Podcasts about TLS

Modern Therapist's Consumer Guide: Paubox. HIPAA Compliant Email, Secure Communication, and Practice Privacy. An Interview with Hoala Greevy, Founder and CEO of Paubox Curt and Katie talk with Hoala Greevy, Founder and CEO of Paubox, about what HIPAA compliant email actually requires, where standard Google Workspace and Microsoft 365 Business Associate Agreements leave gaps, and why most secure-portal solutions fail at the inbox. Paubox is a HIPAA compliant email security platform built to deliver encrypted messages straight to the recipient's inbox, without portals, plugins, or extra clicks. Hoala explains how Paubox wraps around the email systems therapists already use, why domain ownership and TLS encryption matter, and how inbound threats like display-name spoofing affect small practices. The conversation also covers HITRUST certification, AI scraping, the Paubox Foundations, the Paubox Kahikina Scholarship supporting Native Hawaiian students in STEM, and how to evaluate a HIPAA compliant email vendor on security, reliability, and ease of use. This episode is part of our Modern Therapist's Consumer Guide series. While this interview is a paid partnership, our discussion and opinions are our own. In this episode, we discuss: - Where standard Google and Microsoft BAAs leave HIPAA compliant email gaps - Why most secure-portal solutions never get read on mobile - How TLS encryption and secure email delivery actually work - What domain ownership has to do with HIPAA compliance - How Paubox integrates with Google Workspace and Microsoft 365 - Inbound threats, display-name spoofing, and ExecProtect - HITRUST certification and how to evaluate a HIPAA compliant email vendor Timestamps: - 02:18 – What Paubox does and why it was created - 05:19 – Mission, vision, and the Paubox Foundations - 08:38 – What HIPAA compliant email actually requires - 10:26 – The Google and Microsoft BAA gray area - 14:48 – What the client experience looks like - 21:09 – Inbound email security and display-name spoofing - 24:32 – Data access, HITRUST certification, and trust - 34:05 – Pricing, value, and the referral program - 38:43 – Curt and Katie Chat: Our Review of Paubox Guest Bio: Hoala Greevy is the Founder and CEO of Paubox, a leading provider of HIPAA compliant email solutions for healthcare organizations. Born and raised in Honolulu, he founded Paubox after a meeting with the CEO of the Make-A-Wish Foundation of Hawai'i revealed a critical need for secure healthcare communication. Greevy supports Native Hawaiian students entering STEM and technology careers through the Paubox Kahikina Scholarship. Learn more at paubox.com. Special Offer for Modern Therapist Listeners: Get $250 off an annual Paubox plan. Visit paubox.com and use promo code MODERN. Full show notes and transcript: mtsgpodcast.com Join the Modern Therapist Community Patreon: https://www.patreon.com/c/mtsgpodcast Facebook Group: https://www.facebook.com/groups/therapyreimagined Modern Therapist's Survival Guide Creative Credits Voice Over by DW McCann: https://www.facebook.com/McCannDW/ Music by Crystal Grooms Mangano: https://groomsymusic.com/

The ASX 200 gave up yesterday's gain and more, dropping another 108 points to 8,497 (1.3%) as the rout continues. Resources bore the brunt of the selling as inflation fears stoked higher rates and tore through commodities. BHP fell 2.3% and RIO off 1.5% with gold miners under pressure again, EVN down 4.9% and NEM falling 4.5%. Oil and gas firmed, but uranium stocks eased back, PDN down 4.5%. Lithium stocks found some friends with PLS up 1.9%. Industrials were also weak across the board as TLS fell 1.1% and REA dipped 2.0%. Tech stocks couldn't shrug off the negativity despite good results from CAT and broker upgrades to TNE. Healthcare drifted lower.Banks were hit hard as one broker said conditions were tough, WBC fell 2.4% with ANZ off 2.1% and the Big Bank Basket falling to $269.72 (0.8%). Other financials also under pressure, MQG fell 2.0% and NWL and HUB dropped. Insurers also saw sellers, QBE off 1.0% and IAG down 0.4%. REITs fell as bond yields rose again. GMG down 2.1% and CHC falling 3.3%.In corporate news, WJL tumbled 11.2% after earnings came in worse than expected and guidance was moved down. JHX fell 0.9% after lacklustre results too. EOS tumbled 10.3% as it raised funds at 800c and FLT fell 3.6% after a US$5m US strategic acquisition.On the economic front, total wages and salaries paid by employers rose 1.4% to a record $110.6bn in March. National Australia Bank says weekly consumer spending patterns have stabilised with travel especially weak.Asian markets fell, Japan down 1.6%, Hong Kong down 0.7%, China flat. Kospi down 2.8%.US futures mixed with Dow down 31, Nasdaq up 32. European futures opening around 1% lower. Oil down slightly.Nvidia tonight in the US. European futures opening around 0.6% lower.—Marcus Today – Daily Market InsightsMarcus Today provides clear, practical commentary for self-directed investors – covering markets, portfolios, education, and decision-making without the noise.If you'd like to go further:Start a free 14-day trial of Marcus Today http://bit.ly/mt-trial-podcastJoin Marcus Today Use code MTPODCAST for 10% off http://bit.ly/mt-join-podcast-offerMT20 – Managed ETF Portfolio A professionally managed portfolio run by Marcus Padley and the team, using ASX-listed ETFs with active market timing. http://bit.ly/mt20-podcastPrinciples – How We Think About Investing A short video series on timing, behaviour, and decision-making. No stock tips. http://bit.ly/mt-principles-podcast—Disclaimer This podcast is general information only and does not consider your personal circumstances. It is not personal financial advice.

The ASX 200 bounced back 99 points today to 8605 (1.2%) as banks led the recovery. CBA gained % with the Big Bank Basket up to $271.83 (=1.5%%). NAB the standout gaining 2.0%. MQG also had a good day up 1.9% and insurers did well as higher bond yields helped, QBE up 2.9% and MPL rising 2.1%. REITs also had a better day with GMG up 1.8% and CHC up 2.2%.Industrials were firm, WES finally finding buyers up 2.4% and TLS gained 2.6%. WOW and COL both did very well on some broker upgrades. Healthcare also found support, CSL up 2.6% and RMD gaining 2.0%. BXB fell another 0.6% and TUA up 17.6% after a 68% fall yesterday. Tech slightly better with the All-Tech Index up 0.8%.Resources eased back, iron ore off in Asia, BHP down 0.1% and FMG down 0.3% with gold miners mixed, NEM up 1.8% and NST falling 0.7%. Lithium and rare earth stocks slid, LYC down 4.3% and PLS falling 1.3%. Oil and gas stocks held, uranium stocks gained, coal better too.In corporate news, MIN rose 2.6% after it announced a restart at Bald Hill, SLC flagged a 4.5m share purchase for staff. TNE fell 2.9% as FX headwinds hurt.On the economic front, RBA minutes pointed to a pause perhaps from the RBA.  Asian markets bounced a little, Japan down 0.5%, HK flat, China down 0.4% Kospi down 2.8%.US futures lower with Dow down 39, Nasdaq down 105.  European futures opening around 1% lower. Oil down around 2%.—Marcus Today – Daily Market InsightsMarcus Today provides clear, practical commentary for self-directed investors – covering markets, portfolios, education, and decision-making without the noise.If you'd like to go further:Start a free 14-day trial of Marcus Today http://bit.ly/mt-trial-podcastJoin Marcus Today Use code MTPODCAST for 10% off http://bit.ly/mt-join-podcast-offerMT20 – Managed ETF Portfolio A professionally managed portfolio run by Marcus Padley and the team, using ASX-listed ETFs with active market timing. http://bit.ly/mt20-podcastPrinciples – How We Think About Investing A short video series on timing, behaviour, and decision-making. No stock tips. http://bit.ly/mt-principles-podcast—Disclaimer This podcast is general information only and does not consider your personal circumstances. It is not personal financial advice.

With JDK 27 introducing hybrid key exchange schemes that combine ML-KEM with traditional ECDHE algorithms, Java applications can gain TLS-layer protection against the harvest-now, decrypt-later threat without rewriting business logic. In this episode of the Inside Java Newscast, Ana explains post-quantum hybrid key exchange for TLS 1.3 and demonstrates how a Java application can take advantage of it. See https://inside.java/podcast  

Get help reviewing contracts using a new Legal Agent for Microsoft Word. Sync up to 1 million files with OneDrive. But consult your IT Support to learn if this is right for you. Finally, Outlook gets some action with M365 Copilot. I mean, can take action... via instructions, productive ones. 0:00 Welcome 2:41 Exchange Online: Retirement of legacy TLS versions for POP and IMAP connections - MC1293480 4:35 Microsoft 365 Copilot: Use Copilot in Outlook to manage your inbox - available in Frontier Public - MC1293485 7:07 OneDrive sync supports up to 1 million items on Windows - MC1294528 10:47 Microsoft Teams: Retirement of Together mode - MC1296478 12:47 Microsoft 365 Copilot will use private community and event content as grounding sources - MC1296480 18:06 Microsoft 365 Copilot (Premium): Teams meetings as a reference in Copilot Notebooks - MC1296488 24:03 Microsoft 365 Copilot: Legal Agent for Word - MC1296877

Cos'è S3 Vectors e perché semplifica radicalmente la gestione dei dati vettoriali per le applicazioni AI? Cosa sono i table bucket e in che modo Amazon S3 Tables porta le tabelle Apache Iceberg direttamente dentro S3? Come funziona il Tag-Based Access Control su S3? Perché il Post-Quantum TLS è una feature da attivare subito per chi gestisce dati sensibili? Oggi parliamo di questo ed altro con Antonio Aga Rossi, Principal Solutions Architect di AWS.Link utili:- Amazon S3 Vectors- Amazon S3 Tables- Introducing attribute-based access control for Amazon S3 general purpose buckets- Using hybrid post-quantum TLS with Amazon S3

On Episode 262, Josh, Chris, and Mark discuss the risks of edtech tools that add generative AI without age checks or strong guardrails, share a new K12 SIX resource and rubric for security essentials, and cover email security best practices. For the main topic, the guys talk about "secure email." Districts are being asked to send more sensitive information outside the network - to parents, agencies, vendors - but there's no shared standard for what "secure email" even means in K12. TLS encryption in transit isn't the same as end-to-end encryption. A password-protected PDF isn't a secure channel. And most staff don't know the difference. ———— Sponsored by: PowerGistics: How K-12 Charging Models Impact Chromebook Sustainability Textbooks Didn't have Cables Bring Chromebooks Back to the Classroom, but NOT Carts! One-Person Tech Department Success Story SysCloud Fortinet Extreme Networks ———— Join the K12TechPro Community (exclusively for K12 Tech professionals) Buy some swag (tech dept gift boxes, shirts, hoodies...)!!! Email us at k12techtalk@gmail.com OR our "professional" email addy is info@k12techtalkpodcast.com X @k12techtalkpod Facebook Visit our LinkedIn Music by Colt Ball Disclaimer: The views and work done by Josh, Chris, and Mark are solely their own and do not reflect the opinions or positions of sponsors or any respective employers or organizations associated with the guys. K12 Tech Talk itself does not endorse or validate the ideas, views, or statements expressed by Josh, Chris, and Mark's individual views and opinions are not representative of K12 Tech Talk. Furthermore, any references or mention of products, services, organizations, or individuals on K12 Tech Talk should not be considered as endorsements related to any employer or organization associated with the guys.

The ASX 200 slipped another 24 pts to 8687 (0.3%) as CPI beat expectations. Banks eased back again, the Big Bank Basket fell to $286.25 (-1.1%) with CBA off 1.4% and WBC falling 1.0%. Financials mixed, CGF 1.0% better, MFG finding friends and ZIP up 0.8%. Insurers firmed on bond yields, QBE up 0.5% and MPL up 1.5%. Industrials mixed again, CSL falling around 2.4% and COH dropping 3.2%. TLS fell 0.4%, WOW and COL eased back and SEK dropped 3.0%. Tech stocks were mixed, 360 up 0.9% and WTC falling 2.2%. The All-Tech Index down 0.2%.In resources, BHP and RIO eased back, rare earths and lithium stocks remain in demand, LYC jumped 5.2% with LTR roaring ahead, up 2.5%. Plenty f quarterlies around too, gold miners mixed, VAU up 1.5% and NEM down 3.2%. Oil and gas stocks better, WDS up 2.0% and STO up 0.4%. Coal stocks pushed back up, NHC up 3.4% but uranium stocks decayed, PDN off 1.2% and DYL down 2.2%.In corporate news, CDA soared 15.5% on a better-than-expected update, GEM was smashed 31.3% after it suspended operations at around 40 centres. OML jumped 33.0% on a Private Equity NBIO at 140c. On the economic front, headline inflation picked up to 1.1% in March from a steady reading in February, pushing the consumer price index to 4.6% on an annual basis. RBA meeting next week.Asian markets firmed, Japan closed for another holiday. China up 0.6% and HK up 1.4%. US Futures better, Nasdaq up 118. Dow up 75. Europe expected to open slightly higher. Fed meeting in focus. 4 Mag Seven stocks report.—Marcus Today – Daily Market InsightsMarcus Today provides clear, practical commentary for self-directed investors – covering markets, portfolios, education, and decision-making without the noise.If you'd like to go further:Start a free 14-day trial of Marcus Today http://bit.ly/mt-trial-podcastJoin Marcus Today Use code MTPODCAST for 10% off http://bit.ly/mt-join-podcast-offerMT20 – Managed ETF Portfolio A professionally managed portfolio run by Marcus Padley and the team, using ASX-listed ETFs with active market timing. http://bit.ly/mt20-podcastPrinciples – How We Think About Investing A short video series on timing, behaviour, and decision-making. No stock tips. http://bit.ly/mt-principles-podcast—Disclaimer This podcast is general information only and does not consider your personal circumstances. It is not personal financial advice.

The ASX 200 finished at a three-week low down 56 pts at 8711 (0.6%). Broad-based losses again, Banks managed to hold firm, the Big Bank Basket flat at $289.43 (). CBA rose 0.9% and ANZ up 0.3%. Insurers eased, QBE dropped 1.2% and REITs also under pressure, GMG off 1.8% and SGP falling 2.2%. Tech and industrials also fell, WTC down 1.9% and XRO off 2.0% with the All-Tech Index down 1.6%. TLS succumbed to some profit taking, off 0.9%, WES continued to fall off another 2.1% with ALL falling hard. Healthcare remains in ICU with CSL dropping again, down 2.2% and COH falling 2.4%.4DX continued to unwind its gains, PME also fell. In resources, BHP fell 1.3% and gold miners were under pressure as bullion fell, EVN down 3.0% and NST off 2.9%. Lithium and rare earths found friends, LYC up 3.5% and PLS rising 3.0% as UBS upgraded the sector. Oil and gas also in demand, WDS up 0.8% and coal stock better together with uranium stocks better. PDN up 0.6% and WHC rising 3.9%.In corporate news, RWC reaffirmed guidance rising 3.6% and DMP stuffed again off 10.7%, after the US parent dropped nearly 9% on disappointing numbers. ORG fell 3.9%, again after a downgrade following yesterday's numbers.On the economic front, the BoJ held rates at 0.75% with the Fed Meeting kicking off today. Asian markets ease, Japan down 1.3%, China off 0.3% and HK off 1%. US Futures ease, Nasdaq down 74. Dow up 2. Europe expected to open slightly higher.—Marcus Today – Daily Market InsightsMarcus Today provides clear, practical commentary for self-directed investors – covering markets, portfolios, education, and decision-making without the noise.If you'd like to go further:Start a free 14-day trial of Marcus Today http://bit.ly/mt-trial-podcastJoin Marcus Today Use code MTPODCAST for 10% off http://bit.ly/mt-join-podcast-offerMT20 – Managed ETF Portfolio A professionally managed portfolio run by Marcus Padley and the team, using ASX-listed ETFs with active market timing. http://bit.ly/mt20-podcastPrinciples – How We Think About Investing A short video series on timing, behaviour, and decision-making. No stock tips. http://bit.ly/mt-principles-podcast—Disclaimer This podcast is general information only and does not consider your personal circumstances. It is not personal financial advice.

The ASX 200 fought back from early losses to close up just 6 points to 8953. US futures were negative all day, some defensive buying and CBA helping keep the market flat. CBA rose % with the Big Bank Basket rising to $299.12 (0.2%) as NAB fell 3.6% as it ramped up provisions for a weakening local economy. Other financials drifted lower, REITs were firm, GMG up 1.5% and VCX rising 0.8%. Retailers were better, WES showing a rare 2.4% gain, LOV up 4.4% and HVN rallying 0.9%. Tech was drifting lower, WTC off 1.5% and the All-Tech Index flat. WOW and COL rose as did TLS rising 0.2%. Healthcare mixed, SIG down 0.7% and PME easing 2.7%.Resources were mixed, oil and gas fell, WDS down 2.9% and STO off 1.3% with uranium stocks slipping, PDN down 5.4% on research comments. Iron ore miners drifted lower despite higher IO prices in Singapore. Lithium flat after a strong start, gold miners surprising to the upside, EVN up 1.8% and NEM up 2.1%.In corporate news, 4DX fell 2.6% after a GSK contract win. KAR had its credit rating reaffirmed. WOR warned of an earnings hit due to the Iranian conflict.Asian markets saw modest gains - Japan up 0.5%, HK up 0.7% and China up 0.5%. 10-year yields rise to 5.0%.US Futures ease, Nasdaq down 180, Dow down 370. Europe is opening down around 1-1.5%.—Marcus Today – Daily Market InsightsMarcus Today provides clear, practical commentary for self-directed investors – covering markets, portfolios, education, and decision-making without the noise.If you'd like to go further:Start a free 14-day trial of Marcus Today http://bit.ly/mt-trial-podcastJoin Marcus Today Use code MTPODCAST for 10% off http://bit.ly/mt-join-podcast-offerMT20 – Managed ETF Portfolio A professionally managed portfolio run by Marcus Padley and the team, using ASX-listed ETFs with active market timing. http://bit.ly/mt20-podcastPrinciples – How We Think About Investing A short video series on timing, behaviour, and decision-making. No stock tips. http://bit.ly/mt-principles-podcast—Disclaimer This podcast is general information only and does not consider your personal circumstances. It is not personal financial advice.

#SatanicPanic #SatanicRitualAbuse #Satanism #PaceMemo #GlennPace #LDS #MormonThe Pace memorandum was a 1990 memorandum written by Glenn L. Pace, an LDS Church general authority, describing to a committee of the church the complaints of sixty members of the church that said they had been subjected to SRA by family members and other church members.There are many people today who still deny such atrocities, so let's dig a little deeper with Ben McClintock of the Tree of Liberty Society. Check out their links below!GUEST LINKS - Tree of Liberty Society:- TLS Website: https://treeoflibertysociety.com- TLS on X: https://x.com/TreeOfLibertyS- TLS on YouTube: https://www.youtube.com/@treeoflibertysociety- TLS Merch Store: https://treeoflibertysociety.com/shop/RISE TO LIBERTY - LINKS:• RISE TO LIBERTY – MASTER LINK: https://allmylinks.com/risetoliberty/ • RISE TO LIBERTY – SPREAKER: https://open.spreaker.com/A4NZ/nf256a4z • RISE TO LIBERTY – MERCH STORE: https://risetoliberty.store/• RISE TO LIBERTY – SUPPORTER CLUB:$6 monthLY = ad free episodes & exclusive content for subscribers: https://www.spreaker.com/podcast/rise-to-liberty--6854487/supportWatch the video version on Rumble, YouTube, & on X! Links down below!Rumble: https://rumble.com/v7879qg-60-lds-church-members-testified-to-satanic-ritual-abuseheres-what-happened.htmlYouTube: https://youtube.com/live/EE9LNazgWgIRTL on X: https://x.com/RiseToLiberty/status/2039388188192788534?s=20

AOBPrime SHIPPING!FTF with ZachSamourai Domain PSALauren on with Danny from WBDQ still vibingNEWSKentucky HB 380 requires HWW manufacturers to reset users' seeds upon request https://x.com/bitcoinpolicy/status/2034702487995768878GrapeheneOS refuses to comply with new age verification laws for OS https://www.tomshardware.com/software/operating-systems/grapheneos-refuses-to-comply-with-age-verification-lawsGoogle reverses Android developer verification requirement amidst user backlash - https://www.scworld.com/brief/google-reverses-android-developer-verification-requirement-amidst-user-backlashDOJ Seeks October Retrial for Tornado Cash Developer Roman Storm — https://www.coindesk.com/business/2026/03/10/u-s-requests-october-retrial-for-tornado-cash-developer-roman-stormBitrefill Hacked by North Korea's Lazarus Group — 18,500 Purchase Records Exposed — https://bitcoinmagazine.com/news/bitrefill-cyberattack-points-north-koreaPokemon Go's 30 Billion Images Now Training Delivery Robots — Mass Surveillance Data Harvesting Revealed — https://www.therage.co/pokemon-go-users-trained-killer-robots/UPDATES/RELEASESAm I Exposed? https://am-i.exposed/ by Arkad and CoSelf hosted chain analysis toolAlready on startOSStealth Fork already emergedhttps://x.com/MgkMshrmBrkfst/status/2033771448255566082?s=20Last Signal App https://lastsignal.app/Self hosted dead man switchSparrow Wallet 2.4.2 — March 10, 2026Introduces support for v3 transactions in the editor, implements TOFU certificate pinning for TLS connections, and adds BIP-322 signing via QR and file methods. Numerous dependency upgrades plus bug fixes for PSBTv2 transaction issues, potential database corruption, and dark theme display problems.https://github.com/sparrowwallet/sparrow/releases/tag/2.4.2Aqua v0.4.1 — March 13, 2026Patch addressing multiple bugs and performance improvements. Re-adds region selector to the marketplace, introduces Arabic and Chinese language support, and adds new iOS icon designs. Fixes wallet setup errors when scanning certain QR codes.https://github.com/AquaWallet/aqua-wallet/releases/tag/v0.4.1Boltz USDT Swaps - March 18, 2026Announces USDT Swaps - connecting Bitcoin to the world's most used stablecoin. Swap between Lightning and USDT on all major networks, without custody, accounts, or KYC! Envoy 2.2.12 — March 13, 2026Major update centred on Passport Prime device support. Includes multi-device pairing capability, Bluetooth reliability improvements, and fixes for dozens of bugs across BLE pairing, QuantumLink stability, and the Passport Prime onboarding flow.https://github.com/Foundation-Devices/envoy/releases/tag/2.2.12BTCPay v2.3.6 — March 15, 2026Stable release introducing wallet label filtering, API enhancements for payment method inclusion, invoice modal improvements, security upgrades for API key permissions, and plugin permission policy creation.https://github.com/btcpayserver/btcpayserver/releases/tag/v2.3.6Bisq v2.1.10 — March 17, 2026Implements new trade rules for payment references, adds trade history and QR code pairing support for the Bisq Connect mobile app, introduces TLS support for clearnet connections.https://github.com/bisq-network/bisq2/releases/tag/v2.1.10Phoenix Android v2.7.5 — March 17, 2026Introduces a diagnostics button and adds the spend-channel-address recovery tool to iOS. Android app now supports Indonesian language.https://github.com/ACINQ/phoenix/releases/tag/android-v2.7.5Nunchuk 2.2.8 — March 18, 2026Introduces support for sending to Silent Payment addresses and adds an option to view seed phrases for software keys after a two-hour security delay, along with various bug fixes.https://github.com/nunchuk-io/nunchuk-android/releases/tag/2.2.8Peach Bitcoin 0.69.0 — March 18, 2026Introduces unlimited premium functionality for offers, decimal premium values, improved dark mode colour contrast, and fixes for Revolut/Wise/M-Pesa payment information transmission.https://github.com/Peach2Peach/peach-app/releases/tag/v0.69.0-337Mostro v0.17.0 — March 19, 2026Three releases in the window (v0.16.4, v0.16.5, v0.17.0). Major refactoring work: migration to AppContext-based dependency injection, removal of legacy global state patterns, elimination of password-based database encryption infrastructure.https://github.com/MostroP2P/mostro/releases/tag/v0.17.0Cake Wallet v6.0.1–v6.0.3 — March 6–21, 2026Major redesign + Bitcoin Lightning support via Spark protocol. v6.0.1 (March 6) was the major release with the new UI and Lightning; v6.0.2 (March 17) added Linux distribution support; v6.0.3 (March 21) adds design improvements, performance enhancements, and bug fixes.https://github.com/cake-tech/cake_wallet/releases/tag/v6.0.3Pre-release / Alpha / BetaBitkey App Release 2026.2.1 — March 18, 2026App update with emergency APK download for users who have lost app access and an Emergency Exit Kit reference document for account recovery.https://github.com/proto-at-block/bitkey/releases/tag/2026.2.1Ibis Wallet v3.0 + v3.0.1-betaLiquid w/LN swaps, Boltz on backend, wallet locks, cancel txs with RBF, notificationsLNBits v1.5.2-rc3 — March 20, 2026Three release candidates (rc1 through rc3) published March 18–20, building toward v1.5.2 stable.https://github.com/lnbits/lnbits/releases/tag/v1.5.2-rc3Mempool v3.3.0-beta2 — March 20, 2026Beta release tag with minimal release notes.https://github.com/mempool/mempool/releases/tag/v3.3.0-beta2Start9 v0.4.0-alpha.21 — March 18, 2026UI refinements for port labelling, SSH corrections, WiFi fixes, and support for preferred external ports beyond port 443.https://github.com/Start9Labs/start-os/releases/tag/v0.4.0-alpha.21EducationThe Core Issue: Your Node Vs. The Digital Wilderness — https://bitcoinmagazine.com/print/the-core-issue-your-node-vs-the-digital-wildernessThe Core Issue: Outrunning Entropy, Why Bitcoin Can't Stand Still — https://bitcoinmagazine.com/print/the-core-issue-outrunning-entropy-why-bitcoin-cant-stand-stillThe Core Issue: Consensus Cleanup — https://bitcoinmagazine.com/print/the-core-issue-consensus-cleanupTO DONATE TO ROMAN'S DEFENSE FUND: https://freeromanstorm.com/donateHELP GET SAMOURAI A PARDONSIGN THE PETITION ----> https://www.change.org/p/stand-up-for-freedom-pardon-the-innocent-coders-jailed-for-building-privacy-tools DONATE TO THE FAMILIES ----> https://www.givesendgo.com/billandkeonneSUPPORT ON SOCIAL MEDIA ---> https://billandkeonne.org/VALUE FOR VALUEThanks for listening you Ungovernable Misfits, we appreciate your continued support and hope you enjoy the shows.You can support this episode using your time, talent or treasure.TIME:- create fountain clips for the show- create a meetup- help boost the signal on social mediaTALENT:- create ungovernable misfit inspired art, animation or music- design or implement some software that can make the podcast better- use whatever talents you have to make a contribution to the show!TREASURE:- BOOST IT OR STREAM SATS on the Podcasting 2.0 apps @ https://podcastapps.com- DONATE via Monero @ https://xmrchat.com/ugmf- BUY SOME STICKERS @ https://www.ungovernablemisfits.com/shop/FOUNDATIONhttps://foundation.xyz/ungovernableFoundation builds Bitcoin-centric tools that empower you to reclaim your digital sovereignty.As a sovereign computing company, Foundation is the antithesis of today's tech conglomerates. Returning to cypherpunk principles, they build open source technology that “can't be evil”.Thank you Foundation Devices for sponsoring the show!Use code: Ungovernable for $10 off of your purchaseCAKE WALLEThttps://cakewallet.comCake Wallet is an open-source, non-custodial wallet available on Android, iOS, macOS, and Linux.Features:- Built-in Exchange: Swap easily between Bitcoin and Monero.- User-Friendly: Simple interface for all users.Monero Users:- Batch Transactions: Send multiple payments at once.- Faster Syncing: Optimized syncing via specified restore heights- Proxy Support: Enhance privacy with proxy node options.Bitcoin Users:- Coin Control: Manage your transactions effectively.- Silent Payments: Static bitcoin addresses- Batch Transactions: Streamline your payment process.Thank you Cake Wallet for sponsoring the show!MYNYMBOXhttps://mynymbox.ioYour go-to for anonymous server hosting solutions, featuring: virtual private & dedicated servers, domain registration and DNS parking. We don't require any of your personal information, and you can purchase using Bitcoin, Lightning, Monero and many other cryptos.Explore benefits such as No KYC, complete privacy & security, and human support.(00:00:00) INTRO(00:00:57) THANK YOU FOUNDATION(00:01:38) THANK YOU CAKE WALLET(00:02:43) PRIME TIME(00:07:16) PSA: Avoid SamouraiWallet.com(00:12:16) Vibe Coding Corner(00:20:09) Kentucky HB 380 Would Break Self‑Custody(00:24:31) GrapheneOS Stands Firm(00:25:21)

Gros zoom sur les skills et leurs usages dans les coding agents, sur les benchmarks de stacks techniques MCP, mais aussi du Java 26-27, du HttpClient, du NodeJS, des scenarios nucléaires pilotés par l'IA, de la méthodologie, bref on ne s'ennuie pas ! Enregistré le 15 mars 2026 Téléchargement de l'épisode LesCastCodeurs-Episode-338.mp3 ou en vidéo sur YouTube. News Langages Bruno Borges a créé un site, inspiré d'un site récent qui montrait comment CSS avait évolué, qui illustre justement comment Java a bien évolué au fil du temps, et est devenu un langage encore plus élégant https://javaevolved.github.io/ Code simplifié: main() allégé, var, blocs de texte, API String enrichie. Pattern Matching: switch sur types, instanceof amélioré, record patterns. Données: Records, collections immuables faciles à créer, méthodes de listes. Concurrence: Threads virtuels, CompletableFuture, StructuredTaskScope, ScopedValue. Erreurs & Sécurité: NPE précis, catch multiples, Optional amélioré, filtres de désérialisation. I/O & Réseau: HttpClient moderne, E/S fichiers/console simplifiées, transferTo. Dates & Heures: API modernisée, précise, immutables et thread-safe. Langage: Interfaces sealed/private, import de modules, Math.clamp Streams: Nouveaux opérateurs (takeWhile, mapMulti, Gatherers, teeing). Outils & Perf: jshell, exécution simplifiée, jwebserver, AOT, JFR, optimisation mémoire. 10+ raisons de ne pas utiliser le HttpClient du JDK, avec un article très détaillé de Brice Dutheil https://blog.arkey.fr/2026/02/08/ten-reasons-to-not-use-jdk-httpclient/ JDK HttpClient: intégré, non-upgradable. OkHttp: plus lourd (dépendance Kotlin). TLS/SSL: JDK: SSLContext limité, vérif hôte globale, épinglage manuel, SSLParameters rigides. OkHttp: contrôle fin (SSLSocketFactory/TrustManager), vérif hôte/épinglage dédiés, ConnectionSpec structuré. Connexions: JDK: pas de repli, fabrique socket custom impossible (pas UDS/Named Pipes direct), pool limité (propriétés système, contrôle pauvre avant JDK 20/21). OkHttp: repli automatique, fabrique custom, pool granulaire. Réseau: JDK: résolveur DNS par défaut, Authenticator unique. OkHttp: résolveur DNS custom, authentificateurs séparés (proxy/serveur). Cycle Requêtes: JDK: pas d'intercepteurs ni API événements intégrés. OkHttp: addInterceptor, EventListener pour événements granulaires. Ressources: JDK: pas d'arrêt propre avant JDK 21. OkHttp: arrêt granulaire (pool, exécuteur, cache). Timeout: JDK: désactivé après en-têtes; le transfert du corps peut dépasser le timeout initial. JDK 26 et JDK 27 : ce qui nous attend — https://www.infoq.com/news/2026/02/java-26-so-far/ JDK 26 est une version non-LTS prévue le 17 mars 2026, avec 10 nouvelles fonctionnalités réparties en 5 catégories Le support HTTP/3 arrive enfin dans l'API HTTP Client standard de Java (JEP 517) La Structured Concurrency (projet Loom) en est à sa 6e preview, avec l'ajout d'une méthode onTimeout() sur StructuredTaskScope.Joiner Les Lazy Constants passent en 2e preview : des constantes initialisées à la demande, utiles pour optimiser le démarrage Le G1 GC gagne en performance via une réduction des synchronisations entre threads applicatifs et threads GC (JEP 522) Le cache d'objets AOT (JEP 516) est étendu pour fonctionner avec n'importe quel GC, y compris ZGC L'API Applet est définitivement supprimée (JEP 504), fermant une page historique de Java L'encodage PEM des objets cryptographiques continue sa preview avec support de chiffrement/déchiffrement de KeyPair Pour JDK 27 (septembre 2026), l'échange de clés post-quantique hybride pour TLS 1.3 est déjà ciblé (JEP 527) Project Valhalla progresse avec une preview des Value Classes : objets sans identité, à champs final uniquement Librairies Une étude de performance montre que Java est un super choix pour développer des serveurs MCP https://www.tmdevlab.com/mcp-server-performance-benchmark.html Comparaison de performances de serveurs MCP (Model Context Protocol) en Java, Go, Node.js, Python. Méthodologie: 3,9 millions requêtes, environnement Docker (1 cœur CPU, 1 Go RAM/serveur). Fiabilité: 0% d'erreurs pour toutes les implémentations. Tiers de performance: 1 (Haute): Go & Java (latence < 1ms, ~1600 requêtes/s). ▪︎ Go: Efficacité mémoire exceptionnelle (18 Mo vs 220 Mo pour Java). ▪︎ Java: Latence marginalement meilleure, mais 12x plus de mémoire. 2 (Moyenne): Node.js (latence ~10,7 ms, ~560 requêtes/s). Surcharge par instanciation. 3 (Faible): Python (latence ~26,5 ms, ~290 requêtes/s). Limité par GIL. Recommandations production: Go: Optimal forte charge, cloud-native, optimisation coûts. Java: Latence très basse critique, infrastructure Java existante. Node.js & Python: Adaptés charges modérées/faibles, développement/test. Node.js et Python peuvent être optimisés pour améliorer leurs performances en production. Et encore, en Java, le benchmark n'a pas utilisé GraalVM pour une compilation native, ce qui aurait donné des chiffres côté mémoire qui aurait concurrencé Go Qui a la meilleure perf entre Quarkus et Spring pour faire des serveurs MCP ? https://medium.com/@egekaraosmanoglu/spring-boot-vs-quarkus-which-java-runtime-wins-the-ai-mcp-tools-performance-battle-4da9d6a248d5 Quarkus JVM: Débit et latence les plus élevés (jusqu'à 16 381 req/s, 65% plus rapide que Spring Boot), surpasse Spring Boot même avec Apache Camel. Quarkus Native: Consommation mémoire la plus faible (118 MB), démarrage instantané, performance prédictible. Spring Boot MVC: Bonnes performances, écosystème mature, nécessite un "warm-up" important (jusqu'à 44% de gain). Spring Boot WebFlux: Légèrement meilleur débit et latence que MVC (~5%), mais plus de mémoire et complexité réactive. Coût architectural: MapStruct: Impact négligeable (< ±5%). Apache Camel: Réduction de débit de 8-21%, mais valeur ajoutée significative; Quarkus JVM + Camel reste > Spring Boot baseline. Protocole MCP: Sur Quarkus JVM (avec Camel), surpasse gRPC. Recommandations: Débit max: Quarkus JVM. Coût/Serverless: Quarkus Native. Intégration d'entreprise: Quarkus JVM + Camel + MapStruct. Meilleur choix Spring: Spring Boot WebFlux + MapStruct. Benchmark des stacks qui implémentent MCP https://www.tmdevlab.com/mcp-server-performance-benchmark-v2.html MCP (Model Context Protocol) est le protocole d'Anthropic pour connecter les LLMs à des outils et sources de données externes ; ce benchmark compare 15 implémentations serveur. 39,9 millions de requêtes traitées avec zéro erreur, sur des charges I/O réalistes (Redis + HTTP API) plutôt que des tâches CPU synthétiques. Rust atteint 4 845 RPS avec seulement 10,9 Mo de RAM ; Quarkus obtient 4 739 RPS avec la meilleure latence (4,04 ms en moyenne, 8,13 ms au P95). Go (3 616 RPS) et Spring MVC (3 540 RPS) constituent un second groupe solide. Node.js plafonne à 423 RPS ; Bun est 2,2x plus rapide sur un code identique (876 RPS) ; Python atteint 259 RPS avec 4 workers et uvloop. Découverte notable : un bug dans le SDK Rust rmcp v0.16 ajoutait ~40 ms de latence à toutes les réponses HTTP, limitant le débit à 1 283 RPS ; corrigé en v0.17 via la PR #683. Les images natives GraalVM réduisent la mémoire de 27 à 81 % mais dégradent le débit de 20 à 36 % ; Quarkus-native est l'exception avec 36 Mo RAM et 3 449 RPS. Spring MVC (bloquant) surpasse WebFlux (réactif) à 50 utilisateurs simultanés, rappelant que le modèle réactif n'est pas toujours gagnant. Recommandations : Rust ou Quarkus pour la production haute charge, Go pour le cloud-native, Bun plutôt que Node.js en JavaScript. Jakarta EE 12 Milestone 2 : données, cohérence et configuration https://www.infoq.com/articles/jakartaee-12-milestone-2/ Jakarta EE est la plateforme Java entreprise open-source, socle de frameworks comme Quarkus et Spring, qui standardise les APIs pour la persistance, les transactions, la sécurité, etc. Jakarta EE 12 adopte Java 21 comme baseline (avec support Java 25) et supprime définitivement le SecurityManager déprécié. La nouvelle spec Jakarta Query unifie JPQL (SQL/relationnel) et JDQL (NoSQL) en un seul langage avec deux profils : Core Language (portable) et Persistence Language (relationnel). Jakarta Data 1.1 introduit les requêtes dynamiques via une API fluente avec Restriction et l'annotation @Is pour des conditions plus expressives. Jakarta Data supporte désormais les repositories stateful, permettant la gestion du cycle de vie des entités (persist, merge, detach, refresh) comme en JPA classique. Jakarta NoSQL 1.1 intègre Jakarta Query via une nouvelle interface Query et supporte les projections avec des Java records. Jakarta Persistence 4.0 supporte SequencedCollection (Java 21) comme type de collection dans les entités. Une nouvelle spec Jakarta Agentic AI est en cours, visant des APIs vendor-neutral pour construire des agents IA sur les runtimes Jakarta EE, avec intégration prévue de LangChain4j et Spring AI. Cette release est encore un milestone (pas pour la prod) — l'adoption large dépendra de la maturité des outils (IDE, validation de requêtes, diagnostics). Nouveaux benchmarks Quarkus vs Spring Boot : performance complète et transparente https://quarkus.io/blog/new-benchmarks/ Quarkus est un framework Java optimisé pour les conteneurs, connu pour son faible usage mémoire et son démarrage rapide, concurrent principal de Spring Boot. Les anciens graphiques de performance sur quarkus.io étaient obsolètes, sans date, sans source, et ne montraient pas le débit (throughput). L'absence de données sur le throughput faisait croire à tort que Quarkus avait de mauvaises performances à ce niveau. Un nouveau benchmark open source a été créé, transparent et reproductible, disponible sur GitHub. Résultats : Quarkus gère 2,7x plus de transactions par seconde que Spring Boot, démarre 2,3x plus vite, avec deux fois moins de mémoire. Des experts Spring Boot externes ont contribué à rendre la comparaison plus équitable, notamment sur la configuration des pools de connexions. Les threads virtuels améliorent le débit d'environ 6000 tps supplémentaires pour tous les frameworks testés. Spring Boot 4 offre un meilleur débit que Spring Boot 3, mais au prix d'un démarrage plus lent et d'une empreinte mémoire plus élevée. En mode natif (GraalVM), le démarrage est ultra-rapide mais le throughput est divisé par deux, pour Quarkus comme pour Spring Boot. Le mode natif n'est recommandé que pour les applis démarrées/arrêtées très fréquemment ou à faible charge. Quarkus 3.32 : fondations pour la prochaine LTS https://quarkus.io/blog/quarkus-3-32-released/ Quarkus est un framework Java cloud-natif optimisé pour GraalVM et HotSpot, conçu pour les microservices et les environnements conteneurisés. Cette version marque le feature freeze pour la prochaine version LTS 3.33. Intégration de Project Leyden (AOT JVM) : le démarrage d'une application REST minimale passe de 370ms à 80ms. L'entraînement Leyden peut se déclencher au build ou via les tests d'intégration. Amélioration du graceful shutdown HTTP, avec des contributions de l'équipe Keycloak. Enregistrement automatique dans Consul via l'extension Stork pour la découverte de services. Nouvelles fonctionnalités de sécurité : DPoP nonce providers personnalisés, support de rich authorization pour OIDC. Possibilité de personnaliser l'ordre des mécanismes d'authentification et ajout de OIDCAuthenticationCompletionAction. Mise à jour du framework Google Cloud Functions en version 2.0, ainsi que Camel Quarkus et Quarkus CXF. Les utilisateurs sur LTS 3.27 sont encouragés à tester la migration vers 3.33 pour faire remonter des retours. NodeJS change sa cadence de releases https://nodejs.org/en/blog/announcements/evolving-the-nodejs-release-schedule Node.js est le runtime JavaScript côté serveur le plus utilisé, géré par la OpenJS Foundation avec un cycle de releases actif depuis la fusion avec io.js il y a dix ans. À partir de Node.js 27 (octobre 2026), le projet passe d'une release majeure tous les six mois à une seule par an. Chaque release deviendra LTS, supprimant la distinction entre versions paires (LTS) et impaires (non-LTS). Un nouveau canal Alpha est introduit, permettant les changements semver-major pendant la phase de test précoce. Les phases deviennent : Alpha (6 mois, oct. à mars), Current (6 mois, avr. à oct.), LTS (30 mois), puis EOL. La durée totale de support reste de 36 mois, identique au modèle actuel. La numérotation des versions s'aligne sur l'année calendaire de la release Current (ex : 27.0.0 en 2027). La version Alpha est signée, taguée et testée via CITGM, mais n'est pas destinée à la production. La motivation principale : les versions impaires étaient peu adoptées, la distinction pair/impair perturbait les débutants, et réduire les lignes de release parallèles allège la charge des bénévoles. Les auteurs de bibliothèques sont encouragés à intégrer les releases Alpha dans leur CI dès que possible pour détecter les régressions en amont. Web jQuery v4 est sorti https://www.infoq.com/news/2026/02/jquery-4-release/?utm_source=twitter&utm_medium=link&utm_campaign=calendar jQuery est une bibliothèque JavaScript historique qui simplifie la manipulation du DOM, la gestion des événements et les requêtes AJAX, encore très présente dans de nombreuses bases de code. Cette version majeure sort pour les 20 ans de la bibliothèque, après presque une décennie sans version majeure. Suppression du support d'Internet Explorer 10 et antérieur, Edge Legacy et les anciennes versions iOS/Android. IE11 reste encore supporté dans jQuery 4, mais sa suppression est prévue pour jQuery 5. Le code source migre d'AMD vers les ES modules, pour une meilleure compatibilité avec les outils de build modernes. Le bundler passe de RequireJS à Rollup. Suppression des fonctions dépréciées comme jQuery.isArray, jQuery.parseJSON et jQuery.trim, désormais disponibles nativement en JavaScript. Le fichier gzippé gagne plus de 3 000 octets ; le build slim descend à environ 19,5 ko. Ajout du support des Trusted Types pour faciliter la compatibilité avec les Content Security Policy strictes. jQuery reste pertinent pour la maintenance de bases de code existantes et les projets nécessitant une faible dépendance aux frameworks. La réactivité en frontend : concepts et approches https://www.sfeir.dev/front/quest-ce-que-la-reactivite-en-frontend/ Un article qui resume comment la reactivite est implementee en front web La réactivité en frontend désigne le mécanisme qui permet de mettre à jour automatiquement l'UI quand les données changent, sans manipulation directe du DOM. Sans réactivité, les développeurs doivent mettre à jour manuellement chaque élément de l'interface, ce qui est fastidieux et source d'erreurs. Le data binding unidirectionnel (React) distingue le flux de données des callbacks d'interaction utilisateur. Le data binding bidirectionnel (Angular) synchronise automatiquement données et UI dans les deux sens. Le Virtual DOM (React, Vue) compare une représentation en mémoire avec le DOM réel avant d'appliquer uniquement les changements nécessaires. Les observables via RxJS (Angular) permettent de gérer des flux de données asynchrones et des événements complexes. Les signaux (SolidJS, Angular récent, Svelte) offrent des mises à jour granulaires et de meilleures performances que les approches précédentes. Les signaux proposent une API plus simple que les observables tout en restant très performants. La réactivité abstrait la manipulation du DOM et permet aux développeurs de se concentrer sur l'état de l'application. Data et Intelligence Artificielle Gunnar Morling a annoncé la sortie de Hardwood, un nouveau parseur Java pour les fichiers Apache Parquet, grâce aux leçons apprises par le 1BRC challenge https://www.morling.dev/blog/hardwood-new-parser-for-apache-parquet/ Hardwood : Nouveau parseur Apache Parquet open-source (Java 21+). But : Dépasser parquet-java (dépendances lourdes, lecteur mono-threadé). Points clés : Dépendances minimes, pipeline de décodage multi-threadé. APIs : RowReader (ligne) et ColumnReader (colonne, haute perf.). Optimisations : Parallélisme pages, préchargement adaptatif, moins d'allocations. Développement : Assisté par IA (Claude Code), révision humaine. Futur : "Predicate push-down", compatibilité parquet-java, écriture, CLI, intégration Iceberg. Apicurio Registry passe AI-Native — https://www.apicur.io/blog/2026/02/05/apicurio-registry-ai-natural-evolution Apicurio Registry est un registre open-source de schemas (OpenAPI, AsyncAPI, Avro, Protobuf…) gérant versioning, validation et gouvernance des APIs. Le projet étend ses capacités pour devenir une plateforme native AI, en appliquant les mêmes principes de gouvernance aux agents IA. Support du protocole A2A (Agent-to-Agent) : les agents s'enregistrent via des "Agent Cards" et se découvrent mutuellement via des endpoints standardisés. Un serveur MCP intégré permet aux LLMs d'interagir directement avec le registre (découverte de schémas, validation, création). L'intégration avec Claude Desktop est déjà documentée, permettant de gérer les artefacts en langage naturel. Deux nouveaux types d'artefacts : PROMPT_TEMPLATE (templates de prompts versionnés avec variables) et MODEL_SCHEMA (validation des entrées/sorties des agents). Les SDKs Java (LangChain4j, Quarkus) et Python (LangChain, LlamaIndex) sont disponibles. Une démo multi-agents illustre le "context chaining" : chaque agent reçoit les sorties des agents précédents dans la pipeline. La roadmap prévoit : gestion du cycle de vie des agents, recherche sémantique, intégration dans les pipelines de déploiement. L'Histoire du Deep Learning : quand les machines ont commencé à apprendre https://blog.ippon.fr/2026/02/20/lhistoire-du-deep-learning-quand-les-machines-ont-commence-a-apprendre/ un article qui retrace les avancées clées du machine learning Le deep learning est un sous-domaine du ML basé sur des réseaux de neurones empilés en couches, aujourd'hui omniprésent dans la vision, le langage et la recommandation. Le Perceptron (1957) est le premier modèle formel d'apprentissage supervisé, mais il échoue sur des problèmes non linéaires comme le XOR : une limite structurelle, pas algorithmique. La rétropropagation du gradient (années 80) permet d'entraîner des réseaux multi-couches, mais souffre du problème de "vanishing gradient" qui bloque l'apprentissage en profondeur. L'essor du deep learning dans les années 2000 est autant une révolution matérielle qu'algorithmique : les GPU, conçus pour le jeu vidéo, se révèlent parfaitement adaptés aux calculs matriciels. AlexNet (2012) marque une rupture industrielle en démontrant qu'un CNN profond entraîné sur GPU surpasse largement les méthodes classiques en reconnaissance d'images. Les LSTM (1997) résolvent les problèmes de mémoire à long terme des RNN, mais leur nature séquentielle limite fortement la parallélisation. Les Transformers ("Attention Is All You Need", 2017) révolutionnent le domaine en remplaçant la récursion par un mécanisme d'attention parallélisable, adaptable aux GPU et TPU. L'IA générative introduit une rupture conceptuelle : les modèles apprennent la distribution des données pour en produire de nouveaux exemples, et non plus simplement classifier. Les LLM offrent un socle généraliste réutilisable pour de nombreuses tâches, là où l'IA prédictive nécessitait un modèle spécifique par problème. La question de l'AGI reste ouverte et très incertaine, mais l'IA devient déjà un "acteur logiciel" capable de raisonner et d'agir de manière autonome via les agents. Ca y est, Agent to Agent Protocol (A2A) est sorti en version 1.0 https://a2a-protocol.org/latest/announcing-1.0/ Prêt pour la prod Support multi-version ( multi-protocoles (gRPC, HTTP+JSON…) Multi-tenancy : un même endpoint peut supporter et exposer plusieurs agents distincts Agent Cards signées et vérifiables cryptographiquement pour vérifier l'identité des agents Flexibilité : les clients peuvent choisir de consommer les résultats par polling, streaming, ou également webhooks Outillage Le guide complet pour créer des skills pour vos agents, par Anthropic https://resources.anthropic.com/hubfs/The-Complete-Guide-to-Building-Skill-for-Claude.pdf Définition et structure : Les skills sont des dossiers contenant des instructions (fichier SKILL.md obligatoire) et des scripts qui enseignent aux agents comment exécuter des tâches spécifiques ou utiliser des outils MCP de manière fiable. Fonctionnement technique : Le système repose sur la "divulgation progressive" via un en-tête YAML critique, permettant à Claude de charger le contexte de la compétence uniquement lorsque la demande de l'utilisateur le nécessite. Cycle de vie : Le guide couvre toutes les étapes de développement, de la définition des cas d'usage (automatisation, création de documents) aux protocoles de test et de distribution. il couvre aussi comment tester (brievement) et des patterns communs Apprendre a utiliser les skills pour structurer son code ia https://philippart-s.github.io/blog/2026-02-18-anthropic-skills/ Les Skills Claude sont des packages d'instructions dans un dossier enseignant à Claude comment gérer des tâches spécifiques de façon cohérente. Un skill se compose au minimum d'un fichier SKILL.md avec un frontmatter YAML et des instructions en Markdown. Le frontmatter YAML impose deux champs obligatoires : name (en kebab-case) et description (max 1024 caractères expliquant quoi faire et quand le déclencher). Les skills fonctionnent de façon identique sur Claude.ai, Claude Code et l'API sans modification. Trois catégories principales : création de documents/assets, automatisation de workflows multi-étapes, et amélioration d'intégrations MCP. Les skills s'appuient sur le principe de divulgation progressive : frontmatter toujours chargé, corps du SKILL.md si pertinent, fichiers liés à la demande. Cinq patterns courants : orchestration séquentielle, coordination multi-MCP, raffinement itératif, sélection d'outils contextuelle, intelligence métier embarquée. Les tests doivent couvrir le déclenchement (90% des requêtes pertinentes), le fonctionnel et la comparaison avec la baseline sans skill. Pour la distribution, héberger sur GitHub avec un README séparé du dossier du skill (pas de README.md dans le dossier lui-même). Un skill-creator officiel permet de générer un premier SKILL.md en 15-30 minutes à partir d'une description en langage naturel. Les skills pour les agents, c'est une façon d'automatiser des tâches répétitives https://glaforge.dev/posts/2026/02/21/easily-build-a-local-mcp-server-in-java-with-a-skill-in-gemini-cli/ Construction facile de serveurs MCP Java locaux pour Gemini CLI et autres agents. Solution au code Java répétitif : JBang + LangChain4j + un "skill" utilisé par Gemini CLI. Idée clée : Une "skill" pour Gemini CLI automatise génération et installation des serveurs. La "skill" génère un fichier Java, le compile et l'enregistre dans les paramètres de Gemini CLI. Avantages : Élimine le boilerplate, enregistrement automatique, développement rapide. Conclusion : Les "skills" d'agent automatisent les tâches répétitives et systématisent l'expérimentation. Un SKILL.md par Julien Dubois pour permettre aux agents IA de créer des projets Spring en suivant les bonnes pratiques à la JHipster https://github.com/jdubois/dr-jskill/blob/main/SKILL.md Dr JSkill est une "Agent Skill" conçue pour aider les IA (GitHub Copilot CLI, Claude Code) à générer des applications Spring Boot 4.x selon les meilleures pratiques de Julien Dubois. Permet de créer des projets full-stack modernes utilisant Java 25, PostgreSQL et Docker, avec un choix de frameworks front-end (Vue.js par défaut, React, Angular ou Vanilla JS). Intègre des scripts Node.js multiplateformes pour automatiser la génération de projets via start.spring.io sans dépendances npm externes. Préconise des choix technologiques stricts : Maven uniquement, pas de Lombok, et utilisation de Hibernate ddl-auto pour la gestion du schéma (pas de Flyway/Liquibase). Supporte nativement la compilation GraalVM (images natives) pour des démarrages ultra-rapides (

In this episode, we sit down with the Radare community leader, Pancake, the creator of the Radare2 reverse engineering framework. Whether you've never heard of Radare, already use it daily, or are thinking about contributing to its development, this conversation will demystify what makes Radare unique, why thousands of engineers rely on it, and how you can step into the community. This segment is sponsored by NowSecure. Discover how AI-powered mobile app security testing finds hidden vulns and leaks at https://securityweekly.com/nowsecure. In the security news: The US national cyber strategy in the category of dumb laws and 3d printing guns Iranian threat analysis ESP32 Bus Pirate gets some amazing updates I can reset the admin password Rick-rolling yourself Chrome 0days Re-purposing those old Ubiquiti cloud keys The new TLS certificate lifecycle A Flipper Zero add-on and news on the FlipperOne glassword malware Do you care about exploits or patching? attacking nuclear research centers how we uncovered 9 vulnerabilities in IP KVMs and hacking your laundry card with Claude Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw-918

In this episode, we sit down with the Radare community leader, Pancake, the creator of the Radare2 reverse engineering framework. Whether you've never heard of Radare, already use it daily, or are thinking about contributing to its development, this conversation will demystify what makes Radare unique, why thousands of engineers rely on it, and how you can step into the community. This segment is sponsored by NowSecure. Discover how AI-powered mobile app security testing finds hidden vulns and leaks at https://securityweekly.com/nowsecure. In the security news: The US national cyber strategy in the category of dumb laws and 3d printing guns Iranian threat analysis ESP32 Bus Pirate gets some amazing updates I can reset the admin password Rick-rolling yourself Chrome 0days Re-purposing those old Ubiquiti cloud keys The new TLS certificate lifecycle A Flipper Zero add-on and news on the FlipperOne glassword malware Do you care about exploits or patching? attacking nuclear research centers how we uncovered 9 vulnerabilities in IP KVMs and hacking your laundry card with Claude Show Notes: https://securityweekly.com/psw-918

In this episode, we sit down with the Radare community leader, Pancake, the creator of the Radare2 reverse engineering framework. Whether you've never heard of Radare, already use it daily, or are thinking about contributing to its development, this conversation will demystify what makes Radare unique, why thousands of engineers rely on it, and how you can step into the community. This segment is sponsored by NowSecure. Discover how AI-powered mobile app security testing finds hidden vulns and leaks at https://securityweekly.com/nowsecure. In the security news: The US national cyber strategy in the category of dumb laws and 3d printing guns Iranian threat analysis ESP32 Bus Pirate gets some amazing updates I can reset the admin password Rick-rolling yourself Chrome 0days Re-purposing those old Ubiquiti cloud keys The new TLS certificate lifecycle A Flipper Zero add-on and news on the FlipperOne glassword malware Do you care about exploits or patching? attacking nuclear research centers how we uncovered 9 vulnerabilities in IP KVMs and hacking your laundry card with Claude Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw-918

In this episode, we sit down with the Radare community leader, Pancake, the creator of the Radare2 reverse engineering framework. Whether you've never heard of Radare, already use it daily, or are thinking about contributing to its development, this conversation will demystify what makes Radare unique, why thousands of engineers rely on it, and how you can step into the community. This segment is sponsored by NowSecure. Discover how AI-powered mobile app security testing finds hidden vulns and leaks at https://securityweekly.com/nowsecure. In the security news: The US national cyber strategy in the category of dumb laws and 3d printing guns Iranian threat analysis ESP32 Bus Pirate gets some amazing updates I can reset the admin password Rick-rolling yourself Chrome 0days Re-purposing those old Ubiquiti cloud keys The new TLS certificate lifecycle A Flipper Zero add-on and news on the FlipperOne glassword malware Do you care about exploits or patching? attacking nuclear research centers how we uncovered 9 vulnerabilities in IP KVMs and hacking your laundry card with Claude Show Notes: https://securityweekly.com/psw-918

On this week's show, Patrick Gray, Adam Boileau and James WIlson discuss the week's cybersecurity news. They discuss: Iran's Intune-based wiper attack on medical device maker Stryker Qihoo 360's AI publishes its own wildcard TLS cert private key Instagram is canning its end-to-end encrypted messaging What's going on with mobile internet access in Moscow? The Xbox One's bootloader gets voltage glitched into submission Oh Qualys! We love you! (At least, whoever is in the basement writing these beautiful .txt files…) This week's episode is sponsored by browser-based detection and response company, Push Security. Researcher Dan Green and Field CTO Mark Orlando join Pat to talk through the InstallFix variant of the *Fix attack technique. This episode is also available on Youtube. Show notes Iranian Hacktivists Strike Medical Device Maker Stryker in "Severe" Attack that Wiped Systems Stryker says it's restoring systems after pro-Iran hackers wiped thousands of employee devices | TechCrunch Stryker attack raises concerns about role of device management tool | Cybersecurity Dive Stryker tells SEC that timeline for recovery from cyberattack unknown | The Record from Recorded Future News How ‘Handala' Became the Face of Iran's Hacker Counterattacks | WIRED U.S Strikes Killed Iranian Cyber Chiefs, But The Hacks Continued Risky Business Features: Being a Wartime CISO Supply-chain attack using invisible code hits GitHub and other repositories - Ars Technica China's biggest cybersecurity company, Qihoo 360 just leaked their own wildcard SSL private key Emergent Cyber Behavior: When AI Agents Become Offensive Threat Actors - Irregular Risky Business Features: MCP is Dead Measuring AI Agents' Progress on Multi-Step Cyber Attack Scenarios Measuring AI Agents' Progress on Multi-Step Cyber Attack Scenarios What is end-to-end encryption on Instagram | Instagram Help Center US Lawmakers Move to Kill the FBI's Warrantless Wiretap Access | WIRED Website "whitelists" launched in Moscow | Forbes.ru Exclusive: Foreign hacker in 2023 compromised Epstein files held by FBI, source and documents show | Reuters Feds say another DigitalMint negotiator ran ransomware attacks and helped extort $75 million | CyberScoop Researchers disclose vulnerabilities in IP KVMs from four manufacturers - Ars Technica RE//verse 2026: Hacking the Xbox One by Markus 'doom' Gaasedelen - YouTube CrackArmor: Multiple vulnerabilities in AppArmor

professorjrod@gmail.comIn this episode of Technology Tap: CompTIA Study Guide, we dive into the fundamentals of Windows security, an essential topic for anyone preparing for IT certifications like the CompTIA A+ Core 2 exam. Understanding Windows security is critical for IT skills development and technology education, as it functions as an ongoing trust engine that verifies user identity and access permissions seamlessly.We explore the underlying architecture of Windows security, moving beyond rote memorization to help you reason through security protocols and apply them both on the job and during your tech exam prep. Whether you're studying in a group or solo, this guide will strengthen your comprehension of complex security concepts and better prepare you for your IT certification exams.We connect the CIA triad to the real Windows controls you touch every day, then break down identity and access management step by step: identification, authentication, authorization, and access control. From there, we get practical about access control lists, implicit deny, and least privilege, including why over-privileged accounts turn small mistakes into big incidents. We also clear up a common confusion that derails newer techs: hashing versus encryption, plus where symmetric encryption, asymmetric encryption, digital signatures, and TLS key exchange show up in real life.Then we move into the account and admin side of Windows: local accounts versus Microsoft accounts, the power of security groups, quick account management with Net User, and why User Account Control is both a security control and a behavior check. We close with an enterprise view of privileged access management, just-in-time admin access, Zero Trust, and modern multi-factor authentication like authenticator apps and one-time passwords. This is Act One of a two-parter, so we also preview the next step where Windows turns into a full enterprise security platform. Subscribe, share this with a friend studying IT, and leave a review with your biggest Windows security question.Support the showArt By Sarah/DesmondMusic by Joakim KarudLittle chacha ProductionsJuan Rodriguez can be reached atTikTok @ProfessorJrodProfessorJRod@gmail.com@Prof_JRodInstagram ProfessorJRod

Encrypted Client Hello: Ready for Prime Time? https://isc.sans.edu/diary/Encrypted%20Client%20Hello%3A%20Ready%20for%20Prime%20Time%3F/32778 The ExifTool vulnerability: how an image can infect macOS systems https://www.kaspersky.com/blog/exiftool-macos-picture-vulnerability-mitigation-cve-2026-3102/55362/ Remote code execution in Nextcloud Flow via vulnerable Windmill version https://github.com/nextcloud/security-advisories/security/advisories/GHSA-g7vj-98x3-qvjf

Are your smart home devices spying on you? In this video, David Bombal interviews cybersecurity researcher and IoT penetration tester, Matt Brown, to reveal how to intercept and decrypt supposedly secure SSL/TLS traffic from IoT devices. Matt demonstrates his open-source tool, "Man in the Middle Router," a specialized Linux-based bash script designed to simplify IoT hardware hacking labs. This tool stitches together essential Linux utilities—including HostAPD (for access points), DNSmasq (for DHCP), and iptables (for traffic routing)—to transform any Linux computer or Raspberry Pi into a transparent intercepting router. In this technical deep-dive, you will learn: How a Man in the Middle (MITM) attack intercepts encrypted TLS (HTTPS) communications. How to set up an IoT penetration testing lab using minimal hardware, such as an Alpha Wi-Fi adapter and an Ethernet dongle. The difference between theoretical attacks and real-world vulnerabilities like the failure of IoT devices to validate server certificates. Transparent proxy setup using tools like mitmproxy to visualize raw API data. Live Hacking Demonstration Matt moves beyond theory to demonstrate a live hack of an Anran Wi-Fi security camera purchased from eBay. He shows the exact process of capturing and decrypting the camera's API traffic (apis.us-west.cloudedge360.com). This demonstration exposes that the device is transmitting sensitive information—including authentication credentials—in cleartext over HTTP inside the broken TLS tunnel. Whether you are a network engineer, network security analyst, or a hardware hacking enthusiast, this video provides a step-by-step framework for auditing the security and privacy of the devices on your network. // Matt Brown's SOCIAL // X: https://x.com/nmatt0 YouTube: / @mattbrwn LinkedIn: / mattbrwn GitHub: https://github.com/nmatt0 Reddit: https://github.com/nmatt0 Website (with training courses): https://training.brownfinesecurity.com/ // GitHub REFERENCE // mitmrouter: https://github.com/nmatt0/mitmrouter // Camera REFERECE // https://www.amazon.com/ANRAN-Security... // David's SOCIAL // Discord: discord.com/invite/usKSyzb Twitter: www.twitter.com/davidbombal Instagram: www.instagram.com/davidbombal LinkedIn: www.linkedin.com/in/davidbombal Facebook: www.facebook.com/davidbombal.co TikTok: tiktok.com/@davidbombal YouTube: / @davidbombal Spotify: open.spotify.com/show/3f6k6gE... SoundCloud: / davidbombal Apple Podcast: podcasts.apple.com/us/podcast... // MY STUFF // https://www.amazon.com/shop/davidbombal // SPONSORS // Interested in sponsoring my videos? Reach out to my team here: sponsors@davidbombal.com // MENU // 0:00 - Coming Up 0:33 - Introduction 02:33 - Matt's Solution for IoT Devices 05:38 - Getting around SSL Pining / Certificate Validation 08:55 - Demo - The Basics 12:00 - Demo - Man In The Middle Router Tool 15:00 - Demo - Software/Hardware Considerations 20:12 - Demo - MITM Proxy 24:43 - Demo - MITM Router 33:58 - Example Using a Real IoT Device 36:33 - David's Questions 37:50 - More About Matt Brown 38:41 - Android Vs Apple 40:33 - Outro Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel! Disclaimer: This video is for educational purposes only. #iot #hacking #iothacking

Running Oracle Database@AWS is most effective when you have full visibility and control over your environment.   In this episode, hosts Lois Houston and Nikita Abraham are joined by Rashmi Panda, who explains how to monitor performance, track key metrics, and catch issues before they become problems. Later, Samvit Mishra shares key best practices for securing, optimizing, and maintaining a resilient Oracle Database@AWS deployment.   Oracle Database@AWS Architect Professional: https://mylearn.oracle.com/ou/course/oracle-databaseaws-architect-professional/155574 Oracle University Learning Community: https://education.oracle.com/ou-community LinkedIn: https://www.linkedin.com/showcase/oracle-university/ X: https://x.com/Oracle_Edu   Special thanks to Arijit Ghosh, Anna Hulkower, Kris-Ann Nansen, Radhika Banka, and the OU Studio Team for helping us create this episode. ------------------------------------------------------ Episode Transcript: 00:00 Welcome to the Oracle University Podcast, the first stop on your cloud journey. During this series of informative podcasts, we'll bring you foundational training on the most popular Oracle technologies. Let's get started! 00:26 Nikita: Welcome to the Oracle University Podcast! I'm Nikita Abraham, Team Lead: Editorial Services with Oracle University, and with me is Lois Houston, Director of Communications and Adoption with Customer Success Services  Lois: Hello again! Last week's discussion was all about how Oracle Database@AWS stays secure and available. Today, we're joined by two experts from Oracle University. First, we'll hear from Rashmi Panda, Senior Principal Database Instructor, who will tell you how to monitor and log Oracle Database@AWS so your environment stays healthy and reliable. Nikita: And then we're bringing in Samvit Mishra, Senior Manager, CSS OU Cloud Delivery, who will break down the best practices that help you secure and strengthen your Oracle Database@AWS deployment. Let's start with you, Rashmi. Is there a service that allows you to monitor the different AWS resources in real time? Rashmi: Amazon CloudWatch is the cloud-native AWS monitoring service that can monitor the different AWS resources in real time. It allows you to collect the resource metrics and create customized dashboards, and even take action when certain criteria is met. Integration of Oracle Database@AWS with Amazon CloudWatch enables monitoring the metrics of the different database resources that are provisioned in Oracle Database@AWS. Amazon CloudWatch collects raw data and processes it to produce near real-time metrics data. Metrics collected for the resources are retained for 15 months. This facilitates analyzing the historical data to understand and compare the performance, trends, and utilization of the database service resources at different time intervals. You can set up alarms that continuously monitor the resource metrics for breach of user-defined thresholds and configure alert notification or take automated action in response to that metric threshold being reached. 02:19 Lois: What monitoring features stand out the most in Amazon CloudWatch? Rashmi: With Amazon CloudWatch, you can monitor Exadata VM Cluster, container database, and Autonomous database resources in Oracle Database@AWS. Oracle Database@AWS reports metrics data specific to the resource in AWS/ODB namespace of Amazon CloudWatch. Metrics can be collected only when the database resource is an available state in Oracle Database@AWS. Each of the resource types have their own metrics defined in AWS/ODB namespace, for which the metrics data get collected.  02:54 Nikita: Rashmi, can you take us through a few metrics? Rashmi: At Exadata database VM Cluster, there is CPU utilization, memory utilization, swap space storage file system utilization metric. Then there is load average on the server, what is the node status, and the number of allocated CPUs, et cetera. Then for container database, there is CPU utilization, storage utilization, block changes, parse count, execute count, user calls, which are important elements that can provide metrics data on database load. And for Autonomous Database metrics data include DB time, CPU utilization, logins, IOPS and IO throughput, RedoSize, parse, execute, transaction count, and few others. 03:32 Nikita: Once you've collected these metrics and analyzed database performance, what tools or services can you use to automate responses or handle specific events in your Oracle Database@AWS environment? Rashmi: Then there is Amazon EventBridge, which can monitor events from AWS services and respond automatically with certain actions that may be defined. You can monitor events from Oracle Database@AWS in EventBridge, which sends events data continuously to EventBridge at real time. Eventbridge forwards these events data to target AWS Lambda and Amazon Simple Notification Service to perform any actions on occurrence of certain events. Oracle Database@AWS events are structured messages that indicate changes in the life cycle of the database service resource. Eventbridge can filter events based on your defined rules, process them, and deliver to one or more targets. Event Bus is the router that receives the events, optionally transform them, and then delivers the events to the targets. Events from Oracle Database@AWS can be generated by two means: they can be generated from Oracle Database@AWS in AWS, and they can also be generated directly from OCI and received by EventBridge in AWS. You can monitor Exadata Database and Autonomous Database resource events. Ensure that the Exadata infrastructure status is an available state. You can configure how the events are handled for these resources. You can define rules in EventBridge to filter the events of interest and the target, who is going to receive and process those events. You can filter events based on a pattern depending on the event type, and apply this pattern using Amazon EventBridge put-rule API, with the default event bus to route only those matching events to targets. 05:13 Lois: And what about events that AWS itself generates? Rashmi: Events that are generated in AWS for the Oracle Database@AWS resources are delivered to the default event bus of your AWS account. These events that are generated in AWS for Oracle Database@AWS resources include lifecycle changes of the ODB network. The different network events are successful creation or failure of the creation of the ODB network, and successful deletion or failure in deletion of the ODB network. When you subscribe to Oracle Database@AWS, then an event bus with prefix aws.partner/odb is created in your AWS account. All events generated in OCI for the Oracle Database@AWS resources are then received in this event bus. When you are creating filter pattern using Amazon EventBridge put-rule API, you must set the event bus name to this event bus. Make sure you do not delete this event bus. Events generated in OCI and received into event bus are extensive. They include events of Oracle Exadata infrastructure, VM Cluster, container, and pluggable databases. 06:14 Lois: If you want to look back at what's happened in your environment, like who made the changes or accessed resources, what's the best AWS service for logging and auditing all that activity? Rashmi: Amazon CloudTrail is a logging service in AWS that records the different actions taken by a user or roles, or an AWS service. Oracle Database@AWS is integrated with Amazon Cloud Trail. This enables logging of all the different events on Oracle Database@AWS resources.  Amazon Cloud Trail captures all the API calls to Oracle Database@AWS as events. These API calls include calls from the Oracle Database@AWS console, and code calls to Oracle Database@AWS API operations. These log files are delivered to Amazon S3 bucket that you specify. These logs determine the identity of the caller who made the call request to Oracle Database@AWS, their IP from which the call originated, the time of the call, and some additional details.  CloudTrail event history stores immutable record of the past 90 days of management events in an AWS region. You can view, search, and download these records from CloudTrail Event History. You can access CloudTrail when you create an AWS account that automatically gives you the access to CloudTrail. Event history. If you would like to retain the logs for a longer period of time beyond 90 days, you can create CloudTrail trails or CloudTrail Lake event data store.  Management events in AWS provide information about management operations that are performed on the resources in your AWS account. Management operations are also called control plane operations. Thus, the control plane operations in Oracle Database@AWS are logged as management events in CloudTrail logs.  07:59 Are you a MyLearn subscriber? If so, you're automatically a member of the Oracle University Learning Community! Join millions of learners, attend exclusive live events, and connect directly with Oracle subject matter experts. Enjoy the latest news, join challenges, and share your ideas. Don't miss out! Become an active member today by visiting mylearn.oracle.com. 08:25 Nikita: Welcome back! Samvit, let's talk best practices. What should teams keep in mind when they're setting up and securing their Oracle Database@AWS environment?  Samvit: Use IAM roles and policies with least privilege to manage Oracle Database@AWS resources. This ensures only authorized users can provision or modify DB resources, reducing the risk of accidental or malicious changes.  Oracle Data Safe monitors database activity, user risk, and sensitive data, while AWS CloudTrail records all AWS API calls. Together, they give full visibility across the database and cloud layers. Autonomous Database supports Oracle Database Vault for enforcing separation of duties. Exadata Database Service can integrate with Audit Vault and Database Firewall to prevent privileged users from bypassing security controls. Enable multifactor authentication for AWS IAM users managing Oracle Database@AWS. This adds a strong second layer of protection against stolen credentials.  Always deploy your Oracle Database@AWS in private subnets without public IPs. Use AWS security groups and NACLs to strictly limit inbound and outbound traffic, allowing access only from trusted applications. Exadata Database Service supports integration with Oracle Vault for key lifecycle management. And in case of Autonomous Database, the transparent data encryption keys are automatically managed. But you can bring your own keys with OCI Vault. Key rotation ensures compliance and reduces risk of key compromise. Oracle Database@AWS enforces encrypted connections by default. Ensure clients connect with TLS 1.2 or 1.3 to protect data in transit from interception or tampering.  Use Oracle Data Safe's user assessment features to detect dormant users or excessive privileges. Disable unused accounts and rightsize permissions to reduce insider threats and security gap. Export database audit logs to Oracle Data Safe Audit Vault or AWS S3 with object lock for immutability. This prevents lock tampering and ensures audit evidence is preserved for compliance.  11:25 Lois: OK, that covers security. Do you have any tips for making sure your Oracle Database@AWS setup is reliable and resilient? Samvit: Start with clear recovery objectives. Define how much downtime and data loss each workload can tolerate. These targets drive your HADR architecture and backup strategy.  Implement business continuity measures to deliver maximum uptime for your databases. As a best practice, you must configure disaster recovery environment for your critical databases so that, in the event of any disaster affecting the primary database, applications can be immediately failed over to the DR environment, ensuring least application downtime and zero or minimal data loss. With Oracle Database@AWS, you can automate the creation and management of DR environment for your database services using different deployment capabilities. You can opt to configure either cross-availability zone DR in the same region or configure cross-region DR. Since cross-availability zone can only provide site failure protection, you must also configure a cross-region DR to protect against regional failure. A DR plan is only effective if tested. Regular failover and switchover drills validate that people, processes, and systems can recover as designed.  For Exadata Database, Autonomous Recovery Service provides automated backup validation, recovery guarantees, and protection against accidental data loss or corruption.  Oracle-managed backups are fully managed by OCI. When you create your Oracle Exadata Database, you can enable automatic backups by choosing Enable Automatic Backups in the OCI Console. When you do that, you can select Amazon S3 or OCI Object Storage or Autonomous Recovery Service as the backup destination. Don't just take backups. You also need to test them. Regularly restore backups into non-production environment to validate integrity and recovery time.  Plan beyond just the database. Map application and middleware dependencies to ensure end-to-end business resilience. A database failover is useless if dependent apps can't reconnect. 14:09 Nikita: Another area of interest is performance and cost. What practices help teams balance the two? Samvit: Autonomous Database automatically scales CPU and storage as workloads grow. This ensures performance during peaks while avoiding overprovisioning. So you should enable ADB auto-scaling.  Monitor CPU, memory, and IO metrics with AWS CloudWatch to rightsize your compute. Scale up or down based on actual utilization instead of static provisioning. Autonomous databases continuously evaluate and creates indexes automatically. This improves query performance without requiring manual tuning.  Use connection pooling in your applications to optimize database connections. Minimizing round-trip reduces latency and improves throughput. Apply AWS tags to database and related resources for cost allocation and chargeback. Tagging also helps with governance and cost visibility.  Choose between bring your own license and license-included models for Oracle Database@AWS. The right model depends on your existing license portfolio and cost strategy. Not all workloads need long backup retention. Adjust retention policies based on business needs to balance compliance with storage costs.  Exadata Database supports Oracle multitenant with pluggable databases. Consolidating databases reduces infrastructure footprint and licensing costs. Performance tuning isn't just technical. Align metrics with business KPIs. correlating DB performance to user experience and revenue impact helps prioritize optimizations.  16:20 Lois: Before we wrap up, Samvit, let's look at operational efficiency. What advice do you have for making day-to-day operations more efficient? Samvit: Use infrastructure as code tools like Terraform or AWS CloudFormation to automate provisioning. This ensures consistent, repeatable deployments with minimal manual errors.  For Autonomous Database, enable auto-start/stop to optimize costs by running databases only when needed. This is ideal for dev test or seasonal workloads. Exadata Database Service provides fleet maintenance to patch multiple systems consistently. This reduces downtime and simplifies lifecycle management.  Integrate AWS CloudWatch for performance monitoring and EventBridge for event-driven automation. This helps detect issues early and trigger automated workflows. Oracle Data Safe provides ready-to-use audit and compliance reports. Use these to streamline governance and reduce the effort of manual compliance tracking.  For Autonomous databases, Performance Hub simplifies monitoring while Exadata users benefit from AWR and ASH reports. Together, they give deep insights into performance trends. Automated tagging policies and change management workflows help maintain governance. They ensure resources are tracked properly and changes are auditable.  Monitor storage consumption and growth patterns using AWS CloudWatch and the ADB Console. Proactive tracking helps avoid capacity issues and unexpected costs. Send CloudTrail logs into EventBridge to trigger automated incident responses. This shortens response time and builds operational resilience.  18:36 Nikita: Samvit and Rashmi, thanks for spending time with us today. Your insights always help bring the bigger picture into focus. Lois: They definitely do. And if you'd like to go deeper into everything we covered, head over to mylearn.oracle.com and look up the Oracle Database@AWS Architect Professional course. Until next time, this is Lois Houston… Nikita: And Nikita Abraham, signing off! 19:03 That's all for this episode of the Oracle University Podcast. If you enjoyed listening, please click Subscribe to get all the latest episodes. We'd also love it if you would take a moment to rate and review us on your podcast app. See you again on the next episode of the Oracle University Podcast.

Andrey and Mattias share a fast re:Invent roundup focused on AWS security. What do VPC Encryption Controls, post-quantum TLS, and org-level S3 block public access change for you? Which features should you switch on now, like ECR image signing, JWT checks at ALB, and air-gapped AWS Backup? Want simple wins you can use today?  We are always happy to answer any questions, hear suggestions for new episodes, or hear from you, our listeners. DevSecOps Talks podcast LinkedIn page DevSecOps Talks podcast website DevSecOps Talks podcast YouTube channel

PodcastSummary: "Google has implemented a quantum-resistant encryption method for HTTPS by integrating the Kyber post-quantum algorithm into the TLS protocol, enhancing security without affecting browsing speed. The company optimized cryptographic key sizes to balance performance and protection, and combined Kyber with classical encryption methods for compatibility and future readiness. This approach enables businesses to secure sensitive data against current and future threats while maintaining fast online experiences. Google tested the solution across millions of Chrome browsers, confirming no significant impact on connection speed. The advancement sets a new standard for security in industries such as finance, healthcare, and e-commerce, and encourages entrepreneurs to adopt quantum-safe protocols and stay informed about encryption trends to protect digital assets and build customer trust."Learn more on this news by visiting us at: https://greyjournal.net/news/ Hosted on Acast. See acast.com/privacy for more information.

In this episode, hosts Lois Houston and Nikita Abraham are joined by special guests Samvit Mishra and Rashmi Panda for an in-depth discussion on security and migration with Oracle Database@AWS. Samvit shares essential security best practices, compliance guidance, and data protection mechanisms to safeguard Oracle databases in AWS, while Rashmi walks through Oracle's powerful Zero-Downtime Migration (ZDM) tool, explaining how to achieve seamless, reliable migrations with minimal disruption.   Oracle Database@AWS Architect Professional: https://mylearn.oracle.com/ou/course/oracle-databaseaws-architect-professional/155574 Oracle University Learning Community: https://education.oracle.com/ou-community LinkedIn: https://www.linkedin.com/showcase/oracle-university/ X: https://x.com/Oracle_Edu   Special thanks to Arijit Ghosh, Anna Hulkower, Kris-Ann Nansen, Radhika Banka, and the OU Studio Team for helping us create this episode.   -------------------------------------------------------------   Episode Transcript: 00:00 Welcome to the Oracle University Podcast, the first stop on your cloud journey. During this series of informative podcasts, we'll bring you foundational training on the most popular Oracle technologies. Let's get started! 00:26 Nikita: Welcome to the Oracle University Podcast! I'm Nikita Abraham, Team Lead: Editorial Services with Oracle University, and with me is Lois Houston, Director of Communications and Adoption with Customer Success Services. Lois: Hello again! We're continuing our discussion on Oracle Database@AWS and in today's episode, we're going to talk about the aspects of security and migration with two special guests: Samvit Mishra and Rashmi Panda. Samvit is a Senior Manager and Rashmi is a Senior Principal Database Instructor.  00:59 Nikita: Hi Samvit and Rashmi! Samvit, let's begin with you. What are the recommended security best practices and data protection mechanisms for Oracle Database@AWS? Samvit: Instead of everyone using the root account, which has full access, we create individual users with AWS, IAM, Identity Center, or IAM service. And in addition, you must use multi-factor authentication. So basically, as an example, you need a password and a temporary code from virtual MFA app to log in to the console.  Always use SSL or TLS to communicate with AWS services. This ensures data in transit is encrypted. Without TLS, the sensitive information like credentials or database queries can be intercepted. AWS CloudTrail records every action taken in your AWS account-- who did what, when, and from where. This helps with audit, troubleshooting, and detecting suspicious activity. So you must set up API and user activity logging with AWS CloudTrail.  Use AWS encryption solutions along with all default security controls within AWS services. To store and manage keys by using transparent data encryption, which is enabled by default, Oracle Database@AWS uses OCI vaults. Currently, Oracle Database@AWS doesn't support the AWS Key Management Service. You should also use advanced managed security services such as Amazon Macie, which assists in discovering and securing sensitive data that is stored in Amazon S3.  03:08 Lois: And how does Oracle Database@AWS deliver strong security and compliance? Samvit: Oracle Database@AWS enforces transparent data encryption for all data at REST, ensuring stored information is always protected. Data in transit is secured using SSL and Native Network Encryption, providing end-to-end confidentiality. Oracle Database@AWS also uses OCI Vault for centralized and secure key management. This allows organizations to manage encryption keys with fine-grained control, rotation policies, and audit capabilities to ensure compliance with regulatory standards. At the database level, Oracle Database@AWS supports unified auditing and fine-grained auditing to track user activity and sensitive operations. At the resource level, AWS CloudTrail and OCI audit service provide comprehensive visibility into API calls and configuration changes. At the database level, security is enforced using database access control lists and Database Firewall to restrict unauthorized connections. At the VPC level, network ACLs and security groups provide layered network isolation and access control. Again, at the database level, Oracle Database@AWS enforces access controls to Database Vault, Virtual Private Database, and row-level security to prevent unauthorized access to sensitive data. And at a resource level, AWS IAM policies, groups, and roles manage user permissions with the fine-grained control. 05:27 Lois Samvit, what steps should users be taking to keep their databases secure? Samvit: Security is not a single feature but a layered approach covering user access, permissions, encryption, patching, and monitoring. The first step is controlling who can access your database and how they connect. At the user level, strong password policies ensure only authorized users can login. And at the network level, private subnets and network security group allow you to isolate database traffic and restrict access to trusted applications only. One of the most critical risks is accidental or unauthorized deletion of database resources. To mitigate this, grant delete permissions only to a minimal set of administrators. This reduces the risk of downtime caused by human error or malicious activity. Encryption ensures that even if the data is exposed, it cannot be read. By default, all databases in OCI are encrypted using transparent data encryption. For migrated databases, you must verify encryption is enabled and active. Best practice is to rotate the transparent data encryption master key every 90 days or less to maintain compliance and limit exposure in case of key compromise. Unpatched databases are one of the most common entry points for attackers. Always apply Oracle critical patch updates on schedule. This mitigates known vulnerabilities and ensures your environment remains protected against emerging threats. 07:33 Nikita: Beyond what users can do, are there any built-in features or tools from Oracle that really help with database security? Samvit: Beyond the basics, Oracle provides powerful database security tools. Features like data masking allow you to protect sensitive information in non-production environments. Auditing helps you monitor database activity and detect anomalies or unauthorized access. Oracle Data Safe is a managed service that takes database security to the next level. It can access your database configuration for weaknesses. It can also detect risky user accounts and privileges, identify and classify sensitive data. It can also implement controls such as masking to protect that data. And it can also continuously audit user activity to ensure compliance and accountability. Now, transparent data encryption enables you to encrypt sensitive data that you store in tables and tablespaces. It also enables you to encrypt database backups. After the data is encrypted, this data is transparently decrypted for authorized users or applications when they access that data. You can configure OCI Vault as a part of the transparent data encryption implementation. This enables you to centrally manage keystore in your enterprise. So OCI Vault gives centralized control over encryption keys, including key rotation and customer managed keys. 09:23 Lois: So obviously, lots of companies have to follow strict regulations. How does Oracle Database@AWS help customers with compliance?  Samvit: Oracle Database@AWS has achieved a broad and rigorous set of compliance certifications. The service supports SOC 1, SOC 2, and SOC 3, as well as HIPAA for health care data protection. If we talk about SOC 1, that basically covers internal controls for financial statements and reporting. SOC 2 covers internal controls for security, confidentiality, processing integrity, privacy, and availability. SOC 3 covers SOC 2 results tailored for a general audience. And HIPAA is a federal law that protects patients' health information and ensures its confidentiality, integrity, and availability. It also holds certifications and attestations such as CSA STAR, C5. Now C5 is a German government standard that verifies cloud providers meet strict security and compliance requirements. CSA STAR attestation is an independent third-party audit of cloud security controls. CSA STAR certification also validates a cloud provider's security posture against CSA's cloud controls matrix. And HDS is a French certification that ensures cloud providers meet stringent requirements for hosting and protecting health care data. Oracle Database@AWS also holds ISO and IEC standards. You can also see PCI DSS, which is basically for payment card security and HITRUST, which is for high assurance health care framework. So, these certifications ensure that Oracle Database@AWS not only adheres to best practices in security and privacy, but also provides customers with assurance that their workloads align with globally recognized compliance regimes. 11:47 Nikita: Thank you, Samvit. Now Rashmi, can you walk us through Oracle's migration solution that helps teams move to OCI Database Services? Rashmi: Oracle Zero-Downtime Migration is a robust and flexible end-to-end database migration solution that can completely automate and streamline the migration of Oracle databases. With bare minimum inputs from you, it can orchestrate and execute the entire migration task, virtually needing no manual effort from you. And the best part is you can use this tool for free to migrate your source Oracle databases to OCI Oracle Database Services faster and reliably, eliminating the chances of human errors. You can migrate individual databases or migrate an entire fleet of databases in parallel. 12:34 Nikita: Ok. For someone planning a migration with ZDM, are there any key points they should keep in mind?  Rashmi: When migrating using ZDM, your source databases may require minimal downtime up to 15 minutes or no downtime at all, depending upon the scenario. It is built with the principles of Oracle maximum availability architecture and leverages technologies like Oracle GoldenGate and Oracle Data Guard to achieve high availability and online migration workflow using Oracle migration methods like RMAN, Data Pump, and Database Links. Depending on the migration requirement, ZDM provides different migration method options. It can be logical or physical migration in an online or offline mode. Under the hood, it utilizes the different database migration technologies to perform the migration. 13:23 Lois: Can you give us an example of this? Rashmi: When you are migrating a mission critical production database, you can use the logical online migration method. And when you are migrating a development database, you can simply choose the physical offline migration method. As part of the migration job, you can perform database upgrades or convert your database to multitenant architecture. ZDM offers greater flexibility and automation in performing the database migration. You can customize workflow by adding pre or postrun scripts as part of the workflow. Run prechecks to check for possible failures that may arise during migration and fix them. Audit migration jobs activity and user actions. Control the execution like schedule a job pause, resume, if needed, suspend and resume the job, schedule the job or terminate a running job. You can even rerun a job from failure point and other such capabilities. 14:13 Lois: And what kind of migration scenarios does ZDM support? Rashmi: The minimum version of your source Oracle Database must be 11.2.0.4 and above. For lower versions, you will have to first upgrade to at least 11.2.0.4. You can migrate Oracle databases that may be of the Standard or Enterprise edition. ZDM supports migration of Oracle databases, which may be a single-instance, or RAC One Node, or RAC databases. It can migrate on Unix platforms like Linux, Oracle Solaris, and AIX. For Oracle databases on AIX and Oracle Solaris platform, ZDM uses logical migration method. But if the source platform is Linux, it can use both physical and logical migration method. You can use ZDM to migrate databases that may be on premises, or in third-party cloud, or even within Oracle Cloud Infrastructure. ZDM leverages Oracle technologies like RMAN datacom, Database Links, Data Guard, Oracle GoldenGate when choosing a specific migration workflow. 15:15 Are you ready to revolutionize the way you work? Discover a wide range of Oracle AI Database courses that help you master the latest AI-powered tools and boost your career prospects. Start learning today at mylearn.oracle.com. 15:35 Nikita: Welcome back! Rashmi, before someone starts using ZDM, is there any prep work they should do or things they need to set up first? Rashmi: Working with ZDM needs few simple configuration. Zero-downtime migration provides a command line interface to run your migration job. First, you have to download the ZDM binary, preferably download from my Oracle Support, where you can get the binary with the latest updates. Set up and configure the binary by following the instructions available at the same invoice node. The host in which ZDM is installed and configured is called the zero-downtime migration service host. The host has to be Oracle Linux version 7 or 8, or it can be RCL 8. Next is the orchestration step where connection to the source and target is configured and tested like SSH configuration with source and target, opening the ports in respective destinations, creation of dump destination, granting required database privileges. Prepare the response file with parameter values that define the workflow that ZDM should use during Oracle Database migration. You can also customize the migration workflow using the response file. You can plug in run scripts to be executed before or after a specific phase of the migration job. These customizations are called custom plugins with user actions. Your sources may be hosted on-premises or OCI-managed database services, or even third-party cloud. They may be Oracle Database Standard or Enterprise edition and on accelerator infrastructure or a standard compute. The target can be of the same type as the source. But additionally, ZDM supports migration to multicloud deployments on Oracle Database@Azure, Oracle Database@Google Cloud, and Oracle Database@AWS. You begin with a migration strategy where you list the different databases that can be migrated, classification of the databases, grouping them, performing three migration checks like dependencies, downtime requirement versions, and preparing the order migration, the target migration environment, et cetera. 17:27 Lois: What migration methods and technologies does ZDM rely on to complete the move? Rashmi: There are primarily two types of migration: physical or logical. Physical migration pertains to copy of the database OS blocks to the target database, whereas in logical migration, it involves copying of the logical elements of the database like metadata and data. Each of these migration methods can be executed when the database is online or offline. In online mode, migration is performed simultaneously while the changes are in progress in the source database. While in offline mode, all changes to the source database is frozen. For physical offline migration, it uses backup and restore technique, while with the physical online, it creates a physical standby using backup and restore, and then performing a switchover once the standby is in sync with the source database. For logical offline migration, it exports and imports database metadata and data into the target database, while in logical online migration, it is a combination of export and import operation, followed by apply of incremental updates from the source to the target database. The physical or logical offline migration method is used when the source database of the application can allow some downtime for the migration. The physical or logical online migration approach is ideal for scenarios where any downtime for the source database can badly affect critical applications. The only downtime that can be tolerated by the application is only during the application connection switchover to the migrated database. One other advantage is ZDM can migrate one or a fleet of Oracle databases by executing multiple jobs in parallel, where each job workflow can be customized to a specific database need. It can perform physical or logical migration of your Oracle databases.  And whether it should be performed online or offline depends on the downtime that can be approved by business. 19:13 Nikita: Samvit and Rashmi, thanks for joining us today. Lois: Yeah, it's been great to have you both. If you want to dive deeper into the topics we covered today, go to mylearn.oracle.com and search for the Oracle Database@AWS Architect Professional course. Until next time, this is Lois Houston… Nikita: And Nikita Abraham, signing off! 19:35 That's all for this episode of the Oracle University Podcast. If you enjoyed listening, please click Subscribe to get all the latest episodes. We'd also love it if you would take a moment to rate and review us on your podcast app. See you again on the next episode of the Oracle University Podcast.

In this video, we dive into a real-world Red Team vs. Blue Team scenario. We simulate a cyberattack on a Finance Application that has integrated a new LLM Chatbot. You'll see firsthand how attackers use Prompt Injection to bypass standard rules, how they move laterally through Kubernetes clusters, and how they attempt to execute Zero Day exploits. More importantly, we show you how to defend against it. Using Cisco's Hybrid Mesh Firewall, AI Defense, and Secure Workload, we demonstrate how to: 1. Detect & Block Prompt Injections: safeguarding your LLMs from manipulation. 2. Secure Kubernetes: using micro-segmentation to isolate threats in the cloud. 3. Inspect Encrypted Traffic: utilizing the Encrypted Visibility Engine (EVE) to spot malware in TLS flows without decryption. Whether you are a Network Engineer, Security Analyst, or just interested in how AI is changing the cybersecurity landscape, this demo is packed with practical insights Big thank you to Cisco for sponsoring my trip to Cisco Live Amsterdam. // Ant Ducker SOCIALS // LinkedIn: / ant-ducker-0052801 YouTube channel dCloud: / @ciscodcloud // Website REFERENCE // Cisco Security Cloud control: https://sign-on.security.cisco.com/ Cisco.com: https://www.cisco.com/site/us/en/solu... // YouTube Video REFERENCE // Rick Miles' video will be linked at a later stage once published. / David's SOCIAL // Discord: discord.com/invite/usKSyzb Twitter: www.twitter.com/davidbombal Instagram: www.instagram.com/davidbombal LinkedIn: www.linkedin.com/in/davidbombal Facebook: www.facebook.com/davidbombal.co TikTok: tiktok.com/@davidbombal YouTube: / @davidbombal Spotify: open.spotify.com/show/3f6k6gE... SoundCloud: / davidbombal Apple Podcast: podcasts.apple.com/us/podcast... // MY STUFF // https://www.amazon.com/shop/davidbombal // SPONSORS // Interested in sponsoring my videos? Reach out to my team here: sponsors@davidbombal.com // MENU // 0:00 - Coming Up 01:29 - Intro 02:20 - Demo Overview 03:57 - Demo Begins 09:35 - Adding Guardrails 11:45 - Secure Workloads 14:30 - Segmentation Workflow 18:33 - Overviewing Finance App 21:02 - Encrypted Visibility Engine 24:34 - Firewall Obversability and Control 25:44 - Ant's Advice For The Youth 26:40 - How to Learn Hybrid Mesh Firewall 28:16 - Conclusion Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel! Disclaimer: This video is for educational purposes only. #cisco #ciscolive #ciscoemea

Send a textWhat actually needs to be in place before digital pathology can replace the microscope?In this episode of DigiPath Digest, I walk through the 2026 Polish Society of Pathologists guidelines and translate them into practical steps for real pathology labs. This isn't theory. It's about hardware fidelity, data integrity, validation, and AI integration — and what each of these actually requires in daily workflow.We talk about scanner resolution standards (≤0.26 μm per pixel), 4K monitor calibration, visually lossless compression (20:1), scalable storage, pathologist-driven validation, and what “non-inferiority” truly means.Digital pathology is not just a change of medium. It's an operational shift.Episode Highlights[00:02] Community & growth 1,600+ new newsletter subscribers, 10,000+ Facebook members, and free Digital Pathology 101 book access.[07:20] The 4 pillars of adoption Hardware fidelity · Data integrity · Clinical validation · Future integration.[08:30] Hardware requirements 40x equivalent scanning (≤0.26 μm/px), 4K monitors, >300 cd/m² luminance, 10-bit color depth.[12:00] Workflow & throughput 200–300 slides/day per scanner, automated focus control, urgent case prioritization.[17:25] Storage & archiving ~1 GB per slide. Active archive (6–24 months). Long-term retention (10–20 years). GDPR compliance & TLS encryption.[23:09] Validation philosophy Pathologist-centered validation. Two phases: • Familiarization (~20 retrospective cases) • Dual review with discrepancy tracking Goal: digital must be non-inferior to glass.[29:03] AI in digital pathology AI supports quantification (Ki-67, HER2, ER/PR, PD-L1), tumor detection, and future multimodal predictions — but pathologists remain central.[33:26] Intraoperative telepathology

Last November Nick and John introduced Dimitra Fimi, the magnificent maven of Tolkien Studies and Professor of Fantasy and Children's Literature at the University of Glasgow, to students of J. K. Rowling's work. In that discussion, ‘Reading Rowling as Myth Maker and Myth Re-Writer: A Conversation with Dr Dimitra Fimi,' she shared her thoughts about Rowling's creative use of mythology in Harry Potter but especially in the Cormoran Strike series.The Hogwarts Professor team asked her to join us again because of Rowling's yuletide charm bracelet gift to Strike fandom and the recent announcement of the Strike 9 title, Sleep Tight, Evangeline. Her insights about the Longfellow poem as a possible even likely source of the next book's epigraphs are engaging, but it is her expertise in the arcane area of miniature books as well as mythology and the light each shines on the two items attached to the last link of the charm bracelet that open up exciting possibilities.Her idea is that the Psalter on the ninth link of the charm bracelet may actually be, unlike the other tokens on the bracelet's nine links, an object that will play a part in the story, a miniature book. It turns out that one inch high books were something of an industry as curios in the 19th and early 20th century, a means of demonstrating technological mastery.Dr Fimi discussed several projects she has been a part of in conjunctions with nano-technologists and the librarians at the University of Glasgow's special collections division. The one that has the most obvious link to English literature is the ‘Tiny Alice project,' a contemporary effort to minituarize Lewis Carroll's Alice stories to unfathomable minuteness:The Tiny Alice Project has produced one of the world's smallest books: a tiny reproduction of Lewis Carroll's children's classic Alice's Adventures in Wonderland (1865). All 78 pages and 26,764 words of the story have been transposed on to a tiny silicon chip, with each page just the width of a human hair (60 microns). Each individual letter is just two microns high, and made from pure gold!Click on the icons below to find out more about the project, the technology behind it, and Lewis Carroll and his interest in the minuscule. Via the tabs above you can also discover the long tradition of miniature books, and teaching resources.Clip: Twixter link to tweet aboveYou can read Dr Fimi's write-up of ‘Tiny Alice' and the Miniature Book exhibition she curated at the University of Glasgow to highlight their special collection of these treasures at her 2019 blog post about them. Pictures that include annotated miniature books — copies in which their owners made notes in the miniscule margins of the printed pages — can be seen here.Later this week, Nick will be sharing his thoughts on Robert Browning's The Ring and the Book as the Ironbridge Murder story's template within Hallmarked Man, John, Nick, Sandy Hope, and Ed Shardlow will be parsing the ring within Strike8's Part Seven, and more about Longfellow's Evangeline — stay tuned!The Ten Questions Guiding Today's Conversation with Dr Fimi with the Necessary Links for Fun Follow-Up:(Intro) So everything Serious Strikers are thinking and talking about this month made me think of you, Dimitra, and to write you hat-in-hand with an invitation for your return to HogwartsProfessor to share your perspective, knowledge, and first impressions. Thank you for making time to join us!1. (John) Jumping right in, then, two of the charms on the Strike9 or ‘Evangeline' bracelet are Fimi areas of unique expertise: the Psalter and the Head of Persephone. I had urged readers to read your Miniature Books in Children's Fantasy at A Kind of Elvish Craft: The Dimitra Fimi Substack Site in the links after our conversation here last November but I confess to being surprised still when you asked for the dimensions of the Psalter charm after Nick and I posted our thoughts on the subject. For those who haven't read your ‘Miniature Books' post, please share how one of the world authorities on the writing of J. R. R. Tolkien became interested in the smallest of texts, the ‘Little Books' of 19th century printing.2. (Nick) So you asked for the dimensions of the Psalter, you weren't thinking as we were that the Psalter charms would be a box holding a folded up paper with a psalm, maybe two, inside it. You're thinking it might actually be a complete Coverdale Psalter? Is that possible?3. (John) What Nick and I hope to contribute to the nascent field of Rowling Studies, as you know, is a refocusing of the scholarship and the serious reader attention about her work on to her Lake Springs -- the biographical part of story inspiration -- her Shed Tools or intentional artistry, and the Golden Threads, the plot points and themes that run throughout her work, i.e., to bring Rowling Studies more in line with all literary scholarship about notable authors, living and dead.One of the Golden Threads we talked about in our Kanreki series last summer was the ‘Embedded Text,' the books inside a book topos that is in almost every book Rowling writes (Kanreki Golden Thread posts one and two). Detective fiction is always about an embedded text, the narrative ‘written' by the criminal to prevent the detective from reading the real story of what happened and Rowling-Galbraith often makes this narrative an actual book (Dumbledore Chocolate Frog Card, Tales of Beedle the Bard, Bombyx Mori, Talbot's ‘True Book,' The Predictions of Tycho Dodonus, etc.). How do you think a Psalter miniaturized book would appear in a Strike novel?4. (Nick) Has an author used a miniaturized book before in this way? Were there 19th Century Psalters that people wore as talismans or carried as the original Pocket Books?5. (John) And what about the Head of Persephone charm on that bracelet? It's on the ninth and last link, paired with that Psalter. You shared your first thought about the Persephone charm, a hopeful note, on the comment thread here. As our go-to authority on Greek mythology, I'm dying to know more of your thinking about (a) the specific charm and its relation to the Cupid and Psyche myth-template to the Strike series, (b) its pairing with the Psalter, and (c) its position as the last charm on the bracelet. Do you still think it's a sign that Robin will survive Sleep Tight, Evangeline?6. (Nick) As someone immersed in mythological studies and more than familiar with Rowling's use of myth, do you think the Jungian interpretation of that myth as the ‘actualization of feminine identity' is a better lens through which to read that embedded text or is the Spenserian lens of Eros/Anteros, False Cupid and Cupid more helpful? Or is this not a case of Either/Or but Both/And? Valentines Day Special7. (John) Rowling is a close reader and admirer of J. R. R. Tolkien, though that is more evident in the clear pointers to his work in her own work than from her interviews. How does her use of myth contrast with that of Tolkien and Lewis? (See John's 2008 post about Rowling's debts to Tolkien and the two part podcast with Tolkien scholars and Rowling Readers Dr Amy H Sturgis and Dr Sara Brown here and here for more on that influence.)8. (Nick) In an in-person meeting with UK Serious Strikers last week, Rowling shared with them and later via X with everyone the title of the ninth Strike novel, Sleep Tight, Evangeline. We're pretty sure that title refers to a song by an American Blues group called ‘The Whiskey Shambles' (story of the hunt, why Whiskey Shambles is a good bet). There is a famous poem, though, by Henry Wadsworth Longfellow called ‘Evangeline,' one perhaps not as famous as ‘Aurora Leigh' or ‘The Ring and the Book,' other texts Rowling may have used as back-drops to her novels, but still another poem very famous in its own time akin to those epics. Is its subject matter as good a match-up with the possible direction of Sleep Tight as the Victorian poetry back-drop is with other Rowling models?9. (John) You're a native Greek speaker; what does ‘Evangeline' mean in Greek? Is it a common name in Greece or is it a ‘Virtue Name' in the Puritan tradition of grace-filled names (cf., Credence Barebone is probably a reference to an Englishman named “Praise-God Barebone, whose son Nicholas may have been given the name If-Jesus-Christ-had-not-died-for-thee-thou-hadst-been-damned[3]“).10. (Nick) Don't leave before trying to tie together the pieces of this conversation! Is there a thread joining the Psalter, the Head of Persephone, miniaturized books, and the title Sleep Tight, Evangeline?Dimitra Fimi is Professor of Fantasy and Children's Literature at the University of Glasgow and Co-Director of the Centre for Fantasy and the Fantastic. Her Tolkien, Race and Cultural History won the Mythopoeic Scholarship Award for Inklings Studies and she co-edited the critical edition of A Secret Vice: Tolkien on Invented Languages which won the Tolkien Society Award for Best Book. Her Celtic Myth in Contemporary Children's Fantasy won the Mythopoeic Scholarship Award in Myth and Fantasy Studies. Other work includes co-editing Sub-creating Arda: World-building in J.R.R. Tolkien's Work, its Precursors and its Legacies and Imagining the Celtic Past in Modern Fantasy. She has contributed articles for the TLS and The Conversation, and has appeared on numerous radio and TV programs.When the rightly famous and beloved ‘The Great Courses' series decided to offer a Lord of the Rings entry for their catalog of the very best in scholarship for adult-learners, they asked Dimitra Fimi to create ‘The World of J. R. R. Tolkien,' one of their most popular courses and one you can enjoy in an Audible edition.Links Promised in Conversation:A Kind of Elvish Craft: The Dimitra Fimi Substack Site* Miniature Books in Children's Fantasy* Parabasis: A Tribute to Dionysis Stavvopoulos* On Tolkien's Letter 131 (4): “Romance” vs. ScienceDimitra Fimi articles at ‘The Conversation'* After 150 years, we still haven't solved the puzzle of Alice in Wonderland (2015) This is a public episode. If you'd like to discuss this with other subscribers or get access to bonus episodes, visit hogwartsprofessor.substack.com/subscribe

Our winter season continues with Adina Hoffman (recipient of a 2013 Windham-Campbell Prize for Nonfiction) chatting with Michael Kelleher about Georges Perec's magical and mercurial and maddening An Attempt at Exhausting a Place in Paris, translated by Marc Lowenthal. Adina Hoffman is the author of House of Windows: Portraits from a Jerusalem Neighborhood, My Happiness Bears No Relation to Happiness: A Poet's Life in the Palestinian Century, Sacred Trash: The Lost and Found World of the Cairo Geniza (with Peter Cole), Till We Have Built Jerusalem: Architects of a New City, and Ben Hecht: Fighting Words, Moving Pictures. Hoffman's essays and criticism have appeared in the Nation, the Washington Post, the New York Times, the TLS, Raritan, Bookforum, the Boston Globe, New York Newsday, Tin House, and on the World Service of the BBC. She is formerly a film critic for the American Prospect and the Jerusalem Post and was one of the founders and editors of Ibis Editions, a small press devoted to the publication of the literature of the Levant. She has been a visiting professor at Wesleyan University, Middlebury College, and NYU, as well as the Franke Fellow at Yale's Whitney Humanities Center. She lives in Jerusalem and New Haven.See Privacy Policy at https://art19.com/privacy and California Privacy Notice at https://art19.com/privacy#do-not-sell-my-info.

En el anterior episodio hablamos largo y tendido sobre los "homelabs" o laboratorios de prueba informáticos que muchos tenemos en casa. Hemos recibido muchísimos comentarios y hoy repasamos qué tenéis cada uno en casa, y aprendemos juntos sobre muchísimas de estas herramientas. Además, os dejamos una lista de enlaces de todas estas herramientas y hardware para que podáis empezar a montar vuestra propia versión para aprender y probar cosas nuevas: Herramientas Guía de Iban para una transición a alternativas europeas Home Assistant (domótica libre) Kopia (copias de seguridad) Tailscale (VPN entre tus dispositivos, open-source con headscale) authentik (proveedor de identidad privado) immich (gestor de fotos) Komga (gestor de cómics, libros) plex (gestor multimedia de pago) Jellyfin (gestor multimedia) Omoide (gestor multimedia) TeslaMate (gestión de tu Tesla) Heimdall (landing page) Syncthing (sincronización de ficheros) Proxmox (virtualización) Adguard (bloqueo de publicidad) Pi-hole (DNS con bloqueo de publicidad u otras categorías) Unbound (DNS local) Mealie (gestor de recetas de cocina) Obsidian (gestor de notas) K3S (Kubernetes liviano) WireGuard (VPN) podman (contenedores) Docker (contenedores) Harbor (repositorio de contenedores) Verdaccio (registro NPM) Forgejo (repositorios Git) Gitea (repositorios Git) RustFS (servidor S3) cert-manager (certificados TLS en Kubernetes) step-ca (Let's Encrypt local) TrueNAS (SO para NAS) Kiwix (copia local de wikipedia y otras wikis) Prometheus (métricas y monitorización) Grafana (gráficos de métricas) ArgoCD (CI/CD) FluxCD (CI/CD) vLLM (IA generativa local compatible con API de OpenAI) Open WebUI (interfaz web para IA generativa) Hardware Switchbot (domótica) Shelly (relés y domótica) Aqara (domótica) Eve (domótica) Inels Wireless (domótica) Reolink (cámaras de seguridad) GMKtec (mini-PCs) EliteDesk (mini-PCs) QNAP (NAS) Synology (NAS) Raspberry Pi (mini-PCs) Noticias IKEA lanza 21 nuevos productos para un hogar inteligente Sánchez anuncia que España prohibirá acceder a las redes sociales a los menores de 16 años El fundador de Telegram carga contra Pedro Sánchez y alerta a España con un mensaje masivo Música del episodio Introducción: Safe and Warm in Hunter's Arms - Roller Genoa Cierre: Inspiring Course Of Life - Alex Che Puedes encontrarnos en Mastodon y apoyarnos escuchando nuestro podcast en Podimo o haciéndote fan en iVoox. Si quieres un mes gratis en iVoox Premium, haz click aquí.

We have seen much talk of the upcoming drop of maximum TLS term to 200 days, followed by 100 days, and eventually down to 47 days. It happens that all those numbers are too large and the actual maxima will be less than that. We explain.

You've got Tyler & Brad and In this episode, we break down the early versions of Transport Layer Security (TLS) — TLS 1.0 and TLS 1.1 — and explain why these once-standard encryption protocols are now considered insecure. We'll cover when they were released, how modern attacks and cryptographic weaknesses caught up with them, and why today's internet relies on newer, more secure protocols like TLS 1.2 and TLS 1.3.We'll also discuss how even “secure” protocols can become vulnerable when weak ciphers are enabled, using Sweet32 as a real-world example of cipher-level risk.Blog: https://offsec.blog/Youtube: https://www.youtube.com/@cyberthreatpovTwitter: https://x.com/cyberthreatpov Follow Spencer on social ⬇Spencer's Links: https://go.spenceralessi.com/links Work with Us: https://securit360.com | Find vulnerabilities that matter, learn about how we do internal pentesting here.

ZFS Scrubs and Data integrity, Propolice, FreeBSD vs Slackware and more. NOTES This episode of BSDNow is brought to you by Tarsnap and the BSDNow Patreon Headlines Understanding ZFS Scrubs and Data Integrity The story of Propolice Desk reviews describe comment ask questions No reponses, no justications. [Tj's Desk](media/bsdnow649-tjs-desk.jpg) [Ruben's Desk](media/bsdnow649-rubens-desk.jpg) News Roundup FreeBSD vs. Slackware: Which super stable OS is right for you? Prometheus, Let's Encrypt, and making sure all our TLS certificates are monitored Wait, a repairable ThinkPad!? Tarsnap This weeks episode of BSDNow was sponsored by our friends at Tarsnap, the only secure online backup you can trust your data to. Even paranoids need backups. Feedback/Questions Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv Join us and other BSD Fans in our BSD Now Telegram channel

Welcome to The Chrisman Commentary, your go-to daily mortgage news podcast, where industry insights meet expert analysis. Hosted by Robbie Chrisman, this podcast delivers the latest updates on mortgage rates, capital markets, and the forces shaping the housing finance landscape. Whether you're a seasoned professional or just looking to stay informed, you'll get clear, concise breakdowns of market trends and economic shifts that impact the mortgage world.In today's episode, we go through the chatter from the hallways at MBA's Independent Mortgage Banker Conference. Plus, Robbie sits down with TLS' Will Pendleton and Calque's Jeremy Foster for a discussion on how the Buy Before You Sell model helps brokers remove timing and contingency risk for today's buyers, and why transparent, well-integrated solutions like this are increasingly becoming essential tools for brokers navigating more competitive and complex housing markets. And we close by talking about the bond markets reaction to the new Fed Chair announcement.Thank you to Truework, the one verification solution to replace in-house waterfalls. Verify any borrower with a VOIE solution that automates the entire process to quickly deliver the most accurate and complete reports with broad GSE coverage.

Everybody knows about March 15 and the drop in maximum public TLS certificate term to 200 days. But that only scratches the surface on key dates with this maximum term reduction. Join us as we go over "all the dates" for TLS maximum term reduction.

Send us a textRansomware isn't always after your data anymore—sometimes the goal is to burn your operations down. We open with a hard look at the Stoli bankruptcy and what it teaches about ERP paralysis, regulatory deadlines, and why “we'll restore soon” is not a resilience plan. From there, we shift into a high-impact CISSP Domain 4 walkthrough that connects real-world failures to the protocols and controls that actually reduce risk.We break down HTTPS beyond the lock icon—what it secures, what metadata remains exposed, and how certificate trust can be subverted. You'll get a clear mental model for DNS defenses: why DNSSEC protects integrity but not confidentiality, and how DoH and DoT encrypt queries while complicating DNS filtering. We compare SFTP over SSH with FTPS, clarify LDAP StartTLS on port 389 vs LDAPS on 636, and explain the practical differences between IPsec transport and tunnel modes, including when ESP's symmetric encryption is the right fit.We also zoom in on TLS hygiene: why enabling TLS 1.0 or 1.1 invites downgrade and deprecated cipher risks, what HSTS really does (and doesn't do), and why Perfect Forward Secrecy matters when adversaries stockpile encrypted traffic. And we call out a critical truth for both practitioners and exam-takers: HTTPS can't stop phishing, so user trust and certificate validation remain frontline defenses.If you're preparing for the CISSP or leading security strategy, this episode gives you crisp explanations, memorable heuristics, and business-first context to improve your decisions. Subscribe, share with a teammate who handles compliance filings, and leave a review with the toughest crypto or network security question you want us to unpack next.Gain exclusive access to 360 FREE CISSP Practice Questions at FreeCISSPQuestions.com and have them delivered directly to your inbox! Don't miss this valuable opportunity to strengthen your CISSP exam preparation and boost your chances of certification success. Join now and start your journey toward CISSP mastery today!

Public Key Infrastructure (PKI) underpins nearly every secure interaction in modern IT, but it's also one of the most misunderstood and overlooked foundations of security.In this episode of Secure IT, host Jason Kikta is joined by Mark Cooper, CEO and founder of PKI Solutions, to unpack why PKI is so critical to identity, authentication, and trust, and what happens when it fails.They explore how certificates enable passwordless authentication, secure TLS connections, IoT devices, endpoints, and enterprise systems, while also examining why misconfigured or poorly monitored PKI environments often become an attacker's fastest path to privilege escalation. From certificate expirations and operational outages to real-world breach scenarios and pen test failures, this conversation maps the full PKI risk spectrum.Jason and Mark also challenge a common assumption in cybersecurity: that recovery equals resilience. Instead, they argue that true resilience means staying secure and operational, even during misconfiguration, failure, or attack.Whether you're new to PKI or responsible for running it, this episode will change how you think about identity infrastructure, resilience, and trust.Topics covered:- What PKI is and why most organizations already depend on it- Certificates, passwordless authentication, and digital identity- How PKI misconfigurations enable high-impact attacks- Why recovery is the weakest form of resilience- The hidden operational and security risks of foundational systems

I came across a post recently on the Microsoft Fabric blog about the evolution of SSIS 2025..I hadn't heard much about SSIS in SQL Server 2025, so I thought this might provide some info on the investments that Microsoft is still making in Integration Services. I've run into a few people in the past year who are still heavily invested in SSIS and run packages daily. SSIS seems to be a technology that isn't even close to dying for many organizations. The blog starts well, delving into the security investments with the change to the SqlClient and TLS 1.3, as well as supporting Strict Encryption. I don't know many people using this level of security, but it's good to have SSIS support stronger security. There is also an upgrade for SSIS packages targeting Fabric Data Warehouses if they modify their approach. Read the rest of An SSIS Upgrade

The Loyal Subjects has produced a new MASK toy line. These are recreations of the original toys with some updated accessories, and improved figures. Unfortunately some people, including Kevin, are having issues with them. Are these new MASK toys worth buying? #217 Pegwarmers Retro Con 2015 Stop Motion: https://www.youtube.com/watch?v=87i-Vxc2Xgs Pegwarmers is the codename for toys and collectibles with high supply and low demand. Join Kevin Jones, and his team of collector commandos, as they discuss popular and not-so-popular retro and current toy brands. Check back for new episodes each Wednesday. Follow Us https://twitter.com/pegwarmerspod https://www.facebook.com/pegwarmerspod Join our Patreonhttps://www.patreon.com/pegwarmers

Josh talk to Dirkjan and Joe about Rustls (pronounced rustles), a Rust-based TLS library. Dirkjan and Joe are developers on Rustls. We talk about the history that got us to this point. The many many challenges in writing a TLS library (Rust or not). We also chat about some of what's to come. Rustls has an OpenSSL compatibility layer which makes is a really interesting project. The show notes and blog post for this episode can be found at https://opensourcesecurity.io/2025/2025-12-rustls-dirkjan-joe/

DLLs & TLS Callbacks As a follow-up to last week's diary about DLL Entrypoints, Didier is looking at TLS ( Thread Local Storage ) and how it can be abused. https://isc.sans.edu/diary/DLLs%20%26%20TLS%20Callbacks/32580 FreeBSD Remote code execution via ND6 Router Advertisements A critical vulnerability in FreeBSD allows for remote code execution. But an attacker must be on the same network. https://www.freebsd.org/security/advisories/FreeBSD-SA-25:12.rtsold.asc NIST Time Server Problems The atomic ensemble time scale at the NIST Boulder campus has failed due to a prolonged utility power outage. One impact is that the Boulder Internet Time Services no longer have an accurate time reference. https://tf.nist.gov/tf-cgi/servers.cgi https://groups.google.com/a/list.nist.gov/g/internet-time-service/c/o0dDDcr1a8I

In the final show of 2025, Patrick Gray and Adam Boileau discuss the week's cybersecurity news, including: React2Shell attacks continue, surprising no one The unholy combination of OAuth consent phishing, social engineering and Azure CLI Venezuela's state oil firm gets ransomware'd, blames US… but what if it really is a US cyber op?! Russian junk-hacktivist gets indicted for cybering critical… err… a car wash and a fountain Microsoft finally turns RC4 off by default in Active Directory Kerberos Traefik's TLS verify=on … turns it off, whoopsie

professorjrod@gmail.comIn this episode of Technology Tap: CompTIA Study Guide, we dive deep into cloud security fundamentals, perfect for those preparing for the CompTIA Security+ exam. Join our study group as we explore the shifting security landscape from locked server rooms to identity-based perimeters and data distributed across regions. This practical, Security+-ready guide connects architecture choices to real risks and concrete defenses, offering valuable IT certification tips and tech exam prep strategies. Whether you're focused on your CompTIA exam or looking to enhance your IT skills development, this episode provides essential insights to help you succeed in technology education and advance your career.We start by grounding the why: elasticity, pay-per-use costs, and resilience pushed organizations toward public, private, community, and hybrid clouds. From there, we map service models—SaaS, PaaS, IaaS, and XaaS—and the responsibilities each one assigns. You'll hear how thin clients reduce device risk, why a transit gateway can become a blast radius, and where serverless trims surface area while complicating visibility. Misunderstanding the shared responsibility model remains the leading cause of breaches, so we spell out exactly what providers secure and what you must own.Identity becomes the new perimeter, so we detail IAM guardrails: least privilege, no shared admins, MFA on every privileged account, short-lived credentials, and continuous auditing. We cover encryption in all three states with AES-256, TLS 1.3, HSMs, and customer-managed keys, then add CASB for SaaS control and SASE to bring ZTNA, FWaaS, and DLP to the edge where users actually work. Virtualization and containers deliver speed and density but expand the attack surface: VM escapes, snapshot theft, and poisoned images require hardened hypervisors, signed artifacts, private registries, secret management, and runtime policy. Hybrid and multi-cloud introduce inconsistent IAM and fragmented logging—centralized identity, unified SIEM, CSPM, and infrastructure-as-code guardrails bring discipline back.We wrap with the patterns attackers exploit—public storage exposure, stolen API keys, unencrypted backups, and supply chain compromises—and the operating principles that stop them: zero trust, verification over assumption, and automation that responds at machine speed. Stick around for four rapid Security+ practice questions to test your skills and cement the concepts.If this helped you study or sharpen your cloud strategy, follow and subscribe, share it with a teammate, and leave a quick review telling us which control you'll deploy first.Support the showArt By Sarah/DesmondMusic by Joakim KarudLittle chacha ProductionsJuan Rodriguez can be reached atTikTok @ProfessorJrodProfessorJRod@gmail.com@Prof_JRodInstagram ProfessorJRod

Strategic Technology Consultation Services This episode of The Modern .NET Show is supported, in part, by RJJ Software's Strategic Technology Consultation Services. If you're an SME (Small to Medium Enterprise) leader wondering why your technology investments aren't delivering, or you're facing critical decisions about AI, modernization, or team productivity, let's talk. Show Notes "You actually cannot do proper vertical slice if you are bounded to controllers. Because there are some additional dependencies that you can download, like Ardalis [ApiEndpoints] or like Fast Endpoints that will give you actually what Minimal API is giving you. But with the standard controller-based approach you are not able to do the full vertical slice, because every time you'll need to take this, let's say presentation layer, outside your slice because it needs to be, just as you said, in the class that is inheriting from Controller and doing all the actions and stuff like this."— Kajetan Duszyński Hey everyone, and welcome back to The Modern .NET Show; the premier .NET podcast, focusing entirely on the knowledge, tools, and frameworks that all .NET developers should have in their toolbox. I'm your host Jamie Taylor, bringing you conversations with the brightest minds in the .NET ecosystem. Today, we're joined by Kajetan Duszyński to talk about some of the new things that are coming up in .NET 10. We cover some of the big things that you might have missed, some of the optimisations you can make by removing code (listen up for one in a few moments), and we also talk about his new book ".NET 10 Revealed." "So you all need to remember that if you are using Minimal APIs and you've used the extension method WithOpenAPI(), which created a proper OpenAPI schema. Right now it won't be used, so you'll need to delete every usage of this method from your whole application, because it will be um added by default in the pipeline of creating, of starting up the application."— Kajetan Duszyński Along the way we talked about allocations, the importance of learning MSIL (what your C# and F# code is compiled to), memory management, how fast .NET is moving and when we're likely to see the first public preview of .NET 11, and the vertical slice architecture. One of the biggest things that I think will cause some head scratching in .NET 10 is the new local self-signed TLS certificate. I've linked to an article by the folks at Duende about this, and it'll be worth adding it to your reading list. It's a great addition to .NET 10, but it'll catch some folks out. Before we jump in, a quick reminder: if The Modern .NET Show has become part of your learning journey, please consider supporting us through Patreon or Buy Me A Coffee. Every contribution helps us continue bringing you these in-depth conversations with industry experts. You'll find all the links in the show notes. Anyway, without further ado, let's sit back, open up a terminal, type in `dotnet new podcast` and we'll dive into the core of Modern .NET. Full Show Notes The full show notes, including links to some of the things we discussed and a full transcription of this episode, can be found at: https://dotnetcore.show/season-8/building-on-net-10-a-chat-with-kajetan-duszynsk-author-of-net-10-revealed Useful Links: Ardalis ApiEndpoints REPR pattern Fast Endpoints Why You Should Be Using .NET 10's New TLS Certificate Kajetan's .NET school Kajetan on LinkedIn .NET 10 Revealed Supporting the show: Leave a rating or review Buy the show a coffee Become a patron Getting in touch: via the contact page joining the Discord Podcast editing services provided by Matthew Bliss Music created by Mono Memory Music, licensed to RJJ Software for use in The Modern .NET Show Editing and post-production services for this episode were provided by MB Podcast Services Supporting the show: Leave a rating or review Buy the show a coffee Become a patron Getting in Touch: Via the contact page Joining the Discord Remember to rate and review the show on Apple Podcasts, Podchaser, or wherever you find your podcasts, this will help the show's audience grow. Or you can just share the show with a friend. And don't forget to reach out via our Contact page. We're very interested in your opinion of the show, so please get in touch. You can support the show by making a monthly donation on the show's Patreon page at: https://www.patreon.com/TheDotNetCorePodcast. Music created by Mono Memory Music, licensed to RJJ Software for use in The Modern .NET Show. Editing and post-production services for this episode were provided by MB Podcast Services.

Ismael (Founder/CEO) and Nate (Defense GTM) from Lagrange explain why the biggest commercial demand for cutting-edge cryptography might be outside crypto—securing AI in defense, healthcare, and regulated finance. We cover: why they built DeepProof (a zero-knowledge ML library that proves model outputs over private inputs), how this fits the DoD's zero-trust mandates, and why frontier crypto R&D should serve national interest, not just faster token launches. We also dig into GTM with government, what zero-knowledge adds beyond TLS, and how to talk “applied cryptography” without getting stuck in a “crypto” stigma.Key timestamps[00:00:00] Cold Open: Ismael on crypto funding frontier cryptography beyond tokens[00:01:00] Introduction: Sam sets up Lagrange, AI, defense, and applied cryptography[00:03:00] Origin Story: Ismael's path from TradFi and VC to founding Lagrange[00:06:00] Why Defense: Using crypto-funded cryptography for national security and AI safety[00:10:00] DeepProof Explained: Proving AI model outputs over private inputs with ZK[00:15:00] Business Model: “OpenAI sells inference; we sell proofs”[00:18:00] Beyond Crypto: Healthcare, compliance, and dual-use cryptography[00:22:00] Nate's Role: Selling applied cryptography to defense without leading with “crypto”[00:27:00] Lagrange Vision: Cryptographic supremacy and becoming the verifiability layer[00:33:00] Roadmap & Ask: Expansion into defense, partners with serious AI workloadsConnecthttps://www.lagrange.dev/https://www.linkedin.com/company/lagrange-labs/https://www.linkedin.com/in/i20h/https://x.com/lagrangedevhttps://x.com/Ismael_H_RDisclaimerNothing mentioned in this podcast is investment advice and please do your own research. It would mean a lot if you can leave a review of this podcast on Apple Podcasts or Spotify and share this podcast with a friend.Get featuredBe a guest on the podcast or contact us – https://www.web3pod.xyz/

This week, TLS contributors select their favourites from 2025; plus an interview with CD Rose, winner of this year's Goldsmiths Prize.‘We Live Here Now', by CD RoseProduced by Charlotte Pardy Hosted on Acast. See acast.com/privacy for more information.

Topics covered in this episode: httptap 10 Smart Performance Hacks For Faster Python Code FastRTC Explore Python dependencies with pipdeptree and uv pip tree Extras Joke Watch on YouTube About the show Sponsored by us! Support our work through: Our courses at Talk Python Training The Complete pytest Course Patreon Supporters Connect with the hosts Michael: @mkennedy@fosstodon.org / @mkennedy.codes (bsky) Brian: @brianokken@fosstodon.org / @brianokken.bsky.social Show: @pythonbytes@fosstodon.org / @pythonbytes.fm (bsky) Join us on YouTube at pythonbytes.fm/live to be part of the audience. Usually Monday at 10am PT. Older video versions available there too. Finally, if you want an artisanal, hand-crafted digest of every week of the show notes in email form? Add your name and email to our friends of the show list, we'll never share it. Michael #1: httptap Rich-powered CLI that breaks each HTTP request into DNS, connect, TLS, wait, and transfer phases with waterfall timelines, compact summaries, or metrics-only output. Features Phase-by-phase timing – precise measurements built from httpcore trace hooks (with sane fallbacks when metal-level data is unavailable). All HTTP methods – GET, POST, PUT, PATCH, DELETE, HEAD, OPTIONS with request body support. Request body support – send JSON, XML, or any data inline or from file with automatic Content-Type detection. IPv4/IPv6 aware – the resolver and TLS inspector report both the address and its family. TLS insights – certificate CN, expiry countdown, cipher suite, and protocol version are captured automatically. Multiple output modes – rich waterfall view, compact single-line summaries, or -metrics-only for scripting. JSON export – persist full step data (including redirect chains) for later processing. Extensible – clean Protocol interfaces for DNS, TLS, timing, visualization, and export so you can plug in custom behavior. Example: Brian #2: 10 Smart Performance Hacks For Faster Python Code Dido Grigorov A few from the list Use math functions instead of operators Avoid exception handling in hot loops Use itertools for combinatorial operations - huge speedup Use bisect for sorted list operations - huge speedup Michael #3: FastRTC The Real-Time Communication Library for Python: Turn any python function into a real-time audio and video stream over WebRTC or WebSockets. Features

Recent advancements in quantum computing are pushing the technology closer to practical application, with companies like Google, IBM, and ICONIC making significant strides in stabilizing quantum systems. This progress poses risks to current encryption methods, as traditional security measures may become obsolete due to quantum capabilities. The National Institute of Standards and Technology (NIST) is advocating for the adoption of post-quantum cryptography (PQC) to protect sensitive data, emphasizing the urgency for organizations to reassess their security protocols. Failure to act could result in severe repercussions, including data breaches and regulatory noncompliance.Google's quantum computing division has published research demonstrating practical applications for quantum computers, such as using quantum technology for nuclear magnetic resonance to estimate atomic structures. The company is shifting its focus from merely proving quantum feasibility to making the technology cost-effective. Sundar Pichai, CEO of Alphabet, expressed optimism about the timeline for commercially viable quantum computing, while industry opinions vary, with some experts suggesting practical applications may still be decades away. This divergence highlights the uncertainty surrounding the timeline for widespread quantum adoption.In addition to quantum computing advancements, the episode discusses the integration of PQC into mainstream technology. Microsoft Windows 11 has begun incorporating PQC algorithms into its cryptographic APIs, allowing for the generation of PQC key pairs and hybrid TLS handshakes. Meanwhile, companies like Palo Alto Networks are updating their software to support quantum-resistant encryption. These developments indicate a growing recognition of the need for quantum-safe security measures as organizations prepare for the potential threats posed by quantum computing.For Managed Service Providers (MSPs) and IT decision-makers, the implications are clear: proactive measures are necessary to prepare for the quantum computing era. MSPs should assist clients in inventorying their cryptographic systems and developing a roadmap for adopting PQC. As the U.S. government urges organizations to transition to quantum-safe encryption by 2035, MSPs must prioritize updating protocols and exploring quantum-resistant solutions. The transition to quantum-safe encryption is a multi-year effort, and early preparation will help mitigate future risks associated with quantum advancements. One thing to know today00:00 All About Quantum Computing This is the Business of Tech.    Supported by:  

This week, Jake and Travis sit down with journalist Will Sommer to unpack his investigation into the New Age wellness empire selling stacks of glowing TV monitors as a cure‑all. Jason Shurka, the brains behind the multi-million dollar operation, used the funds to bankroll a brand new streaming platform, Unifyd TV, whose offerings include documentaries made by QAnon promoters. According to the promoters of this quack cure, their work is approved by a secret society of powerful entities who are dedicated to elevating humankind called “The Light Systems” cabal or “TLS.” One member of The Light Systems, a figure called “Ray,” is regularly filmed while wearing a face-concealing hoodie and gloves in order to preserve his anonymity in interviews with Shurka available on Unifyd TV. It's a lot. Just listen to the episode. Subscribe for $5 a month to get all the premium episodes: www.patreon.com/qaa Will Sommer https://bsky.app/profile/willsommer.bsky.social How a Bizarre Healing-TV-Screen Tycoon Is Funding MAGA Media https://www.thebulwark.com/p/bizarre-healing-tv-screen-tycoon-funding-maga-media-unifyd-eesystem The first two episodes of Annie Kelly's new podcast miniseries “Truly, Tradly, Deeply” will be released on the Cursed Media podcast network on the 29th of October. https://www.cursedmedia.net/ Cursed Media subscribers also get access to every episode of every QAA miniseries we produced, including Manclan by Julian Feeld and Annie Kelly, Trickle Down by Travis View, The Spectral Voyager by Jake Rockatansky and Brad Abrahams, and Perverts by Julian Feeld and Liv Agar. Plus, Cursed Media subscribers will get access to at least three new exclusive podcast miniseries every year. https://www.cursedmedia.net/ Editing by Corey Klotz. Theme by Nick Sena. Additional music by Pontus Berghe. Theme Vocals by THEY/LIVE (instagram.com/theyylivve / sptfy.com/QrDm). Cover Art by Pedro Correa: (pedrocorrea.com) qaapodcast.com QAA was known as the QAnon Anonymous podcast.

Cisco's routers just exposed more than two million networks thanks to a "security optional" SNMP setup that's being actively exploited—Steve and Leo break down why this is a worst-case scenario for the industry and how easily it could have been avoided. Gmail's spam filtering false-positive spree. iOS 26's Safari randomizes its fingerprint by default. Cisco's SNMP stands for "Security Not My Problem". Windows' "stuck" Extended Security Updates (ESU). Europe complains, gets 1-year of ESU with no strings. Where to get $6 TLS certs (really) while they last. The lessons to learn from Jaguar Land Rover's mess. The NEON app: get paid to have your voice recorded. Bluesky's age verification, now coming to Ohio. What is "Kids Web Services" for age verification. More than 10K Ollama instances publicly exposed. GRC's DNS Benchmark reaches "release candidate" Show Notes - https://www.grc.com/sn/SN-1045-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: vanta.com/SECURITYNOW 1password.com/securitynow Melissa.com/twit threatlocker.com/twit zapier.com/twit