Carlos Martinez-Ortiz and Shoaib Sufi talk about the Workshop on Sustainable Software Sustainability, exploring the challenges and solutions in software sustainability. They discuss the crossroads between open source and research software, the importance of funding, and potential refinements for future workshops. The episode emphasizes knowledge exchange, networking, and community building in this evolving field.

Kyle Wiens, the driving force behind iFixit, discusses the creation of the largest collection of medical service manuals for hospitals. They explore copyright laws, right to repair legislation, and the potential futures of hardware. Topics include iFixit's collaboration with Strange Parts, legal implications surrounding service manuals, fair use, and the impact of right to repair legislation on consumer electronics.

Guest Dr. Bryan G. Behrenshausen Panelist Leslie Hawthorn | Abby Cabunoc Mayes Show Notes In this episode, hosts Leslie Hawthorn from Red Hat and Abby Cabunoc Mayes from GitHub, welcome Dr. Bryan G. Behrenshausen, a Senior Open Source Program Manager at GitLab. This episode delves deep into the world of open source, discussing its importance, challenges, and how companies like GitLab and GitHub are navigating and supporting the open source community. Bryan showcases GitLab’s initiatives to support open source communities, touching on programs like the GitLab for Open Source, and the exclusive GitLab Open Source Partners program. Throughout the conversation topics like guidelines for diving into open source projects, the intrinsic link between open source and business strategy, and the role of effective social interaction in the open source realm are explored. The significance of maintaining transparent documentation, policies, and processes in an open source environment is also emphasized. Press download now to hear more! [00:01:29] Bryan tells us about his role at GitLab, where he operates at the interface between GitLab, the company, and the broader GitLab community, focusing on open source contributions. [00:03:23] Leslie inquires about specific support mechanisms GitLab offers to open source maintainers and Bryan mentions two significant programs at GitLab: The GitLab for Open Source program and The GitLab Open Source Partners program. He lists some major projects associated with the GitLab Open Source Partners program like Debian, Arch, Fedora, etc. [00:08:45] Bryan emphasizes the importance of sustainability and how being a part of a community can provide support, best practices, and even commiseration. [00:10:01] Abby points out the challenges of community interaction on platforms like GitHub and asks Bryan about the impact of his efforts on community building at GitLab. Bryan acknowledges the challenges and notes that while they’re seeing progress in community building, it’s an ongoing effort. [00:11:38] We hear how Bryan is handling open source projects that just need a private repository for security releases. [00:12:38] Leslie mentions the significance of sharing policies and processes publicly, particularly in Europe, given the legislative environment. Bryan explains how GitLab implements a management model called “team ops” for best practices in an all-remote environment. [00:13:33] Leslie stresses the importance of documentation, and Bryan shares that GitLab is active on Discord, and he tells the story of how the community started the server and later handed it to GitLab. [00:15:33] Abby praises both GitLab and Red Hat for running open source projects and documentation. Bryan highlights the challenges and decisions behind using Discord. [00:16:50] Bryan provides context for the open leadership assessment and talks about how open source principles impact organizational culture and design, he mentions he’ll be speaking with Heidi Hess von Ludewig about one of his favorite projects at All Things Open-2023, and we hear about the “open source way,” which is another project he worked on. [00:20:58] Leslie raises the topic of interplay between work in communities and the responsibilities to employers, and Bryan explores the complexities of working in open source, the challenges, and frictions when balancing between community engagement and organizational objectives. [00:24:26] Abby asks if GitLab is offering guidelines for diving into open source projects. Bryan responds that GitLab’s handbook provides some basic guides but lacks a full-fledged open source programs office. [00:25:42] Leslie discusses a trend in technology industry where companies scale back on their open source program office staff, especially during rough economic times, and Bryan talks about the intertwined nature of open source and business strategy in certain organizations, and how the open source strategy is essential from top to bottom. [00:28:27] Leslie suggests that achieving business outcomes can be smoother with the right tools, including the skills for effective social interactions in the open source realm. Quotes [00:03:45] “We owe it to the open source ecosystem of which we are a part to make sure that ecosystem is healthy and vibrant and has what it needs.” [00:19:45] “I just think that open source communities are really fascinating Petri dishes of self-organization and self-governance.” [00:24:02] “Participation in open source projects is all but unavoidable today as an organization.” Spotlight [00:29:32] Bryan’s spotlight is his favorite open source project, WordGrinder. [00:31:02] Abby’s spotlight is Random Name Picker for Lucky Draw. [00:31:44] Leslie’s spotlight is reading a chapter on ‘Communication Channels’ from the guidebook, The Turing Way. Links SustainOSS SustainOSS Twitter SustainOSS Discourse podcast@sustainoss.org SustainOSS Mastodon Open Collective-SustainOSS (Contribute) Richard Littauer Twitter Leslie Hawthorn Twitter Abby Cabunoc Mayes Twitter Dr. Bryan Behrenshausen Website The Open Organization GitLab GitLab for Open Source GitLab Open Source Partners All Things Open (ATO) 2023 WordGrinder Random Name Picker for Lucky Draw The Turing Way-Communication Channels Credits Produced by Richard Littauer Edited by Paul M. Bahr at Peachtree Sound Show notes by DeAnn Bahr Peachtree Sound Special Guest: Dr. Bryan Behrenshausen.Support Sustain

Join Amanda Casari, Julie Ferraioli, and Juniper Lovato as they discuss their article on best practices for open source ecosystems researchers. They explore the target audience, publication details, and the uniqueness of this field of research. They also highlight the importance of respectful and critical analysis, representation and biases in open source research, and best practices for researchers studying open source ecosystems.

Emily Omier, a revenue strategy and positioning consultant, discusses her work with open source startups to clarify their commercial strategy. She explains the benefits of open source for European startups and the importance of aligning company identity with products. She also explores the role of open source communities and effectively communicating the value of open source to business leaders.

Karen Sandler, Executive Director at Software Freedom Conservancy, discusses the challenges and ethical considerations of organizing FOSSY conference. They touch on software freedom, community involvement, DRM, coordination on renewals, and the global influence of U.S. law. The episode also highlights the pronunciation of "GNOME" and the balance between using open source and proprietary software.

Researcher and Program Manager at Google, Sophia Vargas, discusses the challenges of understanding contributors' motivations in open source, Google's role in the ecosystem, and the 'glue work' that holds open source communities together.

Guest Richard Littauer Panelist Karen Sandler Show Notes Hello and welcome to Sustain! In this episode, the tables are turned today as Karen Sandler takes over as host, interviewing our very own Richard Littauer. Recorded at the Free and Open Source Yearly conference, the discussion delves into Richard’s evolving perspective on sustainability in open source projects. His experiences attending multiple conferences have led him to question the term ‘sustainability,’ advocating instead for a shift towards values such as human rights, joy, and mitigating harm. Also, Richard and Karen explore the significance of user rights, copyleft licensing, and GPL, voicing concerns over the erosion of these rights. They end with a discussion on the systemic complexities in the open source world, the potential for a new community approach to sustainable code, and an emphasis on collective action and personal joy. Press download to hear more cool stuff! [00:00:58] Richard offers a detailed insight into his talk. He explains his perspective on sustainability, suggesting it may not be the most fitting term when applied to the open source community. He shares his experience attending multiple sustain conferences and how it shaped his views, and discusses sustainability for developers, touching upon burnout, recognition, and issues of dependency, supply chain, security, and legal issues. [00:03:31] He notes the wide range of topics covered in the Sustain podcasts, highlighting the complexity of sustainability. He questions the usefulness of the term ‘sustainability’ and suggests we need to focus on what truly matters in life, such as human rights, mitigating harm, and seeking joy. [00:04:39] Karen reviews the flow of Richard’s talk, and he summarizes his talk questioning the emphasis on sustainability and growth, recommending instead to focus on joy and relieving suffering. [00:05:55] Richard advocates for focusing on personal fulfillment and societal impact instead of simply growth and funding. He emphasizes that the ultimate goal should be about human rights, liberties, and happiness. [00:07:20] Karen wonders if Richard is going to rename the podcast. He maintains his support for open source but stresses the importance of focusing on impact and human values. He emphasizes the importance of considering one’s own project in the larger context and evaluating its actual importance. [00:08:47] Richard discusses the importance of GPL for user protections and shares concerns about devices locking users out, he shares his changing stance towards GPL and the impact of his code. [00:09:36] Karen and Richard discuss the potential for a new community approach to sustainable code, and Richard suggests that sharing stories and rethinking relationships with technology is a way forward. [00:10:46] Karen asks Richard about his views on corporate power, and he explains how his view has evolved. [00:12:04] They discuss the systematic problems and individual roles within them. Richard explores the conundrum of trying to change a system from the inside or outside, and he prefers to use his knowledge and privilege to make an impact rather than disengage from the system. [00:13:41] Thinking back to all the conversations Richard’s had about the sustain movement, he shares his favorite conversation with Dominic Tarr, who left coding to pursue personal joy. Karen emphasizes the need for collective action to address systemic problems. [00:16:01] Find out where you can follow Richard and his projects online. Links SustainOSS SustainOSS Twitter SustainOSS Discourse podcast@sustainoss.org SustainOSS Mastodon Open Collective-SustainOSS (Contribute) Richard Littauer Twitter Richard Littauer Website Software Freedom Conservancy Open OSS Dominic Tarr (YouTube) Sustain Podcast-Episode 56: Dominic Tarr on Coding What You Want, Living On a Boat, and the Early Days of Node.js Credits Produced by Richard Littauer Edited by Paul M. Bahr at Peachtree Sound Show notes by DeAnn Bahr Peachtree Sound Special Guest: Richard Littauer.Support Sustain

Guest Adam Monsen Panelist Richard Littauer Show Notes Hello and welcome to Sustain! Richard is in Portland at FOSSY, the Free and Open Source Software Yearly conference that is held by the Software Freedom Conservancy. In today’s episode, Richard is joined by Adam Monsen, co-founder of the open source conference, SeaGL, and author of the soon-to-be-published book, Steadfast Self-Hosting: Rapid-Rise Personal Cloud, which aims to guide individuals and groups towards personal data control, an important step towards autonomy, agency, and freedom. The discussion highlights the value of self-hosting data, its potential applications, and the benefits it can bring to small and mid-sized businesses. Adam shares that his book is free and open for remixing and reprinting, and it will not only be a guide but also serve as a starting point for tech authors. Hit download now to hear more! [00:01:36] Adam talks about his book which aims to guide people on how to maintain control over their personal data. [00:02:33] The conversation moves towards the difficulties faced while extracting personal data from large tech companies, and Adam suggests the use of open source servers and software like Nextcloud to migrate data. [00:03:31] Adam mentions that the first step towards data sovereignty could be purchasing his book, which provides guidance on setting up personal servers and services. [00:06:11] Why did Adam write this book? He explains why and shares his experience with self-hosting data for his family and emphasizes that doing this for a group can be empowering and meaningful. [00:07:27] Richard brings up the shift from cloud to self-hosting by Basecamp and he wonders if Adam thought about pitching any of his book towards businesses to host their own data. [00:09:53] Richard mentions a group in the UK working to create a standard for APIs to allow users to extract their data from big tech companies and maintain ownership. [00:11:11] Adam affirms his willingness to contribute and underscores the value of individual data ownership, using healthcare records as an example of a system that could greatly benefit from more seamless data sharing. [00:12:12] Richard brings up the topic of digital sovereignty, and Adam tells us his view that data sovereignty should be more about serving individuals and small groups, transcending politics, and should be capable of crossing borders. [00:13:52] Adam tells us where you can find his book online and he reveals that the book will serve as a starting point for tech authors who are stuck or uncertain about where you begin. Also, the book build system itself will be free and open source. Transcript [MUSIC PLAYING] RICHARD LITTAUER: Hello and welcome to Sustain. I am here again at FOSSY, the Free and Open-Source Software Conference Yearly run by Software Freedom Conservancy. This is its first year and I'm here in Portland, Oregon, which is just completely sunny. It's amazing. It's actually really nice, especially as Vermont is entirely underwater. But yeah, it's just good to be here and I'm here with a guest today. I'm Richard Littauer (if you didn't know that already) and my guest today is Adam Monsen coming down from Seattle. Adam, how are you doing? ADAM MONSEN: Doing very well, Richard. Thank you for having me. RICHARD LITTAUER: Thank you for coming on. So Adam, we just had a short chat before the podcast. Super cool. One of the founders of SeaGL, which is probably one of my favorite conferences. Free, every time. Stuff that people are passionate about. Seattle GNU/Linux Conference. It doesn't just mean GNU/Linux it means all of open source as a seagull as their mascot. Is it a glaucous-winged gull or an Olympic gull or a Herring gull? Do you have a species definition for that? ADAM MONSEN: (laughs) I have no idea. RICHARD LITTAUER: Okay, cool. Anything I missed when describing SeaGL? ADAM MONSEN: You nailed it. RICHARD LITTAUER: Excellent. That's because it's amazing. It's coming out November 11th. It's going to be the 11th time. ADAM MONSEN: Back in person at the UW. RICHARD LITTAUER: U-DUB! Two fireplaces this year. Very exciting. Salt was keen to share that. So, Adam is one of the drivers behind that. We've already talked about that on the podcast before. Go back to Deb Nicholson's episode, one of the early ones to hear more about that. We're probably going to have another episode coming out in October to remind you to go to this free-to-attend virtual or in-person conference. Super exciting. Adam, let's focus on some other stuff. I know you're an author. What's the book you're working on? ADAM MONSEN: I'm calling it Steadfast Self-Hosting: Rapid-Rise Personal Cloud. It's a manifesto for people who care about having their own data. Not necessarily for privacy, although that's a common motive. The fundamental theory I'm trying to push forward this concept of data sovereignty, I didn't make it up, but the idea is you have your own data for not just you, your small group, your family, your community, your project, your school. And with that, you gain power, autonomy, agency, freedom--for the idealistic stance--but, the approach is very practical, very pragmatic. RICHARD LITTAUER: So I love that concept. In practice, it's very difficult to get your data out of any of the monoliths-- ADAM MONSEN: It is. RICHARD LITTAUER: --that currently exist. And it's also difficult to have the tools necessary to effectively mine the data in the way that's immediately useful for you. Can you tell me how you take that extra step of saying "get your own data" to, "oh, this is actually kind of cool and useful and fun." ADAM MONSEN: Yeah. There's no wrong place to start, but it's worth it. It's a worthwhile journey. It's something that's worth debating and questioning. It can be hard. Lately, it's become quite a bit easier. You can take out your data from quite a few places, and migration into different FOSS servers is possible and supported and encouraged quite a bit. I focus on Nextcloud quite a bit--no affiliation--but I think their software is great for hosting and sharing your own files, and they have a connector to grab your data off any of the big public clouds, for example. You can just migrate it right in, and they help you do that right in the software. RICHARD LITTAUER: Is [Nextcloud] the same as Vercel? ADAM MONSEN: Nextcloud was a fork of ownCloud. RICHARD LITTAUER: Okay, different. Okay, got it. ADAM MONSEN: It gives you like kind of a drop, your own Dropbox or a Google Drive, that kind of thing. RICHARD LITTAUER: It's great that you tell me how to do it easily. What's the first step that I would want to do as a naive user trying to own my own data? How would I get started? ADAM MONSEN: Get my book. RICHARD LITTAUER: Okay. For sure. Very good pitching. ADAM MONSEN: Well, it is hard to know where to start. It's not that hard to start, but there's so many choices out there that it's hard to know what to start with and what's worth your time. So that's what I focus on in the book. It's designed to be not too long, not comprehensive. It's not like a massive Linux "how to do everything to a server" manual. It's what you need to do to help the people you care about, your group, help them own their data, help them migrate it in and whatnot. And the first step to that is you have to get a piece of hardware and stand up some services so they can use it, so they can put it behind their phone. Their phone can talk to it rather than a big public cloud, you're locked in, whatnot. You want to have your data for you to pass on. We work hard to curate our data. So the idea is you could get my book and get a start at setting up your own server and services for your group. RICHARD LITTAUER: I've never thought about self-hosting my eBird data first and then using APIs to submit it afterwards. ADAM MONSEN: Would that change the way you think about your data or what kind of things you'd start? RICHARD LITTAUER: It would give me a whole lot closer towards building my app so when I'm birding on the highway, which you shouldn't ever do, drive responsibly people. ADAM MONSEN: Don't do that. RICHARD LITTAUER: You could just click a button and say, saw a crow at this time, it'll log the location and then it'll save it on my-- anyway, that's just where my brain went. Long time listeners, I apologize for bringing up birds yet again. ADAM MONSEN: There's lots of reasons to do it though, right? There's a chilling effect when you're trying to share something sensitive with a friend and you usually just give in to like, okay, here's the doc, here's the link. RICHARD LITTAUER: I use Signal as much as I can. ADAM MONSEN: Great! RICHARD LITTAUER: But after that, like docs, like I use Google Docs for this podcast. I really should be using Cryptpad. Don't know why I don't. I just haven't made that switch yet. ADAM MONSEN: Slightly harder, right? Slightly more hassle and then somebody else sees it and they're a little slightly more confused. I think Nextcloud is one tool that's, it just, it's kind of the current thing that fits that gap, but it does that for a lot of people. It can bring you up to speed by showing you familiar interfaces. Oh, here's a doc, here's a document and I can get at it from the web or from a mobile device and I don't care where it's stored. But in this case, great. You've done the work ahead of time to set up a server and services. So, you can trust where it is served and it works quite well. I would say for me, I trust it more. It's more robust than when I did put things in the public cloud. I try not to, but again, you asked like where to start, why... nobody's 100% anything. It's worth working on, I would say. RICHARD LITTAUER: So you're an author. Is this your first book? ADAM MONSEN: Yeah. RICHARD LITTAUER: Exciting. Why are you an authority on this subject? ADAM MONSEN: I've been curious for quite a while. I've been in tech for quite a while and done different things, used other people's servers. I've self-hosted quite a bit over-- for decades, but never, I guess I would say, committed my family to going along with it, going along with this with me. And they agreed to, and I said, I'll stand this up and you can use it and we'll talk through what, I think that is just a key part. Like if it's just for you, I don't care, man. It's like everybody, them their own, that's great. But when it's a group, it can be very empowering. It's more meaningful, honestly, when you're doing it for more than one person. You share. So what I did was I stood this up, I took the time to do it right and I kept it going. I wanted no unplanned outages for a couple years. I tried to treat it like a real server where I've got customers and everything. Well, my customers are right in the house with me. And I already care about them. So that made it easy to-- RICHARD LITTAUER: 24 seven hour complaint line right there. ADAM MONSEN: (laughs) Luckily not too many. They're very understanding. They give me a lot of leniency, but they do make use of it also. They're the reason I'm doing this. And I hope they agree when they come see my talk tomorrow. RICHARD LITTAUER: Segwaying a bit. Love that. It's great. Basecamp recently said that they've switched from being in the cloud to hosting their own servers. And as a result, they're saving $7 million over the next five years because the cloud never works for them. That's a business operation. That's a business shift. And, you know, I used to host another podcast called Community to Cloud Native where I talked about the cloud and I sort of stopped doing it at some point. But I'm just curious, have you thought about pitching any of the book towards businesses to host their own data as opposed to just individuals? ADAM MONSEN: Yeah, I think businesses are well aware. You know, when they, at least the ones I've been in, we would always start with needs, budget, and then cost against cloud and self. And generally it comes to cloud hosting because of the convenience. You're just, yeah, I don't care where the servers are, the power, this and that. And then you kind of short-term jump on it. And then you're not thinking long term because, yeah, I think it is generally a short term play just to throw it in the cloud. And I'm not surprised that Basecamp is saving millions. Other companies, it seems like they get big enough and they have enough commute, compute needs. It's usually compute, not storage that tips them over into hosting their own. But I think the concepts are useful to businesses. I think people working in these bigger businesses, let's say midsize, maybe a little beyond startup, but they are probably already familiar. And those people doing their sysadmin, admin-ing their cloud servers and such, they should walk through this exercise too. They should have a home lab. They should practice this stuff. They need to learn the fundamentals of sysadmin and containers and all the different ways to host and stuff like that. So I think they could find a lot of use out of this. I don't address businesses directly in this book, but I think SOHO, small office, home office, smaller businesses could definitely make use of this kind of technology just to have their own cloud, have their own cloud, have their own data and the agency that goes along with that. RICHARD LITTAUER: I'm not an industry expert on this, so this question may be naive. Would there be any benefit towards various small organizations and SMBs funding a cooperative data lake-type thing as opposed to going with allowed cloud foundries, which are going to charge more because they can, even though at scale they may actually have lower operating costs. Is there any reason to think about running together with other companies to have your own open source data? ADAM MONSEN: Yeah, for sure. And not my area of expertise, but I would say for sure. Co-ops are great. A number of people here at FOSSY are involved in or running co-ops. RICHARD LITTAUER: There's a group in the UK called Redecentralize that's been working for the past 5, 10 years on trying to find other ways to access and enable and make a standard of APIs between all the large data giants, Facebook, Twitter, Google, so you can actually take your data out of these things and also put them back in if you want, where it's much more plug and play, but you're the person who owns your data, kind of like you can go to the doctor's office and say, I want all my records and then take them physically out and hand them to your next doctor, which most people aren't aware. I'm curious, given that you're interested in helping people make the shift towards owning their own data, being sovereign of their own world, have you thought about sitting on any sort of nonprofit board or working for any of this sort of Redecentralize-type stuff to see how we can make a sea change to actually enable better API usage so we can get our data out of other companies? ADAM MONSEN: I haven't, but if they want me, I'm game, yeah, for sure. That's awesome. Compatibility is a huge thing. Interoperability. It flies in the face of walled gardens, lock-in, so that's amazing. Do companies participate in this or is it more a third-party effort? RICHARD LITTAUER: More a third-party effort, foundation-type effort, just trying to figure this stuff out. I was just curious where you were sitting on any of those sort of discussions if you're helping out. ADAM MONSEN: No, I would though. That's another great thing that we should question, we should work on because our data is our own. I'm glad you brought up healthcare too. I mean, health records, I don't know. RICHARD LITTAUER: Tragedy. ADAM MONSEN: My gods. Every time I go to the doctor, I have to gather my own. You'd think that you just, "oh, can you talk to my last doctor and get that?" "Well, kind of." You do a records request, it's cumbersome, and I've heard in other countries that there are APIs and you have the right to request and not just they send you a CD or a huge sheet of paper, you get digital access. There are free software EHRs that are very interesting. I want to use that. I haven't yet, but I definitely want to gather my own data. And then when I go to the next doctor, it's just like, oh, here's the stuff you need to help me with this problem right now. Sheesh. Not just for myself too. People I care for, I mean, I'd want to-- the same power. RICHARD LITTAUER: One more weird question, which is you mentioned the word sovereignty. Digital sovereignty is normally used in open source spaces to mean a lack of reliance on another country's technical prowess. So for instance, the Sovereign Tech Fund coming out of Germany, which is an idea to basically try and make Germany less reliant on American tech. Now, this could lead towards a balkanization of the space. That's not the goal, but it's one of the ways that the messaging is often used to get politicians to go along with having sovereignty. So I'm curious where you sit on the libertarian access of owning your own data and being sovereign as an individual versus actually thinking about being part of the same team as everyone else and working together to improve data access for everyone using current platforms. ADAM MONSEN: I think to me, the free software problem or the struggle, has always been international. And I love the idea that if I'm solving a problem in my own country, it crosses borders quite freely. So I'm hoping that my use of the term data sovereignty can overcome theirs. But no, I was not aware of that. And that's, yeah, I mean, politics will always come into it. But no, I think this is this, why one would hope this would transcend politics and serve individuals and groups, small groups. But I've heard about government switching to free and open source software. And I mean, how wonderful that public code, public funds, public code, that kind of effort is so inspiring. I mean, it makes quite a bit of sense. RICHARD LITTAUER: Thank you for dealing with my hardball. Sorry to ask difficult questions. ADAM MONSEN: Keep bringing it, keep it coming. I love it. RICHARD LITTAUER: Well, actually we are running up on time. So I have a few more questions for you. One of them: where can people find this book? ADAM MONSEN: adammonsen.com, A-D-A-M M-O-N-S-E-N dot com is a good place to start. I'll keep updates going there. I don't have the website up for the book yet. It is content complete. Now I'm in editing and tech review that kind of, thank you. RICHARD LITTAUER: That's a lot of work. Good job. ADAM MONSEN: It's not a huge book. So part of the idea is to run 100 pages printed right now. And I want to stay there, but I want people to be able to get print copies. And I'm working on publishing and distribution. If you're a publisher, actually, please contact me. That could be interesting, but so far I'm planning on self-publishing. And the book itself--I think this is significant--the book itself is free and open. You can remix. You can rebuild. You can reprint, even. The licenses will be pretty clear in there and hopefully very amenable to sharing. Because I also want to help other tech authors that are stuck, stumbling, not sure where to start. This is a starting point. The book build system itself is going to be Free and Open Source Software. You can build your own book with it. You could fill in the chapters and start your own. Thank you Richard so much for the time to talk. RICHARD LITTAUER: You already answered my second question, which is I can find you at adammonsen.com. Any other socials you want to plug? ADAM MONSEN: Nope. RICHARD LITTAUER: All right. Well, thank you so much. You can find that link also in the show notes. Adam, thanks for taking the time today. Good luck with the book! ADAM MONSEN: Thank you, Richard. RICHARD LITTAUER: Listeners, I hope you have enjoyed this podcast. If you're curious about FOSSY, where these were recorded, go to sfconservancy.org to the Software Freedom Conservancy's website, where you can learn more about it. It's been really, really fun to be here and have these great conversations about free and open source software. Of course, if you've liked this podcast, please let us know. Like us on Apple, Spotify, or wherever you're listening to it. Email us at podcast@sustainoss.org. Give us any thoughts or comments or queries or complaints. We would love to hear them. And of course, please tell your friends. Word of mouth is the single best way to get more listeners on this podcast. And hopefully, you think that that's something we should have. If you would like to donate, you can go to Open Collective to SustainOSS, where you can donate to the production costs for this podcast, which is not free. So that would be super, super great. And of course, you can join in the conversation yourself by going to discourse.sustainoss.org to go chat. And you can follow us on Twitter @SustainOSS, on Mastadon, and, I believe, on Bluesky. So thank you so much for listening and take care. Bye! [MUSIC PLAYING] Links SustainOSS SustainOSS Twitter SustainOSS Discourse podcast@sustainoss.org SustainOSS Mastodon Richard Littauer Twitter Software Freedom Conservancy Open OSS Adam Monsen LinkedIn Adam Monsen Website Steadfast Self-Hosting: Rapid-Rise Personal Cloud SeaGL Sustain Podcast-Episode 75: Deb Nicholson on the OSI, the future of open source, and SeaGL Nextcloud Credits Produced by Richard Littauer Edited by Paul M. Bahr at Peachtree Sound Show notes by DeAnn Bahr Peachtree Sound Special Guest: Adam Monsen.Support Sustain

Daniel Stenberg, founder and lead developer of the cURL project, discusses the complexities and flaws of Common Vulnerabilities and Exposures (CVEs), exploring issues with reporting, scoring, and potential impact on open-source maintainers. The conversation delves into the difficulty of fixing the CVE system, proposes short-term solutions, and addresses concerns about CVE-related DDOS attacks. The podcast also includes insights from Dan Lorenc, co-founder and CEO of Chainguard, on improving CVE quality and examines NDS's response. Tune in to learn more about the challenges and future of CVEs!