Many of the largest companies rely on third-party code to run critical parts of their software. However, there's often little focus on ensuring the quality of these external dependencies. Today we speak with Feross Aboukhadijeh, CEO and founder of , a developer-first security platform. Socket helps developers and security teams release software faster and reduce time spent on security busywork. Feross is also a lecturer at Stanford, where he teaches CS233 Web Security. We discuss why the quality of third-party dependencies matters, when to start addressing this issue, how to handle unmaintained dependencies, and what tools are available for managing third-party dependencies. After listening to the episode, be sure to visit the connect with Feross on , and check out his . Mentioned in this episode: Socket at Feross on X at Feross website at:
This week on The Business of Open Source I spoke with Tanmai Gopal, co-founder of Hasura. We talked about how Hasura grew out of Tanmai’s previous company, which was a consulting company. I like to call out examples of really novel open source businesses, but in fact the thing that stuck with me...
This week on Screaming in the Cloud, Corey Quinn is joined by Kat Cosgrove, Lead Open Source Advocate for Dell Technologies. Kat catches Corey up to speed on the newest version of Kubernetes that Kat was the release lead for. The two discuss its unconventional name: Uwubernetes, what goes into...
Go 1.22.4 & 1.21.11 coming Tuesday, June 4Community eventsGolang Atlanta meetup, June 13Cup o' Go Meetup in Amsterdam, June 19Golang Tilburg meetup, June 20Proposal accepted and implemented: new iterator functions in maps package coming in 1.23Reddit: What software shouldn't you write in Go?Blog:...
Josh Koenig and David Strauss are co-founders at Pantheon, a platform for building and operating websites. Josh is the chief strategy officer, and David is the CTO. Open source software is a big part of the web, and Pantheon is a downstream user as well as a contributor to several open source projects. David is an early contributor to systemd, a component of Linux distributions, a member of the Drupal security team, and was a founding member of the first Fedora Server working group in 2011.
Josh and David share their views as downstream consumers of open source software as well as members of the community, touching on why enterprises don't contribute more to open source, the approach to open source policy and licensing changes by two different major vendors in Red Hat and HashiCorp, efforts to shore up the security of the web by moving to memory-safe languages, and more. Come for the industry insights, and stay for the many colorful analogies in this discussion, from tugboats to tofurkey.
Editor's Note: This episode was recorded before IBM agreed to acquire HashiCorp.
Tech lawyer Luis Villa returns to answer our most pressing questions: what’s up with all these new content deals? How did Google think it was a good idea to ship AI Summaries in its current state? Is it too late to opt out of AI? We also discuss AI in Hollywood (spoilers!), positive things we’re seeing (or hoping for) ...
Angelica is joined by Samantha Coyle to talk about her newly published textbook: Go Programming - From Beginner to Professional. This book serves as a go-to guide to master Go for real-world software dev success covering fundamentals to advanced topics.
This week on The Business of Open Source I spoke with Reshma Khilnani, CEO and founder of Medplum. Medplum is an open source electronic health record development platform, and one of the things I loved about this conversation is that Reshma is so focused on the healthcare industry — a level of...
We kick off our Microsoft Build 2024 “coverage” in this free-wheelin’ conversation with our friend, Shaundai Person! We’re talking Netflix infra, we’re talking sales, we’re talking real-world AI usage, we’re talking career choices…. What’s a good next step? Listen in!
In today's episode, Kelsey Hightower discusses the evolution of Kubernetes, the importance of open source, and the future of technology, including AI. Join the conversation as Kelsey shares insights on the tech industry, open source sustainability, and the impact of AI on our daily lives. Check...
ProposalsAccepted: require Linux 3.17 kernel for Go 1.24Previous discussion: Episode 61Accepted: add encoding.AppendText and encoding.AppendBinaryPrevious discussion: Episode 62Accepted: add HostLayout directive type🪟 Accepted: Normalize line endings in example output comparisonsConference...
Justin Warren is founder and principal analyst at PivotNine, a technology consulting and analyst firm based in Melbourne, Australia. Until 2023, he was a board member at Electronic Frontiers Australia, a non-profit national organization representing Internet users. At KubeCon North America last year, he asked a press conference panel of enterprise IT leaders what they were doing to compensate open source maintainers "so they don't starve to death."A self-described "filthy socialist," Warren favors a tax or tax-like system for funding open source libraries that are widely used but not full-fledged products -- especially when the alternative is an offer from a malicious actor maintainers can't refuse. Together, Warren and Beth explore various approaches to shoring up the maintenance, security and sustainability of open source software and discuss the future outlook for the industry in this episode.
Bryan Cantrill, Co-founder and CTO of Oxide Computer Company, joins Adam to share his journey from Sun to Oxide – from Sun and Fishworks, to DTrace, to ZFS, to Joyent and Node.js, and now working to build on-prem cloud servers as they should be at Oxide.
This week, we're sharing an extra special episode.
It's no secret that the decision to buy or build isn't exactly a straightforward one. And the decision you make can be influenced by a ton of factors.
But the fact is that in some instances, buying can make more sense than building, and in others, building can make more sense than buying.
In this episode, you'll hear from John Paris, Principal Engineer at Skyscanner, to get the story behind their build versus buy journey.
Joining him as the host for this episode is none other than the CPO of incident IO, Chris Evans.
In their conversation, Chris and John discuss Skyscanner's setup before adopting incident.io, what life has been like after adopting the platform, and a whole lot more.
and talk about open source and autonomy. This is even related to some recent return to office news. The conversation weaves between a few threads, but fundamentally there's some questions about why do people do what they do, especially in the world of open source. This also is a problem we see in security, security people love to tell developers what to do. Developers don't like being told what to do. Show Notes
Birk Jernström from Polar joins the show to tell us all about the creator platform for developers: why he built it, how it works, why it works how it works, what’s in store for the future & we even give Birk some super deep UX feedback on the funding flow.
Andrew Atkinson joins Autumn & Justin to tell them why folks should (and are) picking PostgreSQL as their database in 2024 and how to scale it.
Alex Kretzschmar joins Adam to discuss their experiences with building the “perfect media server” and all the hardware and software involved to make it happen — LinuxServer.io, PerfectMediaServer.com, Plex, Jellyfin, ZFS, mergerfs, TrueNAS, Docker Compose and so much more in this episode.
Upcoming conferences🇯🇵 June 8: Go Conference 2024 @ Tokyo, Japan🇩🇪 June 17-20: GopherCon EU @ Berlin, Germany🇳🇱 June 19-21: DevOps Days @ Amsterdam, Netherlands🇷🇺 June 24-25: Golang Conf 2024 @ St. Petersburg, RussiaProposals👍 Accepted: go telemetry subcommandPrevious discussion on Episode 62⛔...
Emily Fox has held multiple roles at household-name organizations in her 13-year IT career and is currently senior principal software engineer at Red Hat. Previously, she worked as an engineer at Apple, and DevOps Security Lead at the National Security Agency. She also serves as chair of the CNCF's technical oversight committee and is involved in a variety of open source communities and activities. From her unique vantage point, she addresses the delicate balance the CNCF must strike between enterprises, open source maintainers and open product companies; growing awareness about open source sustainability issues; and how all of that feeds into a general "crisis of conscience" going on in cybersecurity.
Our friend Ron Evans is a technologist for hire, an open source developer, an author, a speaker, an iconoclast, and one of our favorite people in tech. This conversation with Ron goes everywhere: from high-altitude weather balloons, to life on Mars, to Zeno’s paradox applied to ML, to what open source devs should learn...
This week on The Business of Open Source, I spoke with Adam Jacob, founder and CEO of System Initiative and formerly the CTO and co-founder at Chef. We had a wide-ranging conversation that at times veered into the philosophical (what is the meaning for ‘strategy’?) but also has plenty of...
All of the health anxiety of early internet adopters traced back to WebMD’s self diagnosis. Some sysadmin’s on-call nightmares came from a different part of the site.
On this week’s episode of Screaming in the Cloud, Corey Quinn sits down with the incredible Cody Odgen, software developer and creator of Killed by Google. Corey and Cody discuss Google’s graveyard of products, how discontinuing offerings creates a feeling of distrust amongst your customers, and...
In today’s episode, Jack discusses what it was like working in a sales team at Stack Overflow, selling to developers, and why you should think about sales in terms of champions.
Annie Sexton has been on quite a journey since she was last on the show back in early ‘22. On this episode, Annie takes us on that journey, shares her new-found perspective & tells us about how she’s approaching her side project this time around.
Susan dives into OTF's efforts in sustaining open-source tech in aiding internet freedom globally, navigating challenges with funds & a new FOSS Sustainability Fund.
Go 1.22.3 & 1.22.10 releasedProposalsAccepted: add binary.Append functionLikely accept: new `go telemetry` subcommandLikely decline: Notify about new major versions of dependenciesPackt book bundleInterview with Jamie TannaBlog: Creating a more sustainable model for `oapi-codegen` in the...
Old friends Justin and Paul catch up for the first time in years and catch each other up on the state of Transistor and Fathom. They cover lots of lessons for new and veteran entrepreneurs, spanning their decades of experience in the world of indie software: cofounders, markets, surfing,...
Jack and Paul get into what’s going on inside Fathom Analytics right now, and then answer some questions about what it was like starting the company, what they’d do differently (or the same), and if there’s anything they’d change if they had to start Fathom again.Special thanks to Ben and Adam...
This week on The Business of Open Source, I had a very different sort of guest — Mark Boost, the CEO and founder of Civo. We talked not only about Mark’s history as an entrepreneur, but also Civo’s recent acquisition of KubeFirst. This topic caught my eye because it’s not often I get an offer to...
<p>Actress and comedian Tiffany Haddish feels exuberated about being Conan O’Brien’s friend.</p><p> </p><p>Tiffany sits down with Conan once again to discuss her new memoir I Curse You With Joy, her surprisingly scandalous association with the movie Face/Off, working background on every show imaginable, re-investing in South Central LA properties, and more.</p><p> </p><p>For Conan videos, tour dates and more visit <a href="http://TeamCoco.com">TeamCoco.com</a>.</p><p>Got a question for Conan? Call our voicemail: (669) 587-2847.</p>
In this week’s episode we’re talking about the news! In this laugh-filled episode, Kris is joined by Ian &amp; Johnny to discuss the future of Go, both the Go team itself and iterations of packages within the standard library; Microsoft creating a Go blog &amp; a Go fork; and SQLite and Go.
This week we’re joined by Dustin Bluck to discuss his acquisition of the well known (and beloved) Castro podcast app to take it indie-focused once again. As previous users of Castro, we were excited to dig into the details behind this popular podcast client to see what’s next, how the deal was done, a peek into the cod...
Consider supporting the show by joining our Patreon!🆕 ReleasesGo 1.22.3 & 1.21.10 coming Tuesday🪇 ConferencesGopherCon Brazil, May 9 & 10GopherDay Taiwan, May 25🤹 Secure RandomnessBlog: Evolving the Go Standard Library with math/rand/v2Blog: Secure Randomness in Go 1.22 by Russ Coxnew proposal:...
This week on The Business of Open Source, I spoke with Brian Fox, co-founder and CTO of Sonatype. In addition to having a really interesting discussion about the usual topic of how to build a business around open source software, we also had a good conversation about security — it was hard to...
This week I talk about the impact of SaaS-first technology strategies on the work of an SRE. I pose questions about observability, ownership, on-call, and how much control we have over reliability.You can find the Bleeding Tech blog on Medium: htt...
An open-source project isn’t something that should be rushed or executed haphazardly. It requires careful planning and strategizing, as well as clear communication between all stakeholders.
In this episode of The Business of Cloud Native, host Emily Omier speaks with Tobie Langel who is...
Peter Zaitzev, the founder of Percona, is an expert on open source strategy and database optimization. With his level of experience in the world of open source, Peter enjoys challenging himself and going against the grain in order to come out on top.On this episode of The Business of Open Source,...
From software engineer to leading developer products at Facebook, Ron Efroni was familiar with the challenges facing developers. His co-founder recognized the power of Nix to remove the boundaries of development, and together they started Flox to reduce the barriers to the adoption of Nix.In our...
Liz Rice, Chief Open Source Officer at Isovalent, joins me to discuss the business model behind Cilium and the enjoyment she has found working in open source.