just scan for it. But Android users, according to Mac trust can scan the area to find nearby error tag trackers. If they think that there's an air tiger or other device that's being used to track their location, uh, an apple support document that you'll find online on support that apple.com. [00:18:57] Says, if you think someone is using an air tiger, other item tracking to track your location, you can scan to try and find it. If the app detects an air tag near you for at least 10 minutes, you can play a sound to help locate it. So that's the part that makes me think that it's always active. Okay. On your, on your Android device, it's free and you can get it right there in the Google play. [00:19:23] This next item is really, it applies to all of us here in the us, and it applies also to people over in the UK. And the UK is really getting kind of upset about this because apparently there are no laws against. Flashing now there are in the U S and it kind of depends on where you live, but cyber crap flashing is really a crime or should be a crime what's been happening. [00:19:58] Is people again who have iPhones have this ability to share files or websites, et cetera, with another person. It's fantastic. It's called airdrop. I just love this. And I use it all the time even to share files between my own devices. And what happens with air drop is you, you take the file and the use open up airdrop and you see, oh, okay. [00:20:26] There's my wife right there. So I click on the file. I drag it on top of it, a little Karen icon in airdrop, and now she gets a notice. Hey, there's a file from. Coming on in, and it does well, I always in my family and my business people, I always said to them, Error drop, uh, settings to only allow an airdrop from people that are in my contact list. [00:20:57] And that reason for that is this particular problem. People have been cited. Flashing. So what they do is they send obscene pictures to strangers through airdrop. And this term can also of course, apply to Bluetooth devices because you can also send these things via Bluetooth. I don't want to really talk a lot about what's really happening here. [00:21:28] Hopefully, you know what flashing is, or flasher is sending these obscene pictures, but the tone, the term was coined in August 25th. This female commuter was airdropped two pictures, obscene pictures, and they reported it to the British transport police. But we've seen, I have seen, and I've talked about cases where people are driving down the highway and all of a sudden on their phone come these obscene pictures because someone was driving past and they air dropped, or they use Bluetooth to send obscene. [00:22:09] There is an easy way to not allow that to happen. And that is the settings that I use, which is only allow airdrop from people in your contact list. You know, these are absolutely amazing features that they have, but there are some really weird people out there that think that this is the, this is a fun way, uh, to really mess with other people. [00:22:36] It's. It's just crazy. Okay. By the way, you can also turn air drop off. If you never use it, don't worry about it or a turn it on when you need it. And when someone's going to send something to you, Hey, I want you guys to take a couple of minutes here. If you go to Craig peterson.com/subscribe. You're going to find out about the bootcamps we have. [00:23:01] You're going to get my weekly trainings that I have. These are just an email. They just last a few minutes. You are going to love them. I get all kinds of compliments and this is in my free newsletter. Okay. It's not going to cost you anything. I'm not going to be hammering you on buying stuff. I want this information out. [00:23:24] That's why I am here today on. Everybody needs to understand this stuff. Craig peterson.com/subscribe, and I will be seeing you in the email world. [00:23:39] One of the things we wonder the most about is what's the future. What's the future of laptops and future of computers. We talked about some of these new chips that are out there, but this is an interesting story about what Dell is doing. Yeah. Dell. [00:23:55] I want to follow up a little bit about the 3g shutdown. We didn't quite get through the list. [00:24:02] All almost all of the Volvos from 2015 on to 2018, have this problem. There's only two automakers that told the drive.com that U S vehicles are unaffected by the end of 3g. So if you own a Ferrari or a McLaren, You're okay. Okay. Also what's interesting is what the different guys are doing. Subaru has an interesting little plan here going forward. [00:24:35] If you have what they call a connected vehicle plan. And this is according to a service bulletin filed with the national highway traffic safety administration. And then they will do a retrofit at no cost. How's that for nice. A lot of these manufacturers are upgrading to 4g. Yeah, the, uh, you know, LTE, the stuff that was really fast, you remember that I was remembering getting 50 megabits and that it was just incredible. [00:25:05] But at any rate, they're offering that and the option to purchase a subscription. To 4g. So you'll be able to get two gig of data per month at $10 a month. Now that's for some manufacturers, not all of them, have it $30 a month if you want unlimited data. So depending on how much you're driving GM started pushing a free over the air update in October to keep OnStar running. [00:25:32] After the 3g shut down though, some 2015 model year cars will need a ma a hardware worse. Tesla says it plans to charge $200 to upgrade older model S vehicles, but no additional fees are noted for it. Toyota, Toyota and Lexus are not planning to retrofit. Affected vehicles in its public FAQ Toyota sites, a clause and its disclosures that said certain connected services may change at any time without notice. [00:26:08] And when the drive ass Toyota, if it plans to offer an upgrade paid or otherwise for consumers who own effective vehicles, the answer was assumed. No. And Toyota, by the way, is one of the companies that has decided, Hey, um, we're just going to go ahead. And, uh, you, you, you know, that remote start that you got for those cold winters. [00:26:31] Yeah. W we've decided that, uh, even though you paid for, you know, what, three, four years ago, we're going to start charging you monthly to use your remote start. Uh, come on guys. So have a little. Um, try and find out, talk to your, uh, your automotive dealer or go to duck, duck, go and look up your car and type in three G uh, end of life at the same time and see what it comes up with at your model in there. [00:27:05] But I am very disappointed with Toyota. I have some friends that just loved Toyota. I bought a brand new one. Way back when, when would have been like 82, 3, something like that, a great little car Cresseta with a supra engine in it. And I drove that for quite a few years. The good, tough little car I had to keep replacing the water pump, but that was the only problem we ever had with it. [00:27:31] But I haven't owned a Toyota since then, but this is, and I've actually been thinking about it lately, but this is something that really turns me off. I don't know about. Let's get into our next, a little problem area. And that is fleet managers. If you are relying on electronic logging devices and other internet of things, devices to track your trucking fleet. [00:27:57] There's some problems. Uh, let's see here, here's a quote. This is from Czech Republic. Uh, John Nichols, executive vice president of sales for north America and mixed telematics estimated that about 80% of his customers are still using 3g devices. Now this was about a year ago. This is from a November, 2020 article. [00:28:22] So this is going to be a very. Problem for you as well. Uh, for any people who have fleet vehicles that they're trying to maintain, hopefully you know about this. Hopefully your vendors are going to take care of it for you. I'm impressed. The GM set their cars up with the hardware that can handle 3g and 4g. [00:28:44] And all you need is a software upgrade to have it switch. I think that was very smart of them. So. Kudos to GM for that particular thing. Dell led let's get into the future of computers and laptop design. Dell has been doing some interesting things. Now you probably heard me a couple of weeks ago be moan Dell because they have businesses. [00:29:06] Specialists and experts that you can call that really know almost nothing about what you really need. And it just drives me crazy because Dell has been selling my customers, hardware that doesn't meet the customer's needs because frankly, the customers don't really know what their needs are. And so that's something that I've helped them with. [00:29:28] And I, if you email me@craigpeterson.com, I written up. On what the best computers to buy are based on what it is you need, you know, what, what are the tricks that you need to follow? But what Dell is doing right now is something they're calling concept Luna, and I've seen things like this before. There was a, a cell phone that was being manufactured that allowed you to change modules. [00:29:58] They were literally just click and go and kind of like Lego. Almost and the phones weren't that popular. I don't even think they're in business anymore. I can't remember their name, but those particular clicking NGOs were clicked and gone is kind of the bottom line on it because they were kind of big. [00:30:19] They were kind of clumsy. They weren't released something people wanted to use. You know, Android comes from Google. And Google has their basic tests and says, this is what Android should look like, but every manufacturer puts their own look and feel on top of that Android operating system. And what that ends up doing for you is, you know, makes it a little more pleasant and also. [00:30:49] So that you don't really, really want to go and change your phones. Cause you're used to the way this particular phone works, but Dell is looking at doing kind of the same thing. They're looking at this electronic waste problem where you have a laptop, it gets old, you throw it away. And, but now it looks like there's more sustainability. [00:31:14] Built into things like this Luna design, they're trying to make the company's laptops more environmentally friendly and in the process are going to make them more repairable, which is kind of cool. If you look at what Apple's done in their laptops, there's basically nothing inside there. That's user replaced. [00:31:36] Okay, you can probably replace a battery. I use a company I've had their president on my show a few times. Uh, Larry, um, Connor, I think it is his last name, but OWC other world computing and they've got. Little upgrades and replacement parts and videos on how to do it and all the tools you need to, to upgrade your Mac. [00:32:00] But nowadays apple is soldering the memory on the motherboard, or even more recently using the apple chips. And by the way, this is part of the reason they're so fast. They are putting the memory right on the same silicone and. The CPU itself. So they're moving towards a one chip with everything on it. So if you buy an apple computer nowadays, I love them. [00:32:29] They are great. They've got great security built in, et cetera, et cetera, but you better buy a computer that has enough memory and enough storage on it to last you for some years. Because a lot of these computers I'm picking on apple right now, but there's a lot of other vendors the same way. They are not upgradeable, but concept Luna should work pretty well boring. [00:32:56] This idea from that's right. It was framework. That was the name of it. Anyways, stick around and visit me online. Craig peterson.com. [00:33:05] If you own a car and that car has been made, uh, all the way up to 2021 and your car is using. The internet by a 3g, which is most cars. I got a little news for you. [00:33:22] We are looking at a real big problem here that most people haven't heard of. [00:33:29] I was talking in fact, this week on the air with someone who has a car to Volvo and they have a remote little starter, which has been great for. And they were informed that they needed to do an upgrade. And that upgrade turned out to be very costly. I had another listener who has a solar panel on the roof of their house and their solar panel on that roof is designed to. [00:34:03] Be able to get updates, software updates, let you know, what's the charge like how much sun is there today? Maybe you should brush off some of the snow. All of that is communicated by the. But how, how was that working? The problem that most vendors have is, uh, how do they get the data to, and from their devices? [00:34:30] If you think about, for instance, Elon Musk, with the wonderful little Tesla cars, they want to push an update and we're seeing this more and more by. The older cars, most cars, non Tesla, as you take them into the dealer for service. And while it's there they go ahead and plug it in. They download new software firmware from the internet and install it on your car. [00:34:56] And you are often driving. Maybe you're none the wiser. Maybe you got some new features. So it's one thing for them. To have control over a basic network, uh, network that our car dealer might have where they say, okay, here's the specs you need this much. Download speed. You need that. You need the other thing simple enough. [00:35:20] But how about you and your home or you and your business? How does that time system keep track of the employees when they sign in and out? Does it upload it to the internet? Did you have to plug it into your network? Did you have to hook it up to your wifi? I can tell you from personal experience, anytime we touch your network and there is. [00:35:45] Problem later on, we own the problem, even if we had nothing to do with it. It's again, it's another Craig ism, whoever touched the computer last owns the next problem. So these vendors have decided, well, we can solve that problem. All we need to do is use cellular phone data. So they put effectively a little cell phone onto their devices. [00:36:13] Just like that Volvo we were talking about or other high-end luxury cars. So there's solar panel has a 3g modem in it. The cars have 3g modems in them to unlock the doors, to start the. In many cases, right? They also have updates that come down from the cloud, quote, unquote, over three G for your navigation system to let you know, Hey, there's heavy traffic. [00:36:45] I'm going to reroute you. We're rerouting all of that data coming from the 3g network, coming through it, or being pushed up via the 3g network. All of that data is in trouble and it's in trouble because. Every major carrier is eliminating three G next year. Yeah, it is really that bad. A T and T is shutting down 3g services in February. [00:37:16] Sprint's following in March and T-Mobile in July and Verizon. On December 31st, all of them, 2022, that is a very big deal and a very big problem. So what can you do about it? No, it depends. The roof, solar panels, we were just talking about their vendor, told them they could do the upgrade for them, and it would be $800. [00:37:47] Very very big deal. We also had other people who were talking about their cars and what had to happen with them. And the cars are look like they're tending to be more expensive. You can expect to pay between 520 $500 for an upgrade because many of them are saying, Hey, w you know, we're not going to just fix this one problem. [00:38:10] We have to replace the whole module. And that means. To replace your infotainment system in your car. Infotainment of course, being basically everything that has to do with your GPS navigation, your satellite radio, your, uh, your car play from apple or Android car or whatever it is you might be using. [00:38:33] That's why it gets so expensive. So. Keep an eye out. This is going to be a very, very big deal. We're looking at everything from owner applications, like going ahead and starting that engine to warm it up to emergency calls services to in navigation, functionality, reporting telematics, which is the data about your car back to the dealer. [00:39:02] Ultimately, so, you know, your car says, oh, uh, you need to go in and get your oil changed. And it's going to be a, you know, we can set up alarm and you want it. And you know, some of them are very, very fancy and all of that is going to go away and includes a lot of luxury cars all the way through. Some 2021 models, but many, many of them, if not most of them through 2019. [00:39:29] Okay. Is that a very, very big deal or what these 3g towers are going away? The companies, the cell phone companies are planning on reusing that bandwidth and they're going to put it into where yeah. 5g, exactly 5g. So here's a few. The cars that you might want to be concerned about Acura. They have something called link, uh, and they have, let's see the MDX ILX, RDX, uh, RLX TLX NSX, like kind of sounds like almost all of them. [00:40:06] So Acura is going to have a problem with almost all of their cars that were made between 2014 and 2017. Audi. They're going to have problems with, again, all their cars, a three, four or 5, 6, 7, 8, the RS Q3 five and seven. Yeah, pretty much all of their cars from 2012 through 2018. So I already saw this coming and decided to fix it early, so good for them. [00:40:39] So basically if your car is older than 2018 model year, you're going to have some problems, Bentley. A number of models produced prior to 2020. And if you're driving a Bentley and do you want to give it to some guy, you know, really great looking guy, you can just let me know Craig. Yeah. Yeah. [00:40:57] me@craigpeterson.com BMW number models produced before 2019 general motors. Models may between 2015 and 2021 across its fleet will be affected, but it's not breaking down with specific vehicles across it's brands of Buick Cadillac, Chevy, GMC, but they did in this case, it's the drive.com track down a technical service bulletin that indicates almost every post 2015 model is affected. [00:41:32] Okay. Yeah. Bu-bye a Honda again, pretty much everything. From 2018 to 2021 Lexus all models 2010 to 2017 Mazda. Pretty much everything. 2016 to 2019 Mitsubishi, every eclipse cross and Outlander Porsche 9 11, 18, 7 eighteens, et cetera, et cetera. All of them, 20 14, 20 19 Subaru. Pretty much everything. 2016 and on Tesla model as built before 2015 Toyota. [00:42:14] Ooh, they got some interesting problems, 2010 and on Volkswagen, much the same stick around. Visit me online. Craig peterson.com.

During the 1-900 number craze of the Nineties, one company provided the vast majority of phone sex. American Telnet was an empire founded by the man who called himself “The Telephone Pimp.” He ran the company “like General Motors” and got filthy rich doing it. But for the (mostly) women who answered the calls and delivered fantasies 24-7, it was a different story. The powerful stigma against sex work was always lurking just beneath the surface, until it threatened to tear apart the whole company. Hosted by Tina Horn (Why Are People Into That?), OPERATOR is an eight-part series about big ambitions, Shakespearean-level corporate backstabbing, men and women at the cutting edge of a technological revolution...and on the front lines of a sexual one. Listen to Operator now! "During the 1-900 number craze of the Nineties, one company provided the vast majority of phone sex. American Telnet was an empire founded by the man who called himself “The Telephone Pimp.” He ran the company “like General Motors” and got filthy rich doing it. But for the (mostly) women who answered the calls and delivered fantasies 24-7, it was a different story. The powerful stigma against sex work was always lurking just beneath the surface, until it threatened to tear apart the whole company. Hosted by Tina Horn (Why Are People Into That?), OPERATOR is an eight-part series about big ambitions, Shakespearean-level corporate backstabbing, men and women at the cutting edge of a technological revolution...and on the front lines of a sexual one. Listen to Operator now!: http://wondery.fm/OP_We_Saw_The_Devil

Intro Randy recommends software that doesn't lock you in. Software That you can install and feel that you somewhat have control over. not babysitting you. If you've listened to this podcast for the last year or so, you'll probably know by now that I'm not a fan of software with a shut-off switch: e.g., All Adobe Software, Windows (yeah, you can enter your product key, but it always wants to speak to the manager on the internet.) Here are a few that I recommend. 7zip - can extract so many different types of compressed archives, and does it much faster than the built-in Windows zip compression. GIMP - (GNU Image Manipulation Program). This program has been around for 25 years, is powerful, and completely free. It doesn't need a resource-hogging update service in the background like Adobe uses to make sure you're paying the Adobe recurring monthly tax. Syncthing - It synchronizes files between two or more computers in real time. Greenshot or ksnip - Both receive regular updates and are open source. I personally like the annotation features of ksnip much better, especially how fast the blur tool works where you can blur out sensitive information in a screenshot. Greenshot is by far more popular, but ksnip is solid and I think I may like it better. Obsidian - I should have mentioned this as my episode announcement because it was a big move for me that I finally accomplished. I was able to trash OneNote at last. Paired with Syncthing, I've never had as good of a syncing experience as I have with my Obsidian notes. I can open and instantly sync my notes on Windows, MacOS, Android, and iOS. This already beats OneNote for syncing capabilities. For people that are big into graphing things, thoughts, ideas, Obsidian has an amazing ability to graph out the thoughts and knowledge. You can easily find out how one subject relates to another. Picture these Atom-looking nodes on your screen, where you can highlight over any node to see it's connections. Something that the Obsidian team mentions on their website that really caught my attention was sort of hidden at the bottom. They mention something that I've sort of felt all along regarding proprietary data, and how it compares to data that has the freedom inherited from being open and or open sourced. They mention "In our age when cloud services can shut down, get bought, or change privacy policy any day, the last thing you want is proprietary format and data lock-in." mRemoteNG - Multi-Remote Next Generation. I love this tool. If you have machines that you remote in to regularly, you should give mRemoteNG a try. Think of it as a remote desktop tool all within one window, sort of like modern, tabbed web browsers, except each tab is a different remote connection within mRemoteNG. The protocols that mRemoteNG supports are RDP, VNC, SSH, Telnet, HTTP, rlogin, Raw socket connections, and PowerShell remoting. It's open source and you can trust it. I've been using for nearly 10 years. Free software make me feel like my computer is much less dirty and further from being corrupted from greedy software vendors.

Sarah Murphy is a Senior Site Reliability Engineer at WePay. Sarah's curiosity and willingness to take leaps took her all over the world, from being a journalist in Baghdad to working with top Silicon Valley companies. Tune in to hear stories of early internet gaming, self-funding trips to Iraq, and sword training.Connect with Sarah:https://twitter.com/sarahmaeve1Want more from Ardan Labs?You can learn Go, Kubernetes, Docker & more through our video training, live events, or through our blog!

On this week's show Patrick Gray and Adam Boileau discuss recent security news, including: T-Mobile owned hard USA no fly list winds up on unsecured ElasticSearch in Bahrain… because reasons Facebook scrambles to secure Afghani accounts Hacker steals and returns $600 from de-fi platform Healthcare sector struggles with ransomware attacks A very sweet TCP-based amplification technique that will be A Problem Much, much more Evan Sultanik and Dan Guido will be joining us to talk about Fickling – a tool developed by Trail of Bits to do unnatural things to the Python Pickle files that are heavily used as a means to share machine learning models. The machine learning supply chain is really quite wobbly, and they'll be joining us later to talk about that. Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that's your thing. Show notes T-Mobile breach climbs to over 50 million people T-Mobile: Breach Exposed SSN/DOB of 40M+ People – Krebs on Security 1.9 million records from the FBI's terrorist watchlist leaked online - The Record by Recorded Future Facebook, other platforms scramble to secure user accounts in Afghanistan This $600 Million Crypto Heist Is the Most Bizarre Hack in Recent Memory A Hacker Stole and Then Returned $600 Million Japanese crypto-exchange Liquid hacked for $94 million - The Record by Recorded Future Operator of the Helix bitcoin mixer pleads guilty to money laundering - The Record by Recorded Future Healthcare provider expected to lose $106.8 million following ransomware attack - The Record by Recorded Future Hospitals hamstrung by ransomware are turning away patients | Ars Technica US healthcare org sends data breach warning to 1.4m patients following ransomware attack | The Daily Swig The pandemic revealed the health risks of hospital ransomware attacks - The Verge Ransomware hackers could hit U.S. supply chain, experts warn Ransomware hits Lojas Renner, Brazil's largest clothing store chain - The Record by Recorded Future RansomClave project uses Intel SGX enclaves for ransomware attacks - The Record by Recorded Future Wanted: Disgruntled Employees to Deploy Ransomware – Krebs on Security Japan's Tokio Marine is the latest insurer to be victimized by ransomware Cyber insurance market encounters ‘crisis moment' as ransomware costs pile up White House to tackle cyber challenges with Apple, IBM, insurance CEOs | Reuters FBI sends its first-ever alert about a 'ransomware affiliate' - The Record by Recorded Future New LockFile ransomware gang weaponizes ProxyShell and PetitPotam attacks - The Record by Recorded Future Multiple ransomware gangs pounce on 'PrintNightmare' vulnerability Peterborough NH Cyberattack: Town Loses $2.3M in Taxpayer Money – NBC Boston Almost 2,000 Exchange servers hacked using ProxyShell exploit - The Record by Recorded Future ALTDOS hacking group wreaks havoc across Southeast Asia - The Record by Recorded Future Hackers Leak Surveillance Camera Videos Purportedly Taken From Inside Iran's Evin Prison - by Kim Zetter - Zero Day Apple reopens legal fight against security firm Corellium, raising concerns for ethical hackers Apple says researchers can vet its child safety features. But it's suing a startup that does just that. | MIT Technology Review This $500 Million Russian Cyber Mogul Planned To Take His Company Public—Then America Accused It Of Hacking For Putin's Spies Cisco: Security devices are vulnerable to SNIcat data exfiltration technique - The Record by Recorded Future SNIcat: Circumventing the guardians | mnemonic BlackBerry's popular operating system for medical devices affected by critical vulnerabilities, drawing fed warnings Realtek SDK vulnerabilities impact dozens of downstream IoT vendors | The Daily Swig Hundreds of thousands of Realtek-based devices under attack from IoT botnet - The Record by Recorded Future Accellion Kiteworks Vulnerabilities | Insomnia Security Firewalls and middleboxes can be weaponized for gigantic DDoS attacks - The Record by Recorded Future Hackers tried to exploit two zero-days in Trend Micro's Apex One EDR platform - The Record by Recorded Future Exhaustive study puts China's infamous Great Firewall under the microscope | The Daily Swig Web hosting platform cPanel & WHM is vulnerable to authenticated RCE and privilege escalation | The Daily Swig Benno on Twitter: "I will donate $50 to a charity of @riskybusiness' choice if he puts this in the show." / Twitter Never a dill moment: Exploiting machine learning pickle files PrivacyRaven: Implementing a proof of concept for model inversion GitHub - trailofbits/fickling: A Python pickling decompiler and static analyzer

Hello everyone my name is vijay kumar Devireddy and i am glad to have you back on my episode 58 today we're going to discuss Firewalls. Firewalls are primarily used to section off and protect one network from another.Now when we talk about firewalls, there's three main types.There's software-based, hardware-based,and embedded firewalls.Software-based firewalls are run as a piece of software on a host or a server.In fact, if you're running a Windows server,those have a built-in Windows Firewall that you can enable.Hardware firewalls, on the other hand,are a standalone device that's actually an appliance that's installed into your network.It looks like another switch or another router that goes into your network stack.The third type of firewall is known as an embedded firewall.Embedded firewalls work as a single function out of many on a single device.So if you have a small office home office router or a unified threat management device,these are examples of an embedded firewall.It's one piece of the larger device that does many different functions.Firewalls can operate in many different ways.The first one is packet filtering.Packet filtering is going to inspect each packet as it passes through the firewall, and it'll accept it or reject it based on the rules that it's been given.This relies on the firewall's configuration and the access control list that's been installed.If I'm running a web server, for example,I would configure my firewall to allow traffic inbound on port 80 and port 443 but close all of the other ports because port 80 gives web traffic,and port 443 gives secure web traffic,and so, those are expected to be used.There are two types of packet filtering,stateless and stateful.With stateless packet filtering,it's simply going to accept or reject packets based on the IP address and the port number that was requested.So if I'm running a web server and you requested to come in on port 80,I would allow that,but if you requested to come in on port 53,I would deny it because it's not in my access control list.Now a stateful packet filter, on the other hand,is going to keep track of requests that leave through the firewall.So if I make a request from a host through the firewall,it will temporarily open up a port number that I made the request from,some random high port number like 50,000 or 56,000.By using stateful packet inspection,you can almost entirely eliminate IP spoofing as a threat because the firewall is going to inspect the header of each packet being received.It's then going to compare that against what it was expecting based on the request that recently went out,and then, it's going to make its accept or reject decisions based on this addition information.This is a much more in-depth inspection than a stateless one does.Now, NAT filtering is another type of filtering we can do.This is going to filter traffic according to the port,whether it's a TCP or UDP port.This filtering can be done by simply checking the endpoint connections, by matching the incoming traffic to the requesting IP,and by matching the incoming traffic to the requesting IP address and port.Now, the next one we have is an application-layer gateway,or ALG.This is going to apply security mechanisms to specific applications such as FDP or Telnet.Now, instead of blocking traffic based on the Telnet port of port 23, instead, it's going to inspect each packet and determine which application it was meant for,and if it finds out that it was meant for Telnet,it would block it because that was unauthorized.This is a resource-intensive process,but it is a powerful layer of security that can be added on into your network.These are also known as Layer 7 firewalls because they operate at the application layer..Now, once that connection is established,the packets can then be sent or received without any further inspection or checks because all of that was done during the session establishment.

This week we're joined by Will's friend Ben Brown, longtime online software developer, to talk about the Internet old and new. Topics include Ben's grassroots efforts to resurrect the Finger protocol, rooting around in 1977-era Unix source code, why the tech industry keeps reinventing the same features over and over, reading 'zines over Telnet, the never-ending accumulation and corporate consolidation of content, and more.Support the Pod! Contribute to the Tech Pod Patreon and get access to our booming Discord, your name in the credits, and other great benefits! You can support the show at: https://patreon.com/techpod

Connect to port 443 and send some HTTP signals: $ openssl s_client -connect example.com:443 [...snip...] Verify return code: 0 (ok) Extended master secret: no Max Early Data: 0 --- You're now connected. If you wait too long, your connection will likely time out. View the default landing page of the site you've connected with: GET / HTTP/1.1 HOST: example.com In return, you get a dump of the HTML source of the default page (usually index.html) in your terminal. You can also use OpenSSL s_client for email servers using SSL. Before you can send credentials, you must encode your email username and passphrase into Base64. The easiest method I know is this Perl one-liner: $ perl -MMIME::Base64 -e 'print encode_base64("myUserName");' $ perl -MMIME::Base64 -e 'print encode_base64("myPassPhrase");' Take note of the results. The s_client session, aside from authentication, is basically the same as a telnet session. You can find good telnet tutorials all over the Internet, and aside from sending your credentials, they apply to s_client. Here's a copy-paste of an example session: $ openssl s_client -starttls smtp -connect email.example.com:587 > ehlo example.com > auth login ##paste your user base64 string here#### ##paste your password base64 string here#### > mail from: noreply@example.com > rcpt to: admin@example.com > data > Subject: Test 001 This is a test email. . > quit

hello everyone my name is vijay kumar Devireddy and i am glad to have you back on my episode 14 today we are discussing about What is an IDS?Well, an IDS stands for the Intrusion Detection System.This is a device or a piece of software that's installed on a system or a network,and it will analyze all of the data that passes through it.It does this so that it can try to identify any incidents or attacks.Intrusion Detection Systems come in two different varieties,the host-based Intrusion Detection System and the network-based Intrusion Detection System.The first one we're going to talk about is a host-based Intrusion Detection System,also called an H-I-D-S.This usually takes the form as a piece of software that's installed on your computer or on a server and it will protect it.Now, the host-based Intrusion Detection System will sit there and log everything that it thinks is suspicious.We'll talk about what might be suspicious in just a moment.The second type is what's known as a network-based Intrusion Detection System,or a NIDS, N-I-D-S.This is a piece of hardware that's installed on your network.And all the traffic goes through that switch,and then it will get a copy of that sent down to the Network Intrusion Detection System.If it's suspicious, it'll log it and it'll alert on it.Now, how do we know what these systems will alert on?Well, they're going to use one of three different methods.They're either going to use signature-based,policy-based, or anomaly-based detection.Signature-based detection is where the system is looking for a specific string of bytes that'll trigger the alert.This works like any other signature-based product.This computer is going to continually search over and over for a known specific key.And any time it sees that combination of letters or bytes,it knows that it's malicious.It'll flag it and it will alert on it.The next type is what's known as policy-based detection.This is going to rely on a specific declaration of the security policy.For example, if your company has a policy that no one is allowed to use Telnet,any time this system sees somebody trying to connect on port 23, which is the port for Telnet,it's going to flag it,log it, and alert on it The third type is statistical anomaly-based detection. Often, this is referred to as just anomaly-based detection or statistical-based detection.This is going to analyze all of the current traffic patterns against an established baseline,and anytime it sees something that goes outside the statistical norm,it's going to alert on it.So if I've been watching your network for a while and I know what normal looks like,and everybody always works from nine in the morning until five in the afternoon,and now I start seeing somebody downloading large amounts of data around two o'clock in the morning,that's outside our normal baseline and we would flag that and alert on that.Now, speaking of alerts,let's talk about what these alerts me There are four different types of alerts.They're either true positive, true negative,false positive, or false negative.Now, a true positive means something bad happened and the system flagged it and alerted on it.That's good because it means our system is tuned properly.A true negative means something good or normal happened and the system didn't flag it.Again, that's good,because our system's working like it should.But when we get into something like false positives,this is where some legitimate activity is being as identified as an attack.For example, if you log on the computer and you start up Microsoft Word, that's authorized.But if the system thought that was malicious and flagged it and alerted on it,that's considered a false positive.Now, next we have what's called a false negative.This is when something bad happens but it's identified as legitimate activity.In other words, it isn't flagged and it wasn't alerted on.

Jeremy speaks with Chris Sells, who is a Senior Product Manager at Google with the Flutter team. They discuss progressive web apps, Flutter, and online backgammon over Telnet.

هو وراء أول قمر صناعي تونسي باش يتم إطلاقه بعد أيامات

Toute l'actualité du monde du cinéma et de la vidéo de la semaine du 11 février 2021 avec notammment la disparition du réalisateur, écrivain et scénariste Jean-Claude Carrière et nos conseil de films à voir à la maison. Malcolm and Mary de Sam Levinson avec John David Washington, le héros de Telnet et Zendaya sur Netflix, un mélodrame historique de Valerio Zurlini de 1963 qui s’appelle "Un été violent" avec Jean-Louis Trintignant et Eleonora Rossi Drago et enfin l'intense et violent polar espagnol qui s’appelle "La colère d’un homme patient", de Raúl Arévalo, sorti en France en avril 2017 avec Antonio de la Torre. Bonne semaine avec Cinecritik.

Telnet is one of those really insecure protocols. Everything is sent in clear text - including all usernames and passwords. Don't use telnet. Get the full Wireshark course for $9: https://bit.ly/wireshark9 Need help? Join my Discord: https://discord.com/invite/usKSyzb Free Wireshark and Ethical Hacking Course: Video #6. Watch the entire series here: https://bit.ly/wiresharkhacking Download pcapng file here: https://bit.ly/2GSsNGg Don't use Telnet! It sends everything in clear text. That means that someone can capture everything you send on the network - including usernames and passwords. In this course I'm going to show you how to capture packets from a network, how to capture passwords, replay voice conversations, view routing protocol updates and many more options. Do you know network protocols? Do you know how to hack? Want to learn wireshark and have some fun with Ethical hacking? This is the course for you: Learn Wireshark practically. Wireshark pcapng files provided so you can practice while you learn! There is so much to learn in this course: - Capture Telnet, FTP, TFTP, HTTP passwords. - Replay VoIP conversations. - Capture routing protocol (OSPF) authentication passwords. - Troubleshoot network issues. - Free software. - Free downloadable pcapng files. - Answer quiz questions. The course is very practical. You can practice while you learn! Learn how to analyze and interpret network protocols and leverage Wireshark for what it was originally intended: Deep Packet Inspection and network analysis. Protocols we capture and discuss in this course include: - Telnet - FTP - TFTP - HTTP - VoIP - OSPF - EIGRP - DNS - ICMP Menu: Overview: 0:00 Network: 0:30 Start Capture :2:06 Filter for Telnet: 4:02 Follow TCP stream: 5:35 ====================== Special Offers: ====================== Cisco Press: Up to 50% discount Save every day on Cisco Press learning products! Use discount code BOMBAL during checkout to save 35% on print books (plus free shipping in the U.S.), 45% on eBooks, and 50% on video courses and simulator software. Offer expires December 31, 2020. Shop now. Link: bit.ly/ciscopress50 ITPro.TV: https://itpro.tv/davidbombal 30% discount off all plans Code: DAVIDBOMBAL Boson software: 15% discount Link: https://bit.ly/boson15 Code: DBAF15P GNS3 Academy: CCNA ($10): https://bit.ly/gns3ccna10 Wireshark ($10): https://bit.ly/gns3wireshark DavidBombal.com CCNA ($10): https://bit.ly/ccnafor10 Wireshark ($9): https://bit.ly/wireshark9 Who this course is for: Network Engineers Network Architects Ethical hackers Networking Students Wireshark wireshark download wireshark tutorial 2020 wireshark tutorial for beginners wireshark 2020 packet sniffing ethical hacking hacking Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel!

Resources:cassie.codestwitter.com/cassiecodesAmelia's TwitterNate's TwitterKurt Vonnegut and Narrative ArcsSara Soueidan's Post on SVG Filters: The Crash CourseWelcome to the newline podcast. Our show is a conversation with experienced software engineers where we discuss new technology, career advice, and help you be amazing at work.I'm Nate Murray and I'm Amelia Wattenberger and today we're talking with creative coder Cassie Evans.In this episode we talk about something often neglected in web design today: how to bring whimsy and joy to your usersIn our chat we talk about how the old web had entry points to programming and where we might find find that today.And open with a story about how she, as a child, sold animated cursors for donuts, which felt like magic - and how even today snippets of code feel like magic spells.We loved our conversation with Cassie, and think you will too, let's dig in!Cassie Evans PodcastAmelia: [00:00:00] Welcome to the newline Podcast. Nate: [00:00:08] Our show is a conversation with experienced software engineers, where we discuss new technology, career advice and help you be amazing at work. I'm Nate. Amelia: [00:00:17] And I'm Amelia Wattenberger. Today, we're talking with creative coder, Cassie Evans. In this episode, we talk about something often neglected in web design today, how to bring whimsy and joy to your users. In our chat, we talk about how the old web had entry points to programming and where we might find that today. Nate: [00:00:35] We open with a story about how Cassie as a child, sold animated cursors for donuts, which felt like magic. And how even today, snippets of code still feel like magic spells. We loved our conversation with Cassie and we think you will too. Let's dig in. Cassie: [00:00:53] We're not Nate: [00:00:54] live and so we just it to be fun. One of things is I really love your talks and you talked about how the web needs more whimsy. I just love that so much. In one of your talks, you mentioned that you sold neopets pages for donuts. Cassie: [00:01:11] Yes. Nate: [00:01:11] Like when you were a child. Can you tell me more about that? For context, I think you and I grew up with some of the similar early web stuff. For example, when I was younger, I once got on the Internet for hours and then my parents were furious, because my dad had gotten an accident at work and his boss was supposed to call. I'd been tying up the Internet, because I was on dial-up for hours. Yeah, I just love the old classic web style, like Myspace and neopets. We can get into that some, but can you tell me about how you sold neopets pages for donuts? Cassie: [00:01:40] Yes, definitely. Yeah, firstly you mentioned dial-up. I missed that so much. It's so close to my heart, because I remember we had one computer at home, that was our home computer and I was only allowed to use it for educational things for a lot of times. I used to wait until my parents were asleep and then I'd creep downstairs with blankets and I'd have to wrap the whole computer up in the blanket, so that it wouldn't make the noises, so that I could dial-up to the Internet. I just sit there clutching it to my chest, trying to dampen down the noises, so they wouldn't wake up. Why Nate: [00:02:15] were modems so loud, right? Cassie: [00:02:17] So loud. Nate: [00:02:18] Yeah. Cassie: [00:02:21] Even that noise now gives me anxiety, because it sounds like being downstairs, terrified that my parents are going to wake up at any moment. I love that. Yeah, the donuts. I didn't have money for the tuck shop when I was younger. I got school dinners. I didn't have packed lunch boxes and they weren't really into giving us sugary snacks. They were quite healthy. I got quite jealous about all of the other kids having donuts from the tuck shops. Around that time, everyone started making Myspace profiles and neopets pet pages. My one was really good and lots of people asked me whether I could make them sparkly cursors and stuff. I started up a little side hustle and swapped sparkly cursors for donuts. It was excellent. Amelia: [00:03:11] What is the deal? Is it one cursor for one donut? Cassie: [00:03:15] Yeah, I think it was something like that; a cursor for a donut. This Nate: [00:03:19] is amazing. I don't actually understand how this would work. How much programming was it? Were you finding GIFs? I'm interested in particularly one, for the entrepreneurship side, two, because it's on-brand that you're adding sparkles. Then three, is the learning programming aspect. I love this idea, for example, that some of the best ways to learn are just when you're self-motivated and you're just trying to do stuff. I learned how to program, because I was tweaking web pages this similar way and I worked my way down. I'm interested. I didn't actually use neopets necessarily, but what were these cursors and how did that work for as much as you remember? Cassie: [00:03:53] As much as I remember. I think it was very much accidental. I don't think that I realized that I was coding at the time. I didn't really have much of an awareness of what coding was. I used to play The Sims me other early games as well and they had cheat codes that you could type in. I saw it as the same thing. It was Internet cheat codes that you went to some websites and they had pictures of different sparkly cursors, or different backgrounds, or different CSS effects and you just copied a cheat code and then you put that cheat code onto your – and I didn't really know that that's what the building blocks of the web were. I didn't understand that at the time. I thought that they were a little magical snippets that you just – I mean, they still are. Nate: [00:04:42] Right, they still are. They still are Cassie: [00:04:43] magical snippets, aren't they? I still feel like that nowadays. Some new CSS comes out and I'm just like, “Wow, another magical snippet. Amelia: [00:04:52] This is amazing.” They keep making them. Cassie: [00:04:54] Yeah. Nate: [00:04:56] I learned some early programming, we would play these old games, they were called MUDs. You'd Telnet in. It's before SSH, you Telnet. It's like SSH, but insecure. You Telnet into these servers and play these text games, where you're go to the sword shop or whatever and you buy a sword. Then I remember that what we would do is we were like, “Oh, we could host our own server.” It's the same thing. We didn't know we were We were just copying and pasting these codes, make our own server and then we're like, “Oh, we can give ourselves our own items.” We're copy this snippet and then you realize now you have these God-like powers of playing this game that you enjoy and then realize like, “Oh, shoot. What else could I do with this power?” That was actually one of my entry points to programming too. I think that's really special. One of the things that you've talked about too is well, I don't know. What are some of these entry points that people have now? What could we do to give this, serendipitous entry point into coding for kids today? Cassie: [00:05:46] It's really difficult, because I've looked around and I haven't found anything that has that same accidentally educational aspect to it. There's some really amazing things that have the same sense of community, because neopets for me and Myspace to a degree had this community aspect, where there were lots of other young kids who were all hacking around and changing things and you learnt things from each other. I think that we definitely got that in platforms like CodePen and Glitch. They're really great, because they lower the barrier to entry. They abstract away all of the fiddly setup and build tools and all of that stuff and they allow people to just jump in and start making things and remix things that other people have made and fork things that other people have made. I think that's really great, but I don't think we already have any of those accidentally educational things around anymore, which is a shame. People have to be a lot more intentional. They have to want to learn and know what they're there for in order to start off. I Amelia: [00:06:58] also think about this with cars. I think it's a little bit related. When I first started dating my husband, he had a – it was 69 Mercury Cougar, a really old car. He could work on it, because there's no computer, you can understand what the parts are pretty easily. You can just look at them and be like, okay, this turns and it turns this other thing. I think the Internet today is so much more complicated. The bar for what's cool on the web is so much higher that when we were kids and we made a sparkly cursor, even our parents would be like, “Oh, wow. How did you do that?” It's hard to make something impressive now and it's just so overwhelming. I think that's also part of why Glitch and CodePen can be so helpful, because they take care of the nitty-gritty for you, so you can focus on being creative. Nate: [00:07:51] I'm optimistic. I think that I've seen some movement there with Minecraft maybe, Roblox is interesting. Yeah, there's some interesting ideas happening there. There's even some interesting, like more deliberate code for kid tools. There's one called Microsoft MakeCode Arcade. It's like Scratch, but it's designed for building games. Even that, board is on educational. I think there's something special, where it's not deliberately educational, but you learn from it that it's important. Cassie: [00:08:19] Scratch is so cool. I really love Scratch. The Harvard computer science course, the first thing that they get you to do is a thing in Scratch. When I started that, I was like, “Oh, I bet this is really – it's really hard. It's that like Harvard computer science course.” Then they were like, “We're going to build a game in scratch.” Wow, it's Nate: [00:08:39] cool. You're like, “I can do this. Yeah.” I hope that there's more tools that come out, particularly on tablets, because one of the things I notice with my kids is that they're using an iPad a lot more frequently than they're using a computer. I think just the ethos and the ecosystem of tablet apps is it's a lot more locked down. You can't necessarily look under the covers, like you would with Vue source on a webpage. I think any tools like that that let you learn are really interesting. There's a scratch junior that my kids use just to build little stories and little animations and I love that, but there's not too many tools yet, but I'm hoping we can create more. I Cassie: [00:09:15] feel there's some stuff in the hardware hacking, crafting worlds. I think that coding and crafting, the intersection of that, there's some quite interesting stuff happening, because I think you can fall into that accidentally as well if you're interested in hacking around with things. You can end up, “Oh, well. I want to make these lights flash and oh, I'm going to have to learn Python in order to do that.” I think that that's still yeah, accidental gateway Amelia: [00:09:51] into things. Yeah, I love that. I think some of the people I used to work with, they would spend time with their kids making a Halloween skull with an Arduino that makes its eyes flashed. It's such good bonding time, and because it's fun for everyone. I enjoy doing that. Cassie: [00:10:05] I was Amelia: [00:10:06] like, “I need a kid, so I mean, Cassie: [00:10:08] I can have an excuse Amelia: [00:10:09] to do Nate: [00:10:10] this.” Right. Yeah, I know. Right. But our kids are doing that now with cosplay stuff, is they first were doing little paper craft creatures. They would print off a template and they cut it out and they'd be like, “Oh, we want to make our own,” so then they're learning how to use blender to do their own 3D modeling. Then use, there's this tool called Pepakura, which you can use to slice 3D models down into a little papercraft, like Minecraft creature or whatever. Then they're learning computer skills for using Figma to edit the templates and they're using Blender to learn 3D modeling. They're not good at that yet, but you can see the progression. They're going to take over the world. Yeah. I recently watched one of your talks on CSS filters and it totally blew my mind. I've been programming for since we talked about since dial-up, and I didn't even know that SVG had filters. I thought that was so fascinating. Can you talk a little bit about your recent work on doing paintings with SVG? Cassie: [00:11:05] Yes. I've really been loving SVG filters recently. I got into a little bit of a slump at the beginning of lockdown, where I wasn't feeling creative at all. The idea of programming, coding sounded not so much fun. I wanted to do something a little bit more relaxing. Yeah, I find SVG and SVG filters really fun to play around with, because it's more declarative. You have some filter primitives and filter primitives they work – well, filters they work a lot like audio programming, where you've got inputs and outputs. You can chain things together. You have different filter primitives inside a filter element and you can feed the output of one into the input of the next one and the output of the first two into the input of another one. That means that there's infinite possibilities. Ultimately, all you're doing is just changing a couple of values and some attributes. It feels like putting Lego blocks together. You don't really have to think through any intricate logic. You can just put some filters together and see what happens. Yeah, I find that really fun, the randomness that you get not being able to predict the outcome. I've played around and I accidentally ended up with something that looked a little bit like a pencil line. Then I just riffed on that and made some things that looked a bit like hand sketched paintings, which was a lot of fun. Nate: [00:12:42] It's gorgeous. It is one of the most beautiful SVGs I've ever seen. We'll put a link in the show notes. It was just delightful and mind-blowing. I think that yeah, your talks on SVG are really a Cassie: [00:12:55] delight. That's so lovely to hear. When you have the chance to play with these things, is Amelia: [00:12:57] that all through just side projects? I know when my – at least my job title was developer, most jobs you don't get to play around or do something super creative. Is this something you get to do in your day-to-day job, or is it mostly just side? Yeah, what is Cassie: [00:13:16] your day job? My day job, I am a front-end developer at a company called Clearleft in Brighton. I'm lucky, because my job we have a mixture of client projects, but we also – well, not so much right now, because of the pandemic, but we also do events. The event sites are a chance to flex your creative muscles a little bit, try out new things. I get to explore things creatively through the event sites and then focus on building accessible, solid front-end websites for Amelia: [00:13:55] my day job. Oh, that's a nice balance of the more focused and the more creative. Are you usually working with designers? Cassie: [00:14:02] We have a lot of really good designers at Clearleft. It's hard, but we try to avoid pigeonholing people into just one role. If people want to explore a little bit more design, but they're a developer, then they try to give people space to do that. I'm currently working on a little side project site at work. I'm getting to do design and stuff on that, which is really nice. Nate: [00:14:28] You mentioned that you used to draw a lot and I feel that , experience in your work. Your chameleon, for example, is just adorable and obviously done by someone who has art skills outside of programming. What does your process look like? Are you sketching out ideas for what you want to see on paper, or do you just go straight to SVG? How does that work? Cassie: [00:14:48] It's very much technology-driven, rather than aesthetics first, actually. I tend to get ideas, because I'll be looking at a particular technology and then I'll think, “Oh, how could I demonstrate that? Or how could I play with that in a way that is aesthetically pleasing, or fun?” The chameleon, I wanted to play around with getting colors from a webcam. I did that and it was just changing Amelia: [00:15:16] a rectangle Cassie: [00:15:17] on the screen to different colors. I was like, “Well, that's fun, but it would be so much more fun if it was a chameleon.” Nate: [00:15:25] I love that in your work. Amelia does this too, I think, in that you build something and then it's like, okay, that's fine, but how do we make that more fun? Then you'll take the time to put in those details and it's really delightful. Cassie: [00:15:38] Yeah, I am such a huge fan of Amelia's work. Your article about the SVG viewBox, I have directed so many people at that. I had a whole lengthy explanation in a workshop that I did about the viewBox and then I was just like, well, actually just look at this wonderful article, because it explains it a million times better than I could. That's so Amelia: [00:15:59] good to hear. I feel like I do these things for myself. I'm like, okay, well I need a little toy example. Then I'm like, well, I might as well make it into a telescope. Might as well just let other people use it, I think the way you described your processes, it's very just like, playing around for your own personal benefit. Then just like, “Well, if I enjoy this, other people may also enjoy this.” You released your new website recently and I feel like it got a lot of attention, especially for the bottom. You have a little SVG of yourself and the eyes follow the cursor around. It's just really delightful to play around with, because there's so many websites out there. It's nice to even stumble across one, where you're like, “Oh, this person didn't just make a nice looking well-designed website, they took the next step to make it delightful and take a chance to connect with the user.” Cassie: [00:16:56] I love that so much. I'm not a huge fan of really whiz-bang websites, so websites that you land on and just everything animates and your cursor gets hijacked and your scroll gets hijacked and all of that thing. I find that really overwhelming. I absolutely love it when I'm navigating around a website that looks on the surface, like it's just your average website and then you hover over something, or you click something and it does something unexpected and joyful. It makes you smile. It makes the website feel a lot more human. Amelia: [00:17:32] I think you have to really understand how the web works to create a website that's both really easy to read and accessible and also has that next level. I feel it's easy to do the scroll-jacking, or just animations everywhere, but to have a little bit of restraint and to make it so that people with slower connections, or using screen readers can even navigate it as well. I think that's really awesome. Cassie: [00:17:58] Yeah. I think I had a head start, because I was using 11T. You get out of the box just a lot of performance benefits there. It's a static site generator. I think the tagline is it's a very simple static site generator. Nate: [00:18:12] On the tooling side, I've noticed that you use GreenSock for a lot of your animations. I've never really used GreenSock, but I've seen that a lot of CodePen people use it. Can you just talk about GreenSock a little bit, like what you about it and explain to me why it's so popular? Cassie: [00:18:29] Yeah. I have to start with the disclaimer that I don't work for GreenSock and GreenSock don't pay me any money. Because whenever I get really excited about GreenSock people are like, “She's got to be selling something.” Yeah, I love GreenSock so much. There are a whole bunch of different animation libraries out there, like JavaScript animation libraries. I think if you're doing things with HTML DOM, or say you're using a JavaScript animation library to trim some 3JS stuff, you're mostly just concerned with changing some numbers and a lot of the animation libraries handle things exactly the same way. The problem with SVG land is different browsers handle SVG transforms differently. You can end up with things moving around in unexpected ways in some older browsers and GreenSock, they have gone above and beyond to iron out all of these browser inconsistencies. You can be very sure that your SVG animations are going to work the way that they should do. They Amelia: [00:19:31] a lot more. They'll make really nice animations between things. They have this new scrolling library, right? Cassie: [00:19:39] Yeah. This is another really cool thing about GreenSock is that they've got the core GreenSock library. Their licensing model gets a bit misunderstood, because they're one of the only JavaScript animation libraries that aren't open source. But their core animation library is free for the majority of use cases. I think if you're selling an end product to multiple users, then you have to pay for it, but for 99% of people, it's free. Then they have these additional plugins. The core library does everything that you would need it to do and then the plugins are extra fun and some of the plugins are free and then some of them are behind a membership fee, but they've got a whole bunch of different SVG-specific plugins. They've got ones that help with SVG stroke animation and they've got ones that do morphing. Yeah, they've just released scroll trigger, which is amazing. I've played around with it a little bit. It uses one event listener behind the scenes, so it's really performance and just really intuitive as well. I think that's, yeah, another thing that I really love about GreenSock is the docs. They're just really good. They've got so many good animated examples in there and the forums are really, really friendly. It's like the opposite of stack overflow, can I say that? People are nice there. You post a question and I think as a newbie, I started off doing banner ads animation. That was my first job. I didn't have anyone to learn from and I had no idea what I was doing and I'd post on the GreenSock forum and someone would just jump in and help me out immediately. Yeah, it's really good. That's a Amelia: [00:21:22] really interesting business model. Cassie: [00:21:23] It's difficult to explain to people, but I understand why they do it, because it means that they don't have to rely on any external sponsors. They can just focus their time purely on updating it, which is why a lot of the other animation libraries don't have the time to put in the effort to make sure that things work with SVG cross browser, whereas GreenSock do. Oh, Amelia: [00:21:45] and it also looks like you can use any of the plugins on CodePen? Cassie: [00:21:50] Yes. It's super cool. That's the coolest thing. I think that's why so many people on CodePen use GreenSock, because everything's available to use on there. Amelia: [00:21:58] Yeah, that's super cool. I haven't had a chance to play with it yet, but it seems like it's – just a really great way to lower the overhead of if you're like, “Oh, I want this button to have a particle system and explode, or I want it to morph into this other thing.” It might just be too much work Cassie: [00:22:13] to do. We all have deadlines at Amelia: [00:22:14] work. If anything, even haves that effort, it might just make it worthwhile. Yeah, definitely. I think there's been quite a few times where people have gone, “Wow, that's Cassie: [00:22:23] a really cool animation that you've done.” Then see that it's five lines of green top coat. That's all Amelia: [00:22:32] it takes Nate: [00:22:33] sometimes, though. Yeah. It's Cassie: [00:22:35] also a lot easier to tweak your animations with green chords, or just an animation library in general. I've struggled with very complex animations with CSS, because you can't chain them together. It's really nice to have a timeline and all that. Amelia: [00:22:54] Yeah, are there any other tools like GreenSock that might be really useful for someone who is new to the more creative coding Cassie: [00:23:02] space? I don't Nate: [00:23:03] know. I'm curious on how to learn how to do SVG animations as well, because I feel the things that actually both of you create just feel like black magic to me. I don't really understand SVG super well, or particularly CSS animations. Golly. I am not good Amelia: [00:23:18] at Cassie: [00:23:19] that. Golly. Amelia: [00:23:21] I thought of one, which is similar. I've always felt like I've seen 3D stuff on the web. I don't know what wizard you have to be to have this 3D scene in a web page, but I will never be there. Then you discover 3JS Cassie: [00:23:38] and it's like – A frame as well. A Amelia: [00:23:41] frame. Cassie: [00:23:41] Yeah, A frame is really cool. It's a web framework for building virtual reality experiences. Oh, my goodness. Yeah. Amazing. Amelia: [00:23:51] I love it. I love how these libraries make even, just you have three lines of code and you're like, “I have no idea how I did this either.” Cassie: [00:23:59] I remember when I made my first Taurus knot in 3JS and I was so excited about it. I think pretty much out of the box, you have to import Amelia: [00:24:10] a plugin, but you can rotate it, you can zoom in and out, you can pan around. It's definitely magic. Cassie: [00:24:16] What's the D3 version of that? Is there a good entry point into D3? I Amelia: [00:24:23] have this spectrum in my head of things that are really complicated, but down to the metal. You can do whatever you want with them. Then the other end is a chart library that'll make a chart for you. You say, do a line chart with this data and it'll make a line chart. D3 is definitely on the former end, where it's like, it gives you tools you need. There's a lot of tools and you have to dig into each one of them. I feel if you want that oh, my God. This is magic feeling with D3, a lot of people, especially at the beginning, they'll just look up, there's so many examples online. They'll copy the code and then they'll paste it and then over two years, they'll understand what each line is doing, which I think everyone who learns D3, this is the way they learn it, just because those end examples are so cool and you're like, “I want this. I'm going to have it.” Then you take it and don't really understand all of it. Then there's also the chart libraries that make it super easy to do a really fancy chart really easily. Nate: [00:25:23] We talked a lot about this when we were working with React and D3. I mean, D3 is like React, in that it's a ton of different little modules that all work together. If you try to use for example, D3 with React, it's obnoxious, because D3 also takes over rewriting the DOM for you. One of the things that I would complain to Amelia when she was teaching me this is that to use D3 with React, you basically use React to form all the SVGs and you almost don't need D3, except for the utility functions. I don't actually know what is a good tool that's magic for D3. There's Amelia: [00:25:55] React chart libraries that you'll get something really amazing and be like, “I did this.” We're all on the shoulders of giants. Cassie: [00:26:04] I remember looking into D3. We got a solar panel installed on the roof of our work and I wanted to hook in. Well, you could hook into the API, which is really cool. I wanted to do that and see what we'd saved. I looked into D3 and it terrified me. Then I ended up making an illustration of our office building in SVG. I've set it up, so that with every certain amount of CO2 we save, it grows another plant out of a rooftop garden. Amelia: [00:26:44] I love how this was easier. Nate: [00:26:46] Yeah. Cassie: [00:26:49] It's like reaching for the tool that you understand. It's really difficult to make yourself learn new things. I was like, this is a great opportunity to learn D3. Then about 24 hours later I was like, “I'm going to make an SVG.” I think about this a Amelia: [00:27:05] lot where the flow state is in between something that's really boring and something that's really challenging. If something's too challenging and overwhelming, your brain will just shut off. You'll be like, “I can't learn this.” Then if it's too boring, your brain also shuts off and it's like, “I can just do this in my sleep.” I think a lot of people when they first look at D3, the needle goes all the way and they'll like, “This is overwhelming. I don't know where to start direction.” Then I think even with SVG, that was probably not in the boring area for you, even though you know SVG it was in the middle flow state of this is a good challenging. Cassie: [00:27:45] Yeah. Nate: [00:27:45] Cassie, in one of your talks you mentioned this idea that limitation breeds creativity. Could you talk a little bit more about that and your thoughts there? Cassie: [00:27:53] I have quite bad anxiety. I'm quite bad with procrastinating as well. I overthink things and I procrastinate. When I was learning how to code, there were lots of times where I'd sit down and stare at an empty VS code screen and just be like, “Right. I need to make something.” Then not knowing what to do. It felt a lot like when I was younger. I really loved drawing. At a certain point, I started doubting myself a little bit and overthinking it. My mom started what we called the scribble game. The scribble game was great. She'd take the paper from me and she'd draw a scribble on it, so that the paper wasn't blank anymore and then she'd hand it back to me and I had to make that scribble into something. It was a challenge, but there was a starting point. I think that that's so important when you're trying to make some things, to have a limitation and a challenge and a starting point. If you've got those three things, I think it's a lot easier. Amelia: [00:29:02] I love that. I Cassie: [00:29:03] love the scribble game. Yeah, it's wonderful. How Amelia: [00:29:07] can we apply this to code? How can we do a code scribble in order to lower that barrier? Cassie: [00:29:14] I guess, that's what you're saying about D3 having examples that you can copy and paste and start with. CodePen as well, like other people's pens that you can fork and Glitch has things that you can remix. I think that's a really great place to get started with something new, is just start with something and then see what you can make it into, or see how you can break it. I think it's a good way to learn things. Amelia: [00:29:40] Yeah, I think that's great. I was also reading an article yesterday. I've been meaning to learn 3D modeling, like you're talking about, Nate, that your kids are doing. It was this article, someone did a 100 days of 3D modeling to learn. They had a few things where it was like, one day they'll do a tutorial and the next day they'll make something with that knowledge. Every other day, they're doing a tutorial and it's an easier day, or every other day they do something easy and then they do something really hard. That's a good idea, because otherwise, you're either burning yourself out, or you're not learning as much as you could. Nate: [00:30:17] I feel like we are so early in programming education in that there's not really – I'm lumping 3D modeling into this too. There's not really a good place that you can go that will give you this off-the-shelf curriculum to learn 3D modeling, as you learn D3. Cassie: [00:30:32] Yeah, it's definitely a tricky thing. I find it really hard, even just trying to figure out what I need to learn to be a good front-end developer nowadays, because I feel there's just so much and I inevitably just go off on rabbit hole tangents all the time into the stuff that I'm really interested in. I'm like, “I should be learning webpack, but I'm going to learn some 3JS instead.” Amelia: [00:30:59] I feel whenever I try to write an article, I turn into a grade school version of myself that would tweak the PowerPoint slide styles, instead of actually writing my presentation, where this is the only reason idea in my blog posts have something fun in them is I don't like writing. Cassie: [00:31:16] I'd rather Amelia: [00:31:17] just do something fun, like scribble on the page with SVG. It's also a strength, I guess. Because most of these things I do, I'll end up using them Cassie: [00:31:26] in work. I work with someone who uses the phrase procrasti-working. That's when you know that you're really bad at procrastinating. You have a couple of things that you want to do. Then if you're not doing one of them, then you're going to be doing the other one to procrastinate them. Right, Nate: [00:31:43] procrastinate doing something else you should be doing, so that at least, you're moving Cassie: [00:31:48] I was to Amelia: [00:31:49] my friend about this. She said, she cleans when she has a deadline. That sounds like such a superpower. At least something's clean. Cassie: [00:31:57] Before I do a talk, my house is the tidiest it's ever been. Everything is alphabetically organized. Everything is polished. Nate: [00:32:06] Can you tell us about how you prep for your talks? What does that workflow look like? I prep with Cassie: [00:32:11] great difficulty, is the honest answer. I'm very lucky, because there's a lot of people at Clearleft who do a lot of public speaking. Jeremy Keith being one of them and he helped me huge amounts with my talk writing. I think that the first ever talk I did, it was just a little talk at a meet-up. I was just doing a show and tell, basically, of some of my CodePens I clutched a glass of wine for the whole thing and just showed people the fun stuff I was working on. Doing a conference talk, it needs to have a little bit more structure than just a list of things. I think that it's very rare that you see a talk that's just a list of things that is engaging. I think Jeremy really helped with that, because he's very good at telling stories and he said to me, what you need is you to make sure that your talk has a narrative structure. You need a flow to it. I wrote down everything that I wanted to talk about on post-it notes. Then Jeremy prompted me with different narrative structures. One being the hero's journey, I think was the one I used, so you've got a hero. The hero learns something along the way and overcomes something. I looked at all of the notes that I had and tried to arrange them into different narrative structures and then, eventually found one that I was happy with. Amelia: [00:33:39] What are the other narrative structures? What do you even google find this story to narrative arts? Nate: [00:33:45] The Wikipedia page on the hero's journey is pretty good. There's another one. There's a graph. I'll link to this in the show notes. There's a blog called Reedzy, and they've actually diagrammed out. There's a talk by Kurt Vonnegut, where he actually goes through all these different narrative arcs. One of them that he talks about is the hero's journey, but they actually plot out Cinderella. Here, I'll send you the link. Cassie: [00:34:10] I love graphs of Cinderella. Excellent. Nate: [00:34:14] Yeah, so Kurt Vonnegut, he wrote Slaughterhouse-Five and he also gave this really fantastic talk. There's a YouTube video of it, where it's Kurt Vonnegut graphs the plot of every story. There's actually a database of these different narrative plot lines. Dativism Cassie: [00:34:28] storytelling. Yeah, this is right up my street. Yeah, I love cart when I get as well. Amelia: [00:34:34] I also found this chart of how happy Harry Potter is throughout all the books. It looks like he just gets progressively less happy. Yeah, Nate: [00:34:42] progressively sadder the whole time, right? Amelia: [00:34:44] Yeah. It's pretty dark by that in there. Cassie: [00:34:47] What are some other narrative arcs? Oh, the rags to riches. That's a narrative arc. Oh, rags to riches has two, so there's the rags to riches rise and riches to rags full Icarus, where you rise and then fall. I feel that'd be such a Amelia: [00:35:03] disappointing book. Cassie: [00:35:04] Yeah. Amelia: [00:35:04] Everything's happy until the end. You definitely wouldn't want to choose that for a conference talk. Right. For a conference, you got to end on the up. Yeah, Cassie: [00:35:08] definitely. Amelia: [00:35:15] Yeah, I love the concept of using storytelling in talks, because I think, especially with technical talks, it can be very like, all right, people want facts. I'm going to tell people how to use this thing. I'm just going to have slide after slide of here's a fact, here's a best practice and then it can be really hard to sit through an hour of that and keep paying attention and just keep learning things. Cassie: [00:35:39] I think it's the human element, isn't it? Again, you need more whimsy and more human elements to things. I think some of the best conference talks that I've seen have been – I learnt this thing by doing it wrong for ages. This is what happened, because I was doing it wrong and I learned this lesson the hard way. I think that that's really good, because it feels – you have empathy with them. It feels more relatable. Amelia: [00:36:06] Brain, it's like, I can avoid this pain myself. Cassie: [00:36:11] Everybody likes to laugh at other people's misfortune as well. You Amelia: [00:36:16] just started a creative coding meetup. Cassie: [00:36:19] Yes. Amelia: [00:36:20] Right before lockdown, right? Cassie: [00:36:23] Yeah. We had about three meet-ups and then lockdown happened. It was really great. There's a conference in Brighton called FFConf and Charlotte Dan did a talk. She's amazing. She does lots of really cool generative art. She makes degenerative jewelry as well, which is very cool. A lot of my Brighton nerd friends, we all went to this conference and we saw her talk and she talks through pen plotting and generative art with CSS and generative art with JavaScript and using hardware and creating physical things, like jewelry and stuff. We were all really inspired. Afterwards, we were like, “Let's have a meet-up,” because it's really hard to find time to do all of that stuff and motivation to do side projects outside of work. We decided to do a meet-up that wasn't the normal talk structure, where you go along and watch people talk and then leave again. It was more of we call it a knitting circle for nerds. Everyone just goes along and we all have our laptops and we just tinker on projects and help each other. Then do a little show-and-tell at the end and eat crisps. Sometimes there's a very, very small dog. A very, very small dog. Very, very, very small chihuahua. Amelia: [00:37:48] [inaudible] . Cassie: [00:37:50] Yeah, now that's all moved online now, because of the plague. It's been really lovely, because we've got this little Slack community that has been there the whole time the lockdown's been happening and quarantine's been happening. It's just been such a great bunch of people. Creativity without the pressure and coding without the link to work and career development and stuff. It's just feels a very free space. Everyone there has been super open about feeling a bit creatively restricted, or battling with balancing out life stuff and coding. Yeah, it's been a really, really lovely group of people. Chris, one of the people from Brighton Generator, he is just a project machine. Even when everyone else hasn't been making stuff, he's just been knocking out projects pretty much every week. It's been wonderful watching what he's been making. That Amelia: [00:38:51] sounds so nice to just have that group, especially in these times. On Twitter, I feel a lot of people are having just such a hard time with a lot of people get inspiration from nature, or talking to people, or going places. It's just so hard when you always stay in the same house, if you see the same things and the same people all the time. Yeah, definitely. I think that that's fine. People shouldn't be outputting stuff all Cassie: [00:39:18] the time. You shouldn't feel like you have to constantly be producing things. Sometimes you have to take time to absorb stuff. If that's reading books, or watching tutorials, or going for walks, or that thing. I think it's all just as important. Amelia: [00:39:34] Totally agree. Cassie: [00:39:35] Ooh, if you're wanting to learn more about SVG filters, Sara Soueidan has an amazing set of articles on Codrops, which I Amelia: [00:39:43] learned everything from. They're really great. Nate: [00:39:45] One of the things I appreciate about you is that you remember people's names. I've noticed that in your talks as well. When you are saying, you're not just like, “Oh, there's a blog post on SVG filters.” You're like, “Sara Soueidan wrote this filter.” You should know her as well as her article. I really appreciate that. I think I would like to see more of that in general. Cassie: [00:40:06] It's so important. One of the things that brings me the most joy, which I've started doing is there are a few times where I had made a CodePen or something, or written a blog post and someone actually just sent me a direct message just saying, “Oh, I just read your article and it was really helpful. Thank you for that.” I do that now. Every time I read something and it's useful, I get hold of the person directly and just say, thank you. It's such a small thing, but yeah, I think it's really nice, especially for people who don't have analytics and tracking on their things, because I don't. I don't really want to know who's on my blog, because I get a bit too overwhelmed with numbers and statistics. But it's really nice to get a message from someone saying that they enjoyed it. Amelia: [00:40:51] I love that. Also, I feel for me, the better something is, probably the less likely I'll reach out to someone to say that I enjoyed it, because I'm like, “Oh, there's so many people who are telling them that it's great.” As a creator, it's so nice to get any message. I think being on the other side has helped that anxiety. Cassie: [00:41:12] Yeah. I think we put people on pedestals and don't reach out for that reason. I think we should stop doing Amelia: [00:41:19] also recently released new newsletter. I think it's monthly. What was your motivation behind starting it? I think it's solely focused on SVG, which is just a great niche. Where do you find inspiration for that newsletter? There is Cassie: [00:41:36] a little patch of time where GreenSock were hosting the CodePen challenges. I mean, it was about a month. Every week, Jack from GreenSock got hold of me with a whole load of CodePens for me to look through and judge. I just loved it. It was so much fun. I spent every Sunday evening just going through all of these different CodePens and writing people messages and telling them what I liked about it. I got so many lovely messages back. It just felt so joyful and so lovely to be able to signal boost some people who are making really cool things and give people some feedback. I basically just loved it, so I thought that I would like to carry on doing that. Then I had also, just before lockdown happened, I did a workshop in Brussels and I met Louie, who's also putting the newsletter together with me and we've been Internet friends for quite a while, but it was we met in person for the first time. We just got along really well. We decided we wanted to do a little side project together. Yeah, he's been writing some SVG tips for a while as well on Twitter and I've been looking at those and thinking, “Oh, it'd be great if we could get these tips out to some more people.” Amelia: [00:42:50] Oh, I've seen those. They're so good. Cassie: [00:42:52] Yeah, I learned things. Amelia: [00:42:54] Yeah, Cassie: [00:42:57] me too for sure. He's a creative coding tour de force, he is. Nate: [00:43:00] Cassie, thank you so much for being with us today. It was really delightful. Cassie: [00:43:04] Oh, it's an absolute pleasure. It was lovely to meet both of you, and especially because I've been such a huge fan of Amelia: [00:43:11] Amelia's work for a while. Nate: [00:43:19] Thank you. Hey, you made it to the end. I hope you enjoyed this conversation. Amelia: [00:43:22] If you have a minute, a review on iTunes would help other people find the podcast. We have a lot of great content coming up. To be notified of new episodes, hit that subscribe Cassie: [00:43:37] button.

Microsoft have released a free, tabbed terminal application that allows you to use PowerShell, Command Prompt, Linux, SSH and much more! This is a great application and I think it replaces all those old or expensive options on the market! No need to use Putty anymore for SSH or Telnet. No need to pay huge amounts of money for other applications unless you really need specific functionality. Fantastic to now see an OpenSource Terminal application released in 2020. It's so easy now to have a tabbed application that supports Powershell, Command Prompt, Azure, WSL 2, SSH, Telnet and other applications. Windows Terminal supports a lot of customization - you can change fonts, colors, background images and a whole bunch of other options. wsl2 is a fantastic Microsoft Windows 10 development: You can run Linux directly on Windows using the windows subsystem for linux. In this video I demonstrate ubuntu 20.04 and 18.04 using wsl2. Menu: Overview: 0:00 Physical Device: 1:24 SSH in the bad old days 1:38 SSH in Windows 10: 2:22 PowerShell: 2:49 Windows Terminal Overview: 3:02 Windows Terminal SSH Tab: 4:40 Windows Terminal Telnet Tab: 5:30 Background image: 5:50 Use WSL 2 Ubuntu to SSH: 6:15 Shortcuts: 7:15 Terminal Settings: 8:39 Terminal SSH configuration: 12:04 Copy text automatically: 16:00 Previous videos: Windows Terminal and WSL 2: https://youtu.be/GFgJgGV4d28 WSL 2 getting started: https://youtu.be/_fntjriRe48 WSL2 and Docker getting started: https://youtu.be/5RQbdMn04Oc Documentation: Windows Terminal: https://docs.microsoft.com/en-us/wind... Window Terminal Introduction: https://devblogs.microsoft.com/comman... Windows Terminal GitHub: https://github.com/microsoft/terminal What is WSL? https://docs.microsoft.com/en-us/wind... WSL documentation: https://docs.microsoft.com/en-us/wind... WSL 2 Announcement: https://devblogs.microsoft.com/comman... #windowsterminal #wsl2 #linux

This week on The Podlets Podcast, we talk about cloud native infrastructure. We were interested in discussing this because we’ve spent some time talking about the different ways that people can use cloud native tooling, but we wanted to get to the root of it, such as where code lives and runs and what it means to create cloud native infrastructure. We also have a conversation about the future of administrative roles in the cloud native space, and explain why there will always be a demand for people in this industry. We dive into the expense for companies when developers run their own scripts and use cloud services as required, and provide some pointers on how to keep costs at a minimum. Joining in, you’ll also learn what a well-constructed cloud native environment should look like, which resources to consult, and what infrastructure as code (IaC) really means. We compare containers to virtual machines and then weigh up the advantages and disadvantages of bare metal data centers versus using the cloud. Note: our show changed name to The Podlets. Follow us: https://twitter.com/thepodlets Website: https://thepodlets.io Feeback: info@thepodlets.io https://github.com/vmware-tanzu/thepodlets/issues Hosts: Carlisia Campos Duffie Cooley Nicholas Lane Key Points From This Episode: • A few perspectives on what cloud native infrastructure means. • Thoughts about the future of admin roles in the cloud native space. • The increasing volume of internet users and the development of new apps daily. • Why people in the infrastructure space will continue to become more valuable. • The cost implications for companies if every developer uses cloud services individually. • The relationships between IaC for cloud native and IaC for the could in general. • Features of a well-constructed cloud native environment. • Being aware that not all clouds are created equal and the problem with certain APIs. • A helpful resource for learning more on this topic: Cloud Native Infrastructure. • Unpacking what IaC is not and how Kubernetes really works. • Reflecting how it was before cloud native infrastructure, including using tools like vSphere. • An explanation of what containers are and how they compare to virtual machines. • Is it worth running bare metal in the clouds age? Weighing up the pros and cons. • Returning to the mainframe and how the cloud almost mimics that idea. • A list of the cloud native infrastructures we use daily. • How you can have your own “private” cloud within your bare metal data center. Quotes: “This isn’t about whether we will have jobs, it’s about how, when we are so outnumbered, do we as this relatively small force in the world handle the demand that is coming, that is already here.” — Duffie Coolie @mauilion [0:07:22] “Not every cloud that you’re going to run into is made the same. There are some clouds that exist of which the API is people. You send a request and a human being interprets your request and makes the changes. That is a big no-no.” — Nicholas Lane @apinick [0:16:19] “If you are in the cloud native workspace you may need 1% of your workforce dedicated to infrastructure, but if you are in the bare metal world, you might need 10 to 20% of your workforce dedicated just to running infrastructure.” — Nicholas Lane @apinick [0:41:03] Links Mentioned in Today’s Episode: VMware RADIO — https://www.vmware.com/radius/vmware-radio-amplifying-ideas-innovation/CoreOS — https://coreos.com/Brandon Phillips on LinkedIn — https://www.linkedin.com/in/brandonphilips Kubernetes — https://kubernetes.io/Apache Mesos — http://mesos.apache.orgAnsible — https://www.ansible.comTerraform — https://www.terraform.ioXenServer (Citrix Hypervisor) — https://xenserver.orgOpenStack — https://www.openstack.orgRed Hat — https://www.redhat.com/Kris Nova on LinkedIn — https://www.linkedin.com/in/kris-novaCloud native Infrastructure — https://www.amazon.com/Cloud-Native-Infrastructure-Applications-Environment/dp/1491984309Heptio — https://heptio.cloud.vmware.comAWS — https://aws.amazon.comAzure — https://azure.microsoft.com/en-us/vSphere — https://www.vmware.com/products/vsphere.htmlCircuit City — https://www.circuitcity.comNewegg — https://www.newegg.comUber —https://www.uber.com/ Lyft — https://www.lyft.com Transcript: EPISODE 05 [INTRODUCTION] [0:00:08.7] ANNOUNCER: Welcome to The Podlets Podcast, a weekly show that explores Cloud Native one buzzword at a time. Each week, experts in the field will discuss and contrast distributed systems concepts, practices, tradeoffs and lessons learned to help you on your cloud native journey. This space moves fast and we shouldn’t reinvent the wheel. If you’re an engineer, operator or technically minded decision maker, this podcast is for you. [EPISODE] [0:00:41.1] NL: Hello and welcome to episode five of The Podlets Podcast, the podcast where we explore cloud native topics one topic at a time. This week, we’re going to the root of everything, money. No, I mean, infrastructure. My name is Nicholas Lane and joining me this week are Carlisia Campos. [0:00:59.2] CC: Hi everybody. [0:01:01.1] NL: And Duffie Cooley. [0:01:02.4] DC: Hey everybody, good to see you again. [0:01:04.6] NL: How have you guys been? Anything new and exciting going on? For me, this week has been really interesting, there’s an internal VMware conference called RADIO where we have a bunch of engineering teams across the entire company, kind of get together and talk about the future of pretty much everything and so, have been kind of sponging that up this week and that’s been really interesting to kind of talking about all the interesting ideas and fascinating new technologies that we’re working on. [0:01:29.8] DC: Awesome. [0:01:30.9] NL: Carlisia? [0:01:31.8] CC: My entire team is at RADIO which is in San Francisco and I’m not. But I’m sort of glad I didn’t have to travel. [0:01:42.8] NL: Yeah, nothing too exciting for me this week. Last week I was on PTO and that was great so this week it has just been kind of getting spun back up and I’m getting back into the swing of things a bit. [0:01:52.3] CC: Were you spun back up with a script? [0:01:57.1] NL: Yeah, I was. [0:01:58.8] CC: With infrastructure I suppose? [0:02:00.5] NL: Yes, absolutely. This week on The Podlets Podcast, we are going to be talking about cloud native infrastructure. Basically, I was interested in talking about this because we’ve spent some time talking about some of the different ways that people can use cloud native tooling but I wanted to kind of get to the root of it. Where does your code live, where does it run, what does it mean to create cloud native infrastructure? Start us off, you know, we’re going to talk about the concept. To me, cloud native infrastructure is basically any infrastructure tool or service that allows you to programmatically create infrastructure and by that I mean like your compute nodes, anything running your application, your networking, software defined networking, storage, Seth, object store, dev sort of thing, you can just spin them up in a programmatical in contract way and then databases as well which is very nice. Then I also kind of lump in anything that’s like a managed service as part of that. Going back to databases if you use like difference and they have their RDS or RDB tooling that provides databases on the fly and then they manage it for you. Those things to me are cloud native infrastructure. Duffy, what do you think? [0:03:19.7] DC: Year, I think it’s definitely one of my favorite topics. I spent a lot of my career working with infrastructure one way or the other, whether that meant racking servers in racks and doing it the old school way and figuring out power budgets and you know, dealing with networking and all of that stuff or whether that meant, finally getting to a point where I have an API and my customer’s going to come to me and say, I need 10 new servers, I can be like, one second. Then run all the script because they have 10 new servers versus you know, having to order the hardware, get the hardware delivered, get the hardware racked. Replace the stuff that was dead on arrival, kind of go through that whole process and yeah. Cloud native infrastructure or infrastructure as a service is definitely near and dear to my heart. [0:03:58.8] CC: How do you feel about if you are an admin? You work from VMware and you are a field engineer now. You’re basically a consultant but if you were back in that role of an admin at a company and you had the company was practicing cloud native infrastructure things. Basically, what we’re talking about is we go back to this theme of self-sufficiency a lot. I think we’re going to be going back to this a lot too, as we go through different topics. Mainly, someone was a server in that environment now, they can run an existing script that maybe you made it for them. But do you have concerns that your job is redundant now that you can just one script can do a lot of your work? [0:04:53.6] NL Yeah, in the field engineering org, we kind of have this mantra that we’re trying to automate ourselves out of a job. I feel like anyone who is like really getting into cloud native infrastructure, that is the path that they’re taking as well. If I were an admin in a world that was like hybrid or anything like that, they had like on prem or bare metal infrastructure and they had cloud native infrastructure. I would be more than ecstatic to take any amount of the administrative work of like spinning up new servers in the cloud native infrastructure. If the people just need somewhere they can go click, I got whatever services I need and they all work together because the cloud makes them work together, awesome. That gives me more time to do other tasks that may be a bit more onerous or less automated. I would be all for it. [0:05:48.8] CC: You’re saying that if you are – because I don’t want the admin people listening to this to stop listening and thinking, screw this. You’re saying, if you’re an admin, there will still be plenty of work for you to do? [0:06:03.8] NL: Year, there’s always stuff to do I think. If not, then I guess maybe it’s time to find somewhere else to go. [0:06:12.1] DC: There was a really interesting presentation that really stuck with me when I was working for CoreOS which is another infrastructure company, it was a presentation by our CTO, his name is Brandon Philips and Brandon put together a presentation around the idea that every single day, there are you know, so many thousand new users of the Internet coming online for the first time. That’s so many thousand people who are like going to be storing their photos there, getting emails, doing all those things that we do in our daily lives with the Internet. That globally, across the whole world, there are only about, I think it was like 250k or 300,000 people that do what we do, that understand the infrastructure at a level that they might even be able to automate it, you know? That work in the IT industry and are able to actually facilitate the creation of those resources on which all of those applications will be hosted, right? This isn’t even taking into account, the number of applications per day that are brought into the Internet or made available to users, right? That in itself is a whole different thing. How many people are putting up new webpages or putting up new content or what have you every single day. Fundamentally, I think that we have to think about the problem in a slightly different way, this isn’t about whether we will have jobs, it’s about how, when we are so outnumbered, how do we as this relatively small force in the world, handle the demand that is coming, that is already here today, right? Those people that are listening, who are working infrastructure today, you’re even more valuable when you think about it in those terms because there just aren’t enough people on the planet today to solve those problems using the tools that we are using today, right? Automation is king and it has been for a long time but it’s not going anywhere, we need the people that we have to be able to actually support much larger numbers or bigger scale of infrastructure than they know how to do today. That’s the problem that we have to solve. [0:08:14.8] NL: Yeah, totally. [0:08:16.2] CC: Looking from the perspective of whoever is paying the bills. I think that in the past, as a developer, you had to request a server to run your app in the test environment and eventually you’ll get it and that would be the server that everybody would use to run against, right? Because you’re the developer in the group and everybody’s developing different features and that one server is what we would use to push out changes to and do some level of manual task or maybe we’ll have a QA person who would do it. That’s one server or one resource or one virtual machine. Now, maybe I’m wrong but as a developer, I think what I’m seeing is I will have access to compute and storage and I’ll run a script and I boot up that resource just for myself. Is that more or less expensive? You know? If every single developer has this facility to speed things up much quicker because we’re not depending on IT and if we have a script. I mean, the reality is not as easy like just, well command and you get it but – If it’s so easy and that’s what everybody is doing, doesn’t it become expensive for the company? [0:09:44.3] NL: It can, I think when cloud native infrastructure really became more popular in the workplace and became more like mainstream, there was a lot of talk about the concept of sticker shock, right? It’s the idea of you had this predictable amount of money that was allocated to your infrastructure before, these things cost this much and their value will degrade over time, right? The server you had in 2005 is not going to be as valuable as the server you buy in 2010 but that might be a refresh cycles like five years or so. But you have this predictable amount of money. Suddenly, you have this script that we’re talking about that can spin up in equivalent resource as one of those servers and if someone just leaves it running, that will run for a long time and so, irresponsible users of the cloud or even just regular users of cloud, it does cost a lot of money to use any of these cloud services or it can cost a lot of money. Yes, there is some concern about the amount of money that these things cost because honestly, as we’re exploring cloud native topics. One thing keeps coming up is that cloud really just means, somebody else’s computer, right? You’re not using the cost of maintenance or the time it takes to maintain things, somebody else is and you’re paying that price upfront instead of doing it on like a yearly basis, right? It’s less predictable and usually a bit more than people are expected, right? But there is value there as well. [0:11:16.0] CC: You’re saying if the user is diligent enough to terminate clusters or the machine, that is how you don’t rack up unnecessary cost? [0:11:26.6] NL: Right For a test, like say you want to spin up your code really quickly and just need to – a quick like setup like networking and compute resources to test out your code and you spin up a small, like a tiny instance somewhere in one of the clouds, test out your code and then kill the instance. That won’t cost hardly anything. It didn’t really cost you much on time either, right? You had this automated process hopefully or had a manual process that isn’t too onerous and you get the resource and the things you needed and you’re good. If you aren’t a good player and you keep it going, that can get very expensive very quickly. Because It’s a number of resources used per hour I think is how most billing happens in the cloud. That can exponentially – I mean, they’re not really exponentially grow but it will increase in time to a value that you are not expecting to see. You get a billing and you’re like holy crap, what is this? [0:12:26.9] DC: I think it’s also – I mean, this is definitely where things like orchestration come in, right? With the level of obstruction that you get from things like Kubernetes or Mesos or some other tools, you’re able to provide access to those resources in a more dynamic way with the expectation and sometimes one of the explicit contract, that work load that you deploy will be deployed on common equipment, allowing for things like Vin packing which is a pretty interesting term when it comes to infrastructure and means that you can think of the fact that like, for a particular cluster. I might have 10 of those VMs that we talk about having high value. I attended to those running and then my goal is to make sure that I have enough consumers of those 10 nodes to be able to get my value out of it and so when I split up the environments, we did a little developer has a main space, right? This gets me the ability to effectively over subscribe those resources that I’m paying for in a way that will reduce the overall cost of ownership or cost of – not ownership, maybe cost of operation for those 10 nodes. Let’s take a step back and go down a like memory lane. [0:13:34.7] NL: When did you first hear about the concept of IAS or cloud native infrastructure or infrastructure as code? Carlisia? [0:13:45.5] CC: I think in the last couple of years, same as pretty much coincided with when I started to – you need to cloud native and Kubernetes. I’m not clear on the difference between the infrastructure as code for cloud native versus infrastructure as code for the cloud in general. Is there anything about cloud native that has different requirements and solutions? Are we just talking about, is the cloud and the same applies for cloud native? [0:14:25.8] NL: Yes, I think that they’re the same thing. Cloud, like infrastructure is code for the cloud is inherently cloud native, right? Cloud native just means that whatever you’re trying to do, leverages the tools and the contracts that a cloud provides. The basic infrastructure as code is basically just how do I use the cloud and that’s – [0:14:52.9] CC: In an automated way. [0:14:54.7] NL: In an automated way or just in a way, right? A properly constructed cloud should have a user interface of some kind, that uses an API, right? A contract to create these machines or create these resources. So that the way that it creates its own resources is the same that you create the resource if you programmatically do it right. Orchestration tool like Ansible or Terraform. The API calls that itself makes and its UI needs to be the same and if we have that then we have a well-constructed cloud native environment. [0:15:32.7] DC: Yeah, I agree with that. I think you know, from the perspective of cloud infrastructure or cloud native infrastructure, the goal is definitely to have – it relies on one of the topics that we covered earlier in a program around the idea of API first or API driven being such an intrinsic quality of any cloud native architecture, right? Because, fundamentally, if we can’t do it programmatically, then we’re kind of stuck in that old world of wrecking servers or going through some human managed process and then we’re right back to the same state that we were in before and there’s no way that we can actually scale our ability to manage these problems because we’re stuck in a place where it’s like one to one rather than one to many. [0:16:15.6] NL: Yeah, those API’s are critical. [0:16:17.4] DC: The API’s are critical. [0:16:18.4] NL: You bring up a good point, reminder of something. Not every cloud that you’re going to run into is made the same. There are some clouds that exist and I’m not going to specifically call them out but there are some clouds that exist that the API is people. Using their request and a human being interprets your request and makes the changes. That is a big no-no. Me no like, no good, my brain stopped. That is a poorly constructed cloud native environment. In fact, I would say it is not a cloud native environment at all, it can barely call itself a cloud and sentence. Duffie, how about you? When was the first time you heard the concept of cloud native infrastructure? [0:17:01.3] DC: I’m going to take this question in a form of like, what was the first programmatic infrastructure of those service that I played with. For me, that was actually like back in the Nicera days when we were virtualizing the network and effectively providing and building an API that would allow you to create network resources and a different target that we were developing for where things like XenServer which the time had a reasonable API that would allow you to create virtual machines but didn’t really have a good virtual network solution. There were also technologies like KVM, the ability to actually use KVM to create virtual machines. Again, with an API and then, although, in KVM, it wasn’t quite the same as an API, that’s kind of where things like OpenStack and those technologies came along and kind of wrapped a lot of the capability of KVM behind a restful API which was awesome. But yeah, I would say, XenServer was the first one and that gave me the ability to – like a command line option with which I could stand up and create virtual machines and give them so many resources and all that stuff. You know, from my perspective, it was the Nicera was the first network API that I actually ever saw and it was also one of the first ones that I worked on which was pretty neat. [0:18:11.8] CC: When was that Duffie? [0:18:13.8] DC: Some time ago. I would say like 2006 maybe? [0:18:17.2] NL: The TVs didn’t have color back then. [0:18:21.0] DC: Hey now. [0:18:25.1] NL: For me, for sort of cloud native infrastructure, it reminded me, it was the open stack days I think it was really when I first heard the phrase like I – infrastructure as a service. At the time, I didn’t even get close to grocking it. I still don’t know if I grock it fully but I was working at Red Hat at the time so this was probably back in like 2012, 2013 and we were starting to leverage OpenStack more and having like this API driven toolset that could like spin up these VMs or instances was really cool to me but it’s something I didn’t really get into using until I got into Kubernetes and specifically Kubernetes on different clouds such as like AWS or AS Ram. We’ll touch on those a little bit later but it was using those and then having like a CLI that had an API that I could reference really easily to spin things up. I was like, holy crap, this is incredible. That must have been around like the 2015, 16 timeframe I think. I think I actually heard the phrase cloud native infrastructure first from our friend Kris Nova’s book, Cloud Native Infrastructure. I think that really helped me wrap my brain around really what it is to have something be like cloud native infrastructure, how the different clouds interact in this way. I thought that was a really handy book, I highly recommend it. Also, well written and interesting read. [0:19:47.7] CC: Yes, I read it back to back and when I joined what I have to, I need to read it again actually. [0:19:53.6] NL: I agree, I need to go back to it. I think we’ve touched on something that we normally do which is like what does this topic mean to us. I think we kind of touched on that a bit but if there’s anything else that you all want to expand upon? Any aspect of infrastructure that we’ve not touched on? [0:20:08.2] CC: Well, I was thinking to say something which is reflects my first encounter with Kubernetes when I joined Heptio when it was started using Kubernetes for the very first time and I had such a misconception of why Kubernetes was. I’m saying what I’m going to say to touch base on what I want to say – I wanted to relate what infrastructure as code is not. [0:20:40.0] NL: That’s’ a very good point actually, I like that. [0:20:42.4] CC: Maybe, what Kubernetes now, I’m not clear what it is I’m going to say. Hang with me. It’s all related. I work from Valero, Valero is out, they run from Kubernetes and so I do have to have Kubernetes running for me to run Valero so we came on my machine or came around on the cloud provider and our own prem just for the pluck. For Kubernetes to run, I need to have a cluster running. Not one instance because I was used to like yeah, I could bring up an instance or an instance or two. I’ve done this before but bringing up a cluster, make sure that everything’s connected. I was like, then this. When I started having to do that, I was thinking. I thought that’s what Kubernetes did. Why do I have to bother with this? Isn’t that what Kubernetes supposed to do, isn’t it like just Kubernetes and all of that gets done? Then I had that realization, you know, that encounter where reality, no, I still have to boot up my infrastructure. That doesn’t go away because we’re doing Kubernetes. Kubernetes, this abstraction called that sits on top of that infrastructure. Now what? Okay, I can do it manually while DJIK has a great episode where Joe goes and installs everything by hand, he does thing like every single thing, right? Every single step that you need to do, hook up the network KP’s. It’s brilliant, it really helps you visualize what happens when all of the stuff, how all the stuff is brought up because ideally, you’re not doing that by hand which is what we’re talking about here. I used for example, cloud formation on AWS with a template that Heptio also has in partnership with AWS, there is a template that you can use to bring up a cluster for Kubernetes and everything’s hooked up, that proper networking piece is there. You have to do that first and then you have Kubernetes installed as part of that template. But the take home lesson for me was that I definitely wanted to do it using some sort of automation because otherwise, I don’t have time for that. [0:23:17.8] DC: Ain’t nobody got time for that, exactly. [0:23:19.4] CC: Ain’t got no time for that. That’s not my job. My job is something different. I’m just boarding these stuff up to test my software. Absolutely very handy and if you put people is not working with Kubernetes yet. I just wanted to clarify that there is a separation and the one thing is having your infrastructure input and then you have installed Kubernetes on top of that and then you know, you might have, your application running in Kubernetes or you can have an external application that interacts with Kubernetes. As an extension of Kubernetes, right? Which is what I – the project that I work on. [0:24:01.0] NL: That’s a good point and that’s something we should dive into and I’m glad that you brought this up actually, that’s a good example of a cloud native application using the cloud native infrastructure. Kubernetes has a pretty good job of that all around and so the idea of like Kubernetes itself is a platform. You have like a platform as a service that’s kind of what you’re talking about which is like, if I spin up. I just need to spin up a Kubernetes and then boom, I have a platform and that comes with the infrastructure part of that. There are more and more to like, of this managed Kubernetes offerings that are coming out that facilitate that function and those are an aspect of cloud native infrastructure. Those are the managed services that I was referring to where the administrators of the cloud are taking it upon themselves to do all that for you and then manage it for you and I think that’s a great offering for people who just don’t want to get into the weeds or don’t want to worry about the management of their application. Some of these like – For instance, databases. These managed services are awesome tool and going back to Kubernetes a little bit as well, it is a great show of how a cloud native application can work with the infrastructure that it’s on. For instance, when Kubernetes, if you spin up a service of type load balancer and it’s connected to a cloud properly, the cloud will create that object inside of itself for you, right? A load balancer in AWS is an ELB, it’s just a load balancer in Azure and I’m not familiar with the other terms that the other clouds use, they will create these things for you. I think that the dopest thing on the planet, that is so cool where I’m just like, this tool over here, I created it I n this thing and it told this other thing how to make that work in reality. [0:25:46.5] DC: That is so cool. Orchestration magic. [0:25:49.8] NL: Yeah, absolutely. [0:25:51.6] DC: I agree, and then, actually, I kind of wanted to make a point on that as well which is that, I think – the way I interpreted your original question, Carlisia was like, “What is the difference perhaps between these different models that I call the infrastructure-esque code versus a plat… you know or infrastructure as a service versus platform as a service versus containers as a service like what differentiates these things and for my part, I feel like it is effectively an evolution of the API like what the right entry point for your consumer is. So in the form, when we consider container orchestration. We consider things like middle this in Kubernetes and technologies like that. We make the assumption that the right entry point for that user is an API in which they can define those things that we want to orchestrate. Those containers or those applications and we are going to provide within the form of that platform capability like you know, service discovery and being able to handle networking and do all of those things for you. So that all you really have to do is to find like what needs to be deployed. And what other services they need to rely on and away you go. Whereas when you look at infrastructure of the service, the entry point is fundamentally different, right? We need to be thinking about what the infrastructure needs to look at like I would might ask an infrastructure as a service API how man machines I have running and what networks they are associated with and how much memory and disk is associated with each of those machines. Whereas if I am interacting with a platform as a service, I might ask whatever the questions about those primitives that are exposed by their platform, how many deployments do I have? What name spaces do I have access to do? How many pods are running right now versus how many I ask that would be running? Those questions capabilities. [0:27:44.6] NL: Very good point and yeah I am glad that we explored that a little bit and cloud native infrastructure is not nothing but it is close to useless without a properly leveraged cloud native application of some kind. [0:27:57.1] DC: These API’s all the way down give you this true flexibility and like the real functionality that you are looking for in cloud because as a developer, I don’t need to care how the networking works or where my storage is coming from or where these things are actually located. What the API does any of these things. I want someone to do it for me and then API does that, success and that is what cloud native structure gets even. Speaking of that, the thing that you don’t care about. What was it like before cloud? What do we have before cloud native infrastructure? The things that come to mind are the things like vSphere. I think vSphere is a bridge between the bare metal world and the cloud native world and that is not to say that vSphere itself is not necessarily cloud native but there are some limitations. [0:28:44.3] CC: What is vSphere? [0:28:46.0] DC: vSphere is a tool that VMware has created a while back. I think it premiered back in 2000, 2000-2001 timeframe and it was a way to predictably create and manage virtual machines. So in virtual machine being a kernel that sits on top of a kernel inside of a piece of hardware. [0:29:11.4] CC: So is vSphere two virtual machines where to Kubernetes is to containers? [0:29:15.9] DC: Not quite the same thing I don’t think because fundamentally, the underlying technologies are very different. Another way of explaining the difference that you have that history is you know, back in the day like 2000, 90s even currently like what we have is we have a layer of people who are involved in dealing with physical hardware. They rack 10 or 20 servers and before we had orchestration and virtualization and any of those things, we would actually be installing an operating system and applications on those servers. Those servers would be webservers and those servers will be database servers and they would be a physical machine dedicated to a single task like a webserver or database. Where vSphere comes in and XenServer and then KVM and those technologies is that we think about this model fundamentally differently instead of thinking about it like one application per physical box. We think about each physical box being able to hold a bunch of these virtual boxes that look like virtual machines. And so now those virtual machines are what we put our application code. I have a virtual machine that is a web server. I have a virtual machine that is a database server. I have that level of abstraction and the benefit of this is that I can get more value out of those hardware boxes than I could before, right? Before I have to buy one box or one application, now I can buy one box for 10 or 20 applications. When we take that to the next level, when we get to container orchestration. We realized, “You know what? Maybe I don’t need the full abstraction of a machine. I just need enough of an abstraction to give me enough, just enough isolation back and forth between those applications such that they have their own file system but they can share the kernel but they have their own network” but they can share the physical network that we have enough isolation between them but they can’t interact with each other except for when intent is present, right? That we have that sort of level of abstraction. You can see that this is a much more granular level of abstraction and the benefit of that is that we are not actually trying to create a virtual machine anymore. We are just trying to effectively isolate processes in a Linux kernel and so instead of 20 or maybe 30 VMs per physical box, I can get a 110 process all day long you know on a physical box and again, this takes us back to that concept that I mentioned earlier around bin packing. When we are talking about infrastructure, we have been on this eternal quest to make the most of what we have to make the most of that infrastructure. You know, how do we actually – what tools and tooling that we need to be able to see the most efficiency for the dollar that we spend on that hardware? [0:32:01.4] CC: That is simultaneously a great explanation of container and how containers compare with virtual machines, bravo. [0:32:11.6] DC: That was really low crap idea that was great. [0:32:14.0] CC: Now explain vSphere please I still don’t understand it. I don’t know what it does. [0:32:19.0] NL: So vSphere is the one that creates the many virtual machines on top of a physical machine. It gives you the capability of having really good isolation between these virtual machines and inside of these virtual machines you feel like you have like a metal box but it is not a metal box it is just a process running on a metal box. [0:32:35.3] CC: All right, so it is a system that holds multiple virtual machines inside the same machine. [0:32:41.8] NL: Yeah, so think of it in the cloud native like infrastructure world, vSphere is essentially the API or you could think of it as the cloud itself, which is in the sense an AWS but for your datacenter. The difference being that there isn’t a particularly useful API that vSphere exposes so it makes it harder for people to programmatically leverage, which makes it difficult for me to say like vSphere is a cloud native app like tool. It is a great tool and it has worked wonders and still works wonders for a lot of companies throughout the years but I would hesitate to lump into a cloud native functionality. So prior to cloud native or infrastructures and service, we had these tools like vSphere, which allowed us to make smaller and smaller VMs or smaller and smaller compute resources on a larger compute resource and going back to something, we’re talking about containers and how you spin up these processes. Prior to things that containers and in this world of VM’s a lot of times what you do is you would create a VM that had your application already installed into it. It is burnt into the image so that when that VM stood up it would spin up that process. So that would be the way that you would start processes. The other way would be through orchestration tools similar to Ansible but they existed right or Ansible. That essentially just ran SSH on a number of servers to startup tools like these processes and that is how you’d get distributed systems prior to things like cloud native and containers. [0:34:20.6] CC: Makes sense. [0:34:21.6] NL: And so before we had vSphere we already had XenServer. Before we had virtual machine automation, which is what these tools are, virtual machine automation we had bare metal. We just had joes like Duffie and me cutting our hands on rack equipment. A server was never installed properly unless my blood is on it essentially because they are heavy and it is all metal and it sharpens some capacity and so you would inevitably squash a hand or something. And so you’d rack up the server and then you’d plug in all the things, plug in all the plugs and then set it up manually and then it is good to go and then someone can use it at will or in a logical manner hopefully and that is what we had to do before. It’s like, “Oh I need a new compute resource” okay well, let us call Circuit City or whoever, let us call Newegg and get a new server in and there you go” and then there is a process for that and yeah I think, I don’t know I’m dying of blood loss anymore. [0:35:22.6] CC: And still a lot of companies are using bare metal as a matter of course, which brings up another question, if one would want to ask, which is, is it worth it these days to run bare metal if you have the clouds, right? One example is we see companies like Uber, Lyft, all of these super high volume companies using public clouds, which is to say paying another company for all the data, traffic of data, storage of data in computes and security and everything. And you know one could say, you would save a ton of money to have that in house but using bare metal and other people would say there is no way that this costs so much to host all of that. [0:36:29.1] NL: I would say it really depends on the environment. So usually I think that if a company is using only cloud native resources to begin with, it is hard to make the transition into bare metal because you are used to these tools being in place. A company that is more familiar like they came from a bare metal background and moved to cloud, they may leverage both in a hybrid fashion well because they should have tooling or they can now create tooling so that they can make it so that their bare metal environment can mimic the functionality of the cloud native platform, it really depends on the company and also the need of security and data retention and all of these thing to have like if you need this granularity of control bare metal might be a better approach because of you need to make sure that your data doesn’t leave your company in a specific way putting it on somebody else’s computer probably isn’t the best way to handle that. So there is a balancing act of how much resources are you using in the cloud and how are you using the cloud and what does that cost look like versus what does it cost to run a data center to like have the physical real estate and then have like run the electricity VH fact, people’s jobs like their salaries specifically to manage that location and your compute and network resources and all of these things. That is a question that each company will have to ask. There is normally like hard and fast answer but many smaller companies something like the cloud is better because you don’t have to like think of all these other costs associated with running your application. [0:38:04.2] CC: But then if you are a small company. I mean if you are a small company it is a no brainer. It makes sense for you to go to the clouds but then you said that it is hard to transition from the clouds to bare metal. [0:38:17.3] NL: It can and it really depends on the people that you have working for you. Like if the people you have working for you are good and creating automation and are good and managing infrastructure of any kind, it shouldn’t be too bad but as we’re moving more and more into a cloud focused world, I wonder if those people are going to start going away. [0:38:38.8] CC: For people who are just listening on the podcast, Duffie was heavily nodding as Nick was saying that. [0:38:46.5] DC: I was. I do, I completely agree with the statement that it depends on the people that you have, right? And fundamentally I think the point I would add to this is that Uber or a company like Uber or a company like Lyft, how many people do they employ that are focused on infrastructure, right? And I don’t know the answer to this question but I am positioning it, right? And so, if we assume that they have – that this is a pretty hot market for people who understand infrastructure. So they are not going to have a ton of them, so what specific problems do they want those people that they employ that are focused on infrastructure to solve right? And we are thinking about this as a scale problem. I have 10 people that are going to manage the infrastructure for all of the applications that Uber has, maybe have 20 people but it is going to be a percentage of the people compared to the number of people that I have maybe developing for those applications or for marketing or for within the company. I am going to have, I am going to be, I am going to quickly find myself off balance and then the number of applications that I need to actually support that I need to operationalize to be able to get to be deployed, right? Versus the number of people that I have doing the infrastructure work to provide that base layer for which problems in application will be deployed, right? I look around in the market and I see things like orchestration. I see things like Kubernetes and Mezos and technologies like that. That can provide kind of a multiplier or even AWS or Azure or GCP. I have these things act as a multiplier for those 10 infrastructure pull that I have, right? Because no – they are not looking at trying to figure out how to store it, you know get this data. They are not worried about data centers, they are not worried about servers, they are not worried about networking, right? They can actually have ten people that are decent at infrastructure that can expand, that can spin up very large amounts of infrastructure to satisfy the developing and operational need of a company the size of Uber reasonably. But if we had to go back to a place where we had to do all of that in the physical world like rack those servers, deal with the power, deal with the cool low space, deal with all the cabling and all of that stuff, 10 people are probably not enough. [0:40:58.6] NL: Yeah, absolutely. I put into numbers like if you are in the cloud native workspace you may need 1% of your workforce dedicated to infrastructure, but if you are in the bare metal world, you might need 10 to 20% of your workforce dedicated just to running infrastructure. because the overtly overhead of people’s work is so much greater and a lot of it is focused on things that are tangible instead of things that are fundamental like automation, right? So those 1% or Uber if I am pulling this number totally out of nowhere but if that one percent, their job is to usually focus around automating the allocation of resources and figuring out like the tools that they can use to better leverage those clouds. In the bare metal environment, those people’s jobs are more like, “Oh crap, suddenly we are like 90 degrees in the data center in San Jose, what is going on?” and then having someone go out there and figuring out what physical problem is going on. It is like their day to day lives and something I want to touch on really quickly as well with bare metal, prior to bare metal we had something kind of interesting that we were able to leverage from an infrastructure standpoint and that is mainframes and we are actually going back a little bit to the mainframe idea but the idea of a mainframe, it is essentially it is almost like a cloud native technology but not really. So instead of you using whatever like you are able to spin up X number of resources and networking and make that work. With the mainframe at work is that everyone use the same compute resource. It was just one giant compute resource. There is no networking native because everyone is connected with the same resource and they would just do whatever they needed, write their code, run it and then be done with it and then come off and it was a really interesting idea I think where the cloud almost mimics a mainframe idea where everyone just connects to the cloud. Does whatever they need and then comes off but at a different scale and yeah, Duffie do you have any thoughts on that? [0:43:05.4] DC: Yeah, I agree with your point. I think it is interesting to go back to mainframe days and I think from the perspective of like what a mainframe is versus like what the idea of a cluster in those sorts of things are is that it is kind of like the domain of what you’re looking at. Mainframe considers everything to be within the same physical domain whereas like when you start getting into the larger architectures or some of the more scalable architectures you find that just like any distributed system we are spreading that work across a number of physical nodes. And so we think about it fundamentally differently but it is interesting the parallels between what we do, the works that we are doing today versus what we are doing in maintain times. [0:43:43.4] NL: Yeah, cool. I think we are getting close to a wrap up time but something that I wanted to touch on rather quickly, we have mentioned these things by names but I want to go over some of like the cloud native infrastructures that we use on a day to day basis. So something that we don’t mention them before but Amazon’s AWS is pretty much the number one cloud, I’m pretty sure, right? That is the most number of users and they have a really well structured API. A really good seal eye, peace and gooey, sometimes there is some problems with it and it is the thing that people think of when they think cloud native infrastructure. Going back to that point again, I think that AWS was agreed, AWS is one of the largest cloud providers and has certainly the most adoption as an infrastructure for cloud native infrastructure and it is really interesting to see a number of solutions out there. IBM has one, GCP, Azure, there are a lot of other solutions out there now. That are really focused on trying to follow the same, it could be not the same exact patterns that AWS has but certainly providing this consistent API for all of the same resources or for all of the same services serving and maybe some differentiating services as well. So it is yeah, you could definitely tell it is sort of like for all the leader. You can definitely tell that AWS stumbled onto a really great solution there and that all of the other cloud providers are jumping on board trying to get a piece of that as well. [0:45:07.0] DC: Yep. [0:45:07.8] NL: And also something we can touch on a little bit as well but from a cloud native infrastructure standpoint, it isn’t wrong to say that a bare metal data center can be a cloud native infrastructure. As long as you have the tooling in place, you can have your own cloud native infrastructure, your own private cloud essentially and I know that private cloud doesn’t actually make any sense. That is not how cloud works but you can have a cloud native infrastructure in your own data center but it takes a lot of work. And it takes a lot of management but it isn’t something that exists solely in the realm of Amazon, IBM, Google or Microsoft and I can’t remember the other names, you know the ones that are running as well. [0:45:46.5] DC: Yeah agreed and actually one of the questions you asked, Carlisia, earlier that I didn’t get a chance to answer was do you think it is worth running bare metal today and in my opinion the answer will always be yes, right? Especially as we think about like it is a line that we draw in the sand is container isolation or container orchestration, then there will always be a good reason to run on bare metal to basically expose resources that are available to us against a single bare metal instance. Things like GPU’s or other physical resources like that or maybe we just need really, really fast disk and we want to make sure that we like provide those containers to access to SSDs underlying and there is technology certainly introduced by VMware that expose real hardware from the underlying hype riser up to the virtual machine where these particular containers might run but you know the question I think you – I always come back to the idea that when thinking about those levels of abstraction that provide access to resources like GPU’s and those sorts of things, you have to consider that simplicity is king here, right? As we think about the different fault domains or the failure domains as we are coming up with these sorts of infrastructures, we have to think about what would it look like when they fail or how they fail or how we actually go about allocating those resources for ticket of the machines and that is why I think that bare metal and technologies like that are not going away. I think they will always be around but to the next point and I think as we covered pretty thoroughly in this episode having an API between me and the infrastructure is not something I am willing to give up. I need that to be able to actually to solve my problems at scale even reasonable scale. [0:47:26.4] NL: Yeah, you mean you don’t want to go back to the battle days of around tell netting into a juniper switch and Telnet – setting up your IP – not IP tables it was your IP comp commands. [0:47:39.9] DC: Did you just say Telnet? [0:47:41.8] NL: I said Telnet yeah or serial, serial connect into it. [0:47:46.8] DC: Nice, yeah. [0:47:48.6] NL: All right, I think that pretty much covers it from a cloud native infrastructure. Do you all have any finishing thoughts on the topic? [0:47:54.9] CC: No, this was great. Very informative. [0:47:58.1] DC: Yeah, I had a great time. This is a topic that I very much enjoy. It is things like Kubernetes and the cloud native infrastructure that we exist in is always what I wanted us to get to. When I was in university this was I’m like, “Oh man, someday we are going to live in a world with virtual machines” and I didn’t even have the idea of containers but people can real easily to play with applications like I was amazed that we weren’t there yet and I am so happy to be in this world now. Not to say that I think we can stop and we need to stop improving, of course not. We are not at the end of the journey by far but I am so happy we’re at where we are at right now. [0:48:34.2] CC: As a developer I have to say I am too and I had this thought in my mind as we are having this conversation that I am so happy too that we are where we are and I think well obviously not everybody is there yet but as people start practicing the cloud native development they will come to realize what is it that we are talking about. I mean I said before, I remember the days when for me to get access to a server, I had to file a ticket, wait for somebody’s approval. Maybe I won’t get an approval and when I say me, I mean my team or one of us would do the request and see that. Then you had that server and everybody was pushing to the server like one the main version of our app would maybe run like every day we will get a new fresh copy. The way it is now, I don’t have to depend on anyone and yes, it is a little bit of work to have to run this choreo to put up the clusters but it is so good that is not for me. [0:49:48.6] DC: Yeah, exactly. [0:49:49.7] CC: I am selfish that way. No seriously, I don’t have to wait for a code to merge and be pushed. It is my code that is right there sitting on my computer. I am pushing it to the clouds, boom, I can test it. Sometimes I can test it on my machine but some things I can’t. So when I am doing volume or I have to push it to the cloud provider is amazing. It is so, I don’t know, I feel very autonomous and that makes me very happy. [0:50:18.7] NL: I totally agree for that exact reason like testing things out maybe something isn’t ready for somebody else to see. It is not ready for prime time. So I need something really quick to test it out but also for me, I am the avatar of unwitting chaos meaning basically everything I touch will eventually blow up. So it is also nice that whatever I do that’s weird isn’t going to affect anybody else either and that is great. Blast radius is amazing. All right, so I think that pretty much wraps it up for a cloud native infrastructure episode. I had an awesome time. This is always fun so please send us your concepts and ideas in the GitHub issue tracker. You can see our existing episode and suggestions and you can add your own at github.com/heptio/thecubelets and go to the issues tab and file a new issue or see what is already there. All right, we’ll see you next time. [0:51:09.9] DC: Thank you. [0:51:10.8] CC: Thank you, bye. [END OF INTERVIEW] [0:51:13.9] KN: Thank you for listening to The Podlets Cloud Native Podcast. Find us on Twitter https://twitter.com/ThePodlets and on the https://thepodlets.io website, where you'll find transcripts and show notes. We'll be back next week. Stay tuned by subscribing. [END]See omnystudio.com/listener for privacy information.

Welcome to the History of Computing Podcast, where we explore the history of information technology. Because by understanding the past prepares us for the innovations of the future! Today we're going to look at the emergence of the cloud. As with everything evil, the origin of the cloud began with McCarthyism. From 1950 to 1954 Joe McCarthy waged a war against communism. Wait, wrong McCarthyism. Crap. After Joe McCarthy was condemned and run out of Washington, **John** McCarthy made the world a better place in 1955 with a somewhat communistic approach to computing. The 1950s were the peak of the military industrial complex. The SAGE air defense system needed to process data coming in from radars and perform actions based on that data. This is when McCarthy stepped in. John, not Joe. He proposed things like allocating memory automatically between programs, quote “Programming techniques can be encouraged which make destruction of other programs unlikely” and modifying FORTRAN to trap programs into specified areas of the storage. When a person loading cards or debugging code, the computer could be doing other things. To use his words: “The only way quick response can be provided at a bearable cost is by time-sharing. That is, the computer must attend to other customers while one customer is reacting to some output.” He posited that this could go from a 3 hour to day and a half turnaround to seconds. Remember, back then these things were huge and expensive. So people worked shifts and ran them continuously. McCarthy had been at MIT and Professor Fernando Corbato from there actually built it between 1961 and 1963. But at about the same time, Professor Jack Dennis from MIT started doing about the same thing with a PDP-1 from DEC - he's actually probably one of the most influential people many I talk to have never heard of. He called this APEX and hooked up multiple terminals on TX-2. Remember John McCarthy? He and some students actually did the same thing in 1962 after moving on to become a professor at Stanford. 1965 saw Alan Kotok sell a similar solution for the PDP-6 and then as the 60s rolled on and people in the Bay Area got really creative and free lovey, Cobato, Jack Dennis of MIT, a team from GE, and another from Bell labs started to work on Multics, or Multiplexed Information and Computing Service for short, for the GE-645 mainframe. Bell Labs pulled out and Multics was finished by MIT and GE, who then sold their computer business to Honeywell so they wouldn't be out there competing with some of their customers. Honeywell sold Multics until 1985 and it included symmetric multiprocessing, paging, a supervisor program, command programs, and a lot of the things we now take for granted in Linux, Unix, and macOS command lines. But we're not done with the 60s yet. ARPAnet gave us a standardized communications platform and distributed computing started in the 60s and then became a branch of computer science later in the late 1970s. This is really a software system that has components stored on different networked computers. Oh, and Telnet came at the tail end of 1969 in RFC 15, allowing us to remotely connect to those teletypes. People wanted Time Sharing Systems. Which led Project Genie at Berkely, TOPS-10 for the PDP-10 and IBM's failed TSS/360 for the System 360. To close out the 70s, Ken Thompson, Dennis Ritchie, Doug McIllroy, Mike Lesk, Joe Assana, and of course Brian Kernighan at Bell Labs hid a project to throw out the fluff from Multics and build a simpler system. This became Unix. Unix was originally developed in Assembly but Ritchie would write C in 72 and the team would eventually refactor Unix in C. Pretty sure management wasn't at all pissed when they found out. Pretty sure the Uniplexed Information and Computing Services, or eunuchs for short wasn't punny enough for the Multics team to notice. BSD would come shortly thereafter. Over the coming years you could create multiple users and design permissions in a way that users couldn't step on each others toes (or more specifically delete each others files). IBM did something interesting in 1972 as well. They invented the Virtual Machine, which allowed them to run an operating system inside an operating system. At this point, time sharing options were becoming common place in mainframes. Enter Moore's Law. Computers got cheaper and smaller. Altair and hobbyists became a thing. Bill Joy ported BSD to Sun workstations in 77. Computers kept getting smaller. CP/M shows up on early microcomputers at about the same time up until 1983. Apple arrives on the scene. Microsoft DOS appears in 1981 and and In 1983, with all this software you have to pay for really starting to harsh his calm, Richard Stallman famously set out to make software free. Maybe this was in response to Gates' 1976 Open Letter to Hobbyists asking pc hobbyists to actually pay for software. Maybe they forgot they wrote most of Microsoft BASIC on DARPA gear. Given that computers were so cheap for a bit, we forgot about multi-user operating systems for awhile. By 1991, Linus Torvalds, who also believed in free software, by then known as open source, developed a Unix-like operating system he called Linux. Computers continued to get cheaper and smaller. Now you could have them on multiple desks in an office. Companies like Novell brought us utility computers we now refer to as servers. You had one computer to just host all the files so users could edit them. CERN gave us the first web server in 1990. The University of Minnesota gave us Gopher in 1991. NTP 3 came in 1992. The 90s also saw the rise of virtual private networks and client-server networks. You might load a Delphi-based app on every computer in your office and connect that fat client with a shared database on a server to, for example, have a shared system to enter accounting information into, or access customer information to do sales activities and report on them. Napster had mainstreamed distributed file sharing. Those same techniques were being used in clusters of servers that were all controlled by a central IT administration team. Remember those virtual machines IBM gave us: you could now cluster and virtualize workloads and have applications that were served from a large number of distributed computing systems. But as workloads grew, the fault tolerance and performance necessary to support them became more and more expensive. By the mid-2000s it was becoming more acceptable to move to a web-client architecture, which meant large companies wouldn't have to bundle up software and automate the delivery of that software and could instead use an intranet to direct users to a series of web pages that allowed them to perform business tasks. Salesforce was started in 1999. They are the poster child for software as a service and founder/CEO Marc Benioff coined the term platform as a service, allowing customers to build their own applications using the Salesforce development environment. But it wasn't until we started breaking web applications up and developed methods to authenticate and authorize parts of them to one another using technologies like SAML, introduced in 2002) and OAuth (2006) that we were able to move into a more micro-service oriented paradigm for programming. Amazon and Google had been experiencing massive growth and in 2006 Amazon created Amazon Web Services and offered virtual machines on demand to customers, using a service called Elastic Compute Cloud. Google launched G Suite in 2006, providing cloud-based mail, calendar, contacts, documents, and spreadsheets. Google then offered a cloud offering to help developers with apps in 2008 with Google App Engine. In both cases, the companies had invested heavily in developing infrastructure to support their own workloads and renting some of that out to customers just… made sense. Microsoft, seeing the emergence of Google as not just a search engine, but a formidable opponent on multiple fronts also joined into the Infrastructure as a Service as offering virtual machines for pennies per minute of compute time also joined the party in 2008. Google, Microsoft, and Amazon still account for a large percentage of cloud services offered to software developers. Over the past 10 years the technologies have evolved. Mostly just by incrementing a number, like OAuth 2.0 or HTML 5. Web applications have gotten broken up in smaller and smaller parts due to mythical programmer months meaning you need smaller teams who have contracts with other teams that their service, or micro-service, can specific tasks. Amazon, Google, and Microsoft see these services and build more workload specific services, like database as a service or putting a REST front-end on a database, or data lakes as a service. Standards like OAuth even allow vendors to provide Identity as a service, linking up all the things. The cloud, as we've come to call hosting services, has been maturing for 55 years, from shared compute time on mainframes to shared file storage space on a server to very small shared services like payment processing using Stripe. Consumers love paying a small monthly fee for access to an online portal or app rather than having to deploy large amounts of capital to bring in an old-school JDS Uniphase style tool to automate tasks in a company. Software developers love importing an SDK or calling a service to get a process for free, allowing developers to go to market much faster and look like magicians in the process. And we don't have teams at startups running around with fire extinguishers to keep gear humming along. This reduces the barrier to build new software and apps and democratizes software development. App stores and search engines then make it easier than ever to put those web apps and apps in front of people to make money. In 1959, John McCarthy had said “The cooperation of IBM is very important but it should be to their advantage to develop this new way of using a computer.” Like many new philosophies, it takes time to set in and evolve. And it takes a combination of advances to make something so truly disruptive possible. The time-sharing philosophy gave us Unix and Linux, which today are the operating systems running on a lot of these cloud servers. But we don't know or care about those because the web provides a layer on top of them that obfuscates the workload. Much as the operating system obfuscated the workload of the components of the system. Today those clouds obfuscate various layers of the stack so you can enter at any part of the stack you want whether it's a virtual computer or a service or just to consume a web app. And this has lead to an explosion of diverse and innovative ideas. Apple famously said “there's an app for that” but without the cloud there certainly wouldn't be. And without you, my dear listeners, there wouldn't be a podcast. So thank you so very much for tuning into another episode of the History of Computing Podcast. We're lucky to have you. Have a great day!

In this Wireshark Tutorial, I demonstrate how to install Wireshark and then capturing packets with Wireshark. Get my full Wireshark Course for $10 here on Udemy: http://bit.ly/2IXZnn8 or GNS3 Academy: http://bit.ly/2J4PzIb I analyze Telnet and HTTP in this video. In other videos and in my course I'll show you how to capture passwords from FTP and other protocols. You can find Wireshark at: http://wireshark.org My Wireshark Ethical Hacking course: http://bit.ly/2IXZnn8 #wireshark #ethicalhacking #wiresharktutorial

Welcome to the History of Computing Podcast, where we explore the history of information technology. Because understanding the past prepares us for the innovations of the future! Todays episode is going to be just a little bit unique. Or not unique as the case may be. Bill Gates sent a very important memo on May 26th, 1995. It's so important because of how well it foreshadows what was about to happen with this weird thing called the Internet. So we're going to simply provide the unaltered transcript and if you dig it, read a book or two of his. He is a surprisingly good writer. To: Executive Staff and direct reports From: Bill Gates Date: May 26, 1995 The Internet Tidal Wave Our vision for the last 20 years can be summarized in a succinct way. We saw that exponential improvements in computer capabilities would make great software quite valuable. Our response was to build an organization to deliver the best software products. In the next 20 years the improvement in computer power will be outpaced by the exponential improvements in communications networks. The combination of these elements will have a fundamental impact on work, learning and play. Great software products will be crucial to delivering the benefits of these advances. Both the variety and volume of the software will increase. Most users of communications have not yet seen the price of communications come down significantly. Cable and phone networks are still depreciating networks built with old technology. Universal service monopolies and other government involvement around the world have kept communications costs high. Private networks and the Internet which are built using state of the art equipment have been the primary beneficiaries of the improved communications technology. The PC is just now starting to create additional demand that will drive a new wave of investment. A combination of expanded access to the Internet, ISDN, new broadband networks justified by video based applications and interconnections between each of these will bring low cost communication to most businesses and homes within the next decade. The Internet is at the forefront of all of this and developments on the Internet over the next several years will set the course of our industry for a long time to come. Perhaps you have already seen memos from me or others here about the importance of the Internet. I have gone through several stages of increasing my views of its importance. Now I assign the Internet the highest level of importance. In this memo I want to make clear that our focus on the Internet is crucial to every part of our business. The Internet is the most important single development to come along since the IBM PC was introduced in 1981. It is even more important than the arrival of the graphical user interface (GUI). The PC analogy is apt for many reasons. The PC wasn't perfect. Aspects of the PC were arbitrary or even poor. However a phenomena grew up around the IBM PC that made it a key element of everything that would happen for the next 15 years. Companies that tried to fight the PC standard often had good reasons for doing so but they failed because the phenomena overcame any weaknesses that resisters identified. The Internet Today The Internet's unique position arises from a number of elements. TCP/IP protocols that define its transport level support distributed computing and scale incredibly well. The Internet Engineering Task Force (IETF) has defined an evolutionary path that will avoid running into future problems even as eventually everyone on the planet connects up. The HTTP protocols that define HTML Web browsing are extremely simple and have allowed servers to handle incredible traffic reasonably well. All of the predictions about hypertext - made decades ago by pioneers like Ted Nelson - are coming true on the Web. Although other protocols on the Internet will continue to be used (FTP, Gopher, IRC, Telnet, SMTP, NNTP). HTML with extensions will be the standard that defines how information will be presented. Various extensions to HTML, including content enhancements like tables, and functionality enhancements like secure transactions, will be widely adopted in the near future. There will also be enhanced 3D presentations providing for virtual reality type shopping and socialization. Another unique aspect of the Internet is that because it buys communications lines on a commodity bid basis and because it is growing so fast, it is the only "public" network whose economics reflect the latest advances in communications technology. The price paid for corporations to connect to the Internet is determined by the size of your "on-ramp" to the Internet and not by how much you actually use your connection. Usage isn't even metered. It doesn't matter if you connect nearby or half way around the globe. This makes the marginal cost of extra usage essentially zero encouraging heavy usage. Most important is that the Internet has bootstrapped itself as a place to publish content. It has enough users that it is benefiting from the positive feedback loop of the more users it gets, the more content it gets, and the more content it gets, the more users it gets. I encourage everyone on the executive staff and their direct reports to use the Internet. I've attached an appendix, which Brian Flemming helped me pull together that shows some hot sites to try out. You can do this by either using the .HTM enclosure with any Internet browser or, if you have Word set up properly, you can navigate right from within this document. Of particular interest are the sites such as "YAHOO" which provide subject catalogs and searching. Also of interest are the ways our competitors are using their Websites to present their products. I think SUN, Netscape and Lotus do some things very well. Amazingly it is easier to find information on the Web than it is to find information on the Microsoft Corporate Network. This inversion where a public network solves a problem better than a private network is quite stunning. This inversion points out an opportunity for us in the corporate market. An important goal for the Office and Systems products is to focus on how our customers can create and publish information on their LANs. All work we do here can be leveraged into the HTTP/Web world. The strength of the Office and Windows businesses today gives us a chance to superset the Web. One critical issue is runtime/browser size and performance. Only when our Office - Windows solution has comparable performance to the Web will our extensions be worthwhile. I view this as the most important element of Office 96 and the next major release of Windows. One technical challenge facing the Internet is how to handle "real-time" content - specifically audio and video. The underlying technology of the Internet is a packet network which does not guarantee that data will move from one point to another at a guaranteed rate. The congestion on the network determines how quickly packets are sent. Audio can be delivered on the Internet today using several approaches. The classic approach is to simply transmit the audio file in its entirety before it is played. A second approach is to send enough of it to be fairly sure that you can keeping playing without having to pause. This is the approach Progressive Networks Real Audio (Rob Glaser's new company) uses. Three companies (Internet Voice Chat, Vocaltec, and Netphone) allow phone conversations across the Internet but the quality is worse than a normal phone call. For video, a protocol called CU-SeeMe from Cornell allows for video conferencing. It simply delivers as many frames per second as it sees the current network congestion can handle, so even at low resolution it is quite jerky. All of these "hacks" to provide video and audio will improve because the Internet will get faster and also because the software will improve. At some point in the next three years, protocol enhancements taking advantage of the ATM backbone being used for most of the Internet will provide "quality of service guarantees". This is a guarantee by every switch between you and your destination that enough bandwidth had been reserved to make sure you get your data as fast as you need it. Extensions to IP have already been proposed. This might be an opportunity for us to take the lead working with UUNET and others. Only with this improvement and an incredible amount of additional bandwidth and local connections will the Internet infrastructure deliver all of the promises of the full blown Information Highway. However, it is in the process of happening and all we can do is get involved and take advantage. I think that virtually every PC will be used to connect to the Internet and that the Internet will help keep PC purchasing very healthy for many years to come. PCs will connect to the Internet a variety of ways. A normal phone call using a 14.4k or 28.8k baud modem will be the most popular in the near future. An ISDN connection at 128kb will be very attractive as the connection costs from the RBOCs and the modem costs come down. I expect an explosion in ISDN usage for both Internet connection and point-to-point connections. Point-to-point allows for low latency which is very helpful for interactive games. ISDN point-to-point allows for simultaneous voice data which is a very attractive feature for sharing information. Example scenarios include planning a trip, discussing a contract, discussing a financial transaction like a bill or a purchase or taxes or getting support questions about your PC answered. Eventually you will be able to find the name of someone or a service you want to connect to on the Internet and rerouting your call to temporarily be a point-to-point connection will happen automatically. For example when you are browsing travel possibilities if you want to talk to someone with expertise on the area you are considering, you simply click on a button and the request will be sent to a server that keeps a list of available agents who can be working anywhere they like as long as they have a PC with ISDN. You will be reconnected and the agent will get all of the context of what you are looking at and your previous history of travel if the agency has a database. The reconnection approach will not be necessary once the network has quality of service guarantees. Another way to connect a PC will be to use a cable-modem that uses the coaxial cable normally used for analog TV transmission. Early cable systems will essentially turn the coax into an Ethernet so that everyone in the same neighborhood will share a LAN. The most difficult problem for cable systems is sending data from the PC back up the cable system (the "back channel"). Some cable companies will promote an approach where the cable is used to send data to the PC (the "forward channel") and a phone connection is used for the back channel. The data rate of the forward channel on a cable system should be better than ISDN. Eventually the cable operators will have to do a full upgrade to an ATM-based system using either all fiber or a combination of fiber and Coax - however, when the cable or phone companies will make this huge investment is completely unclear at this point. If these buildouts happen soon, then there will be a loose relationship between the Internet and these broadband systems. If they don't happen for some time, then these broadband systems could be an extension of the Internet with very few new standards to be set. I think the second scenario is very likely. Three of the biggest developments in the last five years have been the growth in CD titles, the growth in On-line usage, and the growth in the Internet. Each of these had to establish critical mass on their own. Now we see that these three are strongly related to each other and as they come together they will accelerate in popularity. The On-line services business and the Internet have merged. What I mean by this is that every On-line service has to simply be a place on the Internet with extra value added. MSN is not competing with the Internet although we will have to explain to content publishers and users why they should use MSN instead of just setting up their own Web server. We don't have a clear enough answer to this question today. For users who connect to the Internet some way other than paying us for the connection we will have to make MSN very, very inexpensive - perhaps free. The amount of free information available today on the Internet is quite amazing. Although there is room to use brand names and quality to differentiate from free content, this will not be easy and it puts a lot of pressure to figure out how to get advertiser funding. Even the CD-ROM business will be dramatically affected by the Internet. Encyclopedia Brittanica is offering their content on a subscription basis. Cinemania type information for all the latest movies is available for free on the Web including theater information and Quicktime movie trailers. Competition Our traditional competitors are just getting involved with the Internet. Novell is surprisingly absent given the importance of networking to their position however Frankenberg recognizes its importance and is driving them in that direction. Novell has recognized that a key missing element of the Internet is a good directory service. They are working with AT&T and other phone companies to use the Netware Directory Service to fill this role. This represents a major threat to us. Lotus is already shipping the Internotes Web Publisher which replicates Notes databases into HTML. Notes V4 includes secure Internet browsing in its server and client. IBM includes Internet connection through its network in OS/2 and promotes that as a key feature. Some competitors have a much deeper involvement in the Internet than Microsoft. All UNIX vendors are benefiting from the Internet since the default server is still a UNIX box and not Windows NT, particularly for high end demands, SUN has exploited this quite effectively. Many Web sites, including Paul Allen's ESPNET, put a SUN logo and link at the bottom of their home page in return for low cost hardware. Several universities have "Sunsites" named because they use donated SUN hardware. SUN's Java project involves turning an Internet client into a programmable framework. SUN is very involved in evolving the Internet to stay away from Microsoft. On the SUN Homepage you can find an interview of Scott McNealy by John Gage where Scott explains that if customers decide to give one product a high market share (Windows) that is not capitalism. SUN is promoting Sun Screen and HotJava with aggressive business ads promising that they will help companies make money. SGI has also been advertising their leadership on the Internet including servers and authoring tools. Their ads are very business focused. They are backing the 3D image standard, VRML, which will allow the Internet to support virtual reality type shopping, gaming, and socializing. Browsing the Web, you find almost no Microsoft file formats. After 10 hours of browsing, I had not seen a single Word .DOC, AVI file, Windows .EXE (other than content viewers), or other Microsoft file format. I did see a great number of Quicktime files. All of the movie studios use them to offer film trailers. Apple benefited by having TCP support before we did and is working hard to build a browser built from OpenDoc components. Apple will push for OpenDoc protocols to be used on the Internet, and is already offering good server configurations. Apple's strength in education gives them a much stronger presence on the Internet than their general market share would suggest. Another popular file format on the Internet is PDF, the short name for Adobe Acrobat files. Even the IRS offers tax forms in PDF format. The limitations of HTML make it impossible to create forms or other documents with rich layout and PDF has become the standard alternative. For now, Acrobat files are really only useful if you print them out, but Adobe is investing heavily in this technology and we may see this change soon. Acrobat and Quicktime are popular on the network because they are cross platform and the readers are free. Once a format gets established it is extremely difficult for another format to come along and even become equally popular. A new competitor "born" on the Internet is Netscape. Their browser is dominant, with 70% usage share, allowing them to determine which network extensions will catch on. They are pursuing a multi-platform strategy where they move the key API into the client to commoditize the underlying operating system. They have attracted a number of public network operators to use their platform to offer information and directory services. We have to match and beat their offerings including working with MCI, newspapers, and other who are considering their products. One scary possibility being discussed by Internet fans is whether they should get together and create something far less expensive than a PC which is powerful enough for Web browsing. This new platform would optimize for the datatypes on the Web. Gordon Bell and others approached Intel on this and decided Intel didn't care about a low cost device so they started suggesting that General Magic or another operating system with a non-Intel chip is the best solution. Next Steps In highlighting the importance of the Internet to our future I don't want to suggest that I am alone in seeing this. There is excellent work going on in many product groups. Over the last year, a number of people have championed embracing TCP/IP, hyperlinking, HTML, and building client, tools and servers that compete on the Internet. However, we still have a lot to do. I want every product plan to try and go overboard on Internet features. One element that will be crucial is coordinating our various activities. The challenge/opportunity of the Internet is a key reason behind the recent organization. Paul Maritz will lead the Platform group to define an integrated strategy that makes it clear that Windows machines are the best choice for the Internet. This will protect and grow our Windows asset. Nathan and Pete will lead the Applications and Content group to figure out how to make money providing applications and content for the Internet. This will protect our Office asset and grow our Office, Consumer, and MSN businesses. The work that was done in the Advanced Technology group will be extremely important as it is integrated in with our products. We must also invest in the Microsoft home page, so it will be clear how to find out about our various products. Today it's quite random what is on the home page and the quality of information is very low. If you look up speeches by me all you find are a few speeches over a year old. I believe the Internet will become our most important promotional vehicle and paying people to include links to our home pages will be a worthwhile way to spend advertising dollars. First we need to make sure that great information is available. One example is the demonstration files (Screencam format) that Lotus includes on all of their products organized by feature. I think a measurable part of our ad budget should focus on the Internet. Any information we create - white papers, data sheets, etc., should all be done on our Internet server. ITG needs to take a hard look at whether we should drop our leasing arrangements for data lines to some countries and simply rely on the Internet. The actions required for the Windows platform are quite broad. Pual Maritz is having an Internet retreat in June which will focus on coordinating these activities. Some critical steps are the following: 1. Server. BSD is working on offering the best Internet server as an integrated package. We need to understand how to make NT boxes the highest performance HTTP servers. Perhaps we should have a project with Compaq or someone else to focus on this. Our initial server will have good performance because it uses kernel level code to blast out a file. We need a clear story on whether a high volume Web site can use NT or not becaues SUN is viewed as the primary choice. Our plans for security need to be strengthened. Other Backoffice pieces like SMS and SQL server also need to stay out in front in working with the Internet. We need to figure out how OFS can help perhaps by allowing pages to be stored as objects and having properties added. Perhaps OFS can help with the challenge of maintaining Web structures. We need to establish distributed OLE as the protocol for Internet programming. Our server offerings need to beat what Netscape is doing including billing and security support. There will be substantial demand for high performance transaction servers. We need to make the media server work across the Internet as soon as we can as new protocols are established. A major opportunity/challenge is directory. If the features required for Internet directory are not in Cairo or easily addable without a major release we will miss the window to become the world standard in directory with serious consequences. Lotus, Novell, and AT&T will be working together to try and establish the Internet directory. Actually getting the content for our directory and popularizing it could be done in the MSN group. 2. Client. First we need to offer a decent client (O'Hare) that exploits Windows 95 shortcuts. However this alone won't get people to switch away from Netscape. We need to figure out how to integrate Blackbird, and help browsing into our Internet client. We have made the decision to provide Blackbird capabilities openly rather than tie them to MSN. However, the process of getting the size, speed, and integration good enough for the market needs works and coordination. We need to figure out additional features that will allows us to get ahead with Windows customers. We need to move all of our Internet value added from the Plus pack into Windows 95 itself as soon as we possible can with a major goal to get OEMs shipping our browser preinstalled. This follows directly from the plan to integrate the MSN and Internet clients. Another place for integration is to eliminate today's Help and replace it with the format our browser accepts including exploiting our unique extensions so there is another reason to use our browser. We need to determine how many browsers we promote. Today we have O'Hare, Blackbird, SPAM MediaView, Word, PowerPoint, Symettry, Help and many others. Without unification we will lose to Netscape/HotJava. Over time the shell and the browser will converge and support hierarchical/list/query viewing as well as document with links viewing. The former is the structured approach and the later allows for richer presentation. We need to establish OLE protocols as the way rich documents are shared on the Internet. I am sure the OpenDoc consortium will try and block this. 3. File sharing/Window sharing/Multi-user. We need to give away client code that encourages Windows specific protocols to be used across the Internet. It should be very easy to set up a server for file sharing across the Internet. Our PictureTel screen sharing client allowing Window sharing should work easily across the Internet. We should also consider whether to do something with the Citrix code that allows you to become a Windows NT user across the Network. It is different from the PictureTel approach because it isn't peer to peer. Instead it allows you to be a remote user on a shared NT system. By giving away the client code to support all of these scenarios, we can start to show that a Windows machine on the Internet is more valuable than an artitrary machine on the net. We have immense leverage because our Client and Server API story is very strong. Using VB or VC to write Internet applications which have their UI remoted is a very powerful advantage for NT servers. 4. Forms/Languages. We need to make it very easy to design a form that presents itself as an HTML page. Today the Common Gateway Interface (CGI) is used on Web servers to give forms 'behavior' but its quite difficult to work with. BSD is defining a somewhat better approach they call BGI. However we need to integrate all of this with our Forms3 strategy and our languages. If we make it easy to associate controls with fields then we get leverage out of all of the work we are doing on data binding controls. Efforts like Frontier software's work and SUN's Java are a major challenge to us. We need to figure out when it makes sense to download control code to the client including a security approach to avoid this being a virus hole. 5. Search engines. This is related to the client/server strategies. Verity has done good work with Notes, Netscape, AT&T and many others to get them to adopt their scalable technology that can deal with large text databases with very large numbers of queries against them. We need to come up with a strategy to bring together Office, Mediaview, Help, Cairo, and MSN. Access and Fox do not support text indexing as part of their queries today which is a major hole. Only when we have an integrated strategy will we be able to determine if our in-house efforts are adequate or to what degree we need to work with outside companies like Verity. 6. Formats. We need to make sure we output information from all of our products in both vanilla HTML form and in the extended forms that we promote. For example, any database reports should be navigable as hypertext documents. We need to decide how we are going to compete with Acrobat and Quicktime since right now we aren't challenging them. It may be worth investing in optimizing our file formats for these scenarios. What is our competitor to Acrobat? It was supposed to be a coordination of extended metafiles and Word but these plans are inadequate. The format issue spans the Platform and Applications groups. 7. Tools. Our disparate tools efforts need to be brought together. Everything needs to focus on a single integrated development environment that is extensible in a object oriented fashion. Tools should be architected as extensions to this framework. This means one common approach to repository/projects/source control. It means one approach to forms design. The environment has to support sophisticated viewing options like timelines and the advanced features SoftImage requires. Our work has been separated by independent focus on on-line versus CD-ROM and structured display versus animated displays. There are difficult technical issues to resolve. If we start by looking at the runtime piece (browser) I think this will guide us towards the right solution with the tools. The actions required for the Applications and Content group are also quite broad. Some critical steps are the following: 1. Office. Allowing for collaboration across the Internet and allowing people to publish in our file formats for both Mac and Windows with free readers is very important. This won't happen without specific evangelization. DAD has written some good documents about Internet features. Word could lose out to focused Internet tools if it doesn't become faster and more WYSIWYG for HTML. There is a critical strategy issue of whether Word as a container is strict superset of our DataDoc containers allowing our Forms strategy to embrace Word fully. 2. MSN. The merger of the On-line business and Internet business creates a major challenge for MSN. It can't just be the place to find Microsoft information on the Internet. It has to have scale and reputation that it is the best way to take advantage of the Internet because of the value added. A lot of the content we have been attracting to MSN will be available in equal or better form on the Internet so we need to consider focusing on areas where we can provide something that will go beyond what the Internet will offer over the next few years. Our plan to promote Blackbird broadly takes away one element that would have been unique to MSN. We need to strengthen the relationship between MSN and Exchange/Cairo for mail, security and directory. We need to determine a set of services that MSN leads in - money transfer, directory, and search engines. Our high-end server offerings may require a specific relationship with MSN. 3. Consumer. Consumer has done a lot of thinking about the use of on-line for its various titles. On-line is great for annuity revenue and eliminating the problems of limited shelf-space. However, it also lowers the barriers to entry and allows for an immense amount of free information. Unfortunately today an MSN user has to download a huge browser for every CD title making it more of a demo capability than something a lot of people will adopt. The Internet will assure a large audience for a broad range of titles. However the challenge of becoming a leader in any subject area in terms of quality, depth, and price will be far more brutal than today's CD market. For each category we are in we will have to decide if we can be #1 or #2 in that category or get out. A number of competitors will have natural advantages because of their non-electronic activities. 4. Broadband media applications. With the significant time before widescale iTV deployment we need to look hard at which applications can be delivered in an ISDN/Internet environment or in a Satellite PC environment. We need a strategy for big areas like directory, news, and shopping. We need to decide how to persue local information. The Cityscape project has a lot of promise but only with the right partners. 5. Electronic commerce. Key elements of electronic commerce including security and billing need to be integrated into our platform strategy. On-line allows us to take a new approach that should allow us to compete with Intuit and others. We need to think creatively about how to use the Internet/on-line world to enhance Money. Perhaps our Automatic teller machine project should be revived. Perhaps it makes sense to do a tax business that only operates on on-line. Perhaps we can establish the lowest cost way for people to do electronic bill paying. Perhaps we can team up with Quickbook competitors to provide integrated on-line offerings. Intuit has made a lot of progress in overseas markets during the last six months. All the financial institutions will find it very easy to buy the best Internet technology tools from us and others and get into this world without much technical expertise. The Future We enter this new era with some considerable strengths. Among them are our people and the broad acceptance of Windows and Office. I believe the work that has been done in Consumer, Cairo, Advanced Technology, MSN, and Research position us very well to lead. Our opportunity to take advantage of these investments is coming faster than I would have predicted. The electronic world requires all of the directory, security, linguistic and other technologies we have worked on. It requires us to do even more in these ares than we planning to. There will be a lot of uncertainty as we first embrace the Internet and then extend it. Since the Internet is changing so rapidly we will have to revise our strategies from time to time and have better inter-group communication than ever before. Our products will not be the only things changing. The way we distribute information and software as well as the way we communicate with and support customers will be changing. We have an opportunity to do a lot more with our resources. Information will be disseminated efficiently between us and our customers with less chance that the press miscommunicates our plans. Customers will come to our "home page" in unbelievable numbers and find out everything we want them to know. The next few years are going to be very exciting as we tackle these challenges are opportunities. The Internet is a tidal wave. It changes the rules. It is an incredible opportunity as well as incredible challenge I am looking forward to your input on how we can improve our strategy to continue our track record of incredible success. HyperLink Appendix Related reading, double click to open them On-line! (Microsoft LAN only, Internet Assistant is not required for this part): * "Gordon Bell on the Internet" email by Gordon Bell * "Affordable Computing: advertising subsidized hardware" by Nicholas Negroponie * "Brief Lecture Notes on VRML & Hot Java" email by William Barr * "Notes from a Lecture by Mark Andresson (Netscape)" email by William Barr * "Application Strategies for the World Wide Web" by Peter Pathe (Contains many more links!) Below is a hotlist of Internet Web sites you might find interesting. I've included it as an embedded .HTM file which should be readable by most Web Browsers. Double click it if you're using a Web Browser like O'Hare or Netscape. HotList.htm A second copy of these links is below as Word HTML links. To use these links, you must be running the World Internet Assistant, and be connected to the Web. Cool, Cool, Cool.. The Lycos Home Page Yahoo RealAudio Homepage HotWired - New Thinking for a New Medium Competitors Microsoft Corporation World-Wide-Web Server Welcome To Oracle Lotus on the Web Novell Inc. World Wide Web Home Page Symantec Corporation Home Page Borland Online Disney/Buena Vista Paramount Pictures Adobe Systems Incorporated Home Page MCI Sony Online Sports ESPNET SportsZone The Gate Cybersports Page The Sports Server Las Vegas Sports Page News CRAYON Mercury Center Home Page Travel/Entertainment ADDICTED TO NOISE CDnow The Internet Music Store Travel & Entertainment Network home page Virtual Tourist World Map C(?) Net Auto Dealernet Popular Mechanics

An Interview with Lalit Vijay, Curator of Laravel Live India and Co-Founder ov StyleDotMe Lalit on twitter StyleDotMe Masters of Scale Reply All The Knowledge Project Inside Intercom Transcription sponsored by Larajobs Editing sponsored by Tighten Matt Stauffer: Welcome back to The Laravel Podcast, season three. Today I'm talking to Lalit Vijay, the original founder of Laravel Live India, the co-creator of some great meet-ups there, and much more, stay tuned. Matt Stauffer: Alright, welcome back to The Laravel Podcast, season three. Today I'm gonna be talking to Lalit Vijay, who is known in a lot of different ways. But interestingly, just like some of my favorite guests, a lot of you probably have never heard of him before, and a lot of you think he's the most amazing person on the planet and can't imagine why anybody wouldn't have heard of him. Matt Stauffer: And that's my favorite thing, where there's a community who knows him deeply and votes for him hundreds of times to come on the podcast. And then there's some of you who say, well who's that? So I'm excited for a new opportunity to share with you somebody who, who you didn't know about before, and afterwards, you're glad you had the chance. So first of all, introduce yourself. And when you meet somebody in the grocery store, what do you tell them that you do? Lalit Vijay: So, hi first to the whole audience of the Laravel Podcast. I have been following it, and it's a kinda great pleasure for me to be over here. Thank you Matt for that opportunity. And for me, I generally introduce myself as a backend lead and operation manager at StyleDotMe. And along with it, I curate meet-ups in India for the Laravel community because I want this thing to grow and reach to, across India in a really, really big way. Matt Stauffer: So if you meet somebody in the grocery store, and they say, what do you, and you say, oh I'm the backend lead of blah, blah, blah, StyleDotMe, do they say I don't know what that is, or because it's a product, do they more say well, I don't know what that is, but what's StyleDotMe? Are you usually able to kind of skip around the conversation of what you do by talking about what you're doing it for? Lalit Vijay: Fun fact, what happened in my day-to-day routine is since we are the founding members of our startups right, so we get really bogged up, and 80% of time may consumes with either my teammates or meeting new clients and handling the backend stuff at the company. All my grocery and all that stuff is actually delivered online so I just roll with it. Matt Stauffer: Okay, so do you go, I'm trying to think of a separate context. Do you go to the gym? Do you go to the coffee shop? Where do you actually randomly meet people who aren't in tech? Lalit Vijay: Okay so, at airports, whenever I'm traveling across India. Matt Stauffer: Perfect. Lalit Vijay: And at that point of time, I start mostly I talk around my product at StyleDotMe, what you do. And it's like we build augmented reality applications, SnapChat virtual lens or that's a business and application and then people start and then I show them the product and actually make them try it on themselves. So yeah, that's yeah. Matt Stauffer: Okay. So is StyleDotMe, will you talk about StyleDotMe because I'm sure it'll come up again. Is it more something that your primary people you're selling to is the retailer and then the retailer, Lalit Vijay: Right. Matt Stauffer: Do they get a white labeled version of it? Lalit Vijay: No. Matt Stauffer: So they're having their clients use StyleDotMe but then pick them in StyleDotMe or something. Lalit Vijay: Right, right. Matt Stauffer: Okay, got it, okay. So you said you're the backend lead. Lalit Vijay: Yes. Matt Stauffer: So what I assume is that it's a primarily mobile app that's consuming probably something Laravel-ish. What does your tech stack look like in general? Lalit Vijay: So at Laravel, we use very different like multiple stack. It's not just Laravel over there. So at StyleDotMe, the primary application runs on IRIS. And where the real, our Machine Learning model runs, and so it detects a face, it figure outs your exact ear points, your neck points and overlay the items on that. Now to make it happen, what we use is a, we use a file base for real time data communication across all the devices. What we use Laravel for is like primarily backend tasks for uploading all the inventory data, managing those inventory data and making sure that what should go live, what should not go live. So, whatever the things which our admin panel controls, this is basically in the Laravel. Apart from that, we do a lot of data processing, image processing and all that happens in Python. Matt Stauffer: Okay. Lalit Vijay: Yeah, so it's like a bit of diverse. Laravel is one sort of part of it. Matt Stauffer: Okay, and obviously I want to ask more questions about that, but usually what I want to dig into is who you are as a person. But again, like I said, since some people don't know who you are as a well-known person, I at least want to lay the groundwork a little bit. So, that's your day to day work. And you said you're a founding member of the startup, so, how much of your work is coding and how much of your work is organizational and people-related? Lalit Vijay: Okay, so that's interesting. Initially, it was a lot of coding. Matt Stauffer: Right. Lalit Vijay: Initial two years was a lot of coding time. But now, I think 80% coding and 20% operations and managing people. Matt Stauffer: Yep, yeah, totally. Okay, and then other thing that you're actually probably more known for at least in Laravel world is that you're the organizer. Are you the organizer or co-organizer? Are you the primary person? Of Laravel Live India. Lalit Vijay: So I started it, but now what I always wanted from the community is that everybody's part of it. And whoever each volunteer, each participant is actually organizer for me. So, whether it is Fahad this year, Rishalla is putting a lot of effort. So, all these people are the building blocks of the community. It's not something which I say that okay, this is what I'm doing. This is my community's doing, and they're helping me out. Matt Stauffer: I love it, that's a good attitude, man. So, you are the original founder and now one of many organizers of Laravel Live India, which is a very large, and it's in its third year now, right? Lalit Vijay: Yes. Matt Stauffer: The Laravel conference. Lalit Vijay: Yes. Matt Stauffer: So tell us a little bit about, to somebody who's never heard of it before, tell us a little bit about the conference. Lalit Vijay: Alright, so for Laravel Live, it started because it was just one reason that I didn't have enough time to visit Laravel EU or US, and I wanted those awesome speakers over here so that more Indian people can interact with them. And conferences not only just give you space for knowledge setting but also meeting new people, which helps you expand your view of the community and help you grow in very different ways. So that was the key thing, the motivation and one day I decided that someone has to do it so, why not me? So, let's do it. And then we did the first version of it, and the response was pretty good. And a few people got job via that conference. And once I heard that that helped me feel motivated further, for it that yeah someone is getting benefited out of it. That's awesome, let's do it again. And now, after two years, this year it's pretty nice now. We selected venue based on community vote. Our people selected for Mumbai for this year. And we are doing this on third of March, 2019. Matt Stauffer: Oh, that's coming soon man. Lalit Vijay: Yeah, yeah, so, we have announced our speakers. We are preparing for it, and hopefully we'll see a lot of people especially people, Freep is there. Then Nuno is there, then Rumpel is there. So, these are a few people from the community which a lot of people know. And then there are a lot of developers within India who are actively working out and, it's pretty fun to see and be part of this whole community. Matt Stauffer: Very cool. So, one of the things that I think blew a lot of folks' minds was hearing about Laravel Nigeria being as many people as it was. Do you have an estimated count of what the attendance for Laravel Live India's gonna look like this year? Lalit Vijay: It's, so this year we are for doing 150 fixed. Also a number of places expect to-- Matt Stauffer: Got it. Lalit Vijay: Yeah. Matt Stauffer: And then you also are connected to, and I don't know exactly what the story is, but a series of meet-ups as well. Could you tell us a little bit about those? Lalit Vijay: Yeah so with this, before this conference, I started it as a meet-up. And the first meet-up was Laravel Live Delhi. And that was, actually the first meet-up got only five people. Oh yeah, five people. So we started that small, and over the period of time, we have grown very much. And recently we did a meet-up in Ahmedabad. Now the first meet-up in there was an attendance of 70 people. Matt Stauffer: Wow, that's awesome. Lalit Vijay: Right, so it's the meet-up which started with five people has grown to a 70 people meet-up. And in terms of conference, we on the first year we had 60 people turn out, second year it was 110, and we are doing 150 this year. So yeah, it's going pretty good. Matt Stauffer: Now is there, in any of the areas that you're doing this, do you have a big PHP community as well that's much larger, or is Laravel kind of really the main space where any of this work is happening in terms of community organization? Lalit Vijay: So I think with Laravel Live, now the Laravel community is growing. And how I see is that it's not just Laravel community which is growing, it's actually the whole coding community growing, right. People, we need to learn new things and the whole PHP space is growing overall. The biggest event I have seen in India with PHP domain is WordCamp for the WordPress. Matt Stauffer: Yeah, that seems to be the case in most places. Lalit Vijay: Yeah, so recently it happened in Ahmedabad with over 1,000 people of audience. Matt Stauffer: Wow. So what is the biggest tech stack around you? Is it Laravel if people are doing the type of work you're doing or there are other tech stacks that more folks are focusing on? Lalit Vijay: I think I see a lot of people around me working around Python. So, Python is kind of the, and that one kind of biased with me is I work well with a lot of people who are into image processing, Machine Learning and all that stuff. So, I find people who are mostly working in that domain. And website development kind of people are like not my core sort of thing when we look at the main R&D at StyleDotMe happens on Machine Learning and image processing, which is basically either CC++ and Python. Matt Stauffer: I've got lots more questions about that, but we've got to pause because at this point in the podcast, I've got to learn about you. So, tell me a little bit about you. When was it that you first used a computer, and when did you first start realizing you were into coding? Lalit Vijay: So, in fact the first time I got an opportunity to use my computer was in my school. I think I was in grade second or yeah, I was in grade second. Matt Stauffer: Okay. Lalit Vijay: At that time, we went to school, our teacher asked us to, this is computer? And at that time, we used to have that bulky computer system with bulky monitors and all that stuff. And, so from class two to class sixth, it was just a object of fascination where whenever you go there, you love it. Matt Stauffer: Yeah. Lalit Vijay: Alright, it's something cool and what I used to do at that time is only play one game called Dave, which I remember right now. So after that, my real interest started into the computers was after class seventh. Matt Stauffer: Okay. Lalit Vijay: I started learning things, I made friends of my school teachers and then I started skipping my lunch breaks and gained experience into the computer classes. Matt Stauffer: Very cool. Lalit Vijay: So, I used to sneak into, but there was just one challenge. 'Til that point time, I didn't have access to internet. It was computer without an internet. So the place where I live is one of the like remotest place in India. Matt Stauffer: Oh really? Lalit Vijay: Yeah, so my hometown is a place called Kordoma in Chakan. And it's like surrounded by 30 kilometer of forest all around the middle of the place. Matt Stauffer: Wow. Lalit Vijay: So, finding internet connection was a big challenge. But then I actually got in touch with one person who used to tution me, and tutor for my subjects. And he got in a job at the district center of the place and they had the internet connection there. The government there had this connection. And then I kind of ask him that can I spend an hour or something on that? That gave me access to good internet connection. But after his transfer from that place, I came back to the same point, no internet access. Matt Stauffer: Right. Lalit Vijay: And during 2008 and 2009 and thereabout really I grew kind of big, I got personally an internet connection where I was getting a 2KBPS, 3KBPS kind of speed. Matt Stauffer: You're kidding. Lalit Vijay: Yeah, and I started learning from that. Matt Stauffer: That's enough for like Telnet, and that's about it. What are you gonna do with that? Lalit Vijay: Yes, so at that point, I was like super happy that I have my own internet connection having 3 Kbps of internet. In fact, I remember one incident where I used it. I had taken screenshots of when this net speed was like 6 Kbps, like yay, I got 6 Kbps of internet speed. Matt Stauffer: Did you say 2008 or 2009 was when that was happening? Lalit Vijay: Yes, yes. Matt Stauffer: That's very recent for you to have almost no functional internet. Lalit Vijay: Right because that's a really remote place in India. Matt Stauffer: Yeah. Lalit Vijay: That point I then again try to make more friends with the government people. Matt Stauffer: Right. Lalit Vijay: Got a high speed internet connection again, spent a lot of time on YouTube, and then I started building website for freelancing. And that was for me, grade, I was in high school at that time. Matt Stauffer: Okay, how'd you learn? Lalit Vijay: YouTube. Matt Stauffer: Really? Like you'd just search on YouTube for how do I make a website and people add tutorials there? Lalit Vijay: Yes, yes, and so I'm self-learner. So from my education background I'm electronics and communication engineer. Right, but coding has always been kind of fascinating. It has always been actually easy, alright. So, that was easy to us to do, so we did this. And after high school, I moved to Delhi for my engineering. Matt Stauffer: Okay. Lalit Vijay: And there, then I experienced good internet connection. Now-- Matt Stauffer: So what year was this then? Lalit Vijay: Current net speed we have in our office is one Gbps connection, and at my home I have-- Matt Stauffer: Okay, I'm sorry, I was saying what year is it, but go ahead though, what do you have at home? Lalit Vijay: Okay so currently I have a 10Mbps connection at my home so that works fine enough to me. I moved to Delhi in year 2012. Matt Stauffer: 2012, okay go it. Lalit Vijay: Yes, so four year of slow internet connection, but after 2012 I did my engineering and during my final year, I started my first startup. We ran it for two years, then moved out of that startup. Now, after that I am working on StyleDotMe from 2016. Matt Stauffer: Okay, so what was the group of people who originally started StyleDotMe? How many of you and was there any funding, or was there just a couple friends started this? What'd that story look like? Lalit Vijay: Okay, so after my first startup got set down, I was complete kind of freeze where I was thinking what next in my life right. So, after starting a company you always try to like, try to find why things happen and whatever, and I met a really awesome girl called Meghna Saraogi. And this girl individually made a small seed funding ground with very little money. I can say you something like, you can say 25 lakh rupees. It's like 30 thousand dollars. With that small money, she came from a different city to Delhi with a prototype application on which she has raised a small ground up funding. The whole team gathered over here. Our current CTO is currently a student, right. He is finally an engineering student, but-- Matt Stauffer: Wait, your current CTO or your original? Lalit Vijay: Yes. Matt Stauffer: He's still a student? Lalit Vijay: Yeah, yes, so-- Matt Stauffer: Okay. Just had to make sure I heard that correctly. Lalit Vijay: Yeah so, he's the founding team member also and he's current CTO, and he started as basically as we all started, then we started giving tags to each other and he's now CTO and I'm handling the operations. So, that guy is like, was a very bright guy. Meghna was super passionate about the product and she lead the kind of vision to the company. Akil is like really the Android developer, and he sold his first company for $100K in 2016 when he was in high school. Matt Stauffer: Okay. Lalit Vijay: And then he started to build multiple applications, around 20, 30 applications and being featured in all the good magazines, and he's doing pretty good right now with us. And he's the kinda key person in building this augmented reality application on the IRIS. Matt Stauffer: Okay so, of your team, what's the breakdown of web application developers versus machine learning type folks versus whatever else? Lalit Vijay: Alright so, at web application we have just an admin panel and I handle that. Now we have added one more developer for that and the rest, Ahkil, Dhruv, and me and Avinash co-develop for the machine learning and the Python part, and Ahkil primarily take care of iOS. Matt Stauffer: Okay cool. So one of the things that I always do when I'm gonna be interviewing somebody is I ask everybody at Tighten, do you have any questions that you have for this person? And sometimes they say oh, I've always wanted to ask them this, and sometimes it's a little bit more, you know, oh I'm just curious about this in general. So, one of the questions that someone asked was: of the folks you know in India, especially in the area around you, who do Laravel, and obviously that's not a lot of your team, but to the folks from different conferences, is it more common for people to be employed full time, or is it more common for there to be freelancers? Is there a big freelance, 'cause we're noticing that that's something that we notice to be different depending on the country. So for example, in the U.S. there's very, very few Laravel freelancers, but we've found a lot in quite a few European countries. So what's like it like in India? And obviously it's gonna be different based on the city. Lalit Vijay: Yeah I think India is a very vast country, right? Matt Stauffer: Yep. Lalit Vijay: So it's pretty different in different places. If you talk about Zanzibar and all the tier two cities, you'll find only the kind of people who are employed working on that. If you find in Dehli or Bangalore, you will find some good amount of freelancers too. Matt Stauffer: Okay, yep, and that was kind of my expectation. It's a little bit like that in the U.S., but not as much as I would've expected. There's less and less freelancers around-- Lalit Vijay: Yeah definitely, it's a challenge, it's a challenge to find good freelancers. Matt Stauffer: And one of the reasons they were asking that is what does it look like when your startup needs to grow, and you can't find enough folks to work? Are you doing training for people? What's that like for you? Lalit Vijay: So currently what we do is we hire people who have at least a year or two year of experience, and then train them based on that basis. Matt Stauffer: Yep, on the job, yep. And the benefit is they get the training, and you get someone who knows the things you want them to know, and yeah, totally understand that. Alright, so one of the things we were curious about knowing was we talked a little bit about how you got into programming, but what was it that first got you into Laravel? Lalit Vijay: So I was doing a lot of freelancing work between my high school to third year of college. So from 2010 onwards to 2013. And during that time I was working with multiple people. And it was mostly working in PHP Code and CodeIgniter. And during that time I was just searching around, saw what's coming up and one day stumbled upon this Laravel. And I just checked it out, how is it. And the first class actually didn't took off, and when I came back, I think it was version 3.8 or nine I guess that I first just liked, And I tried my hand and I felt okay, CodeIgniter is fine enough, it works good for me now. And when I got my hand again on 4.2 it was like completely changed, and it was wow, wow. This is pretty nice. And then I started moving my projects on Laravel, and I build up multiple application for a few five star hotels, for at that time I was working with, it was Ramada and Radisson, yeah, so for them I was working. So I built a few application for their internal kitchen order management system, and that's how my initial Laravel experience, in terms of real development came across. And then with every new version started loving more, because every six month you had something interesting, something nice, and the whole community started. So with CodeIgniter and the code base what I was filling from, 2011 to '14, I feel like the community was going downhill. Every year it was slowing down, slowing down, and there's nothing new coming up in the whole PHP ecosystem. And with this growing Laravel community you felt that yep, again we are getting somewhere. And actually people are talking about things, they are selling stuff and they're building. They are not stuck with one version with the same base of code, and you don't know what next going to come, right? So that excitement took me over, and I completely ditched CodeIgniter, and then I used Laravel for my first startup from scratch. That was 2014, '15, and we built the complete front end and back end on Laravel. That worked out very well for us. And I think after 4.2 they were looking back in terms of it was getting better with everything. Whenever I miss something, mostly like it was going to come in next version. Matt Stauffer: That's cool. So one of the other questions I got that I thought was really interesting was, could you think of any ways that developing Laravel applications in India, specifically with Indian audiences, is different than it might be somewhere else? Is there anything you think that folks outside of India might not know about the context or the audiences? One of the things that someone specifically mentioned, I actually talked to Marcel Plizio, and he mentioned the fact that you had said that you have to think about scale a little bit earlier sometimes, because there's so many people. So that, and anything else, are there any other aspects of developing in India that you think that other folks might not be aware of? Lalit Vijay: So the one thing which people think is, since India is a really diverse place, and there is a lot of dialects, but still the major verbal development happens in English only, and you don't really need localization. I think in going few down years from here now we will be seeing a lot of localization within the Indian community. Because a lot of new people coming on the internet, and the rate of acceleration of growth of newcomers coming on for online consumptions is really, really getting big, it's booming. And with that I think more localization will come into the play. For right now mostly it's the English, and the scale is the one reason, because you hit 10,000 users in very soon. And then. If you have 10,000 users you really don't feel like you've got anything until it's like 100,000, right? So yeah, so I think the first time I felt that was we were doing a really small activity, and I wasn't expecting that how much traffic I will get. And my systems are down, that was completely on Laravel. And the moment I saw what was the reason is my data was site down because number of requests per seconds I was handling was too high. It was like 300 requests per second. And for the activity with one influence, having I think 50,000 followers or something, make everybody bogged up on at the same time, I wasn't expecting that kind of response. So yeah, in India that happens, that you can really hit the numbers really fast. Matt Stauffer: Interesting, yeah. So are there any things that you just think of on every new project that, you know, of the folks without that context, 10,000 sign ups might be a six month goal, or a year goal for some folks, and for you you say well, I might hit that super early. Do you say oh, well here's one thing I do on every project that other folks might not have to think about, or something like that? Lalit Vijay: So with us, we always set up the system with load balancer and all the basic coordinates installation pre-loaded. And with us it has always been the case where we do, and then we start doing some out-of-the-box marketing activity. And for that specific duration, our users sort of grow 10 times, 15 times from the normal use cases, right? And that those cases you really need to be aware. But in 80% of the cases the growth is linear on developments you're not doing. With us, what happened currently is we dealing with a lot of enterprises consumers, right? And so we are currently dealing with, out of top 10 brands we are working with top five. So the moment they start, they start very small, like on few retail stores, and when they grow, your growth is going to be get like 10X once the pilot is done. So you just need to make sure that after a month, or two month you are not going to get stuck because the expansion or number of applications are running simultaneously has grown 10X. Matt Stauffer: So what kinda tools do you use to be aware of when you need to scale? What are you using for monitoring? Lalit Vijay: Okay, so currently I use AWS CloudWatch a lot to drag down all that stuff. And over here, since we had everything is enterprise consumers, we do have really on understanding, right? Because with enterprises you need to do a lot of integration and all that stuff before going live, even after the pilots. So we do know kind of base growth now we are going to have, and that's the kind of benefit of being a SAS company with B2B clients. So you have more predictability in terms of what kind of users you're going to see. Matt Stauffer: Is CloudWatch enough to give you everything that you need? Like let's say you know it's gonna happen, but you don't know, well, X number of users, what kinda resources they need. Can you get all that at CloudWatch, are you using a Blackfire, a New Relic, or an Eyewitness or something like that? Lalit Vijay: So the fun fact about us is that for us, the end people who are going to use Laravel back end is very, very limited. Currently we are just with 50 enterprises consumers, right? But they control almost 30% of the whole market's pie, right? So you exactly know the number of consumers, and they are going to sign up. So on the back end part, where the main Laravel meat is working, is really not all that traffic insane. The part where we have unpredictable kind of users is the end-consumer application which is installed in the retail stores. That is completely not on Laravel at all, that's on Firebase. And the machine learning model is within the application only, right, which we train on separate with the application. Matt Stauffer: Oh okay, so is Firebase taking the majority of that? So well the machine learning, is that running on your own servers, or is that in something like Lambda? Lalit Vijay: No, so we train our model on our own systems, and once the model is generated we separate along with the application. Matt Stauffer: Oh, okay, that makes more. Oh, so when you say the application, you mean the actual iOS application has all that embedded. Lalit Vijay: Yes, yes, yes. Matt Stauffer: Okay, so the actual calls from the front end user-facing application to the back end primarily hit Firebase? Lalit Vijay: Yes. With the Firebase even, so since we are working with retailers with a lot of different places where internet reliability is not constant, right? So we work in a way where you have offline storage of everything. So from the last point of internet connectivity you have everything there, and the application will run perfectly fine for you. The moment we got connected with a proper internet connection, we just sync the latest data for them. So number of request we've finally made to our servers is very, very, we try to limit them, because we need to make sure that it runs offline perfectly. Matt Stauffer: What is the tech stack that you're using to generate your iOS, are you using Swift, or? Lalit Vijay: No, it's a Native-C, Objective-C. Matt Stauffer: Okay, got it, I guess that makes sense since you were talking about using C and C++ for your machine learning, okay. Off the top of your head, is there one piece of technology that you predict is just gonna get huge that you're really excited about? Lalit Vijay: AR, yep. Matt Stauffer: Okay, tell me more, I mean as your average developer thinks about that, what should they be prepared to be learning and thinkin' about? Lalit Vijay: So in front-end development, I think AR will change the way currently people are solving, right? And if you see all the big players across the globe are playing and trying things to do in the right way, right? And in India what we see is all these retailers, the reason even after being a very small company in number of head counts we call, and the kind of startup we are, the kind of companies we are working with is like the biggest brand of the country, right? And the reason of that is the kind of innovation we are bringing on the table. So currently the product we have is the only product in this world which can do real-time augmented reality for the jewelers, with such high precision. So a lot of time we find that our model works better than what currently SnapChat has. And we have filed patents for that now. Matt Stauffer: That's very cool. Lalit Vijay: Yeah, so the kind of effort we are putting in in terms of building the fine product for the end consumers, and the kind of response we are getting from the end consumer is really fabulous, right? So just now imagine, today you are sitting there and you have to buy something for you wife, right? And let's say you're giving a surprise to her. What you will do? You will go to a store and you will try to see, this might look good, right? But how are you going to try on her? What we do there is you just take her picture, and put item on her. Matt Stauffer: I was just gonna ask, can I just hold a picture up in front of the camera? Lalit Vijay: Yes, yes, yes, so you just hold up a picture of her and see her wearing the jewelry which you wanted to buy for her. And then you can decide it much better. And this stuff is gradually, I see in a big way, everybody's asking us please give us the web version, but we are not doing it because the kind of quality which we are getting on the web version is not up to the mark, the kind of quality we are developing on the iOS native application, right? So I see a lot of demand in terms of AR, and every sort of company, from Amazon, to this Tiffany, to this L'Oreal Paris, all kind of beauty, jewelry, all domains are using crazily. Matt Stauffer: That's really cool. Lalit Vijay: Yeah. Matt Stauffer: Did all the work that Apple did recently to improve AR in the most recent versions, did that really make a big difference in the possibility for it to be big in the future? Lalit Vijay: We were very excited about ARKit, that that might help us a lot by reducing our work. But it didn't help it that much. It still requires a lot of work right now. The kind of output is not for the enterprises grade right now. Matt Stauffer: Got it, so you think in a couple years it might be different, but right now, for someone to do something at your level, you still have to be doing most of the work on your own. Lalit Vijay: Yes, yes, yes. Matt Stauffer: Okay, yeah. Yeah, I've definitely had that same perception. Alright, let me look at a couple of these other questions, 'cause we're runnin' short on time and I wanna make sure I get everything. If you get a day free, and all the sudden there's no work, and for some reason you can't work, the internet's down at work, whatever, what are you gonna go do with your time? Your favorite thing to do. Lalit Vijay: Okay, so I spend a lot of time while traveling or anything is listening podcast, and reading books. And if not that, then most likely I do not get enough time to spend with my girlfriend, so I do that, yeah. Matt Stauffer: If you don't mind me asking, what would your favorite thing to do with her? If time and money were no constraint, what would you wanna do? Lalit Vijay: Just sitting in a silent place with a mountain with a nice view. Matt Stauffer: Okay, I like that, cool. What are your top five podcasts? Lalit Vijay: Currently, the one which I really love is one, since I'm kind of startup guy, I spend a lot of time on Master of Scales. The other one is Laravel Podcast. So Master of Scale is from Reid Hoffman. Matt Stauffer: Okay, I didn't know he had a podcast. Lalit Vijay: Yeah, yeah, and that's a really nice podcast, especially for the startups. The kind of insights we get is really nice. And now let me just stop into my podcast. Okay, and then this is really nice. You might have heard this, Reply All. Matt Stauffer: Oh yeah, yeah, yeah. Lalit Vijay: Yeah, yeah, I love that, then there is a podcast by a company called Intercom, they have a nice podcast. Matt Stauffer: Yeah, definitely. Lalit Vijay: And then there is called The Knowledge Project, yeah. Matt Stauffer: Okay, I don't know The Knowledge Project, I'll make sure these are all linked in the show notes to everybody. But I can't believe that I didn't know that Masters of Scale existed, I'm just reading through the site and it looks really fascinating. Lalit Vijay: Yeah, it's a really nice podcast. Matt Stauffer: Okay, I think I'm gonna ask you one last question before we're done for the day. And my last question is: is there any either entrepreneur or technological person, or any startup where you say that's who I wanna be like, those are the people I look up to. Whether it's a single human being who's an entrepreneur, or a single human being who's a technologist, or we're at this startup and you say they're doin' it right. I wanna look to them for how to learn how to do it right. Lalit Vijay: I think for me, the kind of two persons to me personally. I take half trait from one person, and half from another, and I really just get inspired by both of them. One is kind of Elon Musk in terms of kind of vision he sets for himself, and another one is Mark Zuckerberg. And for him, the reason for that person is kind of, he know how to be in the business. He know how to beat the competition state out of. You have seen SnapChat, right? Matt Stauffer: Yeah, yeah, no, I get that. Yeah, he definitely knows what he's doing. I've often said, people say well why are they spending that money that way? And I says well you know what, if you've got that much fake money, you know, that's just purely based on your valuation, go do things that are gonna turn into real money. And they made some good decisions there for sure. Okay, so if somebody is super interested in everything you told us about, obviously they're gonna go check out StyleDotMe.com. I'll link it in the show notes if anybody gets lost finding it like I did. But how can they follow you, how can they keep up with you, and is there anything else you wanna plug while we're on the podcast? Lalit Vijay: So for me, I personally love to be on Twitter only. I do not tweet much, but I mostly love seeing how competition do. And the reason I do not tweet much is I really spend really little time on social media, because currently we are in a kind of growth phase of the startup, and we are very, very focused on that, and that's currently like life to us. So a lot of time goes over there. Matt Stauffer: Yep. Lalit Vijay: The next thing, people can follow me LalitVijay on Twitter handle, it's simple, it's LalitVijay. And what I wanted to know is yeah, people do check out Laravel Live India. It's really nice growing community. And if possible, just visit it and give it a try. You will love it, and I'm sure for that. Matt Stauffer: Well that's awesome. Well Lalit, thank you so much for your time, it was a total pleasure gettin' to know you a little bit, and I really do hope that I'm gonna be able to come see you guys there one day. I hear such amazing things about it that I'm lookin' forward to being able to do it one day. And thank you so much for your time today. Lalit Vijay: Sure, thank you so, and I think I will try to get you next year on Laravel Live. Matt Stauffer: Alright, fingers crossed.

Reconstruct Binaries Sent via Telnet https://isc.sans.edu/forums/diary/Extracting+Malware+Transmitted+Via+Telnet/21673/ Wix.com DOM Based XSS https://www.contrastsecurity.com/security-influencers/dom-xss-in-wix.com DNS Based Mail Security https://nccoe.nist.gov/projects/building_blocks/secured_email Web of Trust Plugin Released Anonymized User Data https://www.mywot.com/en/forum/70396--virus-spyware-do-not-install-uninstall-as-soon-as-possible