Podcasts about TLS

PodcastSummary: "Google has implemented a quantum-resistant encryption method for HTTPS by integrating the Kyber post-quantum algorithm into the TLS protocol, enhancing security without affecting browsing speed. The company optimized cryptographic key sizes to balance performance and protection, and combined Kyber with classical encryption methods for compatibility and future readiness. This approach enables businesses to secure sensitive data against current and future threats while maintaining fast online experiences. Google tested the solution across millions of Chrome browsers, confirming no significant impact on connection speed. The advancement sets a new standard for security in industries such as finance, healthcare, and e-commerce, and encourages entrepreneurs to adopt quantum-safe protocols and stay informed about encryption trends to protect digital assets and build customer trust."Learn more on this news by visiting us at: https://greyjournal.net/news/ Hosted on Acast. See acast.com/privacy for more information.

In this episode, hosts Lois Houston and Nikita Abraham are joined by special guests Samvit Mishra and Rashmi Panda for an in-depth discussion on security and migration with Oracle Database@AWS. Samvit shares essential security best practices, compliance guidance, and data protection mechanisms to safeguard Oracle databases in AWS, while Rashmi walks through Oracle's powerful Zero-Downtime Migration (ZDM) tool, explaining how to achieve seamless, reliable migrations with minimal disruption.   Oracle Database@AWS Architect Professional: https://mylearn.oracle.com/ou/course/oracle-databaseaws-architect-professional/155574 Oracle University Learning Community: https://education.oracle.com/ou-community LinkedIn: https://www.linkedin.com/showcase/oracle-university/ X: https://x.com/Oracle_Edu   Special thanks to Arijit Ghosh, Anna Hulkower, Kris-Ann Nansen, Radhika Banka, and the OU Studio Team for helping us create this episode.   -------------------------------------------------------------   Episode Transcript: 00:00 Welcome to the Oracle University Podcast, the first stop on your cloud journey. During this series of informative podcasts, we'll bring you foundational training on the most popular Oracle technologies. Let's get started! 00:26 Nikita: Welcome to the Oracle University Podcast! I'm Nikita Abraham, Team Lead: Editorial Services with Oracle University, and with me is Lois Houston, Director of Communications and Adoption with Customer Success Services. Lois: Hello again! We're continuing our discussion on Oracle Database@AWS and in today's episode, we're going to talk about the aspects of security and migration with two special guests: Samvit Mishra and Rashmi Panda. Samvit is a Senior Manager and Rashmi is a Senior Principal Database Instructor.  00:59 Nikita: Hi Samvit and Rashmi! Samvit, let's begin with you. What are the recommended security best practices and data protection mechanisms for Oracle Database@AWS? Samvit: Instead of everyone using the root account, which has full access, we create individual users with AWS, IAM, Identity Center, or IAM service. And in addition, you must use multi-factor authentication. So basically, as an example, you need a password and a temporary code from virtual MFA app to log in to the console.  Always use SSL or TLS to communicate with AWS services. This ensures data in transit is encrypted. Without TLS, the sensitive information like credentials or database queries can be intercepted. AWS CloudTrail records every action taken in your AWS account-- who did what, when, and from where. This helps with audit, troubleshooting, and detecting suspicious activity. So you must set up API and user activity logging with AWS CloudTrail.  Use AWS encryption solutions along with all default security controls within AWS services. To store and manage keys by using transparent data encryption, which is enabled by default, Oracle Database@AWS uses OCI vaults. Currently, Oracle Database@AWS doesn't support the AWS Key Management Service. You should also use advanced managed security services such as Amazon Macie, which assists in discovering and securing sensitive data that is stored in Amazon S3.  03:08 Lois: And how does Oracle Database@AWS deliver strong security and compliance? Samvit: Oracle Database@AWS enforces transparent data encryption for all data at REST, ensuring stored information is always protected. Data in transit is secured using SSL and Native Network Encryption, providing end-to-end confidentiality. Oracle Database@AWS also uses OCI Vault for centralized and secure key management. This allows organizations to manage encryption keys with fine-grained control, rotation policies, and audit capabilities to ensure compliance with regulatory standards. At the database level, Oracle Database@AWS supports unified auditing and fine-grained auditing to track user activity and sensitive operations. At the resource level, AWS CloudTrail and OCI audit service provide comprehensive visibility into API calls and configuration changes. At the database level, security is enforced using database access control lists and Database Firewall to restrict unauthorized connections. At the VPC level, network ACLs and security groups provide layered network isolation and access control. Again, at the database level, Oracle Database@AWS enforces access controls to Database Vault, Virtual Private Database, and row-level security to prevent unauthorized access to sensitive data. And at a resource level, AWS IAM policies, groups, and roles manage user permissions with the fine-grained control. 05:27 Lois Samvit, what steps should users be taking to keep their databases secure? Samvit: Security is not a single feature but a layered approach covering user access, permissions, encryption, patching, and monitoring. The first step is controlling who can access your database and how they connect. At the user level, strong password policies ensure only authorized users can login. And at the network level, private subnets and network security group allow you to isolate database traffic and restrict access to trusted applications only. One of the most critical risks is accidental or unauthorized deletion of database resources. To mitigate this, grant delete permissions only to a minimal set of administrators. This reduces the risk of downtime caused by human error or malicious activity. Encryption ensures that even if the data is exposed, it cannot be read. By default, all databases in OCI are encrypted using transparent data encryption. For migrated databases, you must verify encryption is enabled and active. Best practice is to rotate the transparent data encryption master key every 90 days or less to maintain compliance and limit exposure in case of key compromise. Unpatched databases are one of the most common entry points for attackers. Always apply Oracle critical patch updates on schedule. This mitigates known vulnerabilities and ensures your environment remains protected against emerging threats. 07:33 Nikita: Beyond what users can do, are there any built-in features or tools from Oracle that really help with database security? Samvit: Beyond the basics, Oracle provides powerful database security tools. Features like data masking allow you to protect sensitive information in non-production environments. Auditing helps you monitor database activity and detect anomalies or unauthorized access. Oracle Data Safe is a managed service that takes database security to the next level. It can access your database configuration for weaknesses. It can also detect risky user accounts and privileges, identify and classify sensitive data. It can also implement controls such as masking to protect that data. And it can also continuously audit user activity to ensure compliance and accountability. Now, transparent data encryption enables you to encrypt sensitive data that you store in tables and tablespaces. It also enables you to encrypt database backups. After the data is encrypted, this data is transparently decrypted for authorized users or applications when they access that data. You can configure OCI Vault as a part of the transparent data encryption implementation. This enables you to centrally manage keystore in your enterprise. So OCI Vault gives centralized control over encryption keys, including key rotation and customer managed keys. 09:23 Lois: So obviously, lots of companies have to follow strict regulations. How does Oracle Database@AWS help customers with compliance?  Samvit: Oracle Database@AWS has achieved a broad and rigorous set of compliance certifications. The service supports SOC 1, SOC 2, and SOC 3, as well as HIPAA for health care data protection. If we talk about SOC 1, that basically covers internal controls for financial statements and reporting. SOC 2 covers internal controls for security, confidentiality, processing integrity, privacy, and availability. SOC 3 covers SOC 2 results tailored for a general audience. And HIPAA is a federal law that protects patients' health information and ensures its confidentiality, integrity, and availability. It also holds certifications and attestations such as CSA STAR, C5. Now C5 is a German government standard that verifies cloud providers meet strict security and compliance requirements. CSA STAR attestation is an independent third-party audit of cloud security controls. CSA STAR certification also validates a cloud provider's security posture against CSA's cloud controls matrix. And HDS is a French certification that ensures cloud providers meet stringent requirements for hosting and protecting health care data. Oracle Database@AWS also holds ISO and IEC standards. You can also see PCI DSS, which is basically for payment card security and HITRUST, which is for high assurance health care framework. So, these certifications ensure that Oracle Database@AWS not only adheres to best practices in security and privacy, but also provides customers with assurance that their workloads align with globally recognized compliance regimes. 11:47 Nikita: Thank you, Samvit. Now Rashmi, can you walk us through Oracle's migration solution that helps teams move to OCI Database Services? Rashmi: Oracle Zero-Downtime Migration is a robust and flexible end-to-end database migration solution that can completely automate and streamline the migration of Oracle databases. With bare minimum inputs from you, it can orchestrate and execute the entire migration task, virtually needing no manual effort from you. And the best part is you can use this tool for free to migrate your source Oracle databases to OCI Oracle Database Services faster and reliably, eliminating the chances of human errors. You can migrate individual databases or migrate an entire fleet of databases in parallel. 12:34 Nikita: Ok. For someone planning a migration with ZDM, are there any key points they should keep in mind?  Rashmi: When migrating using ZDM, your source databases may require minimal downtime up to 15 minutes or no downtime at all, depending upon the scenario. It is built with the principles of Oracle maximum availability architecture and leverages technologies like Oracle GoldenGate and Oracle Data Guard to achieve high availability and online migration workflow using Oracle migration methods like RMAN, Data Pump, and Database Links. Depending on the migration requirement, ZDM provides different migration method options. It can be logical or physical migration in an online or offline mode. Under the hood, it utilizes the different database migration technologies to perform the migration. 13:23 Lois: Can you give us an example of this? Rashmi: When you are migrating a mission critical production database, you can use the logical online migration method. And when you are migrating a development database, you can simply choose the physical offline migration method. As part of the migration job, you can perform database upgrades or convert your database to multitenant architecture. ZDM offers greater flexibility and automation in performing the database migration. You can customize workflow by adding pre or postrun scripts as part of the workflow. Run prechecks to check for possible failures that may arise during migration and fix them. Audit migration jobs activity and user actions. Control the execution like schedule a job pause, resume, if needed, suspend and resume the job, schedule the job or terminate a running job. You can even rerun a job from failure point and other such capabilities. 14:13 Lois: And what kind of migration scenarios does ZDM support? Rashmi: The minimum version of your source Oracle Database must be 11.2.0.4 and above. For lower versions, you will have to first upgrade to at least 11.2.0.4. You can migrate Oracle databases that may be of the Standard or Enterprise edition. ZDM supports migration of Oracle databases, which may be a single-instance, or RAC One Node, or RAC databases. It can migrate on Unix platforms like Linux, Oracle Solaris, and AIX. For Oracle databases on AIX and Oracle Solaris platform, ZDM uses logical migration method. But if the source platform is Linux, it can use both physical and logical migration method. You can use ZDM to migrate databases that may be on premises, or in third-party cloud, or even within Oracle Cloud Infrastructure. ZDM leverages Oracle technologies like RMAN datacom, Database Links, Data Guard, Oracle GoldenGate when choosing a specific migration workflow. 15:15 Are you ready to revolutionize the way you work? Discover a wide range of Oracle AI Database courses that help you master the latest AI-powered tools and boost your career prospects. Start learning today at mylearn.oracle.com. 15:35 Nikita: Welcome back! Rashmi, before someone starts using ZDM, is there any prep work they should do or things they need to set up first? Rashmi: Working with ZDM needs few simple configuration. Zero-downtime migration provides a command line interface to run your migration job. First, you have to download the ZDM binary, preferably download from my Oracle Support, where you can get the binary with the latest updates. Set up and configure the binary by following the instructions available at the same invoice node. The host in which ZDM is installed and configured is called the zero-downtime migration service host. The host has to be Oracle Linux version 7 or 8, or it can be RCL 8. Next is the orchestration step where connection to the source and target is configured and tested like SSH configuration with source and target, opening the ports in respective destinations, creation of dump destination, granting required database privileges. Prepare the response file with parameter values that define the workflow that ZDM should use during Oracle Database migration. You can also customize the migration workflow using the response file. You can plug in run scripts to be executed before or after a specific phase of the migration job. These customizations are called custom plugins with user actions. Your sources may be hosted on-premises or OCI-managed database services, or even third-party cloud. They may be Oracle Database Standard or Enterprise edition and on accelerator infrastructure or a standard compute. The target can be of the same type as the source. But additionally, ZDM supports migration to multicloud deployments on Oracle Database@Azure, Oracle Database@Google Cloud, and Oracle Database@AWS. You begin with a migration strategy where you list the different databases that can be migrated, classification of the databases, grouping them, performing three migration checks like dependencies, downtime requirement versions, and preparing the order migration, the target migration environment, et cetera. 17:27 Lois: What migration methods and technologies does ZDM rely on to complete the move? Rashmi: There are primarily two types of migration: physical or logical. Physical migration pertains to copy of the database OS blocks to the target database, whereas in logical migration, it involves copying of the logical elements of the database like metadata and data. Each of these migration methods can be executed when the database is online or offline. In online mode, migration is performed simultaneously while the changes are in progress in the source database. While in offline mode, all changes to the source database is frozen. For physical offline migration, it uses backup and restore technique, while with the physical online, it creates a physical standby using backup and restore, and then performing a switchover once the standby is in sync with the source database. For logical offline migration, it exports and imports database metadata and data into the target database, while in logical online migration, it is a combination of export and import operation, followed by apply of incremental updates from the source to the target database. The physical or logical offline migration method is used when the source database of the application can allow some downtime for the migration. The physical or logical online migration approach is ideal for scenarios where any downtime for the source database can badly affect critical applications. The only downtime that can be tolerated by the application is only during the application connection switchover to the migrated database. One other advantage is ZDM can migrate one or a fleet of Oracle databases by executing multiple jobs in parallel, where each job workflow can be customized to a specific database need. It can perform physical or logical migration of your Oracle databases.  And whether it should be performed online or offline depends on the downtime that can be approved by business. 19:13 Nikita: Samvit and Rashmi, thanks for joining us today. Lois: Yeah, it's been great to have you both. If you want to dive deeper into the topics we covered today, go to mylearn.oracle.com and search for the Oracle Database@AWS Architect Professional course. Until next time, this is Lois Houston… Nikita: And Nikita Abraham, signing off! 19:35 That's all for this episode of the Oracle University Podcast. If you enjoyed listening, please click Subscribe to get all the latest episodes. We'd also love it if you would take a moment to rate and review us on your podcast app. See you again on the next episode of the Oracle University Podcast.

In this video, we dive into a real-world Red Team vs. Blue Team scenario. We simulate a cyberattack on a Finance Application that has integrated a new LLM Chatbot. You'll see firsthand how attackers use Prompt Injection to bypass standard rules, how they move laterally through Kubernetes clusters, and how they attempt to execute Zero Day exploits. More importantly, we show you how to defend against it. Using Cisco's Hybrid Mesh Firewall, AI Defense, and Secure Workload, we demonstrate how to: 1. Detect & Block Prompt Injections: safeguarding your LLMs from manipulation. 2. Secure Kubernetes: using micro-segmentation to isolate threats in the cloud. 3. Inspect Encrypted Traffic: utilizing the Encrypted Visibility Engine (EVE) to spot malware in TLS flows without decryption. Whether you are a Network Engineer, Security Analyst, or just interested in how AI is changing the cybersecurity landscape, this demo is packed with practical insights Big thank you to Cisco for sponsoring my trip to Cisco Live Amsterdam. // Ant Ducker SOCIALS // LinkedIn: / ant-ducker-0052801 YouTube channel dCloud: / @ciscodcloud // Website REFERENCE // Cisco Security Cloud control: https://sign-on.security.cisco.com/ Cisco.com: https://www.cisco.com/site/us/en/solu... // YouTube Video REFERENCE // Rick Miles' video will be linked at a later stage once published. / David's SOCIAL // Discord: discord.com/invite/usKSyzb Twitter: www.twitter.com/davidbombal Instagram: www.instagram.com/davidbombal LinkedIn: www.linkedin.com/in/davidbombal Facebook: www.facebook.com/davidbombal.co TikTok: tiktok.com/@davidbombal YouTube: / @davidbombal Spotify: open.spotify.com/show/3f6k6gE... SoundCloud: / davidbombal Apple Podcast: podcasts.apple.com/us/podcast... // MY STUFF // https://www.amazon.com/shop/davidbombal // SPONSORS // Interested in sponsoring my videos? Reach out to my team here: sponsors@davidbombal.com // MENU // 0:00 - Coming Up 01:29 - Intro 02:20 - Demo Overview 03:57 - Demo Begins 09:35 - Adding Guardrails 11:45 - Secure Workloads 14:30 - Segmentation Workflow 18:33 - Overviewing Finance App 21:02 - Encrypted Visibility Engine 24:34 - Firewall Obversability and Control 25:44 - Ant's Advice For The Youth 26:40 - How to Learn Hybrid Mesh Firewall 28:16 - Conclusion Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel! Disclaimer: This video is for educational purposes only. #cisco #ciscolive #ciscoemea

Send a textWhat actually needs to be in place before digital pathology can replace the microscope?In this episode of DigiPath Digest, I walk through the 2026 Polish Society of Pathologists guidelines and translate them into practical steps for real pathology labs. This isn't theory. It's about hardware fidelity, data integrity, validation, and AI integration — and what each of these actually requires in daily workflow.We talk about scanner resolution standards (≤0.26 μm per pixel), 4K monitor calibration, visually lossless compression (20:1), scalable storage, pathologist-driven validation, and what “non-inferiority” truly means.Digital pathology is not just a change of medium. It's an operational shift.Episode Highlights[00:02] Community & growth 1,600+ new newsletter subscribers, 10,000+ Facebook members, and free Digital Pathology 101 book access.[07:20] The 4 pillars of adoption Hardware fidelity · Data integrity · Clinical validation · Future integration.[08:30] Hardware requirements 40x equivalent scanning (≤0.26 μm/px), 4K monitors, >300 cd/m² luminance, 10-bit color depth.[12:00] Workflow & throughput 200–300 slides/day per scanner, automated focus control, urgent case prioritization.[17:25] Storage & archiving ~1 GB per slide. Active archive (6–24 months). Long-term retention (10–20 years). GDPR compliance & TLS encryption.[23:09] Validation philosophy Pathologist-centered validation. Two phases: • Familiarization (~20 retrospective cases) • Dual review with discrepancy tracking Goal: digital must be non-inferior to glass.[29:03] AI in digital pathology AI supports quantification (Ki-67, HER2, ER/PR, PD-L1), tumor detection, and future multimodal predictions — but pathologists remain central.[33:26] Intraoperative telepathology

The ASX 200 lost 5 points to 9081 for its first down day this week. No Freaky Friday drop! For the week, the index is up 1.8%. Banks leading the way again, the Big Bank Basket up to $311.23 (+0.9%). MQG fell 1.6% with other financials slipping again, ZIP eased 3.8% after an early rally. Insurers though firmed on a better set of numbers from QBE, up 7.1% and SUN up 1.8%.  REITs were slightly firmer, industrials slipped lower, ALL down 4.6%, WOW and COL slid, TLS off 0.6% and REA dropping 0.6%. Retail also fell led by JBH off 1.2% and GYG crashing 13.9% on results and US update. Healthcare eased back, CSL off 0.6% and COH continuing lower. PME dropped 2.1% and RMD fell 0.6%. Tech was once again back on the noise, WTC off 3.8% and XRO falling 3.7% with the All-Tech Index off %.Resources were mixed, RIO fell 3.1% on results whilst BHP held firm. Gold miners were mixed with results falling, NEM down 4.9% on numbers, GMD off 3.1% on its numbers. Lithium stocks fell, PLS down 4.6% on results, and LTR off 6.4% with results from MIN failing 5.3% to help sentiment. In the oil and gas space STO dropped 0.9% and uranium stocks were ok, PDN up 5.4% on Canadian approvals.In corporate news, ING dropped as it cut its poultry forecast. NEM off 4.9% on its results, ASB awarded a $4bn contract from the ADF and TLX jumped 14.5% as it guided higher revenues.On the economic front, nothing today, in the US, we may get the tariff ruling and we have Core PCE.In Asia, HK back from holidays, down 0.6% and Japan down 1.3%.US Futures up. DJ up 62 Nasdaq up 42—Marcus Today – Daily Market InsightsMarcus Today provides clear, practical commentary for self-directed investors – covering markets, portfolios, education, and decision-making without the noise.If you'd like to go further:Start a free 14-day trial of Marcus Today http://bit.ly/mt-trial-podcastJoin Marcus Today Use code MTPODCAST for 10% off http://bit.ly/mt-join-podcast-offerMT20 – Managed ETF Portfolio A professionally managed portfolio run by Marcus Padley and the team, using ASX-listed ETFs with active market timing. http://bit.ly/mt20-podcastPrinciples – How We Think About Investing A short video series on timing, behaviour, and decision-making. No stock tips. http://bit.ly/mt-principles-podcast—Disclaimer This podcast is general information only and does not consider your personal circumstances. It is not personal financial advice.

The ASX 200 kicked higher again. Four days in a row, up 79 to 9086 (0.9%). Up nearly 2% this week. Off record highs as jobs data provides reasons for the RBA to raise rates again. Super Thursday and results dominated, some good, some terrible. Banks firmed yet again, certainty. The Big Bank Basket rose to $308.43 (+1.4%). NAB up 2.4% and WBC up 2.7%. MQG also had a good day up 1.6% with insurers better and financials generally firming, ZIP came undone on disappointing guidance and bad debts.  Down 34.4%. MPL also fell 5.6% on some misses on the numbers.  REITs slid with GMG down 4.0% on results, Industrials were patchy, WES fell 5.6% with ALL and JBH falling away. Healthcare was better, CSL up 1.0% and RMD up 1.5%. Tech was better again, WTC up 1.9% and XRO rising 0.8%. HSN kicked again on broker calls. MAQ also firmed on a new debt facility. TNE also a good bounce on broker upgrades. The All-Tech Index continued higher, up 1.1%.Resources were also firm, BHP and RIO pushing ahead, gold miners better, GMD up 1.9% on results, NEM up 1.4% and oil and gas stocks rallied hard on crude pushing up on Iran fears. STO up 5.6% and WDS up 4.5% with uranium stocks better too. PDN up 5.5% and LOT rising 4.3%.In corporate news, plenty around. HUB surged 14.2% on good numbers. LIC dropped 7.1% after profits fell, TLS gained 3.6% on better numbers and rise in dividends. SHL and NWH also rising on better numbers.On the economic front, jobs numbers came in as expected but 4.1% headline rate gives RBA reasons to raise again perhaps.In Asia, South Korean markets hitting new records. China and HK closed. Japan up 0.9%US Futures up. DJ down slightly Nasdaq up 2 pts!—Marcus Today – Daily Market InsightsMarcus Today provides clear, practical commentary for self-directed investors – covering markets, portfolios, education, and decision-making without the noise.If you'd like to go further:Start a free 14-day trial of Marcus Todayhttp://bit.ly/mt-trial-podcastJoin Marcus TodayUse code MTPODCAST for 10% offhttp://bit.ly/mt-join-podcast-offerMT20 – Managed ETF PortfolioA professionally managed portfolio run by Marcus Padley and the team, using ASX-listed ETFs with active market timing.http://bit.ly/mt20-podcastPrinciples – How We Think About InvestingA short video series on timing, behaviour, and decision-making. No stock tips.http://bit.ly/mt-principles-podcast—DisclaimerThis podcast is general information only and does not consider your personal circumstances. It is not personal financial advice.

Last November Nick and John introduced Dimitra Fimi, the magnificent maven of Tolkien Studies and Professor of Fantasy and Children's Literature at the University of Glasgow, to students of J. K. Rowling's work. In that discussion, ‘Reading Rowling as Myth Maker and Myth Re-Writer: A Conversation with Dr Dimitra Fimi,' she shared her thoughts about Rowling's creative use of mythology in Harry Potter but especially in the Cormoran Strike series.The Hogwarts Professor team asked her to join us again because of Rowling's yuletide charm bracelet gift to Strike fandom and the recent announcement of the Strike 9 title, Sleep Tight, Evangeline. Her insights about the Longfellow poem as a possible even likely source of the next book's epigraphs are engaging, but it is her expertise in the arcane area of miniature books as well as mythology and the light each shines on the two items attached to the last link of the charm bracelet that open up exciting possibilities.Her idea is that the Psalter on the ninth link of the charm bracelet may actually be, unlike the other tokens on the bracelet's nine links, an object that will play a part in the story, a miniature book. It turns out that one inch high books were something of an industry as curios in the 19th and early 20th century, a means of demonstrating technological mastery.Dr Fimi discussed several projects she has been a part of in conjunctions with nano-technologists and the librarians at the University of Glasgow's special collections division. The one that has the most obvious link to English literature is the ‘Tiny Alice project,' a contemporary effort to minituarize Lewis Carroll's Alice stories to unfathomable minuteness:The Tiny Alice Project has produced one of the world's smallest books: a tiny reproduction of Lewis Carroll's children's classic Alice's Adventures in Wonderland (1865). All 78 pages and 26,764 words of the story have been transposed on to a tiny silicon chip, with each page just the width of a human hair (60 microns). Each individual letter is just two microns high, and made from pure gold!Click on the icons below to find out more about the project, the technology behind it, and Lewis Carroll and his interest in the minuscule. Via the tabs above you can also discover the long tradition of miniature books, and teaching resources.Clip: Twixter link to tweet aboveYou can read Dr Fimi's write-up of ‘Tiny Alice' and the Miniature Book exhibition she curated at the University of Glasgow to highlight their special collection of these treasures at her 2019 blog post about them. Pictures that include annotated miniature books — copies in which their owners made notes in the miniscule margins of the printed pages — can be seen here.Later this week, Nick will be sharing his thoughts on Robert Browning's The Ring and the Book as the Ironbridge Murder story's template within Hallmarked Man, John, Nick, Sandy Hope, and Ed Shardlow will be parsing the ring within Strike8's Part Seven, and more about Longfellow's Evangeline — stay tuned!The Ten Questions Guiding Today's Conversation with Dr Fimi with the Necessary Links for Fun Follow-Up:(Intro) So everything Serious Strikers are thinking and talking about this month made me think of you, Dimitra, and to write you hat-in-hand with an invitation for your return to HogwartsProfessor to share your perspective, knowledge, and first impressions. Thank you for making time to join us!1. (John) Jumping right in, then, two of the charms on the Strike9 or ‘Evangeline' bracelet are Fimi areas of unique expertise: the Psalter and the Head of Persephone. I had urged readers to read your Miniature Books in Children's Fantasy at A Kind of Elvish Craft: The Dimitra Fimi Substack Site in the links after our conversation here last November but I confess to being surprised still when you asked for the dimensions of the Psalter charm after Nick and I posted our thoughts on the subject. For those who haven't read your ‘Miniature Books' post, please share how one of the world authorities on the writing of J. R. R. Tolkien became interested in the smallest of texts, the ‘Little Books' of 19th century printing.2. (Nick) So you asked for the dimensions of the Psalter, you weren't thinking as we were that the Psalter charms would be a box holding a folded up paper with a psalm, maybe two, inside it. You're thinking it might actually be a complete Coverdale Psalter? Is that possible?3. (John) What Nick and I hope to contribute to the nascent field of Rowling Studies, as you know, is a refocusing of the scholarship and the serious reader attention about her work on to her Lake Springs -- the biographical part of story inspiration -- her Shed Tools or intentional artistry, and the Golden Threads, the plot points and themes that run throughout her work, i.e., to bring Rowling Studies more in line with all literary scholarship about notable authors, living and dead.One of the Golden Threads we talked about in our Kanreki series last summer was the ‘Embedded Text,' the books inside a book topos that is in almost every book Rowling writes (Kanreki Golden Thread posts one and two). Detective fiction is always about an embedded text, the narrative ‘written' by the criminal to prevent the detective from reading the real story of what happened and Rowling-Galbraith often makes this narrative an actual book (Dumbledore Chocolate Frog Card, Tales of Beedle the Bard, Bombyx Mori, Talbot's ‘True Book,' The Predictions of Tycho Dodonus, etc.). How do you think a Psalter miniaturized book would appear in a Strike novel?4. (Nick) Has an author used a miniaturized book before in this way? Were there 19th Century Psalters that people wore as talismans or carried as the original Pocket Books?5. (John) And what about the Head of Persephone charm on that bracelet? It's on the ninth and last link, paired with that Psalter. You shared your first thought about the Persephone charm, a hopeful note, on the comment thread here. As our go-to authority on Greek mythology, I'm dying to know more of your thinking about (a) the specific charm and its relation to the Cupid and Psyche myth-template to the Strike series, (b) its pairing with the Psalter, and (c) its position as the last charm on the bracelet. Do you still think it's a sign that Robin will survive Sleep Tight, Evangeline?6. (Nick) As someone immersed in mythological studies and more than familiar with Rowling's use of myth, do you think the Jungian interpretation of that myth as the ‘actualization of feminine identity' is a better lens through which to read that embedded text or is the Spenserian lens of Eros/Anteros, False Cupid and Cupid more helpful? Or is this not a case of Either/Or but Both/And? Valentines Day Special7. (John) Rowling is a close reader and admirer of J. R. R. Tolkien, though that is more evident in the clear pointers to his work in her own work than from her interviews. How does her use of myth contrast with that of Tolkien and Lewis? (See John's 2008 post about Rowling's debts to Tolkien and the two part podcast with Tolkien scholars and Rowling Readers Dr Amy H Sturgis and Dr Sara Brown here and here for more on that influence.)8. (Nick) In an in-person meeting with UK Serious Strikers last week, Rowling shared with them and later via X with everyone the title of the ninth Strike novel, Sleep Tight, Evangeline. We're pretty sure that title refers to a song by an American Blues group called ‘The Whiskey Shambles' (story of the hunt, why Whiskey Shambles is a good bet). There is a famous poem, though, by Henry Wadsworth Longfellow called ‘Evangeline,' one perhaps not as famous as ‘Aurora Leigh' or ‘The Ring and the Book,' other texts Rowling may have used as back-drops to her novels, but still another poem very famous in its own time akin to those epics. Is its subject matter as good a match-up with the possible direction of Sleep Tight as the Victorian poetry back-drop is with other Rowling models?9. (John) You're a native Greek speaker; what does ‘Evangeline' mean in Greek? Is it a common name in Greece or is it a ‘Virtue Name' in the Puritan tradition of grace-filled names (cf., Credence Barebone is probably a reference to an Englishman named “Praise-God Barebone, whose son Nicholas may have been given the name If-Jesus-Christ-had-not-died-for-thee-thou-hadst-been-damned[3]“).10. (Nick) Don't leave before trying to tie together the pieces of this conversation! Is there a thread joining the Psalter, the Head of Persephone, miniaturized books, and the title Sleep Tight, Evangeline?Dimitra Fimi is Professor of Fantasy and Children's Literature at the University of Glasgow and Co-Director of the Centre for Fantasy and the Fantastic. Her Tolkien, Race and Cultural History won the Mythopoeic Scholarship Award for Inklings Studies and she co-edited the critical edition of A Secret Vice: Tolkien on Invented Languages which won the Tolkien Society Award for Best Book. Her Celtic Myth in Contemporary Children's Fantasy won the Mythopoeic Scholarship Award in Myth and Fantasy Studies. Other work includes co-editing Sub-creating Arda: World-building in J.R.R. Tolkien's Work, its Precursors and its Legacies and Imagining the Celtic Past in Modern Fantasy. She has contributed articles for the TLS and The Conversation, and has appeared on numerous radio and TV programs.When the rightly famous and beloved ‘The Great Courses' series decided to offer a Lord of the Rings entry for their catalog of the very best in scholarship for adult-learners, they asked Dimitra Fimi to create ‘The World of J. R. R. Tolkien,' one of their most popular courses and one you can enjoy in an Audible edition.Links Promised in Conversation:A Kind of Elvish Craft: The Dimitra Fimi Substack Site* Miniature Books in Children's Fantasy* Parabasis: A Tribute to Dionysis Stavvopoulos* On Tolkien's Letter 131 (4): “Romance” vs. ScienceDimitra Fimi articles at ‘The Conversation'* After 150 years, we still haven't solved the puzzle of Alice in Wonderland (2015) This is a public episode. If you'd like to discuss this with other subscribers or get access to bonus episodes, visit hogwartsprofessor.substack.com/subscribe

Our winter season continues with Adina Hoffman (recipient of a 2013 Windham-Campbell Prize for Nonfiction) chatting with Michael Kelleher about Georges Perec's magical and mercurial and maddening An Attempt at Exhausting a Place in Paris, translated by Marc Lowenthal. Adina Hoffman is the author of House of Windows: Portraits from a Jerusalem Neighborhood, My Happiness Bears No Relation to Happiness: A Poet's Life in the Palestinian Century, Sacred Trash: The Lost and Found World of the Cairo Geniza (with Peter Cole), Till We Have Built Jerusalem: Architects of a New City, and Ben Hecht: Fighting Words, Moving Pictures. Hoffman's essays and criticism have appeared in the Nation, the Washington Post, the New York Times, the TLS, Raritan, Bookforum, the Boston Globe, New York Newsday, Tin House, and on the World Service of the BBC. She is formerly a film critic for the American Prospect and the Jerusalem Post and was one of the founders and editors of Ibis Editions, a small press devoted to the publication of the literature of the Levant. She has been a visiting professor at Wesleyan University, Middlebury College, and NYU, as well as the Franke Fellow at Yale's Whitney Humanities Center. She lives in Jerusalem and New Haven.See Privacy Policy at https://art19.com/privacy and California Privacy Notice at https://art19.com/privacy#do-not-sell-my-info.

En el anterior episodio hablamos largo y tendido sobre los "homelabs" o laboratorios de prueba informáticos que muchos tenemos en casa. Hemos recibido muchísimos comentarios y hoy repasamos qué tenéis cada uno en casa, y aprendemos juntos sobre muchísimas de estas herramientas. Además, os dejamos una lista de enlaces de todas estas herramientas y hardware para que podáis empezar a montar vuestra propia versión para aprender y probar cosas nuevas: Herramientas Guía de Iban para una transición a alternativas europeas Home Assistant (domótica libre) Kopia (copias de seguridad) Tailscale (VPN entre tus dispositivos, open-source con headscale) authentik (proveedor de identidad privado) immich (gestor de fotos) Komga (gestor de cómics, libros) plex (gestor multimedia de pago) Jellyfin (gestor multimedia) Omoide (gestor multimedia) TeslaMate (gestión de tu Tesla) Heimdall (landing page) Syncthing (sincronización de ficheros) Proxmox (virtualización) Adguard (bloqueo de publicidad) Pi-hole (DNS con bloqueo de publicidad u otras categorías) Unbound (DNS local) Mealie (gestor de recetas de cocina) Obsidian (gestor de notas) K3S (Kubernetes liviano) WireGuard (VPN) podman (contenedores) Docker (contenedores) Harbor (repositorio de contenedores) Verdaccio (registro NPM) Forgejo (repositorios Git) Gitea (repositorios Git) RustFS (servidor S3) cert-manager (certificados TLS en Kubernetes) step-ca (Let's Encrypt local) TrueNAS (SO para NAS) Kiwix (copia local de wikipedia y otras wikis) Prometheus (métricas y monitorización) Grafana (gráficos de métricas) ArgoCD (CI/CD) FluxCD (CI/CD) vLLM (IA generativa local compatible con API de OpenAI) Open WebUI (interfaz web para IA generativa) Hardware Switchbot (domótica) Shelly (relés y domótica) Aqara (domótica) Eve (domótica) Inels Wireless (domótica) Reolink (cámaras de seguridad) GMKtec (mini-PCs) EliteDesk (mini-PCs) QNAP (NAS) Synology (NAS) Raspberry Pi (mini-PCs) Noticias IKEA lanza 21 nuevos productos para un hogar inteligente Sánchez anuncia que España prohibirá acceder a las redes sociales a los menores de 16 años El fundador de Telegram carga contra Pedro Sánchez y alerta a España con un mensaje masivo Música del episodio Introducción: Safe and Warm in Hunter's Arms - Roller Genoa Cierre: Inspiring Course Of Life - Alex Che Puedes encontrarnos en Mastodon y apoyarnos escuchando nuestro podcast en Podimo o haciéndote fan en iVoox. Si quieres un mes gratis en iVoox Premium, haz click aquí.

We have seen much talk of the upcoming drop of maximum TLS term to 200 days, followed by 100 days, and eventually down to 47 days. It happens that all those numbers are too large and the actual maxima will be less than that. We explain.

You've got Tyler & Brad and In this episode, we break down the early versions of Transport Layer Security (TLS) — TLS 1.0 and TLS 1.1 — and explain why these once-standard encryption protocols are now considered insecure. We'll cover when they were released, how modern attacks and cryptographic weaknesses caught up with them, and why today's internet relies on newer, more secure protocols like TLS 1.2 and TLS 1.3.We'll also discuss how even “secure” protocols can become vulnerable when weak ciphers are enabled, using Sweet32 as a real-world example of cipher-level risk.Blog: https://offsec.blog/Youtube: https://www.youtube.com/@cyberthreatpovTwitter: https://x.com/cyberthreatpov Follow Spencer on social ⬇Spencer's Links: https://go.spenceralessi.com/links Work with Us: https://securit360.com | Find vulnerabilities that matter, learn about how we do internal pentesting here.

ZFS Scrubs and Data integrity, Propolice, FreeBSD vs Slackware and more. NOTES This episode of BSDNow is brought to you by Tarsnap and the BSDNow Patreon Headlines Understanding ZFS Scrubs and Data Integrity The story of Propolice Desk reviews describe comment ask questions No reponses, no justications. [Tj's Desk](media/bsdnow649-tjs-desk.jpg) [Ruben's Desk](media/bsdnow649-rubens-desk.jpg) News Roundup FreeBSD vs. Slackware: Which super stable OS is right for you? Prometheus, Let's Encrypt, and making sure all our TLS certificates are monitored Wait, a repairable ThinkPad!? Tarsnap This weeks episode of BSDNow was sponsored by our friends at Tarsnap, the only secure online backup you can trust your data to. Even paranoids need backups. Feedback/Questions Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv Join us and other BSD Fans in our BSD Now Telegram channel

Welcome to The Chrisman Commentary, your go-to daily mortgage news podcast, where industry insights meet expert analysis. Hosted by Robbie Chrisman, this podcast delivers the latest updates on mortgage rates, capital markets, and the forces shaping the housing finance landscape. Whether you're a seasoned professional or just looking to stay informed, you'll get clear, concise breakdowns of market trends and economic shifts that impact the mortgage world.In today's episode, we go through the chatter from the hallways at MBA's Independent Mortgage Banker Conference. Plus, Robbie sits down with TLS' Will Pendleton and Calque's Jeremy Foster for a discussion on how the Buy Before You Sell model helps brokers remove timing and contingency risk for today's buyers, and why transparent, well-integrated solutions like this are increasingly becoming essential tools for brokers navigating more competitive and complex housing markets. And we close by talking about the bond markets reaction to the new Fed Chair announcement.Thank you to Truework, the one verification solution to replace in-house waterfalls. Verify any borrower with a VOIE solution that automates the entire process to quickly deliver the most accurate and complete reports with broad GSE coverage.

Everybody knows about March 15 and the drop in maximum public TLS certificate term to 200 days. But that only scratches the surface on key dates with this maximum term reduction. Join us as we go over "all the dates" for TLS maximum term reduction.

Send us a textRansomware isn't always after your data anymore—sometimes the goal is to burn your operations down. We open with a hard look at the Stoli bankruptcy and what it teaches about ERP paralysis, regulatory deadlines, and why “we'll restore soon” is not a resilience plan. From there, we shift into a high-impact CISSP Domain 4 walkthrough that connects real-world failures to the protocols and controls that actually reduce risk.We break down HTTPS beyond the lock icon—what it secures, what metadata remains exposed, and how certificate trust can be subverted. You'll get a clear mental model for DNS defenses: why DNSSEC protects integrity but not confidentiality, and how DoH and DoT encrypt queries while complicating DNS filtering. We compare SFTP over SSH with FTPS, clarify LDAP StartTLS on port 389 vs LDAPS on 636, and explain the practical differences between IPsec transport and tunnel modes, including when ESP's symmetric encryption is the right fit.We also zoom in on TLS hygiene: why enabling TLS 1.0 or 1.1 invites downgrade and deprecated cipher risks, what HSTS really does (and doesn't do), and why Perfect Forward Secrecy matters when adversaries stockpile encrypted traffic. And we call out a critical truth for both practitioners and exam-takers: HTTPS can't stop phishing, so user trust and certificate validation remain frontline defenses.If you're preparing for the CISSP or leading security strategy, this episode gives you crisp explanations, memorable heuristics, and business-first context to improve your decisions. Subscribe, share with a teammate who handles compliance filings, and leave a review with the toughest crypto or network security question you want us to unpack next.Gain exclusive access to 360 FREE CISSP Practice Questions at FreeCISSPQuestions.com and have them delivered directly to your inbox! Don't miss this valuable opportunity to strengthen your CISSP exam preparation and boost your chances of certification success. Join now and start your journey toward CISSP mastery today!

Ce n'est pas le genre de lecture qui rassure en buvant son café du matin. Jeudi, le CERT-FR, la cellule d'alerte informatique française, a publié une note qui sonne comme un avertissement clair : nos infrastructures d'énergie renouvelable et de gestion de l'eau sont devenues des cibles privilégiées pour les hacktivistes. Des militants numériques qui frappent moins pour l'argent que pour le symbole… et pour le bruit médiatique.Derrière ce constat, l'ANSSI, l'agence nationale de cybersécurité, parle d'une hausse nette des attaques visant ces installations. Et ce ne sont plus de simples tentatives théoriques. Récemment, des intrus ont réussi à prendre la main à distance sur des équipements industriels. L'épisode le plus marquant ? L'arrêt complet d'un parc éolien pendant plusieurs heures. Résultat : production stoppée, pertes financières, et un sérieux coup de stress pour l'exploitant. Éoliennes, centrales hydroélectriques, panneaux solaires, stations de pompage… tout ce qui est connecté est désormais dans le viseur. Et le plus inquiétant, c'est que les attaquants n'ont pas besoin d'outils sophistiqués. Selon le rapport, leur niveau technique est souvent basique. Leur force, c'est surtout leur capacité à transformer chaque intrusion en opération de communication, à faire le buzz pour déstabiliser leurs cibles.Le vrai talon d'Achille se trouve ailleurs : dans la sécurité minimale, parfois inexistante. Beaucoup d'installations compromises appartiennent à de très petites entreprises, voire à des particuliers, peu formés aux risques cyber. Certains équipements restent accessibles directement sur Internet, sans authentification. Parfois même avec les mots de passe d'usine jamais changés. Des protocoles industriels circulent sans chiffrement. En clair : la porte est ouverte. Face à ce constat, l'ANSSI rappelle des règles simples, presque du bon sens numérique. Filtrer les connexions par adresse IP, installer un VPN, remplacer tous les identifiants par défaut, utiliser des protocoles sécurisés comme TLS ou SSH, et appliquer les mises à jour. Des outils que la plupart des box Internet proposent déjà. Hébergé par Acast. Visitez acast.com/privacy pour plus d'informations.

Public Key Infrastructure (PKI) underpins nearly every secure interaction in modern IT, but it's also one of the most misunderstood and overlooked foundations of security.In this episode of Secure IT, host Jason Kikta is joined by Mark Cooper, CEO and founder of PKI Solutions, to unpack why PKI is so critical to identity, authentication, and trust, and what happens when it fails.They explore how certificates enable passwordless authentication, secure TLS connections, IoT devices, endpoints, and enterprise systems, while also examining why misconfigured or poorly monitored PKI environments often become an attacker's fastest path to privilege escalation. From certificate expirations and operational outages to real-world breach scenarios and pen test failures, this conversation maps the full PKI risk spectrum.Jason and Mark also challenge a common assumption in cybersecurity: that recovery equals resilience. Instead, they argue that true resilience means staying secure and operational, even during misconfiguration, failure, or attack.Whether you're new to PKI or responsible for running it, this episode will change how you think about identity infrastructure, resilience, and trust.Topics covered:- What PKI is and why most organizations already depend on it- Certificates, passwordless authentication, and digital identity- How PKI misconfigurations enable high-impact attacks- Why recovery is the weakest form of resilience- The hidden operational and security risks of foundational systems

ASX 200 slipped 29 points lower to 8875 today on worries over Trump's move on Greenland. US futures turned lower, US physical markets closed tonight. Across the board losses led by the banks, CBA down 0.7% and NAB dropping 1.1% with the Big Bank Basket down to $271.82(-0.7%). MQG dropped 0.5% and other financials saw profit taking. Insurers also fell, IAG down 1.2%. REITs were mixed, GMG dropped 1.2% on tech worries. The All-Tech Index continues to be smashed, WTC down 4.4% and XRO heading that way. Off another 2.6%. Retail and industrials sold off too after the run last week. WES down 0.7% with JBH off 0.4% and TLS falling 0.8%. Utilities saw defensive buyers return, ORG up 1.0% and AGL pushing 0.8% better.In resources, gold hit close to AUD$7000 amidst geo-political risk. NST up 3.2% and EVN rising 3.1% with GMD rising 3.7% on broker upgrades. Rare earth stocks doing well again, MEI up 9.3% and LYC rising 5.2%. Copper stocks eased but found a level, iron ore majors were mixed, BHP down 0.5% and RIO up 0.8%. Uranium stocks were glowing red hot on short covering, PDN up 6.6% and BOE roaring 13.6% ahead. In corporate news, CCX had a trading update and rose 3.6%, NWH announced new contracts, down 2.7%, PNV reported H1 sales up 26%. A2M in a trading halt after a big move on Chinese birth rate diving. Down 10.6% before halt.On the economic front, Chinese GDP data came in as expected, 5%. What a surprise. Strong exports helped to compensate for weak consumer spending. Asian markets ease back, Japan down 0.9%, China off 0.2% and HK down 1%.Dow futures down 361, Nasdaq futures down 298 10-year yields higher at 4.73%. Want to invest with Marcus Today? Our MT20 portfolio is designed for investors seeking exposure to our strategy while we do the hard work for you. If you're looking for personal financial advice, our friends at Clime Investment Management can help. Their team of licensed advisers operates across most states, offering tailored financial planning services.  Why not sign up for a free trial? Gain access to expert insights, research, and analysis to become a better investor.

I came across a post recently on the Microsoft Fabric blog about the evolution of SSIS 2025..I hadn't heard much about SSIS in SQL Server 2025, so I thought this might provide some info on the investments that Microsoft is still making in Integration Services. I've run into a few people in the past year who are still heavily invested in SSIS and run packages daily. SSIS seems to be a technology that isn't even close to dying for many organizations. The blog starts well, delving into the security investments with the change to the SqlClient and TLS 1.3, as well as supporting Strict Encryption. I don't know many people using this level of security, but it's good to have SSIS support stronger security. There is also an upgrade for SSIS packages targeting Fabric Data Warehouses if they modify their approach. Read the rest of An SSIS Upgrade

The Loyal Subjects has produced a new MASK toy line. These are recreations of the original toys with some updated accessories, and improved figures. Unfortunately some people, including Kevin, are having issues with them. Are these new MASK toys worth buying? #217 Pegwarmers Retro Con 2015 Stop Motion: https://www.youtube.com/watch?v=87i-Vxc2Xgs Pegwarmers is the codename for toys and collectibles with high supply and low demand. Join Kevin Jones, and his team of collector commandos, as they discuss popular and not-so-popular retro and current toy brands. Check back for new episodes each Wednesday. Follow Us https://twitter.com/pegwarmerspod https://www.facebook.com/pegwarmerspod Join our Patreonhttps://www.patreon.com/pegwarmers

Josh talk to Dirkjan and Joe about Rustls (pronounced rustles), a Rust-based TLS library. Dirkjan and Joe are developers on Rustls. We talk about the history that got us to this point. The many many challenges in writing a TLS library (Rust or not). We also chat about some of what's to come. Rustls has an OpenSSL compatibility layer which makes is a really interesting project. The show notes and blog post for this episode can be found at https://opensourcesecurity.io/2025/2025-12-rustls-dirkjan-joe/

Send us a textA neighboring Wi‑Fi, a handful of stolen credentials, and a quiet leap into a high‑value network—the kind of pivot that sounds cinematic until you realize how practical it is. We unpack that playbook and turn it into concrete defenses you can deploy across your environment, from client endpoints and browsers to databases, servers, and industrial control systems.We start at the edge, where phishing, drive‑by downloads, and man‑in‑the‑middle still win far too often. You'll get a clear blueprint for upgrading endpoint security with EDR, strict patching, and browser hardening, plus when to retire or sandbox legacy applets and how to stop sensitive data bleeding from local caches. From there we map the landscape of modern data platforms: the internal, conceptual, and external layers of databases; the resilience of distributed DBs; the interoperability and pitfalls of ODBC; and the security tradeoffs between NoSQL flexibility and relational ACID guarantees. Expect practical guardrails like TLS on every link, parameterized queries for SQLi defense, and role‑based access with tight segregation of duties.Finally, we focus on servers and ICS, where downtime costs real money and, in OT, can impact safety. Learn how to prioritize hardening and patching without breaking legacy apps, isolate critical services to reduce blast radius, centralize logging to a SIEM, and apply the Purdue model to segment OT from IT. We share tested moves for OT environments—firewalls and DMZs, constrained remote access, realistic backup and recovery plans—and explain how to integrate safety and cybersecurity so alarms, procedures, and people work as one.If you find this valuable, subscribe, share it with a teammate who owns Wi‑Fi or databases, and leave a quick review telling us the first control you'll implement this week. Your feedback helps more practitioners discover tools that actually reduce risk.Gain exclusive access to 360 FREE CISSP Practice Questions at FreeCISSPQuestions.com and have them delivered directly to your inbox! Don't miss this valuable opportunity to strengthen your CISSP exam preparation and boost your chances of certification success. Join now and start your journey toward CISSP mastery today!

DLLs & TLS Callbacks As a follow-up to last week's diary about DLL Entrypoints, Didier is looking at TLS ( Thread Local Storage ) and how it can be abused. https://isc.sans.edu/diary/DLLs%20%26%20TLS%20Callbacks/32580 FreeBSD Remote code execution via ND6 Router Advertisements A critical vulnerability in FreeBSD allows for remote code execution. But an attacker must be on the same network. https://www.freebsd.org/security/advisories/FreeBSD-SA-25:12.rtsold.asc NIST Time Server Problems The atomic ensemble time scale at the NIST Boulder campus has failed due to a prolonged utility power outage. One impact is that the Boulder Internet Time Services no longer have an accurate time reference. https://tf.nist.gov/tf-cgi/servers.cgi https://groups.google.com/a/list.nist.gov/g/internet-time-service/c/o0dDDcr1a8I

In the final show of 2025, Patrick Gray and Adam Boileau discuss the week's cybersecurity news, including: React2Shell attacks continue, surprising no one The unholy combination of OAuth consent phishing, social engineering and Azure CLI Venezuela's state oil firm gets ransomware'd, blames US… but what if it really is a US cyber op?! Russian junk-hacktivist gets indicted for cybering critical… err… a car wash and a fountain Microsoft finally turns RC4 off by default in Active Directory Kerberos Traefik's TLS verify=on … turns it off, whoopsie

Mark “Murch” Erhardt, Gustavo Flores Echaiz, and Mike Schmidt are joined by Matt Morehouse and Salvatore Ingala to discuss ⁠Newsletter #384⁠.News● Critical vulnerabilities fixed in LND 0.19.0 (0:59) ● A virtualized secure enclave for hardware signing devices (21:11) Changes to services and client software● Interactive transaction visualization tool (37:16) ● BlueWallet v7.2.2 released (38:20) ● Stratum v2 updates (38:42) ● Auradine announces Stratum v2 support (40:18) ● LDK Node 0.7.0 released (41:58) ● BIP-329 Python Library 1.0.0 release (43:30) ● Bitcoin Safe 1.6.0 released (44:34) Selected Q&A from Bitcoin Stack Exchange● Does a clearnet connection to my Lightning node require a TLS certificate? (45:12) ● Why do different implementations produce different DER signatures for the same private key and hash? (45:58) ● Why is the miniscript `after` value limited at 0x80000000? (49:27) Notable code and documentation changes● Bitcoin Core #33528 (53:12) ● Bitcoin Core #33723 (54:17) ● Bitcoin Core #33993 (56:35) ● Bitcoin Core #33553 (59:54) ● Eclair #3220 (1:01:52) ● LDK #4231 (1:02:48) ● LND #10396 (1:05:40) ● BTCPay Server #7022 (1:08:26) ● Rust Bitcoin #5379 (1:09:32) ● BIPs #2050 (1:10:06)

professorjrod@gmail.comIn this episode of Technology Tap: CompTIA Study Guide, we dive deep into cloud security fundamentals, perfect for those preparing for the CompTIA Security+ exam. Join our study group as we explore the shifting security landscape from locked server rooms to identity-based perimeters and data distributed across regions. This practical, Security+-ready guide connects architecture choices to real risks and concrete defenses, offering valuable IT certification tips and tech exam prep strategies. Whether you're focused on your CompTIA exam or looking to enhance your IT skills development, this episode provides essential insights to help you succeed in technology education and advance your career.We start by grounding the why: elasticity, pay-per-use costs, and resilience pushed organizations toward public, private, community, and hybrid clouds. From there, we map service models—SaaS, PaaS, IaaS, and XaaS—and the responsibilities each one assigns. You'll hear how thin clients reduce device risk, why a transit gateway can become a blast radius, and where serverless trims surface area while complicating visibility. Misunderstanding the shared responsibility model remains the leading cause of breaches, so we spell out exactly what providers secure and what you must own.Identity becomes the new perimeter, so we detail IAM guardrails: least privilege, no shared admins, MFA on every privileged account, short-lived credentials, and continuous auditing. We cover encryption in all three states with AES-256, TLS 1.3, HSMs, and customer-managed keys, then add CASB for SaaS control and SASE to bring ZTNA, FWaaS, and DLP to the edge where users actually work. Virtualization and containers deliver speed and density but expand the attack surface: VM escapes, snapshot theft, and poisoned images require hardened hypervisors, signed artifacts, private registries, secret management, and runtime policy. Hybrid and multi-cloud introduce inconsistent IAM and fragmented logging—centralized identity, unified SIEM, CSPM, and infrastructure-as-code guardrails bring discipline back.We wrap with the patterns attackers exploit—public storage exposure, stolen API keys, unencrypted backups, and supply chain compromises—and the operating principles that stop them: zero trust, verification over assumption, and automation that responds at machine speed. Stick around for four rapid Security+ practice questions to test your skills and cement the concepts.If this helped you study or sharpen your cloud strategy, follow and subscribe, share it with a teammate, and leave a quick review telling us which control you'll deploy first.Support the showArt By Sarah/DesmondMusic by Joakim KarudLittle chacha ProductionsJuan Rodriguez can be reached atTikTok @ProfessorJrodProfessorJRod@gmail.com@Prof_JRodInstagram ProfessorJRod

NGINX Ingress Controller уходит на пенсию к 2026-му Что делать если у вас в Kubernetes десятки и сотни сервисов? В этом выпуске мы поговорим: Что реально значит "пенсия" NGINX Ingress Controller и какие сроки по security-патчам.? Куда мигрировать: другие Ingress-контроллеры vs Gateway API, плюсы и минусы подходов. Архитектура Gateway API: global Gateway, HTTPRoute/GRPCRoute, TLS, сервис-меш и т.д. CORS и новый режим Chrome для локальной сети: почему внезапно «сломалось» расширение и как это связано с DevOps. Пара новостей одной строкой: AWS (ALB + JWT, AWS Backup для EKS, квантовые сертификаты), Anthropic и Thoughtworks Tech Radar. Ссылочки: Пост о retirement NGINX Ingress Controller — https://kubernetes.io/blog/2025/11/11... Книга «Cracking the Kubernetes Interview» на Amazon — https://www.amazon.de/-/en/Cracking-K... Книга «Cracking the Kubernetes Interview» на сайте Packt — https://www.packtpub.com/en-bg/produc... Chrome: New Permissions Prompt for Local Network Access — https://developer.chrome.com/blog/loc...

Strategic Technology Consultation Services This episode of The Modern .NET Show is supported, in part, by RJJ Software's Strategic Technology Consultation Services. If you're an SME (Small to Medium Enterprise) leader wondering why your technology investments aren't delivering, or you're facing critical decisions about AI, modernization, or team productivity, let's talk. Show Notes "You actually cannot do proper vertical slice if you are bounded to controllers. Because there are some additional dependencies that you can download, like Ardalis [ApiEndpoints] or like Fast Endpoints that will give you actually what Minimal API is giving you. But with the standard controller-based approach you are not able to do the full vertical slice, because every time you'll need to take this, let's say presentation layer, outside your slice because it needs to be, just as you said, in the class that is inheriting from Controller and doing all the actions and stuff like this."— Kajetan Duszyński Hey everyone, and welcome back to The Modern .NET Show; the premier .NET podcast, focusing entirely on the knowledge, tools, and frameworks that all .NET developers should have in their toolbox. I'm your host Jamie Taylor, bringing you conversations with the brightest minds in the .NET ecosystem. Today, we're joined by Kajetan Duszyński to talk about some of the new things that are coming up in .NET 10. We cover some of the big things that you might have missed, some of the optimisations you can make by removing code (listen up for one in a few moments), and we also talk about his new book ".NET 10 Revealed." "So you all need to remember that if you are using Minimal APIs and you've used the extension method WithOpenAPI(), which created a proper OpenAPI schema. Right now it won't be used, so you'll need to delete every usage of this method from your whole application, because it will be um added by default in the pipeline of creating, of starting up the application."— Kajetan Duszyński Along the way we talked about allocations, the importance of learning MSIL (what your C# and F# code is compiled to), memory management, how fast .NET is moving and when we're likely to see the first public preview of .NET 11, and the vertical slice architecture. One of the biggest things that I think will cause some head scratching in .NET 10 is the new local self-signed TLS certificate. I've linked to an article by the folks at Duende about this, and it'll be worth adding it to your reading list. It's a great addition to .NET 10, but it'll catch some folks out. Before we jump in, a quick reminder: if The Modern .NET Show has become part of your learning journey, please consider supporting us through Patreon or Buy Me A Coffee. Every contribution helps us continue bringing you these in-depth conversations with industry experts. You'll find all the links in the show notes. Anyway, without further ado, let's sit back, open up a terminal, type in `dotnet new podcast` and we'll dive into the core of Modern .NET. Full Show Notes The full show notes, including links to some of the things we discussed and a full transcription of this episode, can be found at: https://dotnetcore.show/season-8/building-on-net-10-a-chat-with-kajetan-duszynsk-author-of-net-10-revealed Useful Links: Ardalis ApiEndpoints REPR pattern Fast Endpoints Why You Should Be Using .NET 10's New TLS Certificate Kajetan's .NET school Kajetan on LinkedIn .NET 10 Revealed Supporting the show: Leave a rating or review Buy the show a coffee Become a patron Getting in touch: via the contact page joining the Discord Podcast editing services provided by Matthew Bliss Music created by Mono Memory Music, licensed to RJJ Software for use in The Modern .NET Show Editing and post-production services for this episode were provided by MB Podcast Services Supporting the show: Leave a rating or review Buy the show a coffee Become a patron Getting in Touch: Via the contact page Joining the Discord Remember to rate and review the show on Apple Podcasts, Podchaser, or wherever you find your podcasts, this will help the show's audience grow. Or you can just share the show with a friend. And don't forget to reach out via our Contact page. We're very interested in your opinion of the show, so please get in touch. You can support the show by making a monthly donation on the show's Patreon page at: https://www.patreon.com/TheDotNetCorePodcast. Music created by Mono Memory Music, licensed to RJJ Software for use in The Modern .NET Show. Editing and post-production services for this episode were provided by MB Podcast Services.

In this episode, Jack interviews Edward Morales, second-generation owner of Tropical Landscaping Services in Buckeye, Arizona. After years of the company relying on hard work and word-of-mouth without a clear sales process, Edward stepped back into the business and realized it needed structure, clarity, and consistency. He rebuilt their sales process from scratch and discovered how communication and predictable workflows create a better client experience.Edward also shares how he uses AI as a thinking partner—clarifying decisions, improving communication, and refining processes without replacing the personal touch. If you're a landscape or snow contractor looking to modernize your operations, sharpen your sales process, or understand how AI actually fits into a real-world company, this conversation is full of practical takeaways.You'll Learn:How Edward rebuilt TLS's first-ever sales processWhy structure and clarity are essential to a great client experienceHow AI can enhance communication and leadershipWhat it takes to grow a multi-decade family businessWhy refining processes separates pros from amateursConnect With Today's Guest

Ismael (Founder/CEO) and Nate (Defense GTM) from Lagrange explain why the biggest commercial demand for cutting-edge cryptography might be outside crypto—securing AI in defense, healthcare, and regulated finance. We cover: why they built DeepProof (a zero-knowledge ML library that proves model outputs over private inputs), how this fits the DoD's zero-trust mandates, and why frontier crypto R&D should serve national interest, not just faster token launches. We also dig into GTM with government, what zero-knowledge adds beyond TLS, and how to talk “applied cryptography” without getting stuck in a “crypto” stigma.Key timestamps[00:00:00] Cold Open: Ismael on crypto funding frontier cryptography beyond tokens[00:01:00] Introduction: Sam sets up Lagrange, AI, defense, and applied cryptography[00:03:00] Origin Story: Ismael's path from TradFi and VC to founding Lagrange[00:06:00] Why Defense: Using crypto-funded cryptography for national security and AI safety[00:10:00] DeepProof Explained: Proving AI model outputs over private inputs with ZK[00:15:00] Business Model: “OpenAI sells inference; we sell proofs”[00:18:00] Beyond Crypto: Healthcare, compliance, and dual-use cryptography[00:22:00] Nate's Role: Selling applied cryptography to defense without leading with “crypto”[00:27:00] Lagrange Vision: Cryptographic supremacy and becoming the verifiability layer[00:33:00] Roadmap & Ask: Expansion into defense, partners with serious AI workloadsConnecthttps://www.lagrange.dev/https://www.linkedin.com/company/lagrange-labs/https://www.linkedin.com/in/i20h/https://x.com/lagrangedevhttps://x.com/Ismael_H_RDisclaimerNothing mentioned in this podcast is investment advice and please do your own research. It would mean a lot if you can leave a review of this podcast on Apple Podcasts or Spotify and share this podcast with a friend.Get featuredBe a guest on the podcast or contact us – https://www.web3pod.xyz/

Julien Levrard, CISO d'OVH, décrit un quotidien partagé entre gestion de crises immédiates, préparation des menaces futures et construction d'une architecture résiliente. Il explique comment OVH expérimente déjà le quantique pour renforcer la génération de clés TLS, une manière de préparer les systèmes aux défis cryptographiques des prochaines décennies. Il insiste aussi sur la nécessité de ne pas dépendre des très grands fournisseurs mondiaux de services infonuagiques afin d'éviter les risques systémiques révélés par les récentes pannes majeures.

This week, TLS contributors select their favourites from 2025; plus an interview with CD Rose, winner of this year's Goldsmiths Prize.‘We Live Here Now', by CD RoseProduced by Charlotte Pardy Hosted on Acast. See acast.com/privacy for more information.

professorjrod@gmail.comThe everyday internet feels effortless, but behind every click lives a maze of services quietly doing the heavy lifting. I pull back the curtain on the systems that make your workday possible—file shares that just appear on your desktop, printers that hum along until a 200‑page PDF wrecks the queue, and the alphabet soup of protocols that move data safely and fast.We start with the essentials: SMB and Samba for file and print, why SFTP on port 22 beats FTP for modern transfers, and how relational databases differ from NoSQL when your needs shift from consistent records to massive logs. From there we head to the browser, unpacking HTTPS, TLS, and certificates so you know what that lock icon actually guarantees. Email gets its due too: SMTP for sending, IMAP for syncing, and the trio of SPF, DKIM, and DMARC that keeps phishing at bay.Security and scale meet in the middle with proxy servers, spam gateways, and Unified Threat Management devices that filter, inspect, and sandbox threats before users ever see them. Then we look at load balancers that keep portals alive at peak times, plus the messy reality of legacy systems that refuse to retire. We don't ignore the industrial world—embedded devices, ICS, and SCADA that run utilities and factories—where one misstep can ripple beyond a single office.Troubleshooting ties it all together. I share real stories and checklists for wired faults, slow networks, Wi‑Fi ghosts caused by microwave ovens, and VoIP glitches fixed with QoS and VLANs. You'll leave with practical ways to spot the root cause fast, confidence with ports and protocols, and a clearer map of the services that keep everything running.If you learned something useful, follow the show, share this episode with a teammate, and leave a quick review to help others find us. Got a strange network mystery you solved? Send it my way and we'll feature the best ones next time.Inspiring Tech Leaders - The Technology PodcastInterviews with Tech Leaders and insights on the latest emerging technology trends.Listen on: Apple Podcasts SpotifySupport the showArt By Sarah/DesmondMusic by Joakim KarudLittle chacha ProductionsJuan Rodriguez can be reached atTikTok @ProfessorJrodProfessorJRod@gmail.com@Prof_JRodInstagram ProfessorJRod

Dimitra Fimi is Professor of Fantasy and Children's Literature at the University of Glasgow and Co-Director of the Centre for Fantasy and the Fantastic. Her Tolkien, Race and Cultural History won the Mythopoeic Scholarship Award for Inklings Studies and she co-edited the critical edition of A Secret Vice: Tolkien on Invented Languages which won the Tolkien Society Award for Best Book. Her Celtic Myth in Contemporary Children's Fantasy won the Mythopoeic Scholarship Award in Myth and Fantasy Studies. Other work includes co-editing Sub-creating Arda: World-building in J.R.R. Tolkien's Work, its Precursors and its Legacies and Imagining the Celtic Past in Modern Fantasy. She has contributed articles for the TLS and The Conversation, and has appeared on numerous radio and TV programs.When the rightly famous and beloved ‘The Great Courses' series decided to offer a Lord of the Rings entry for their catalog of the very best in scholarship for adult-learners, they asked Dimitra Fimi to create ‘The World of J. R. R. Tolkien,' one of their most popular courses and one you can enjoy in an Audible edition.Links Promised in Conversation:A Kind of Elvish Craft: The Dimitra Fimi Substack Site* Miniature Books in Children's Fantasy* Parabasis: A Tribute to Dionysis Stavvopoulos* On Tolkien's Letter 131 (4): “Romance” vs. ScienceDimitra Fimi articles at ‘The Conversation'* After 150 years, we still haven't solved the puzzle of Alice in Wonderland (2015)Kanreki Conversations about Rowling-Galbraith ‘Golden Threads'* Pregnancy Traps in the Works of Rowling-Galbraith* Golden Threads in Rowling-Galbraith (1)* Golden Threads in Rowling-Galbraith (2)* ‘The Lost Child' Golden Thread* Alternative Explanations of ‘The Lost Child' Golden Thread* The Induced Abortion Hypothesis* The July 2025 Kanreki IndexOur Ten Questions for Dr Fimi:1. How does a woman born and raised on the Greek island of Salamis wind up in Cardiff studying Celtic Mythology?2. You're a Tolkien scholar and expert in fantasy and Children's literature. Tolkienistas are legend for looking down their Ent noses at Harry Potter, though there are important exceptions to that rule (the late Stratford Caldecott, his wife Leonie, Amy H. Sturgis, others). How did you meet the Boy Who Lived and what were your first impressions of Rowling as author?3. You have a lot in common with Rowling, no? Tolkien devotee, serious student of mythology, and a wonderful appreciation of the magic of story, especially magical stories for children. The Tolkien influence on Rowling is well documented though she has tried to belittle it, but her use of myths as templates for her stories is less well known but at least as important. What do you make of her admittedly “shameless” borrowing from folk tales and myths?4. I guess this is a segue to the Cormoran Strike books which are awash in myths -- Leda and the Swan, Castor and Pollux, Cupid and Psyche, Artemis and Tisiphone... Am I missing any?5. You've seen Rowling's recent confirmation of the Cupid and Psyche myth in her tweeted painting of ‘Psyche Ascendant.' That suggests we'll see the happy ending of the myth in Strikes 9 and 10. Or does it? What did you see of that myth specifically in Hallmarked Man?6. Running Grave has another embedded text, not a myth per se, one that makes sense in light of Rowling's love of everything the Bronte sisters wrote. Tell us what made you think of Jane Eyre as you were reading Strike 7.7. Rowling did something unusual in 2019, well, among the unusual things she did that year, in inviting readers to interpret her work in light of their ‘Lake' inspiration as well as her intentional ‘Shed' artistry. Writers like Lewis and Tolkien would be aghast at that, though Inkling Studies today necessarily include heavy biographical leanings in almost everything written about those authors. What is your take in general on what Lewis called ‘The Personal Heresy' and about Rowling as a living author inviting that critical perspective while she is still among us?8. It's fascinating, frankly, that you are not so compartmentalized in your reading that Rowling is still a writer you read outside of her fantasy and children's literature. Do you read the Strike-Ellacott stories because you also love a good detective novel or is it your interest in Rowling and whatever she is writing?9. Have you read Christmas Pig? John believes that in fifty years, the Lord tarrying, high school and college students will read Pig as Rowling's representative work the way we had to read Tale of Two Cities or Christmas Carol to be exposed to Dickens.10. John tries to read imaginative fiction through what he calls an “iconological lens,” a method born of his Perennialist beliefs and life as an Orthodox Christian. In what ways do you think your childhood and secondary education gave you a sympathy unusual for multi-valent texts than those born and raised in relatively secular cultures? This is a public episode. If you'd like to discuss this with other subscribers or get access to bonus episodes, visit hogwartsprofessor.substack.com/subscribe

Topics covered in this episode: httptap 10 Smart Performance Hacks For Faster Python Code FastRTC Explore Python dependencies with pipdeptree and uv pip tree Extras Joke Watch on YouTube About the show Sponsored by us! Support our work through: Our courses at Talk Python Training The Complete pytest Course Patreon Supporters Connect with the hosts Michael: @mkennedy@fosstodon.org / @mkennedy.codes (bsky) Brian: @brianokken@fosstodon.org / @brianokken.bsky.social Show: @pythonbytes@fosstodon.org / @pythonbytes.fm (bsky) Join us on YouTube at pythonbytes.fm/live to be part of the audience. Usually Monday at 10am PT. Older video versions available there too. Finally, if you want an artisanal, hand-crafted digest of every week of the show notes in email form? Add your name and email to our friends of the show list, we'll never share it. Michael #1: httptap Rich-powered CLI that breaks each HTTP request into DNS, connect, TLS, wait, and transfer phases with waterfall timelines, compact summaries, or metrics-only output. Features Phase-by-phase timing – precise measurements built from httpcore trace hooks (with sane fallbacks when metal-level data is unavailable). All HTTP methods – GET, POST, PUT, PATCH, DELETE, HEAD, OPTIONS with request body support. Request body support – send JSON, XML, or any data inline or from file with automatic Content-Type detection. IPv4/IPv6 aware – the resolver and TLS inspector report both the address and its family. TLS insights – certificate CN, expiry countdown, cipher suite, and protocol version are captured automatically. Multiple output modes – rich waterfall view, compact single-line summaries, or -metrics-only for scripting. JSON export – persist full step data (including redirect chains) for later processing. Extensible – clean Protocol interfaces for DNS, TLS, timing, visualization, and export so you can plug in custom behavior. Example: Brian #2: 10 Smart Performance Hacks For Faster Python Code Dido Grigorov A few from the list Use math functions instead of operators Avoid exception handling in hot loops Use itertools for combinatorial operations - huge speedup Use bisect for sorted list operations - huge speedup Michael #3: FastRTC The Real-Time Communication Library for Python: Turn any python function into a real-time audio and video stream over WebRTC or WebSockets. Features

Soyez le premier à tester le nouveau Plaud Note Pro :https://link.influxcrew.com/Plaud-LEGEND3Via ce lien, vous profitez également de 20 % de réduction sur les autres produits de la marque à partir du 13 novembre.Avec Plaud, vos données sont sécurisées : Plaud respecte les normes RGPD, EN18031, SOC2 et HIPAA.Toutes les transmissions entre votre appareil et leurs serveurs cloud sont sécurisées via le protocole TLS, garantissant l'intégrité de vos données et empêchant tout accès non autorisé.Merci à François Savin d'être venu sur Legend.François est chef privé de luxe à domicile depuis dix ans. Il exerce entre la Côte d'Azur et Dubaï. Formé auprès de grands noms de la gastronomie, il a cuisiné pour une clientèle prestigieuse et partage aujourd'hui avec nous ses anecdotes les plus folles.➡️ Retrouvez la boutique LEGEND : https://youtu.be/T6YTsF6CRy4Pour toutes demandes de partenariats : legend@influxcrew.comRetrouvez-nous sur tous les réseaux LEGEND !Facebook : https://www.facebook.com/legendmediafrInstagram : https://www.instagram.com/legendmedia/TikTok : https://www.tiktok.com/@legendTwitter : https://twitter.com/legendmediafrSnapchat : https://t.snapchat.com/CgEvsbWV Hébergé par Acast. Visitez acast.com/privacy pour plus d'informations.

Vijoy Pandey joins Sebastian Hassinger for this episode of The New Quantum Era to discuss Cisco's ambitious vision for quantum networking—not as a far-future technology, but as infrastructure that solves real problems today. Leading Outshift by Cisco, their incubation group and Cisco Research, Vijoy explains how quantum networks are closer than quantum computers, why distributed quantum computing is the path to scale, and how entanglement-based protocols can tackle immediate classical challenges in security, synchronization, and coordination. The conversation spans from Vijoy's origin story building a Hindi chatbot in the late 1980s to Cisco's groundbreaking room-temperature quantum entanglement chip developed with UC Santa Barbara, and explores use cases from high-frequency trading to telescope array synchronization.Guest BioVijoy Pandey is Senior Vice President at Outshift by Cisco, the company's internal incubation group, where he also leads Cisco Research and Cisco Developer Relations (DevNet). His career in computing began in high school building AI chatbots, eventually leading him through distributed systems and software engineering roles including time at Google. At Cisco, Vijoy oversees a portfolio spanning quantum networking, security, observability, and emerging technologies, operating at the intersection of research and product incubation within the company's Chief Strategy Office.Key TopicsFrom research to systems: How Cisco's quantum work is transitioning from physics research to systems engineering, focusing on operability, deployment, and practical applications rather than building quantum computers.The distributed quantum computing vision: Cisco's North Star is building quantum network fabric that enables scale-out distributed quantum computing across heterogeneous QPU technologies (trapped ion, superconducting, etc.) within data centers and between them—making "the quantum network the solution" to quantum's scaling problem and classical computing's physics problem.Room-temperature entanglement chip: Cisco and UC Santa Barbara developed a prototype photonic chip that generates 200 million entangled photon pairs per second at room temperature, telecom wavelengths, and less than 1 milliwatt power—enabling deployment on existing fiber infrastructure without specialized equipment.Classical use cases today: How quantum networking protocols solve present-day problems in synchronization (global database clocks, telescope arrays), decision coordination (high-frequency trading across geographically distributed exchanges), and security (intrusion detection using entanglement collapse) without requiring massive qubit counts or cryogenic systems.Quantum telepathy for HFT: The concept of using entanglement and teleportation to coordinate decisions across locations faster than the speed of light allows classical communication—enabling fairness guarantees for high-frequency trading across data centers in different cities.Meeting customers where they are: Cisco's strategy to deploy quantum networking capabilities alongside existing classical infrastructure, supporting a spectrum from standard TLS to post-quantum cryptography to QKD, rather than requiring greenfield deployments.The transduction grand challenge: Why building the "NIC card" that connects quantum processors to quantum networks—the transducer—is the critical bottleneck for distributed quantum computing and the key technical risk Cisco is addressing.Product-company fit in corporate innovation: How Outshift operates like internal startups within Cisco, focusing on problems adjacent to the company's four pillars (networking, security, observability, collaboration) with both technology risk and market risk, while maintaining agility through a framework adapted from Cisco's acquisition integration playbook.Why It MattersCisco's systems-level approach to quantum networking represents a paradigm shift from viewing quantum as distant future technology to infrastructure deployable today for specific high-value use cases. By focusing on room-temperature, telecom-compatible entanglement sources and software stacks that integrate with existing networks, Cisco is positioning quantum networking as the bridge between classical and quantum computing worlds—potentially accelerating practical quantum applications from decades away to 5-10 years while solving immediate enterprise challenges in security and coordination.Episode HighlightsVijoy's journey from building Hindi chatbots on a BBC Micro in the late 1980s to leading quantum innovation at Cisco. Why quantum networking is "here and now" while quantum computing is still being figured out. The spectrum of quantum network applications: from near-term classical coordination problems to the long-term quantum internet connecting quantum data centers and sensors. How entanglement enables provable intrusion detection on standard fiber networks alongside classical IP traffic. The "step function moment" coming for quantum: why the transition from physics to systems engineering means a ChatGPT-like breakthrough is imminent, and why this one will be harder to catch up on than software-based revolutions. Design partner collaborations with financial services, federal agencies, and energy companies on security and synchronization use cases.Cisco's quantum software stack prototypes: Quantum Compiler (for distributed quantum error correction), Quantum Alert (security), and QuantumSync (decision coordination).

Recent advancements in quantum computing are pushing the technology closer to practical application, with companies like Google, IBM, and ICONIC making significant strides in stabilizing quantum systems. This progress poses risks to current encryption methods, as traditional security measures may become obsolete due to quantum capabilities. The National Institute of Standards and Technology (NIST) is advocating for the adoption of post-quantum cryptography (PQC) to protect sensitive data, emphasizing the urgency for organizations to reassess their security protocols. Failure to act could result in severe repercussions, including data breaches and regulatory noncompliance.Google's quantum computing division has published research demonstrating practical applications for quantum computers, such as using quantum technology for nuclear magnetic resonance to estimate atomic structures. The company is shifting its focus from merely proving quantum feasibility to making the technology cost-effective. Sundar Pichai, CEO of Alphabet, expressed optimism about the timeline for commercially viable quantum computing, while industry opinions vary, with some experts suggesting practical applications may still be decades away. This divergence highlights the uncertainty surrounding the timeline for widespread quantum adoption.In addition to quantum computing advancements, the episode discusses the integration of PQC into mainstream technology. Microsoft Windows 11 has begun incorporating PQC algorithms into its cryptographic APIs, allowing for the generation of PQC key pairs and hybrid TLS handshakes. Meanwhile, companies like Palo Alto Networks are updating their software to support quantum-resistant encryption. These developments indicate a growing recognition of the need for quantum-safe security measures as organizations prepare for the potential threats posed by quantum computing.For Managed Service Providers (MSPs) and IT decision-makers, the implications are clear: proactive measures are necessary to prepare for the quantum computing era. MSPs should assist clients in inventorying their cryptographic systems and developing a roadmap for adopting PQC. As the U.S. government urges organizations to transition to quantum-safe encryption by 2035, MSPs must prioritize updating protocols and exploring quantum-resistant solutions. The transition to quantum-safe encryption is a multi-year effort, and early preparation will help mitigate future risks associated with quantum advancements. One thing to know today00:00 All About Quantum Computing This is the Business of Tech.    Supported by:  

This week, Jake and Travis sit down with journalist Will Sommer to unpack his investigation into the New Age wellness empire selling stacks of glowing TV monitors as a cure‑all. Jason Shurka, the brains behind the multi-million dollar operation, used the funds to bankroll a brand new streaming platform, Unifyd TV, whose offerings include documentaries made by QAnon promoters. According to the promoters of this quack cure, their work is approved by a secret society of powerful entities who are dedicated to elevating humankind called “The Light Systems” cabal or “TLS.” One member of The Light Systems, a figure called “Ray,” is regularly filmed while wearing a face-concealing hoodie and gloves in order to preserve his anonymity in interviews with Shurka available on Unifyd TV. It's a lot. Just listen to the episode. Subscribe for $5 a month to get all the premium episodes: www.patreon.com/qaa Will Sommer https://bsky.app/profile/willsommer.bsky.social How a Bizarre Healing-TV-Screen Tycoon Is Funding MAGA Media https://www.thebulwark.com/p/bizarre-healing-tv-screen-tycoon-funding-maga-media-unifyd-eesystem The first two episodes of Annie Kelly's new podcast miniseries “Truly, Tradly, Deeply” will be released on the Cursed Media podcast network on the 29th of October. https://www.cursedmedia.net/ Cursed Media subscribers also get access to every episode of every QAA miniseries we produced, including Manclan by Julian Feeld and Annie Kelly, Trickle Down by Travis View, The Spectral Voyager by Jake Rockatansky and Brad Abrahams, and Perverts by Julian Feeld and Liv Agar. Plus, Cursed Media subscribers will get access to at least three new exclusive podcast miniseries every year. https://www.cursedmedia.net/ Editing by Corey Klotz. Theme by Nick Sena. Additional music by Pontus Berghe. Theme Vocals by THEY/LIVE (instagram.com/theyylivve / sptfy.com/QrDm). Cover Art by Pedro Correa: (pedrocorrea.com) qaapodcast.com QAA was known as the QAnon Anonymous podcast.

Welcome back to another Friday special! This week's bonus episode features an interview with co-host of the TLS podcast Alex Clark. Alex is a literary journalist and book extraordinaire. She discusses her podcast and imparts her literary wisdom... If you want to contact the show to ask a question and get involved in the conversation then please email us: janeandfi@times.radioFollow us on Instagram! @janeandfiPodcast Producer: Eve SalusburyExecutive Producer: Rosie Cutler Hosted on Acast. See acast.com/privacy for more information.

Cisco's routers just exposed more than two million networks thanks to a "security optional" SNMP setup that's being actively exploited—Steve and Leo break down why this is a worst-case scenario for the industry and how easily it could have been avoided. Gmail's spam filtering false-positive spree. iOS 26's Safari randomizes its fingerprint by default. Cisco's SNMP stands for "Security Not My Problem". Windows' "stuck" Extended Security Updates (ESU). Europe complains, gets 1-year of ESU with no strings. Where to get $6 TLS certs (really) while they last. The lessons to learn from Jaguar Land Rover's mess. The NEON app: get paid to have your voice recorded. Bluesky's age verification, now coming to Ohio. What is "Kids Web Services" for age verification. More than 10K Ollama instances publicly exposed. GRC's DNS Benchmark reaches "release candidate" Show Notes - https://www.grc.com/sn/SN-1045-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: vanta.com/SECURITYNOW 1password.com/securitynow Melissa.com/twit threatlocker.com/twit zapier.com/twit

Cisco's routers just exposed more than two million networks thanks to a "security optional" SNMP setup that's being actively exploited—Steve and Leo break down why this is a worst-case scenario for the industry and how easily it could have been avoided. Gmail's spam filtering false-positive spree. iOS 26's Safari randomizes its fingerprint by default. Cisco's SNMP stands for "Security Not My Problem". Windows' "stuck" Extended Security Updates (ESU). Europe complains, gets 1-year of ESU with no strings. Where to get $6 TLS certs (really) while they last. The lessons to learn from Jaguar Land Rover's mess. The NEON app: get paid to have your voice recorded. Bluesky's age verification, now coming to Ohio. What is "Kids Web Services" for age verification. More than 10K Ollama instances publicly exposed. GRC's DNS Benchmark reaches "release candidate" Show Notes - https://www.grc.com/sn/SN-1045-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: vanta.com/SECURITYNOW 1password.com/securitynow Melissa.com/twit threatlocker.com/twit zapier.com/twit

Cisco's routers just exposed more than two million networks thanks to a "security optional" SNMP setup that's being actively exploited—Steve and Leo break down why this is a worst-case scenario for the industry and how easily it could have been avoided. Gmail's spam filtering false-positive spree. iOS 26's Safari randomizes its fingerprint by default. Cisco's SNMP stands for "Security Not My Problem". Windows' "stuck" Extended Security Updates (ESU). Europe complains, gets 1-year of ESU with no strings. Where to get $6 TLS certs (really) while they last. The lessons to learn from Jaguar Land Rover's mess. The NEON app: get paid to have your voice recorded. Bluesky's age verification, now coming to Ohio. What is "Kids Web Services" for age verification. More than 10K Ollama instances publicly exposed. GRC's DNS Benchmark reaches "release candidate" Show Notes - https://www.grc.com/sn/SN-1045-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: vanta.com/SECURITYNOW 1password.com/securitynow Melissa.com/twit threatlocker.com/twit zapier.com/twit

Cisco's routers just exposed more than two million networks thanks to a "security optional" SNMP setup that's being actively exploited—Steve and Leo break down why this is a worst-case scenario for the industry and how easily it could have been avoided. Gmail's spam filtering false-positive spree. iOS 26's Safari randomizes its fingerprint by default. Cisco's SNMP stands for "Security Not My Problem". Windows' "stuck" Extended Security Updates (ESU). Europe complains, gets 1-year of ESU with no strings. Where to get $6 TLS certs (really) while they last. The lessons to learn from Jaguar Land Rover's mess. The NEON app: get paid to have your voice recorded. Bluesky's age verification, now coming to Ohio. What is "Kids Web Services" for age verification. More than 10K Ollama instances publicly exposed. GRC's DNS Benchmark reaches "release candidate" Show Notes - https://www.grc.com/sn/SN-1045-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: vanta.com/SECURITYNOW 1password.com/securitynow Melissa.com/twit threatlocker.com/twit zapier.com/twit

Daniel Stenberg, Swedish Internet protocol expert and founder and lead developer of the Curl project, speaks with SE Radio host Gavin Henry about removing Rust from Curl. They discuss why Hyper was removed from curl, why the last five percent of making it a success was difficult, what the project gained from the 5-year attempt to tackle bringing Rust into a C project, lessons learned for next time, why user support is critical, and the positive long-lasting impact this attempt had. Brought to you by IEEE Computer Society and IEEE Software magazine.

Cisco's routers just exposed more than two million networks thanks to a "security optional" SNMP setup that's being actively exploited—Steve and Leo break down why this is a worst-case scenario for the industry and how easily it could have been avoided. Gmail's spam filtering false-positive spree. iOS 26's Safari randomizes its fingerprint by default. Cisco's SNMP stands for "Security Not My Problem". Windows' "stuck" Extended Security Updates (ESU). Europe complains, gets 1-year of ESU with no strings. Where to get $6 TLS certs (really) while they last. The lessons to learn from Jaguar Land Rover's mess. The NEON app: get paid to have your voice recorded. Bluesky's age verification, now coming to Ohio. What is "Kids Web Services" for age verification. More than 10K Ollama instances publicly exposed. GRC's DNS Benchmark reaches "release candidate" Show Notes - https://www.grc.com/sn/SN-1045-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: vanta.com/SECURITYNOW 1password.com/securitynow Melissa.com/twit threatlocker.com/twit zapier.com/twit

Cisco's routers just exposed more than two million networks thanks to a "security optional" SNMP setup that's being actively exploited—Steve and Leo break down why this is a worst-case scenario for the industry and how easily it could have been avoided. Gmail's spam filtering false-positive spree. iOS 26's Safari randomizes its fingerprint by default. Cisco's SNMP stands for "Security Not My Problem". Windows' "stuck" Extended Security Updates (ESU). Europe complains, gets 1-year of ESU with no strings. Where to get $6 TLS certs (really) while they last. The lessons to learn from Jaguar Land Rover's mess. The NEON app: get paid to have your voice recorded. Bluesky's age verification, now coming to Ohio. What is "Kids Web Services" for age verification. More than 10K Ollama instances publicly exposed. GRC's DNS Benchmark reaches "release candidate" Show Notes - https://www.grc.com/sn/SN-1045-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: vanta.com/SECURITYNOW 1password.com/securitynow Melissa.com/twit threatlocker.com/twit zapier.com/twit

Topics covered in this episode: * PostgreSQL 18 Released* * Testing is better than DSA (Data Structures and Algorithms)* * Pyrefly in Cursor/PyCharm/VSCode/etc* * Playwright & pytest techniques that bring me joy* Extras Joke Watch on YouTube About the show Sponsored by us! Support our work through: Our courses at Talk Python Training The Complete pytest Course Patreon Supporters Connect with the hosts Michael: @mkennedy@fosstodon.org / @mkennedy.codes (bsky) Brian: @brianokken@fosstodon.org / @brianokken.bsky.social Show: @pythonbytes@fosstodon.org / @pythonbytes.fm (bsky) Join us on YouTube at pythonbytes.fm/live to be part of the audience. Usually Monday at 10am PT. Older video versions available there too. Finally, if you want an artisanal, hand-crafted digest of every week of the show notes in email form? Add your name and email to our friends of the show list, we'll never share it. Michael #1: PostgreSQL 18 Released PostgreSQL 18 is out (Sep 25, 2025) with a focus on faster text handling, async I/O, and easier upgrades. New async I/O subsystem speeds sequential scans, bitmap heap scans, and vacuum by issuing concurrent reads instead of blocking on each request. Major-version upgrades are smoother: pg_upgrade retains planner stats, adds parallel checks via -jobs, and supports faster cutovers with -swap. Smarter query performance lands with skip scans on multicolumn B-tree indexes, better OR optimization, incremental-sort merge joins, and parallel GIN index builds. Dev quality-of-life: virtual generated columns enabled by default, a uuidv7() generator for time-ordered IDs, and RETURNING can expose both OLD and NEW. Security gets an upgrade with native OAuth 2.0 authentication; MD5 password auth is deprecated and TLS controls expand. Text operations get a boost via the new PG_UNICODE_FAST collation, faster upper/lower, a casefold() helper, and clearer collation behavior for LIKE/FTS. Brian #2: Testing is better than DSA (Data Structures and Algorithms) Ned Batchelder If you need to grind through DSA problems to get your first job, then of course, do that, but if you want to prepare yourself for a career, and also stand out in job interviews, learn how to write tests. Testing is a skill you'll use constantly, will make you stand out in job interviews, and isn't taught well in school (usually). Testing code well is not obvious. It's a puzzle and a problem to solve. It gives you confidence and helps you write better code. Applies everywhere, at all levels. Notes from Brian Most devs suck at testing, so being good at it helps you stand out very quickly. Thinking about a system and how to test it often very quickly shines a spotlight on problem areas, parts with not enough specification, and fuzzy requirements. This is a good thing, and bringing up these topics helps you to become a super valuable team member. High level tests need to be understood by key engineers on a project. Even if tons of the code is AI generated. Even if many of the tests are, the people understanding the requirements and the high level tests are quite valuable. Michael #3: Pyrefly in Cursor/PyCharm/VSCode/etc Install the VSCode/Cursor extension or PyCharm plugin, see https://pyrefly.org/en/docs/IDE/ Brian spoke about Pyrefly in #433: Dev in the Arena I've subsequently had the team on Talk Python: #523: Pyrefly: Fast, IDE-friendly typing for Python (podcast version coming in a few weeks, see video for now.) My experience has been Pyrefly changes the feel of the editor, give it a try. But disable the regular language server extension. Brian #4: Playwright & pytest techniques that bring me joy Tim Shilling “I've been working with playwright more often to do end to end tests. As a project grows to do more with HTMX and Alpine in the markup, there's less unit and integration test coverage and a greater need for end to end tests.” Tim covers some cool E2E techniques Open new pages / tabs to be tested Using a pytest marker to identify playwright tests Using a pytest marker in place of fixtures Using page.pause() and Playwright's debugging tool Using assert_axe_violations to prevent accessibility regressions Using page.expect_response() to confirm a background request occurred From Brian Again, with more and more lower level code being generated, and many unit tests being generated (shakes head in sadness), there's an increased need for high level tests. Don't forget API tests, obviously, but if there's a web interface, it's gotta be tested. Especially if the primary user experience is the web interface, building your Playwright testing chops helps you stand out and let's you test a whole lot of your system with not very many tests. Extras Brian: Big O - By Sam Who Yes, take Ned's advice and don't focus so much on DSA, focus also on learning to test. However, one topic you should be comfortable with in algortithm-land is Big O, at least enough to have a gut feel for it. And this article is really good enough for most people. Great graphics, demos, visuals. As usual, great content from Sam Who, and a must read for all serious devs. Python 3.14.0rc3 has been available since Sept 18. Python 3.14.0 final scheduled for Oct 7 Django 6.0 alpha 1 released Django 6.0 final scheduled for Dec 3 Python Test Static hosting update Some interesting discussions around setting up my own server, but this seems like it might be yak shaving procrastination research when I really should be writing or coding. So I'm holding off until I get some writing projects and a couple SaaS projects further along. Joke: Always be backing up

This week, we dig into Atlassian buying The Browser Company, whether Pay Per Crawl makes sense, and Oracle's cloud jackpot. Plus, a quick lesson in Aussie slang. Watch the YouTube Live Recording of Episode (https://www.youtube.com/live/iTFrzM8U2hQ?si=XaRjUM0tMr2aOLVZ) 537 (https://www.youtube.com/live/iTFrzM8U2hQ?si=XaRjUM0tMr2aOLVZ) Runner-up Titles "I have a plan to make things slightly better.” Matt Ray comes off the top rope We are in that demographic Flip-flops, thongs, and slides. No Translation Needed Do we have a fashion channel? Why not us too? Let's just try it Hooters adjacent tech story Pay-per-crawl. I don't know how DNS works, nobody does Cool, copyright, I love it Just lots of weird stuff going on. Y'all are weird Rundown Final thought on Australia (https://walkingtheworld.substack.com/p/final-thought-on-australia) Atlassian agrees to acquire The Browser Company for $610 million (https://www.cnbc.com/2025/09/04/atlassian-the-browser-company-deal.html) VMware buying Slide Rocket in 2011 (https://techcrunch.com/2011/04/26/vmware-acquires-online-presentation-application-sliderocket/), which is now ClearSlide (https://www.clearslide.com/product/sliderocket/) An Interview with Cloudflare Founder and CEO Matthew Prince About Internet History and Pay-per-crawl (https://stratechery.com/2025/an-interview-with-cloudflare-founder-and-ceo-matthew-prince-about-internet-history-and-pay-per-crawl/) Anthropic Agrees to Pay $1.5 Billion to Settle Lawsuit With Book Authors (https://www.nytimes.com/2025/09/05/technology/anthropic-settlement-copyright-ai.html) Apple unveils iPhone 17 Pro and iPhone 17 Pro Max (https://www.apple.com/newsroom/2025/09/apple-unveils-iphone-17-pro-and-iphone-17-pro-max/) Catch up quick | Apple September event highlights (https://youtu.be/31MbUHX7W8k?si=lmDZqRp_SsQykqsr) Apple introduces AirPods Pro 3 with live translation feature (https://arstechnica.com/gadgets/2025/09/new-airpods-pro-3-turn-apples-earbuds-into-fitness-tracker-universal-translator/) Nvidia's top two mystery customers made up 39% of the chipmaker's Q2 revenue (https://www.cnbc.com/2025/08/28/nvidias-top-two-mystery-customers-made-up-39percent-of-its-q2-revenue-.html) Oracle Financial's US parent jumps 27% in extended trading on Tuesday; Here's why - CNBC TV18 (https://www.cnbctv18.com/market/oracle-corp-share-price-jump-q1-results-guidance-data-centre-india-listed-stock-19668521.htm) Relevant to your Interests Google, Apple, and Mozilla Win in the Antitrust Case Google Lost (https://spyglass.org/google-apple-and-mozilla-win-in-the-antitrust-case-google-lost/) Privacy Nightmare: Your Doorbell Camera Is Snitching to Insurance Companies (https://www.gadgetreview.com/privacy-nightmare-your-doorbell-camera-is-snitching-to-insurance-companies) Broadcom Stock Soars as AI Demand Drives Strong Earnings—Crucial Price Levels to Monitor (https://www.investopedia.com/broadcom-stock-soars-as-ai-demand-drives-strong-earnings-crucial-price-levels-to-monitor-11804068) Addressing the unauthorized issuance of multiple TLS certificates for 1.1.1.1 (https://blog.cloudflare.com/unauthorized-issuance-of-certificates-for-1-1-1-1/) Exclusive | Databricks Crosses $4 Billion in Annual Revenue Rate (https://www.wsj.com/tech/ai/databricks-increases-revenue-forecast-to-4-billion-a-year-642897c8) SpaceX strikes $17B deal to buy EchoStar's spectrum for Starlink's direct-to-phone service (https://techcrunch.com/2025/09/08/spacex-strikes-17b-deal-to-buy-echostars-spectrum-for-starlinks-direct-to-phone-service/) Google Cloud CEO sees sunny prospects thanks to AI demand (https://www.theregister.com/2025/09/09/google_cloud_ceo_sees_sunny/) Apple unveils iPhone 17 Pro and iPhone 17 Pro Max (https://www.apple.com/newsroom/2025/09/apple-unveils-iphone-17-pro-and-iphone-17-pro-max/) Catch up quick | Apple September event highlights (https://youtu.be/31MbUHX7W8k?si=lmDZqRp_SsQykqsr) Apple introduces AirPods Pro 3 with live translation feature (https://arstechnica.com/gadgets/2025/09/new-airpods-pro-3-turn-apples-earbuds-into-fitness-tracker-universal-translator/) Claude can now create and use files (https://www.anthropic.com/news/create-files) The $69 Billion Domino Effect: How VMware's Debt-Fueled Acquisition Is Killing Open Source, One Repository at a Time (https://fastcode.io/2025/08/30/the-69-billion-domino-effect-how-vmwares-debt-fueled-acquisition-is-killing-open-source-one-repository-at-a-time/) Nonsense 2025 AI Darwin Award Nominees - Worst AI Failures of the Year (https://aidarwinawards.org/nominees-2025.html) Ground staff strike: KLM cancels over 100 flights on Wednesday - DutchNews.nl (https://www.dutchnews.nl/2025/09/ground-staff-strike-klm-cancels-over-100-flights-on-wednesday/) Listener Feedback Carless People (https://www.amazon.com/Careless-People-Cautionary-Power-Idealism/dp/1250391237) What We've Learned About the Kawhi Leonard Situation—and What We Haven't (https://www.theringer.com/2025/09/09/nba/kawhi-leonard-los-angeles-clippers-steve-ballmer-aspiration-salary-cap-circumvention) Conferences VMUG London (https://my.vmug.com/s/event/a4pVs000000eX25IAE/uk-usercon?filters=%257B%2522baseConditions%2522%3A%255B%257B%2522fieldName%2522%3A%2522acem__Zone__c%2522%2C%2522fieldType%2522%3A%2522ID%2522%2C%2522fieldValue%2522%3A%2522a4vVs0000002wkgIAA%2522%257D%255D%2C%2522tabCondition%2522%3A%2522Upcoming%2522%2C%2522textAreaConditions%2522%3A%255B%255D%2C%2522picklistConditions%2522%3A%255B%255D%2C%2522chatterGroupCondition%2522%3A%257B%2522chatterGroupId%2522%3Anull%257D%2C%2522page%2522%3A5%257D&chatterGroupId&utm_source&utm_medium&utm_campaign), Coté speaking, September 18th. SREDay London (https://sreday.com/2025-london-q3/), Coté speaking, September 18th and 19th. Civo Navigate London (https://www.civo.com/navigate/london/2025), Coté speaking, September 30th. Texas Linux Fest (https://2025.texaslinuxfest.org), Austin, October 3rd to 4th. CF Day EU (https://events.linuxfoundation.org/cloud-foundry-day-europe/), Coté speaking, Frankfurt, October 7th, 2025. AI for the Rest of Us (https://aifortherestofus.live/london-2025), Coté speaking, October 15th-16th, London. Use code SDT20 for 20% off. Wiz Wizdom Conferences (https://www.wiz.io/wizdom), NYC November 3-5, London November 17-19 SREDay Amsterdam (https://sreday.com/2025-amsterdam-q4/), Coté speaking, November 7th. SDT News & Community Join our Slack community (https://softwaredefinedtalk.slack.com/join/shared_invite/zt-1hn55iv5d-UTfN7mVX1D9D5ExRt3ZJYQ#/shared-invite/email) Email the show: questions@softwaredefinedtalk.com (mailto:questions@softwaredefinedtalk.com) Free stickers: Email your address to stickers@softwaredefinedtalk.com (mailto:stickers@softwaredefinedtalk.com) Follow us on social media: Twitter (https://twitter.com/softwaredeftalk), Threads (https://www.threads.net/@softwaredefinedtalk), Mastodon (https://hachyderm.io/@softwaredefinedtalk), LinkedIn (https://www.linkedin.com/company/software-defined-talk/), BlueSky (https://bsky.app/profile/softwaredefinedtalk.com) Watch us on: Twitch (https://www.twitch.tv/sdtpodcast), YouTube (https://www.youtube.com/channel/UCi3OJPV6h9tp-hbsGBLGsDQ/featured), Instagram (https://www.instagram.com/softwaredefinedtalk/), TikTok (https://www.tiktok.com/@softwaredefinedtalk) Book offer: Use code SDT for $20 off "Digital WTF" by Coté (https://leanpub.com/digitalwtf/c/sdt) Sponsor the show (https://www.softwaredefinedtalk.com/ads): ads@softwaredefinedtalk.com (mailto:ads@softwaredefinedtalk.com) Recommendations Brandon: Python: The Documentary | An origin story (https://www.youtube.com/watch?v=GfH4QL4VqJ0) Matt: macOS - Sound Output → another computer beats using a headphone switcher Coté: back to Obsidian (https://obsidian.md). Marriott lifetime platinum luggage tags (https://www.reddit.com/r/marriott/comments/17vtenx/life_time_platinum_luggage_tags_thats_it/), check out this deep dive (https://phillipsloop.com/2024/05/10/review-complimentary-marriott-bonvoy-lifetime-elite-gift/). Photo Credits Header (https://unsplash.com/photos/opera-house-sydney-australia-r2L6vCKaVRk)

Topics covered in this episode: * rathole* * pre-commit: install with uv* A good example of what functools.Placeholder from Python 3.14 allows Converted 160 old blog posts with AI Extras Joke Watch on YouTube About the show Sponsored by DigitalOcean: pythonbytes.fm/digitalocean-gen-ai Use code DO4BYTES and get $200 in free credit Connect with the hosts Michael: @mkennedy@fosstodon.org / @mkennedy.codes (bsky) Brian: @brianokken@fosstodon.org / @brianokken.bsky.social Show: @pythonbytes@fosstodon.org / @pythonbytes.fm (bsky) Join us on YouTube at pythonbytes.fm/live to be part of the audience. Usually Monday at 10am PT. Older video versions available there too. Finally, if you want an artisanal, hand-crafted digest of every week of the show notes in email form? Add your name and email to our friends of the show list, we'll never share it. Michael #1: rathole A lightweight and high-performance reverse proxy for NAT traversal, written in Rust. An alternative to frp and ngrok. Features High Performance Much higher throughput can be achieved than frp, and more stable when handling a large volume of connections. Low Resource Consumption Consumes much fewer memory than similar tools. See Benchmark. The binary can be as small as ~500KiB to fit the constraints of devices, like embedded devices as routers. On my server, it's currently using about 2.7MB in Docker (wow!) Security Tokens of services are mandatory and service-wise. The server and clients are responsible for their own configs. With the optional Noise Protocol, encryption can be configured at ease. No need to create a self-signed certificate! TLS is also supported. Hot Reload Services can be added or removed dynamically by hot-reloading the configuration file. HTTP API is WIP. Brian #2: pre-commit: install with uv Adam Johnson pre-commit doesn't natively support uv, but you can get around that with pre-commit-uv $ uv tool install pre-commit --with pre-commit-uv Installing pre-commit like this Installs it globally Installs with uv adds an extra plugin “pre-commit-uv” to pre-commit, so that any Python based tool installed via pre-commit also uses uv Very cool. Nice speedup Brian #3: A good example of what functools.Placeholder from Python 3.14 allows Rodrigo Girão Serrão Remove punctuation functionally Also How to use functools.Placeholder, a blog post about it. functools.partial is cool way to create a new function that partially binds some parameters to another function. It doesn't always work for functions that take positional arguments. functools.Placeholder fixes that with the ability to put in placeholders for spots where you want to be able to pass that in from the outer partial binding. And all of this sounds totally obscure without a good example, so thank you to Rodgrigo for coming up with the punctuation removal example (and writeup) Michael #4: Converted 160 old blog posts with AI They were held-hostage at wordpress.com to markdown and integrated them into my Hugo site at mkennedy.codes Here is the chat conversation with Claude Opus/Sonnet. Had to juggle this a bit because the RSS feed only held the last 50. So we had to go back in and web scrape. That resulted in oddies like comments on wordpress that had to be cleaned etc. Whole process took 3-4 hours from idea to “production”duction”. The chat transcript is just the first round getting the RSS → Hugo done. The fixes occurred in other chats. This article is timely and noteworthy: Blogging service TypePad is shutting down and taking all blog content with it This highlights why your domain name needs to be legit, not just tied to the host. I'm looking at you pyfound.blogspot.com. I just redirected blog.michaelckennedy.net to mkennedy.codes Carefully mapping old posts to a new archived area using NGINX config. This is just the HTTP portion, but note the /sitemap.xml and location ~ "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/(.+?)/?$" { portions. The latter maps posts such as https://blog.michaelckennedy.net/2018/01/08/a-bunch-of-online-python-courses/ to https://mkennedy.codes/posts/r/a-bunch-of-online-python-courses/ server { listen 80; server_name blog.michaelckennedy.net; # Redirect sitemap.xml to new domain location = /sitemap.xml { return 301 ; } # Handle blog post redirects for HTTP -> HTTPS with URL transformation # Pattern: /YYYY/MM/DD/post-slug/ -> location ~ "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/(.+?)/?$" { return 301 ; } # Redirect all other HTTP URLs to mkennedy.codes homepage location / { return 301 ; } } Extras Brian: SMS URLs and Draft SMS and iMessage from any computer keyboard from Seth Larson Test and Code Archive is now up, see announcement Michael: Python: The Documentary | An origin story is out! Joke: Do you know him? He is me.