Legacy Code Rocks

Back in August 2023, HashiCorp announced that after nine years of Terraform being open source under the MPL license, they were switching it to a non-open source BSL license. This sent shockwaves through the software development community.  Today we talk with Cory O'Daniel, a CEO and co-founder of Massdriver, a company helping improve developers' experience of cloud operations, offering self-service capabilities along with governance and guardrails to developers. Cory is also one of the drivers behind the Open TF initiative in response to Hashicorp's changing their open source licenses from MPL to BSL. He tells us why this switch matters, what to do about it, and how to keep open-source projects sustainable.  When you finish listening to the episode, connect with Cory on LinkedIn, visit Massdriver's website, and check out the Open TF initiative. Mentioned in this episode Cory O’Daniel on LinkedIn at https://www.linkedin.com/in/coryodaniel/ Massdriver at https://www.massdriver.cloud  Open TF at https://opentofu.org Open TF GitHub at https://github.com/opentofu

Simply knowing what is in your software is not any guarantee of safety. We need to know what that software does versus what we expect it to do. We need to know its rules of behavior.  Today, we talk with Andrew Hendela, a founder of Karambit.ai, a company dedicated to automatically detecting malware and securing your software supply chain. Andrew worked for over a decade automating hard cybersecurity problems. He has many years of experience in cybersecurity leadership and deep technical expertise in fields such as malware analysis and automated cyber attribution. He tells us about software bills of behavior and why SBOMs are insufficient to protect your software supply chain from attacks.  When you finish listening to the episode, connect with Andrew on LinkedIn and visit Karambit.ai website.  Mentioned in this episode: Andrew on LinkedIn at https://www.linkedin.com/in/andrew-hendela/ Karambit.ai at https://karambit.ai 

In the age of rising AI, we cannot neglect the topic of the social and political consequences of the code we leave behind. Today, we talk with Amy Newell, a 24-year veteran of the tech industry and an avid activist in issues spanning from local politics to tech. Amy discusses how to engage with emerging technologies, how to use them, and how to create them while being cognisant of the harm we can inadvertently cause along the way. When you finish listening to the episode, visit Amy's website at amynewell.com and check out their newsletter at amywriteswords.com.  Mentioned in this episode Amy’s website at www.amynewell.com Amy’s newsletter at www.amywriteswords.com Amy on LinkedIn at https://www.linkedin.com/in/amynewell/

Automating refactoring and code transformation is a fascinating and efficient way to eliminate technical debt. Today, we talk with Jonathan Schneider, a Co-Founder and CEO of Moderne, Inc., and a former senior Software Engineer at Netflix, where he created Netflix Rewrite - a large-scale automated refactoring tool for Java codebases. Jonathan is also the author of SRE with Java Microservices. Jonathan tells us about the advantages, challenges, and pitfalls of creating automated refactoring tools and how to use them.  When you finish listening to the episode, connect with Jonathan through the Moderne website and grab his book.  Mentioned in this episode: Jonathan on LinkedIn at https://www.linkedin.com/in/jonkschneider/ Moderne, Inc. at https://www.moderne.io SRE with Java Microservices at https://www.oreilly.com/library/view/sre-with-java/9781492073918/

Imagine if you could counter ransomware by exploiting it to create a backup of your attacked data for you. Now, that would be disruptive!  Today, we talk with Lance James. James is an experienced cybersecurity specialist with 25 years of experience in the field. Building on his programming, network security, digital forensics, malware research, and counterintelligence experience, Lance tells us how to use disruptive thinking to improve cyber security and predict and counter major cyber threats.  When you finish listening to the episode, connect with Lance on LinkedIn. Lance on LinkedIn at https://www.linkedin.com/in/unit221b/ Lance’s TedTalk at https://www.ted.com/talks/lance_james_how_attackers_can_use_your_brain_against_you_in_psy_ops

Going from monolith to microservices is one of the most popular topics in software engineering. But jumping the boat without understanding why can be a dangerous (and expensive) adventure.  Today we talk with Nelida Velazquez. Nelida is a senior software engineer at Cobalt, a cyber security company that offers pentest as a service. As a backend developer, she had numerous opportunities to witness ill-informed migrations from monolith to microservices, and she is sharing her experience with us.  When you finish listening to this episode, connect with Nelida on X and visit her blog at https://tolkiana.com.  Mentioned in this episode: Nelida on X at: https://twitter.com/tolkiana Nelida’s blog at https://tolkiana.com   

Microsoft invited the Legacy Code Rocks team to attend Microsoft Build Conference and gave us access to the studio on the third floor of the Seattle Convention Center. In this episode, we talk with Raymond Chen, a senior software engineer at Microsoft.   Raymond has been involved in the evolution of Windows for more than 30 years. In 2003, he began a Web site known as The Old New Thing which has grown in popularity far beyond his wildest imagination, a development which still gives him the heebie-jeebies. The Web site spawned a book, coincidentally also titled The Old New Thing (Addison Wesley 2007). He occasionally appears on the Windows Dev Docs Twitter account to tell stories which convey no useful information. When you finish listening the episode, connect with Raymond on LinkedIn.  Mentioned in this episode: Raymond on LinkedIn at https://www.linkedin.com/in/raymond-cheng-18460a82/ The Old New Thing at https://devblogs.microsoft.com/oldnewthing/ The Old New Thing (book) at https://www.amazon.com/Old-New-Thing-Development-Throughout/dp/0321440307

Microsoft invited the Legacy Code Rocks team to attend Microsoft Build Conference and gave us access to the studio on the third floor of the Seattle Convention Center. In this episode, we talk with Debbie O’Brien and Max Schmitt, both part of the Microsoft Playwright team..  Playwright is a tool developed by Microsoft that allows developers to automate the testing of web applications.. Playwright's unique feature is its ability to handle multiple browser contexts, making it efficient for testing complex scenarios and improving cross-browser compatibility. The opinions expressed in this episode are Debbie’s, Max’s,  and Scott’s and cannot be attributed to Microsoft or its employees in any way.  Mentioned in this episode: Playwright at: https://playwright.dev  

Microsoft invited the Legacy Code Rocks team to attend Microsoft Build Conference and gave us access to the studio on the third floor of the Seattle Convention Center. In this episode, we talk with Kayla Cinnamon, the first of the three guests we had an opportunity to chat with at the Conference.  Kayla is a Product Manager with Microsoft. She’s currently working on Microsoft Dev Home and helps out the Microsoft PowerToys team. Kayla is also the former product manager of Windows Terminal. She tells us about the maintenance and improvements of the Windows Terminal including the brand-new features added to it, such as tab tear-off.  When you finish listening to the episode, connect with Kayla on Twitter.  The opinions expressed in this episode are Kayla’s and Scott’s and cannot be attributed to Microsoft or its employees in any way.  Mentioned in this episode: Kayla on Twitter at https://twitter.com/cinnamon_msft  Windows Development Blog at https://blogs.windows.com/windowsdeveloper/ Microsoft Build 2023 at https://news.microsoft.com/build-2023/  

How many of your passwords do you actually know? Now, how many of those passwords are already on the black web? We are living in a fascinating age of transition from personalised passwords dependent on text inputs and our memory to more advanced access solutions.  To help us navigate this evolution, we talk with Justin Richer. Justin is a technologist working on a wide variety of projects and problems throughout the internet. Justin is the founder of Bespoke Engineering, an independent consultancy specialising in internet security and identity. He is the author of OAuth in Action along with Antonio Sanso. He is the editor of several security standards including http message signatures, GNAP, OAuth dynamic client registration, OAuth token introspection, and vectors of trust, and has contributed to dozens of others. He previously spent 15 years at the MITRE Corporation contributing to many different efforts, including collaboration, identity, serious gaming, and security research programs. When you finish listening to the episode, visit the Bespoke Engineering website, grab Justin's and Antonio's book, or connect with Justin on LinkedIn or Twitter.  Mentioned in this episode: Justin on LinkedIn at https://www.linkedin.com/in/justinricher/ Justin on Twitter at https://twitter.com/justin__richer Bespoke Engineering at https://bspk.io OAuth in Action at https://www.manning.com/books/oauth-2-in-action