This episode features Madelyn Olson, maintainer for the open-source project Valkey, to discuss the growth and impact of open-source projects in the tech industry. Corey and Madelyn explore the transformations within these projects, particularly the challenges and shifts in governance and licensing practices that affect how companies like AWS contribute to and utilize open-source software. Furthermore, Madelyn shares insights into the motivations behind Valkey, its differentiation from Redis, and the broader implications for open-source sustainability and corporate involvement.

Show Highlights:

(00:00) Introduction and discussion on AWS's approach to open-source

(01:41) Recap of the Redis controversy and licensing changes

(02:35) Madelyn's role at AWS and her work on ElastiCache and MemoryDB

(04:11) The enduring relevance and importance of open source in solving global technology problems

(06:15) The freedoms of open source and the broad implications for software development

(08:19) The evolution of governance and project management in the Valkey project

(09:53) The full transition of Madelyn's efforts from Redis to Valkey

(17:27) Why Valkey was created and its future direction

(24:57) The separation of duties between Madelyn's roles at AWS and the Valkey project

(32:34) Closing thoughts and where to find more information on Valkey

About Madelyn:

Madelyn Olson is a co-creator and maintainer of Valkey, a high-performance kev-value data store and Principal Engineer at Amazon Web Services (AWS). She focuses on building secure and highly reliable features, with a passion for working with open-source communities.

Links Referenced:

Website: https://valkey.io/

Linkedin: https://www.linkedin.com/in/madelyn-olson-valkey/

GitHub: https://github.com/madolson

Twitter: https://x.com/reconditerose

*Sponsor

Panoptica: https://www.panoptica.app/

In this episode, Corey Quinn is joined by Senior Security Engineering Lead at Mattermost Paul Harrison in a discussion on the often-overlooked ethical implications of artificial intelligence in technology. They discuss how the rapid adoption of AI technologies might compromise user privacy and consent, reflecting on instances where companies may prioritize innovation at the expense of these core values. Their conversation highlights Mattermost's dedication to data privacy and user control, positioning the company as a privacy-centric alternative in the tech landscape.

Show Highlights:

(00:00) Introduction to the episode

(01:50) How companies compromise privacy in the rush to adopt AI

(04:10) What is Mattermost? Paul explains the self-hostable, privacy-focused

communication platform

(06:00) The evolution of chat platforms and Mattermost's unique position compared to Slack

(10:01) Paul elaborates on how Mattermost enables user control over data and customization

(14:23) Discuss the implications of integrating AI in everyday applications and its challenges

(20:35) AI’s potential risks and unintended consequences, particularly in data management and security

(25:14) Paul and Corey critique tech companies’ approach to AI and data privacy

(28:59) Closing remarks and where to find more information about Paul Harrison and Mattermost

About Paul:

Paul Harrison is a Senior Security Engineering Lead at Mattermost, responsible for their Security Operations team. Prior to this he led Security Operations at GitLib, and several other emerging tech companies. Paul has specialized in building security operations and infrastructure security programs, enabling companies to have a secure footing as they grow.

Links Referenced:

Mattermost Community: https://community.mattermost.com/landing#/

*Sponsor

Panoptica: https://www.panoptica.app/

Justin Garrison, Director of Developer Relations at Sidero, joins Corey to discuss Justin's experience transitioning from large companies like AWS and Disney to a more agile company like Sidero, the benefits of using simplified Linux distributions like Talos OS for running Kubernetes, and the pros of on-premises setups for certain workloads. The conversation touches upon challenges with cloud provider limitations, the impacts of computing power on both an economic and environmental scale and Corey and Justin’s frustration with businesses touting their use of AI when they’ve already abandoned those projects.

Show Highlights:

(00:00) - Introduction

(01:09) - Justin’s Background and Career Journey

(02:39) - Transition to Sidero

(03:51) - Using Personal Devices for Work

(08:09) - Talos Linux and Kubernetes

(15:19) - Kubernetes Upgrades and On-Prem Challenges

(19:21) - Building Your Own Cloud Platform

(21:52) - Multi-Cloud vs. Hybrid Cloud

(25:15) - Scaling and Resource Management

(28:02) - Gaming and Cloud Bursting

(32:46) - AI and GPU Challenges

(34:54) - Balancing On-Prem and Cloud Solutions

(40:49) - Final Thoughts and Contact

About Justin:

Justin is a historian living in the future. Lucky enough to play with cool technologies and hopeful enough to bring others along for the ride.

Links Referenced:

Justin’s Website: http://justingarrison.com

Justin on Bluesky: https://bsky.app/profile/justingarrison.com

Justin Garrison on LinkedIn: https://www.linkedin.com/in/justingarrison/

*Sponsor

Panoptica: https://www.panoptica.app/

This episode explores the intricacies of authorization in software development with Sam Scott, CTO and co-founder of Oso. This conversation highlights the subtle yet critical differences between authentication and authorization, and why understanding these distinctions is pivotal for securing applications effectively. Sam shares his journey from a cryptography PhD to tackling real-world software security problems, emphasizing Oso's mission to streamline authorization for developers. The episode is rich with insights on how fine-grained authorization can significantly improve security posture and user experience, drawing on examples from prominent tech companies like AWS and Google Cloud. Sam also introduces Oso's innovative approach to authorization, simplifying permission management without sacrificing flexibility or control, making it an indispensable tool for developers navigating the complex landscape of modern software security.

Show Highlights:

(00:00) Introduction

(01:49) Insights from Sam's PhD in cryptography

(01:56) Understanding the difference between authentication and authorization

(04:05) The real-world implications of key management and the role of authorization in security

(06:02) Explaining role-based access control and its practical applications in cloud environments

(10:47) The complexities of managing access controls in microservices architectures

(15:37) How Oso simplifies the implementation of authorization for developers

(19:21) Discussion on the importance of consistent authorization practices across internal and external applications

(25:14) Sam explains the challenges and necessity of implementing user impersonation features in authorization systems

(31:12) The future of authorization technologies and integrating them into business practices

(35:38) Where to find more resources about Oso and get involved with their community

About Sam:

Sam is the cofounder/CTO at Oso, working on making security and authorization more accessible for developers. Sam previously got a PhD in Cryptography and was a contributor to TLS 1.3

Links referenced:

Oso Website: https://www.osohq.com/

Oso’s Authorization Academy: https://www.osohq.com/academy/authorization-academy

Oso Community:

https://join-slack.osohq.com/

https://oso-oss.slack.com/join/shared_invite/zt-1ygg193va-UTUiT7Gwt7DjZGgF96Ze~w#/shared-invite/email

* Sponsor

Oso: https://www.osohq.com/

This week on Screaming in the Cloud, Corey Quinn is joined by Kat Cosgrove, Lead Open Source Advocate for Dell Technologies. Kat catches Corey up to speed on the newest version of Kubernetes that Kat was the release lead for. The two discuss its unconventional name: Uwubernetes, what goes into creating and implementing a new version of the world’s second biggest open-source project, and which of Kat’s changes will be her legacy to Kubernetes. Kat also shares how she handles running a team that essentially works for free and what her Kubernetes role will be moving forward.

Show Highlights:

00:00 - Introduction and Welcome

00:28 - Meet Kat Cosgrove

01:46 - Kubernetes Release Management Insights

02:43 - Naming the Kubernetes Release: Uwubernetes

06:19 - Roles and Responsibilities in Kubernetes Releases

11:18 - Enhancements and Deadlines in Kubernetes Releases

14:22 - Kubernetes Incentive to Upgrade & Support Policies

18:26 - Running Old Versions of Kubernetes

20:17 - Challenges with Using Outdated Software Versions

22:15 - Best Practices for Version Releases

24:36 - Release Team Cycles

26:00 - Kat’s Release Legacy

31:58 - Kat’s Responsibilities Post-Release

33:04 - Future Plans and Contact Information

About Kat Cosgrove
Kat is a Lead Open Source Advocate at Dell focused on the growth and nurturing of open source through authentic contribution. In particular, her specialties are approachable 101-level content and deep dives on the history of technology, with a focus on DevOps and cloud native. She was the Kubernetes Release Lead for 1.30 Uwubernetes, and currently serves as both a Release Team subproject owner and SIG Docs tech lead.

When she’s not at a conference, she spends her time playing video games, watching horror movies, or reading science fiction, but her current hyperfixation is film photography. She lives in Scotland with her cat, Espresso, who is the real brains behind the operation and actually ghostwriting all of her tweets.

Links Referenced
Kubernetes: https://kubernetes.io/
Kat Cosgrove on Twitter: https://x.com/Dixie3Flatline
Kat Cosgrove on LinkedIn: https://www.linkedin.com/in/katcosgrove/
Email Kat: kat.cosgrove@gmail.com

* Sponsor

Prowler: https://prowler.com

Welcome to another episode of Screaming in the Cloud, where we're joined by Anthony Fu, a framework developer at Nuxt Labs and the creator of Slidev. Anthony has diversified the way presentations are crafted by integrating coding directly into slide development. In this episode, Corey and Anthony discuss the benefits of using markdown to craft slides, the challenges associated with traditional presentation tools like Keynote, and the open-source contributions that have propelled the development of this innovative software. Anthony also shares his inspiration for creating a tool that streamlines and enhances the presentation creation process for both developers and non-developers.

Show Highlights:

(00:00) Introduction

(03:13) The origins of Slidev

(04:47) The challenges with traditional presentation tools and the advantages of using Markdown for slides

(06:04) How Slidev simplifies slide creation for presentations

(07:01) Corey shares his surprise at the utility of Slidev for non-frontend developers

(09:56) Addressing the challenges of aligning text and images in presentations

(11:09) Anthony discusses his design philosophy for Slidev

(15:14) Balancing feature requests and maintaining simplicity for Slidev

(16:38) Anthony explains the importance of community contributions to Slidev

(20:13) They discuss implementing new features into Slidev's evolution

(24:15) Anthony’s insights into the open-source philosophy behind Slidev

(27:09) Slidev's approach to redistributing sponsorships to support its dependencies through Open Collective

(31:46) Corey mentions contributing to Slidev's documentation to make it more accessible

(33:41) Closing remarks & where to connect with Anthony

About Anthony Fu:

Anthony is a fanatical open sourceror. Core team member of Vue, Nuxt, and Vite. Creator of Vitest, Slidev, VueUse, UnoCSS and Elk. Working at NuxtLabs.

Links referenced:

Slidev: https://sli.dev/
Slidev Github: https://github.com/slidevjs/slidev
Anthony Fu’s Personal Website: https://antfu.me/

Anthony Fu on LinkedIn: https://www.linkedin.com/in/antfu/?originalSubdomain=fr

Anthony Fu on Twitter: https://x.com/antfu7

NuxtLabs: https://nuxtlabs.com

* Sponsor

Prowler: https://prowler.com

On this week’s episode of Screaming in the Cloud, Corey is joined by Stanford computer science student Aditya Saligrama, who recently taught a Stanford course on cloud infrastructure. Aditya shares his unique perspective on various topics, including how higher education approaches teaching computer science in a rapidly evolving landscape, why he chose cloud security to begin with instead of tacking it on at the end, and what his plans are for the rest of school and beyond. Corey and Aditya lament the lack of real-world skills taught by universities. Aditya shares with the audience just how much work goes into being an effective undergraduate-level teacher while being an undergraduate student himself.

Show Highlights:

(00:00) - Introduction
(01:57) - Exploring CS40: cloud infrastructure and scalable application deployment
(03:46) - The evolution of computer science education
(05:09) - Bridging the gap between academia and industry
(09:05) - Aditya's journey into security and cloud infrastructure
(13:09) - The Stanford security clinic: red teaming for startups
(14:09) - Internship insights and cloudflare's upcoming role
(16:06) - The challenge of cloud account management for students
(17:59) - Improving cloud education and accessibility
(22:10) - The technical and educational challenges of CS40
(29:29) - Final thoughts and where to find Aditya

About Aditya Saligrama:

Aditya Saligrama is an undergraduate and graduate student at Stanford University studying computer science, focusing on systems and security. In the Winter of 2024, Aditya taught CS 40 (Cloud Infrastructure and Scalable Application Deployment) at Stanford, the first university course ever to teach the fundamentals of deploying apps on the cloud hands-on using infrastructure as code. Aditya also leads the Applied Cyber student group at Stanford, winning first place in a national cyber defense competition in 2023 and second place in a global penetration testing competition in 2024, and advises early-stage startups on their security needs and posture through the Stanford Security Clinic. Aditya enjoys hiking, photography, and ping pong in his free time.

Links referenced:

Aditya’s Twitter: @saligrama_a

Aditya’s Website: https://saligrama.io

* Sponsor

Prowler: https://prowler.com

In this episode, we chat with Randall Hunt, the VP of Technology at Caylent, about the world of generative AI and how it's changing industries. Randall talks about his journey from being an AWS critic to leading tech projects at Caylent. He shares cool insights into the latest tech innovations, the challenges and opportunities in AI, and his vision for the future. Randall also explains how AI is used in healthcare, finance, and more, and gives advice for those interested in tech.

Show Highlights:

(00:00) - Introduction

(00:28) - Randall talks about his job at Caylent and the projects he's working on

(01:35) - Randall explains his honest and evolving perspective on Amazon Bedrock after working with it hands-on

(03:35) - Randall breaks down the components and improvements of AWS Bedrock

(06:08) - Improvements in AWS Bedrock's preview announcements and API functionality

(08:05) - Randall's predictions on the future of generative AI models and their cost efficiency

(10:00) - Randall shares practical use cases using distilled models and older GPUs

(12:12) - Corey shares his experience with GPT-4 and the importance of prompt engineering

(17:21) - Bedrock console features for comparing and contrasting AI models

(21:02) - enterprise applications of generative AI and building reliable AI infrastructures

(28:13) - Randall and Corey delve into the costs of training large AI models

(36:37) - Randall talks about real-world applications of Bedrock in industries like HVAC management

(39:40) - Closing thoughts and where to connect with Randall

About Randall Hunt:

Randall Hunt is a Software Engineer and Open Source Developer Advocate at Facebook. Previously of AWS, SpaceX, MongoDB, and NASA., Randall Hunt, VP of Cloud Strategy and Solutions at Caylent, is a technology leader, investor, and hands-on-keyboard coder based in Los Angeles, CA. Previously, Randall led software and developer relations teams at Facebook, SpaceX, AWS, MongoDB, and NASA. Randall spends most of his time listening to customers, building demos, writing blog posts, and mentoring junior engineers. Python and C++ are his favorite programming languages, but he begrudgingly admits that Javascript rules the world. Outside of work, Randall loves to read science fiction, advise startups, travel, and ski., Randall is the coder in the boardroom.

Links referenced:

Randall Hunt on LinkedIn: https://www.linkedin.com/in/ranman/

Caylent: https://caylent.com/

Caylent on Linkedin: https://www.linkedin.com/company/caylent/

* Sponsor

Prowler: https://prowler.com