Lukas Fittl of pganalyze discusses the performance of Postgres, one of the world’s most popular database systems. SE Radio host Philip Winston speaks with Fittl about database indexing, queries, maintenance, scaling, and stored procedures. They also discuss some features of pganalyze, such as the index and vacuum advisors.

Adam Frank, SVP of Product and Marketing at Armory.io, speaks with SE Radio’s Kanchan Shringi about continuous integration, continuous delivery, and continuous deployment – and how they differ. Frank suggests that organizations begin by identifying how the CI/CD process aligns best with their unique goals, noting that such goals might be different for B2C versus B2B SAAS (software as a service). They also discuss how the process can differ for monoliths compared to microservices-based products. Finally, they talk about continuous deployment as a service and some unique aspects of Armory’s approach.

Nikhil Shetty, an expert in networking and distributed systems, speaks with SE radio's Kanchan Shringi about virtual private cloud (VPC) and related technologies. They explore how VPC relates to public cloud, private cloud, and virtual private networks (VPNs). The discussion delves into why VPC is fundamental to building on the cloud, as well as configuring a VPC, subnets, and the address space that can be assigned to the VPC. During this episode they look into route tables, network address translation, as well as security groups, network access control lists, and DNS. Finally, Nikhil helps compare VPC offerings from Amazon Web Services (AWS) and Oracle Cloud Infrastructure (OCI).

José Valim, creator of the Elixir programming language, Chief Adoption Officer at Dashbit, and author of three programming books, speaks with SE Radio host Gavin Henry about what Elixir is today, what Livebook is, the five spearheads of the new machine learning ecosystem for Elixir, and how they all fit together. Valim describes why he created Elixir, what “the beam” is, and how he pitches it to new users. This episode examines things you can do with Livebook and how it is well-aligned with machine learning, as well as why immutability is important and how it works. They take a detailed look at a range of topics, including tensors with Nx, traditional machine learning with Scholar, data munging with Explorer, deep learning and neural networks with Axon, Bumblebee and Huggingface, and model creation basics. Brought to you by IEEE Computer Society and IEEE Software magazine.

Andy Suderman, CTO of Fairwinds, joins host Robert Blumen to talk about standing up a kubernetes cluster. Their discussion covers build-your-own versus managed clusters provided by cloud services, and how to determine the number of kubernetes clusters an organization needs. Andy describes best practices for automating cluster provisioning, and offers recommendations about customizations and opinionation of cloud service providers, choice of container registry, and whether you should run complementary services such as CI and monitoring on the same cluster. The episode also examines the day 0/day 1/day 2 lifecycle, cluster auto-scaling at the cloud service level, integrating stateful services and other cloud services into your cluster, and kubernetes secrets and alternatives. Finally, they consider the container-network interface (CNI), ingress and load balancers, and provisioning external DNS and TLS certificates for cluster services.

Yeckezkel Rabinovich, CTO of Groundcover, speaks with host Philip Winston about observability and eBPF as it applies to Kubernetes. Rabinovich was previously the chief architect at the healthcare security company CyberMDX and spent eight years in the cyber security division of the Israeli Prime Minister’s Office. This episode explores the three pillars of observability, extending the Linux Kernel with eBPF, the basics of Kubernetes, and how Groundcover uses eBPF as the basis for its observability platform.

Jonathan Crossland, software architect, author, and business owner, joins host Jeff Doolittle for a conversation about the AMMERSE framework of design principles. They start by discussing the agile manifesto as a statement of values, and Jonathan shares his perspective based on his experience as a software developer and business owner. They then explore the three layers of the AMMERSE framework and how they help business and engineering leaders to align their values, thereby improving their ability to collaborate and reach common goals. Brought to you by IEEE Computer Society and IEEE Software magazine.

Jason C. McDonald, author of the book Dead Simple Python, speaks with host Samuel Taggart about leveraging quantified tasks to improve estimation, particularly across projects. They discuss the origin of the concept and its relationship with story points, and Jason offers examples to show how quantified tasks can capture nuances in software tasks that are often lost with story points. He also points to the ability to compare them across projects as a major advantage of quantified tasks. Among other topics, they consider also how to use quantified tasks to analyze the stability of a codebase. Brought to you by IEEE Computer Society and IEEE Software magazine.

William Morgan, founder of the Linkerd service mesh and CEO of Bouyant, joins SE Radio’s Robert Blumen for a discussion of sidecars, service mesh, and a forthcoming enhancement to kubernetes to support sidecars natively. The conversation explores the origin of sidecars, sidecars and service mesh, and migrating service mesh to kubernetes. They take a deep dive into some aspects of running service mesh on kubernetes, the difficulties in running a sidecar container in a pod, and Kubernetes Enhancement Proposal (KEP) 753, which is intended to provide better native support for sidecar containers. William also gives some thoughts on the continuing relevance of service mesh.

Karl Wiegers, Principal Consultant with Process Impact and author of 14 books, and Candase Hokanson, Business Architect and PMI-Agile Certified Practitioner at ArgonDigital, speak with SE Radio host Gavin Henry about software requirements essentials. They explore five different parts of requirements engineering and how you can apply them to any ongoing project. Wiegers and Hokanson describe why requirements constantly change, how you can test that you're meeting them, and why the tools you have at hand are suitable to start straight away. They discuss the need for requirements in every software project and provide recommendations on how to gather, analyze, validate, and manage those requirements. Candase and Karl offer in-depth perspectives on a range of topics, including how to elicit requirements, speak with users, get to the source of the business or user goal, and create requirement sets, models, prototypes, and baselines. Finally, they look at specifications you can use, and how to validate, test, and verify them. Brought to you by IEEE Computer Society and IEEE Software magazine.

Charlie Jones, Director of Product Management at ReversingLabs and subject matter expert in supply chain security, joins host Priyanka Raghavan to discuss tackling third-party software risks. They begin by defining different types of third-party software risks and then take a deep dive into case studies where third-party components and software have had cascading effects on downstream systems. They consider some frameworks for secure software development that can be used to evaluate third-party software and components – both as a publisher or as a consumer – and end by discussing laws and regulations with final advise from Charlie on how enterprises can tackle third-party software risks. Brought to you by IEEE Computer Society and IEEE Software magazine. This episode is sponsored by WorkOS.

Kent Beck, Chief Scientist at Mechanical Orchard, and inventor of Extreme Programming and Test-Driven Development, joins SE Radio host Giovanni Asproni for a conversation on software design based on his latest book "Tidy First?". The episode starts with exploring the reasons for writing the book, and introducing the concepts of tidying, cohesion, and coupling. It continues with a conversation about software design, and the impact of tidyings. Then Kent and Giovanni discuss how to balance design and code quality decisions with cost, value delivered, and other important aspects. The episode ends with some considerations on the impact of Artificial Intelligence on the software developer's job. Brought to you by IEEE Software and IEEE Computer Society.

Infrastructure engineer and Kubernetes ingress-Nginx maintainer James Strong joins host Robert Blumen to discuss the Kubernetes networking layer. The discussion draws on content from Strong’s book on the topic and covers a lot of ground, including: the Kubernetes network's use of different IP ranges than the host network; overlay network with its own IP ranges compared to using expanded portions of the host network ranges; adding routes with kernel extension points; programming kernel extension points with IP tables compared to eBPF; how routes are updated as the host network gains or loses nodes, the use of the Linux network namespace to isolate each pod; routing between pods on the same host; routing between pods across the host network; the container-network interface (CNI); the CNI ecosystem; differences between CNIs; choosing a CNI when running on a public cloud service; the Kubernetes service abstraction with a cluster-wide IP address; monitoring and telemetry of the Kubernetes network; and troubleshooting the Kubernetes network.

Brought to you by IEEE Software magazine and IEEE Computer Society.

Shannon Selbert, co-founder of Soren and developer of Oban, and Parker Selbert, creator of the Oban background job framework, chief architect at dscout, and co-founder of Soren, speak with SE Radio host Gavin Henry about robust job processing in Elixir. They explore the reliability, consistency, and observability in relation to job processing, to understand how Oban, Elixir, and PostgreSQL deliver them.

The Selberts describe why Oban was created, its history, which parts of the Elixir ecosystem they use, and why this would not be possible without PostgreSQL and Elixir. They discuss the lessons learned in the 5 years since the first release, as well as use cases, job throughput, the hardest problem to solve so far, workers, queues, CRON, distributed architectures, retry algorithms, just-once methodologies, the reliability the beam brings, consistency across nodes, how PostgreSQL is vital, telemetry data, best use cases for Oban, and the most common issues that new users face. Brought to you by IEEE Computer Society and IEEE Software magazine.

Marcelo Trylesinski, a senior software engineer at Pydantic and a maintainer of open-source Python tools including Starlette and Uvicorn, joins host Gregory M. Kapfhammer to talk about FastAPI. Their conversation focuses on the design and implementation of FastAPI and how programmers can use it to create web-based APIs. They also explore how to create and deploy a FastAPI implemented in the Python programming language. Brought to you by IEEE Computer Society and IEEE Software magazine.

Ipek Ozkaya, Principal Researcher and Technical Director of the Engineering Intelligent Software Systems group at the Software Engineering Institute, Carnegie Mellon, discusses generative AI for Software Architecture with SE Radio host Priyanka Raghavan. The episode delves into fundamental definitions of software architecture and explores use cases in which gen AI can enhance architecture activities. The conversation spans from straightforward to challenging scenarios and highlights examples of relevant tooling. The episode concludes with insights on verifying the correctness of output for software architecture prompts and future trends in this domain. Brought to you by IEEE Computer Society and IEEE Software magazine.

Chuck Weindorf, a retired IT director and chief engineer with nearly 40 years' experience in software engineering, joins host Jeff Doolittle for a conversation about the concepts in Chuck's book, Leaders & Software Engineers. Through personal anecdotes and insights gleaned from his extensive career, Chuck underscores quality assurance's critical role in building trust with users and fostering a proactive culture of defect resolution within development teams. He highlights how ethical considerations underpin trust and integrity within the software engineering profession.

Chuck and Jeff examine the significance of thorough documentation and the vital role of effective communication in overcoming silos within organizations, and ensuring that projects meet their intended objectives while maintaining high standards of quality and reliability. They discuss how to cultivate a positive, innovative culture within engineering teams. Chuck shares strategies for addressing challenges and opportunities presented by change, advocating for adaptability and continuous learning as essential qualities for both new and experienced engineers navigating the evolving technological landscape. He offers advice for those transitioning into leadership roles, emphasizing the importance of developing soft skills and the ability to empathize with and inspire team members. Finally, the episode explores the potential impact of emerging technologies, such as low-code platforms and artificial intelligence.

Brought to you by IEEE Computer Society and IEEE Software magazine. 

Hans Dockter, the creator of the Gradle build tool and founder of Gradle Inc, the company behind the developer productivity platform Develocity, joins SE Radio host Giovanni Asproni to talk about developer productivity. They start with some definitions and an explanation of the importance of developer productivity, its relationship with cognitive load, and the big impact that development tools have on it. Hans describes how to implement developer productivity metrics in an organization, as well as warns about some pitfalls. The episode closes with some discussion on Hans's views on the future of this discipline, as well as some near-term developments and expectations. Brought to you by IEEE Computer Society and IEEE Software magazine.

Emily Bache, founder of the Samman Technical Coaching Society and author of several books about technical agile coaching, talks with SE Radio host Sam Taggart about katas and the importance of practice. They discuss how practicing in a safe environment helps developers to learn new skills and build new habits. They also talk about how Samman coaching combines this sort of deliberate practice with applying the lessons learned in practice to the production code base. They also touch briefly on the advantages of working in an ensemble fashion.

Brought to you by IEEE Computer Society and IEEE Software magazine.

Luis Rodríguez, CTO of Xygeni.io, joins host Robert Blumen for a discussion of the recently thwarted attempt to insert a backdoor in the SSH (Secure Shell) daemon. OpenSSH is a popular implementation of the protocol used in major Linux distributions for authentication over a network. Luis describes how a backdoor in a supporting library was recently discovered and removed before the package was published to stable releases of the Linux distros. The conversation explores the mechanism of the attack through modifying a function table in the runtime; how the attack was inserted during the build; how the attack was carefully staged in a series of modifications to the lz compression library; the nature of “Jia Tan,” the entity who committed the changes to the open source project; social engineering that the entity used to gain the trust of the open source community; what forensics indicates about the location of the entity; hypotheses about whether criminal or state actors backed the entity; how the attack was detected; implications for other open source projects; why traditional methods for detecting exploits would not have helped find this; and lessons learned by the community.

Brought to you by IEEE Computer Society and IEEE Software magazine.

Jim Bugwadia, CEO of Nirmata and a committer to the Kyverno projects, joins host Robert Blumen for a discussion of policy-as-code and the open source Kyverno project. The discussion covers the nature of policies; policies and security; policies and compliance to standards; security scans that generate reports compared to tools that allow or deny operations at run time; Kyverno as a kubernetes service; the Kyverno helm charts; the components of Kyverno; bootstrapping a kubernetes cluster with Kyverno; installing policies; implementing policies; customizing policies; packaging and installing policies; kubernetes dynamic admission controllers; the Kyverno admission controller; securing Kyverno itself; observability of Kyverno; types of reports and messages available to cluster users.

This episode is sponsored by QA Wolf.

Nick Tune and Jean-Georges Perrin join host Giovanni Asproni to talk about their proposed approach to modernizing legacy systems. The episode starts with some high-level perspective to set context for the approach described in their book, Architecture Modernization (Manning, 2024). From there, the discussion turns to important details, including criteria for deciding which aspects to revisit; some of the activities, processes, and tools; and the importance of data engineering in modernization efforts. Nick and Jean-Georges describe how to successfully implement an architecture-modernization effort, and how to fit that work with the teams' other priorities. The episode finishes with some warnings about the typical risks associated with modernizing a legacy system, and suggestions on how to mitigate them.

This episode is sponsored by QA Wolf.

To Exercise

If you key out a plant, you identify it by using binary choices like whether it has needle leaves or doesn't.

If you knock someone back, you reject them emotionally or sexually.

To lift something or someone

Begin to accumulate or absorb.

To return something.

The Philips Performance Wireless TAPH805BK are wireless headphones with battery life that will knock your socks off, but the sound quality has a lot of room for improvement.... [PCSTATS]

"With demand for notebooks continuing sliding, Acer is pushing to enhance its PC offerings, and remains aggressive in developing new businesses, according to company chairman Jason Chen.

For the PC business, Acer is now primarily focusing on improving its existing competitiveness and cooling technologies. The company earlier terminated its mo... [PCSTATS]

Wireless AD networks came and went without as much as a buzz in the consumer space, and yet there is more here to see before completely dismissing it. Millitronic certainly agrees, with their HIVE wireless docking station able to connect a laptop to an external display wirelessly at low latency, while adding some more tricks on top.... [PCSTATS]

Is the USB-C Pro Dock from CalDigit the best bang for your buck? Join us as we investigate in our review."... [PCSTATS]

" Writing an entire article on the Apex 3 was a really easy task thanks to the higher actuation point and we did not make any mistakes like on the regular high-speed gaming-only keyboards. This is a good point to recommend when using the keyboard in corporate offices as well: the new SteelSeries domes are silent, while the full-size layout allows ... [PCSTATS]

"It's not just Intel chips that are vulnerable to hard-to-fix security flaws. Researchers at the Graz University of Technology have detailed a pair of side channel attacks under the "Take A Way" name that can leak data from AMD processors dating back to 2011, whether it's an old Athlon 64 X2, a Ryzen 7 or a Threadripper. Both exploit the "way predi... [PCSTATS]

OWC channels the Mercury Elite lineup with the Elite Pro to offer its storage driven dock solution. Here's our review."... [PCSTATS]

"About a year ago we took a look at Razer�s Kraken Tournament Edition headset, which we really did enjoy. It was however designed for professional gamers, hence the name �Tournament Edition�. For those looking for a more polished home solution Razer has the new Kraken Ultimate Edition. This sits as their flagship Kraken gaming headset and brings al... [PCSTATS]

Want to know the kind of performance you will see at 1440p on an NVIDIA GeForce RTX 2060 SUPER FE when it is overclocked? Check out our gaming review.... [PCSTATS]

At AMD Financial Analyst Day 2020, Mark Papermaster unveiled the AMD computing roadmap for 2020 and beyond. Check it out!... [PCSTATS]

"When it comes to mini-ITX AMD X570 motherboards there are only a handful to choose from. Today we are checking out ASRock�s offering which comes in the form of the X570 Phantom Gaming-ITX/TB3. We first saw the Phantom Gaming Series from ASRock with their Z390 Phantom Gaming X and we are hoping to see the same quality in the X570 Phantom Gaming-ITX... [PCSTATS]

There are so many things that can be done with a little spare time and a Raspberry Pi that it boggles the mind; the little developer board can be made to do just about anything builders can dream up. One of the most recent projects we've seen using the Pi turned up on Reddit from a person called jul-bruegger who combined the Raspberry Pi Zero... [PCSTATS]

If you publish an RSS feed, you should do a solid for the developers of RSS readers by including a guid in each item. The guid's job is to be a unique identifier that helps software downloading your feed decide whether it has seen that item before. Here's the guid for an item on the arts and technology blog Laughing Squid:

<guid isPermaLink="false">https://laughingsquid.com/?p=914660</guid>

No other item on Laughing Squid will ever have this guid value. It's a URL that loads a blog post with the title Playful Elephant Pretends to Eat Woman's Hat. If you load the guid's URL https://laughingsquid.com/?p=914660, it redirects to the permanent link of the post. Because the guid is not the permanent link, there's an isPermaLink attribute with a value of false.

Most guid values in RSS feeds are the permanent link of the item, as in this example from the world news site Semafor:

<guid>https://www.semafor.com/article/07/07/2023/us-jobs-data-what-experts-make-of-the-new-numbers</guid>

A drawback of using the permalink is that if any part of the URL changes -- such as the title text or the domain name -- the guid changes and RSS readers will think this is a new item to show the feed's subscribers, when it's actually a repeat.

A guid doesn't have to be a URL. It can be any string that the feed publisher has chosen to be unique. Here's the guid from the RSS Advisory Board's feed for this blog post:

<guid isPermaLink="false">tag:rssboard.org,2006:weblog.217</guid>

Our guid follows the TAG URI scheme, a simple way to assure uniqueness by putting these five components together in this order:

1. The text "tag"
2. A domain owned by the feed provider
3. A year the provider owned that domain
4. A short name for the feed different from any other feed on the site
5. The internal ID number of the post

There's different punctuation between each component. The year 2006 was when the board began using the domain rssboard.org. No one else used that domain that year, so any feed reader that stores "tag:rssboard.org,2006:weblog.217" as this item's guid should never encounter that value in any other item on any other feed.

To see how RSS 2.0 feeds are using guid, several thousand feeds were downloaded this evening from an RSS aggregator that publicly shares the OPML subscription lists of its users.

The term guid means "globally unique identifier," but RSS 2.0 does not require global uniqueness in guids. Because the TAG URI scheme does a good job of serving that purpose, Blogger, Flickr, MetaFilter, SoundCloud and The Register are among the sites using it in their feeds.

It’s not just our homes that are at risk from climate change; it’s our customs, songs, and stories.

British Columbia affirms Indigenous ownership of the 200 islands the Haida have stewarded for millennia, marking a new path toward reconciliation.

As temperatures continue to rise, California workers, worker protection groups, and state regulators are making progress on implementing heat regulations.

The Vice President becomes the presumptive Democratic presidential nominee in a game-changing political moment.

High-profile, disruptive protests can lead to increased polarization—but often still yield increased public support for the protest’s goals, even if the tactics are criticized.

Community organizers with the Sunrise Movement explain why they protested outside the GOP Vice Presidential hopeful’s office.

A new report by Insurrection Exposed prepares voters on what to expect from Trump’s next effort to steal an election.

Only a few localities nationwide allow voters to elect judges. What impact would democratizing judge selection have on the judiciary?

Kamala Harris can and should be critiqued for her political résumé—but criticism rooted in misogynoir should have no place in political discourse.