Roberto Di Cosmo, Computer Science professor at University Paris Diderot and founder of the Software Heritage initiative, discusses how to protect against sudden loss from the collapse of a "free" source code repository provider, how to protect...

Adam Dymitruk, CEO and founder of Adaptech Group, joins host Jeff Doolittle for an exploration of the event modeling approach to discovering requirements and designing software systems. Adam explains how the structured approach eliminates the specifics of implementation details and technology decisions, enabling clearer communication for all stakeholders while keeping conversations focused on the business opportunity. Using concrete examples of event modeling in practice, they examine event modeling in the context of other related approaches and methodologies, including event sourcing, event storming, CQRS, and domain-driven design.

Jon Smart, author of the book Sooner Safer Happier: Patterns and Antipatterns for Business Agility, discusses patterns and anti-patterns for the success of enterprise software projects. Host Brijesh Ammanath speaks with him about the various common...

Ganesh Datta, CTO and cofounder of Cortex, joins SE Radio's Priyanka Raghavan to discuss site reliability engineering (SRE) vs DevOps. They examine the similarities and differences and how to use the two approaches together to build better software...

Nicholas Manson, a SaaS Architect with more than 2 decades of experience building cloud applications, speaks with host Kanchan Shringi about identity and access management requirements for cloud applications. They begin by examining what a digital...

William Falcon of Lighting AI discusses how to optimize deep learning models using the Lightning platform, optimization is a necessary step towards creating a production application. Philip Winston spoke with Falcon about PyTorch, PyTorch Lightning...

On Freund, founder of Wilco and former VP of Engineering at WeWork, speaks with SE Radio’s Brijesh Ammanath about “upskilling” – going deeper or increasing the breadth of your skills. On has years of experience in helping developers master the skills needed to advance in their careers. This episode explores the importance of upskilling in a constantly evolving tech landscape. They focus particularly on how and why senior and expert developers should keep learning, upskilling, and reskilling throughout their careers. Freund offers suggestions on how to face some common challenges, especially for remote or distributed workers, and how and why engineering managers can help enable upskilling for their teams.

Simon Bennetts, a distinguished engineer at Jit, discusses one of the flagship projects of OWASP: the Zed Attack Proxy (ZAP) open source security testing tool. As ZAP’s primary maintainer, Simon traces the tool's origins and shares some anecdotes with SE Radio host Priyanka Raghavan on why there was a need for it. They take a deep dive into ZAP’s features and its ability to integrate with CI/CD, as well as shift security left. Bennetts also considers what it takes to build a successful open source project before spending time on ZAP’s ability to script to provide richer results. Finally, the conversation ends with some questions on ZAP’s future in this AI-powered world of bots.

Vladyslav Ukis, author of the book Establishing SRE Foundations: A Step-by-Step Guide to Introducing Site Reliability Engineering in Software Delivery Organizations, discusses how to roll out SRE in an enterprise. SE Radio host Brijesh Ammanath speaks with Vlad about the origins of SRE and how it complements ITIL (Information Technology Infrastructure Library). They examine how firms can establish foundations for rolling out SRE, as well as how to overcome challenges they might face in adopting. Vlad also recommends steps that organizations can take to sustain and advance their SRE transformation beyond the foundations.

Chad Michel, Senior Software Architect at Don’t Panic Labs and co-author of Lean Software Systems Engineering for Developers, joins host Jeff Doolittle for a conversation about treating software development as an engineering discipline. They begin by discussing the need for engineering rigor in the software industry. Chad points out that many developers lack awareness of good engineering practice and are often unaware of resources such as the Software Engineering Body of Knowledge (SWEBOK). Among the many topics explored in this episode are design methodologies such as volatility-based decomposition and the work of David Parnas, as well as important topics such as quality, how to address complexity, designing for change, and the role of the chief engineer. This episode is sponsored by ClickSend. SE Radio listeners can get a $50 credit by following the link.

Nir Valtman, co-Founder and CEO at Arnica, discusses pipelineless security with SE Radio host Priyanka Raghavan. They start by defining pipelines and then consider how to add security. Nir lays out the key challenges in getting good code coverage with the pipeline-based approach, and then describes how to implement a pipelineless approach and the advantages it offers. Priyanka quizzes him on the concept of "zero new hardcoded secrets," as well as some ways to protect GitHub repositories, and Nir shares examples of how a pipelineless approach could help in these scenarios. They then discuss false positives and handling developer fatigue in dealing with alerts. The show ends with some discussion around the product that Arnica offers and how it implements the pipelineless methodology.

In this episode, Ori Mankali, senior VP of engineering at cloud security startup Akeyless, speaks with SE Radio’s Nikhil Krishna about secrets management and the innovative use of distributed fragment cryptography (DFC). In the context of enterprise IT, 'secrets’ are crucial for authentication in providing access to internal applications and services. Ori describes the unique challenges of managing these sensitive data, particularly given the complexities of doing so on a large scale in substantial organizations. They discuss the necessity for a secure system for managing secrets, highlighting key features such as access policies, audit capabilities, and visualization tools. Ori introduces the concept of distributed fragment cryptography, which boosts security by ensuring that the entire secret is never known to any single entity. The episode explores encryption and decryption and the importance of key rotation, as they consider the challenges and potential solutions in secrets management.

Adam Frank, SVP of Product and Marketing at Armory.io, speaks with SE Radio’s Kanchan Shringi about continuous integration, continuous delivery, and continuous deployment – and how they differ. Frank suggests that organizations begin by identifying how the CI/CD process aligns best with their unique goals, noting that such goals might be different for B2C versus B2B SAAS (software as a service). They also discuss how the process can differ for monoliths compared to microservices-based products. Finally, they talk about continuous deployment as a service and some unique aspects of Armory’s approach.

José Valim, creator of the Elixir programming language, Chief Adoption Officer at Dashbit, and author of three programming books, speaks with SE Radio host Gavin Henry about what Elixir is today, what Livebook is, the five spearheads of the new machine learning ecosystem for Elixir, and how they all fit together. Valim describes why he created Elixir, what “the beam” is, and how he pitches it to new users. This episode examines things you can do with Livebook and how it is well-aligned with machine learning, as well as why immutability is important and how it works. They take a detailed look at a range of topics, including tensors with Nx, traditional machine learning with Scholar, data munging with Explorer, deep learning and neural networks with Axon, Bumblebee and Huggingface, and model creation basics. Brought to you by IEEE Computer Society and IEEE Software magazine.

Yeckezkel Rabinovich, CTO of Groundcover, speaks with host Philip Winston about observability and eBPF as it applies to Kubernetes. Rabinovich was previously the chief architect at the healthcare security company CyberMDX and spent eight years in the cyber security division of the Israeli Prime Minister’s Office. This episode explores the three pillars of observability, extending the Linux Kernel with eBPF, the basics of Kubernetes, and how Groundcover uses eBPF as the basis for its observability platform.

Sean Moriarity, creator of the Axon deep learning framework, co-creator of the Nx library, and author of Machine Learning in Elixir and Genetic Algorithms in Elixir, published by the Pragmatic Bookshelf, speaks with SE Radio host Gavin Henry about what deep learning (neural networks) means today. Using a practical example with deep learning for fraud detection, they explore what Axon is and why it was created. Moriarity describes why the Beam is ideal for machine learning, and why he dislikes the term “neural network.” They discuss the need for deep learning, its history, how it offers a good fit for many of today’s complex problems, where it shines and when not to use it. Moriarity goes into depth on a range of topics, including how to get datasets in shape, supervised and unsupervised learning, feed-forward neural networks, Nx.serving, decision trees, gradient descent, linear regression, logistic regression, support vector machines, and random forests. The episode considers what a model looks like, what training is, labeling, classification, regression tasks, hardware resources needed, EXGBoost, Jax, PyIgnite, and Explorer. Finally, they look at what’s involved in the ongoing lifecycle or operational side of Axon once a workflow is put into production, so you can safely back it all up and feed in new data. Brought to you by IEEE Computer Society and IEEE Software magazine. This episode sponsored by Miro.

Coral Calero Muñoz and Felix Garcia, professors at the University of Castilla-La Mancha, speak with host Giovanni Asproni about green and sustainable software—an approach to software development aimed at creating software systems that consume less energy and produce less CO2 during their entire lifetimes with minimal impact on their functionality and other qualities. The episode starts by describing why green software matters, particularly in the context of global warming, and introducing the key concepts. Continues discussing the current status of the field, in both academia and industry, and finishes with hints and tips that can be readily applied by development teams to make their systems greener. Brought to you by IEEE Computer Society and IEEE Software magazine.

William Morgan, founder of the Linkerd service mesh and CEO of Bouyant, joins SE Radio’s Robert Blumen for a discussion of sidecars, service mesh, and a forthcoming enhancement to kubernetes to support sidecars natively. The conversation explores the origin of sidecars, sidecars and service mesh, and migrating service mesh to kubernetes. They take a deep dive into some aspects of running service mesh on kubernetes, the difficulties in running a sidecar container in a pod, and Kubernetes Enhancement Proposal (KEP) 753, which is intended to provide better native support for sidecar containers. William also gives some thoughts on the continuing relevance of service mesh.

Charlie Jones, Director of Product Management at ReversingLabs and subject matter expert in supply chain security, joins host Priyanka Raghavan to discuss tackling third-party software risks. They begin by defining different types of third-party software risks and then take a deep dive into case studies where third-party components and software have had cascading effects on downstream systems. They consider some frameworks for secure software development that can be used to evaluate third-party software and components – both as a publisher or as a consumer – and end by discussing laws and regulations with final advise from Charlie on how enterprises can tackle third-party software risks. Brought to you by IEEE Computer Society and IEEE Software magazine. This episode is sponsored by WorkOS.

Phillip Carter, Principal Product Manager at Honeycomb and open source software developer, talks with host Giovanni Asproni about observability for large language models (LLMs). The episode explores similarities and differences for observability with LLMs versus more conventional systems. Key topics include: how observability helps in testing parts of LLMs that aren't amenable to automated unit or integration testing; using observability to develop and refine the functionality provided by the LLM (observability-driven development); using observability to debug LLMs; and the importance of incremental development and delivery for LLMs and how observability facilitates both. Phillip also offers suggestions on how to get started with implementing observability for LLMs, as well as an overview of some of the technology's current limitations. This episode is sponsored by WorkOS.

Shannon Selbert, co-founder of Soren and developer of Oban, and Parker Selbert, creator of the Oban background job framework, chief architect at dscout, and co-founder of Soren, speak with SE Radio host Gavin Henry about robust job processing in Elixir. They explore the reliability, consistency, and observability in relation to job processing, to understand how Oban, Elixir, and PostgreSQL deliver them.

The Selberts describe why Oban was created, its history, which parts of the Elixir ecosystem they use, and why this would not be possible without PostgreSQL and Elixir. They discuss the lessons learned in the 5 years since the first release, as well as use cases, job throughput, the hardest problem to solve so far, workers, queues, CRON, distributed architectures, retry algorithms, just-once methodologies, the reliability the beam brings, consistency across nodes, how PostgreSQL is vital, telemetry data, best use cases for Oban, and the most common issues that new users face. Brought to you by IEEE Computer Society and IEEE Software magazine.

Wolf Vollprecht, the CEO and founder of Prefix.dev, speaks with host Gregory M. Kapfhammer about how to implement Python tools, such as package managers, in the Rust programming language. They discuss the challenges associated with building Python infrastructure tooling in Python and explore how using the Rust programming language addresses these concerns. They also explore the implementation details of Rust-based tooling for the Python ecosystem, focusing on the cross-platform Pixi package management tool, which enables developers to easily and efficiently install libraries and applications in a reproducible fashion. Brought to you by IEEE Computer Society and IEEE Software magazine.

Jim Bugwadia, CEO of Nirmata and a committer to the Kyverno projects, joins host Robert Blumen for a discussion of policy-as-code and the open source Kyverno project. The discussion covers the nature of policies; policies and security; policies and compliance to standards; security scans that generate reports compared to tools that allow or deny operations at run time; Kyverno as a kubernetes service; the Kyverno helm charts; the components of Kyverno; bootstrapping a kubernetes cluster with Kyverno; installing policies; implementing policies; customizing policies; packaging and installing policies; kubernetes dynamic admission controllers; the Kyverno admission controller; securing Kyverno itself; observability of Kyverno; types of reports and messages available to cluster users.

This episode is sponsored by QA Wolf.

Steve Smith, founder and principal architect at Nimble Pros, joins host Jeff Doolittle for a conversation about software quality. The episode begins with a discussion of why software quality matters for businesses, customers, and developers. Steve explains some patterns and practices that help teams design for quality. They discuss in detail the practices of testing and quality assurance, and the conversation wraps up with suggestions for fostering a culture of quality in teams and organizations. Brought to you by IEEE Computer Society and IEEE Software magazine.

_{-- Delivered by Feed43 service}

_{-- Delivered by Feed43 service}

Palit's RTX 2080 Super Gaming Pro OC is a new variant with a triple-slot, triple-fan cooler, to replace their dual-fan designs. It delivers solid temperatures and noise levels. At $720, the card is priced very reasonably, yet includes a factory overclock, idle-fan-stop, and backplate.... [PCSTATS]

The Philips Performance Wireless TAPH805BK are wireless headphones with battery life that will knock your socks off, but the sound quality has a lot of room for improvement.... [PCSTATS]

Wireless AD networks came and went without as much as a buzz in the consumer space, and yet there is more here to see before completely dismissing it. Millitronic certainly agrees, with their HIVE wireless docking station able to connect a laptop to an external display wirelessly at low latency, while adding some more tricks on top.... [PCSTATS]

OWC channels the Mercury Elite lineup with the Elite Pro to offer its storage driven dock solution. Here's our review."... [PCSTATS]

" The mainstream PCIe Gen 3x4 P34A60 mainstream SSD from Silicon Power does offer good all-around performance and does not drop to very slow speeds when the cache fills up completely, as we could notice from the HD Tune Pro write test. When copying large files continuously to the drive, we haven�t seen drops of under 90MB/s, which is great for a TL... [PCSTATS]

The Corsair Scimitar RGB Elite is a mouse that offers plenty of buttons, turns heads with its MMO and MOBA gaming performance, and excellent build quality.... [PCSTATS]

There are so many things that can be done with a little spare time and a Raspberry Pi that it boggles the mind; the little developer board can be made to do just about anything builders can dream up. One of the most recent projects we've seen using the Pi turned up on Reddit from a person called jul-bruegger who combined the Raspberry Pi Zero... [PCSTATS]

"I will share a better explanation to the idea for this article in a later section, but here is a short version: How much an impact, if any, does the aspect ratio have on performance? Beyond any doubt, 16:9 is the most common aspect ratio, and the differences between a 1920x1080 and 2560x1440 display or image can be thought of in terms of sampling ... [PCSTATS]

If you publish an RSS feed, you should do a solid for the developers of RSS readers by including a guid in each item. The guid's job is to be a unique identifier that helps software downloading your feed decide whether it has seen that item before. Here's the guid for an item on the arts and technology blog Laughing Squid:

<guid isPermaLink="false">https://laughingsquid.com/?p=914660</guid>

No other item on Laughing Squid will ever have this guid value. It's a URL that loads a blog post with the title Playful Elephant Pretends to Eat Woman's Hat. If you load the guid's URL https://laughingsquid.com/?p=914660, it redirects to the permanent link of the post. Because the guid is not the permanent link, there's an isPermaLink attribute with a value of false.

Most guid values in RSS feeds are the permanent link of the item, as in this example from the world news site Semafor:

<guid>https://www.semafor.com/article/07/07/2023/us-jobs-data-what-experts-make-of-the-new-numbers</guid>

A drawback of using the permalink is that if any part of the URL changes -- such as the title text or the domain name -- the guid changes and RSS readers will think this is a new item to show the feed's subscribers, when it's actually a repeat.

A guid doesn't have to be a URL. It can be any string that the feed publisher has chosen to be unique. Here's the guid from the RSS Advisory Board's feed for this blog post:

<guid isPermaLink="false">tag:rssboard.org,2006:weblog.217</guid>

Our guid follows the TAG URI scheme, a simple way to assure uniqueness by putting these five components together in this order:

1. The text "tag"
2. A domain owned by the feed provider
3. A year the provider owned that domain
4. A short name for the feed different from any other feed on the site
5. The internal ID number of the post

There's different punctuation between each component. The year 2006 was when the board began using the domain rssboard.org. No one else used that domain that year, so any feed reader that stores "tag:rssboard.org,2006:weblog.217" as this item's guid should never encounter that value in any other item on any other feed.

To see how RSS 2.0 feeds are using guid, several thousand feeds were downloaded this evening from an RSS aggregator that publicly shares the OPML subscription lists of its users.

The term guid means "globally unique identifier," but RSS 2.0 does not require global uniqueness in guids. Because the TAG URI scheme does a good job of serving that purpose, Blogger, Flickr, MetaFilter, SoundCloud and The Register are among the sites using it in their feeds.

The exodus of users away from Twitter and Reddit has led many of those information refugees to discover the joy of subscribing to feeds in a reader. RSS and Atom feeds are an enormous open decentralized network that can never be ruined under new ownership -- because there's no owner.

Tara Calishain of ResearchBuzz has written a 4,000-word introduction to RSS for people who are new to the world of feeds:

I could not do ResearchBuzz without RSS feeds. They're invaluable. And I think if you learn more about them, you'll appreciate why I consider RSS the most underrated tech on the Internet. That's what this article is about: I'm going to explain what RSS feeds are, show you how to find them, go over some of the RSS feed readers available, and, finally, list several tools and resources you might find useful on your journey.

... I follow over a thousand RSS feeds which deliver information to me throughout the day. Do you think I could visit a thousand websites a day to check for new information? Even if I tried to visit a thousand a week that would be over 142 websites a day. Assuming it took me two minutes to visit a site and check for new content, I would spend over 4.5 hours a day just visiting websites.

Do you see why I'm so grateful for RSS?

Calishain, who was blogging before Netscape created RSS in 1999, covers a lot more than the basics, showing how to find hidden feeds on websites, check a bunch of feeds for freshness and create keyword-based feeds to search sites like Google News, Hacker News and WordPress. Even experienced readers of readers will learn new things, and there's a collection of nine handy RSS Gizmos she has developed.

On that subject, Calishain just began programming a year ago:

In spring 2022 I decided to find out if I could really learn JavaScript after being diagnosed as autistic. (I'm a high school dropout and didn't think I could learn something like programming.)

I CAN! And I LOVE IT!

Welcome to the not-so-secret society of programmers, Tara! Please slow down a little. You're making the rest of us look bad.

Meghan Elizabeth Kallman and Josephine Ferorelli discuss the politics of pregnancy and childbirth in an era of environmental challenges.

After a 2021 leak at the U.S. military’s Red Hill fuel storage facility poisoned thousands, activists, Native Hawaiians, and affected military families have become unlikely allies in the fight for accountability.

Displaced by climate change, Fulani children are getting access to education no one in their communities has had before.

When it comes to telling the story of climate change, we need both journalism and fiction to imagine a better world.

When we think about climate change, we often think in terms of statistics, studies, and measurements of melting glaciers, dwindling wildlife populations, and mass human migration. It’s a grim reality.

A decade after Typhoon Haiyan decimated the Philippines, the city of Tacloban is setting a new standard for surviving global catastrophes.

It’s not just our homes that are at risk from climate change; it’s our customs, songs, and stories.

A photographer’s connections with eight Indigenous women have helped her come to terms with her own Native ancestry and colonial trauma.

Emily Raboteau’s latest book is a meditation on how we can more clearly see and care for all we hold dear.

As Hurricanes Helene and Milton devastate the Southeastern U.S., Antonia Juhasz articulates a just vision for how to fix our climate.

The RNC’s idea of “Making America Safe Again” is centered on policing and harsh anti-immigrant detention, not on gun violence.

Indigenous communities have long resisted the false narratives of imperialist nations and are experts at countering the political violence of white supremacy.

Community organizers with the Sunrise Movement explain why they protested outside the GOP Vice Presidential hopeful’s office.

Violence against communities of color has always been political, but American elites have avoided that framing, says NDN Collective’s Janene Yazzie.