Who's going to pay to fix open source security?
Will no one think of the maintainers? As The New Stack points out, watching millions of projects fail because of a bug in an open source library has become common enough that we shrug and reply, "Told you so." It's gotten so bad, big tech companies are visiting the White House to discuss the issue as a matter of national security.There is a great post up on the Stack Overflow blog examining this issue, but it's not about color.js, it's about Log4J. Traffic to questions on this logging library grew more than 1000% percent after the recent revelations about a new vulnerability. Also discussed in this episode: cryptographer and Signal creator Moxie Marlinspike stepped down from his role as CEO of the encrypted messaging service. That's news, but he actually made bigger waves in tech circles with an unrelated blog post detailing his first experience with Web3. Spoiler alert: it's not as decentralized or divorced from Web2 as you might have thought.You can find Cassidy Williams on Twitter and her website.Ben Popper can be found on Twitter here.Ryan Donovan can be found on Twitter, or writing for the Stack Overflow blog. See Privacy Policy at https://art19.com/privacy and California Privacy Notice at https://art19.com/privacy#do-not-sell-my-info.
21 Tammi 202221min
A chat with the folks who lead training and certification at AWS
You can find Maureen here. You can find Scott here.There is a wealth of free courses available through the AWS training website, including Operations, Advanced Networking, Machine Learning, and Data Science. See Privacy Policy at https://art19.com/privacy and California Privacy Notice at https://art19.com/privacy#do-not-sell-my-info.
18 Tammi 202232min
Safety in numbers: crowdsourcing data on nefarious IP addresses
You can find Philippe on Twitter here and learn more about CrowdSec here.They recently put together a list of the IP addresses trying to exploit the new Log4j vulnerability.For a prescient view of today's cybersecurity challenges, Humeau recommends John Brunner's classic 1975 sci-fi novel, The Shockwave Rider.See Privacy Policy at https://art19.com/privacy and California Privacy Notice at https://art19.com/privacy#do-not-sell-my-info.
14 Tammi 202225min
Making Agile work for data science
Data scientists and engineers don’t always play well together. Data scientists will plan out a solution, carefully build models, test them in notebooks, then throw that solution over the wall to engineering. Implementing that solution can take months.Historically, the data science team has been purely science-driven. Work on methodologies, prove out something that they wanted to achieve, and then hand it over to the engineering organization. That could take many months.Over the past three to five years, they’ve been moving their engineering and data science operations onto the cloud as part of an overall Agile transformation and a move from being sales-led to being product-led. With most of their solutions migrated over, they decided that along with modernizing their infrastructure, they wanted to modernize their legacy systems, add new functions and scientific techniques, and take advantage of new technologies to scale and meet the demand coming their way. While all of the rituals and the rigor of Agile didn't always facilitate the more open-ended nature of the data science work at 84.51°, having both data science and engineering operating in a similar tech stack has been a breath of fresh air. Working cross-functionally has shortened the implementation delay. At the same time, being closer to the engineering side of the house has given the data science team a better sense of how to fit their work into the pipeline. Getting everyone on the same tech stack had a side effect. Between the increasing complexity of the projects, geographic diversity of the folks on these projects, a rise in remote work, and continued growth, locating experts became harder. But with everyone working in the same tech, more people could answer questions and become SMEs. Of course, we’d be remiss if we didn’t tell you that 84.51° was asking and answering questions on Stack Overflow for Teams. It was helpful when Chris and Michael no longer had to call on the SMEs they knew by name but could suddenly draw more experts out of the woodwork by asking a question. Check out this episode for insights on data science, agile, and building a great knowledge base for a large, increasingly distributed engineering org.See Privacy Policy at https://art19.com/privacy and California Privacy Notice at https://art19.com/privacy#do-not-sell-my-info.
12 Tammi 202220min
Helping communities build their own LTE networks
Esther and Matt are graduate students in computer science at the University of Washington, where they study community networks.Esther explains how open-source, community-owned and -operated LTE networks are a good solution for expanding public internet access and ensuring digital equity.Matt walks the team through Citizens Broadband Radio Service (CBRS), a shared wireless spectrum that allows users to build their own LTE networks.Chris Webb of the Black Brilliance Research Project lays out how a digital stewardship program in Detroit helped inspire his work.See Privacy Policy at https://art19.com/privacy and California Privacy Notice at https://art19.com/privacy#do-not-sell-my-info.
11 Tammi 202234min
Are developers helping to drive the Great Resignation?
Developers are leading the Great Resignation, according to some reports. Others feel developers aren't resigning, so much as seizing the moment to find better opportunities. You can find out hosts online at the links belowCassidyCeoraRyanBenHave an experience with the Great Resignation you want to share with our podcast and blog? Hit us up by email:PodcastPitches for the blogThanks to our lifeboat badge winner of the week, Umer, for explaining how to: align an anchor to the rightSee Privacy Policy at https://art19.com/privacy and California Privacy Notice at https://art19.com/privacy#do-not-sell-my-info.
7 Tammi 202230min
Professional ethics and phantom braking
Hear why Ben thinks the Workplace Stack Exchange and the Academia Stack Exchange have the richest questions in the Stack Exchange network (or maybe just the most sitcom-worthy).ICYMI: Jack Dorsey stepped down from Twitter. Will he be back?At Twitter, Tess Rinearson is leading a new team focused on crypto, blockchains, and decentralized tech. Follow her on Twitter here.The team winces over a review of a Tesla Model Y hatchback that describes phantom braking so frequent and so dangerous that it’s “a complete deal-breaker.”If you’re a fan of our show, consider leaving us a rating and a review on Apple Podcasts.See Privacy Policy at https://art19.com/privacy and California Privacy Notice at https://art19.com/privacy#do-not-sell-my-info.
4 Tammi 202220min
Teaching developers about the most lightweight web “framework” around, VanillaJS
What exactly is VanillaJS? Tongue-in-cheek, it's the most lightweight JavaScript framework out there and used by pretty much every website on the internet. Seriously though, it's just JavaScript…without a framework. If you're interested in reading and learning more about JavaScript, Chris has a bevy of courses and eBooks over at vanillajsguides.com. Like Chris's ideas so much you want to subscribe to his newsletter? Right over this way!Since you are a connoisseur of podcasts, check out Chris's own at vanillajspodcast.com.Chris has kindly put together a collection of resources for listeners like you at gomakethings.com/overflow. This week’s Lifeboat badge goes to prograils for their answer to How can I read the number of lines in Fortran 90 from a text file? See Privacy Policy at https://art19.com/privacy and California Privacy Notice at https://art19.com/privacy#do-not-sell-my-info.
21 Joulu 202120min
