In this episode, Sven Johann hosts Philippe Kruchten, the author of the Managing Technical Debt book. They talk about the research leading to the book and the practical implications the book and the research offer. They start the conversation with discussing terms: technical debt, interest, principal and then start with technical debt on the code level, e.g. code smells, tests and refactoring followed by static analysis and the prioritization of the findings. They then move to technical debt on the architectural level and go through the possibilities on estimating cost and value on those improvement and how to sell it to the business stakeholders. This is followed by explaining technical debt on the infrastructure level and how great code can become technical debt by time passing by (technological gap, software aging). After that the conversation moves towards solving the problem tactically and strategically.
In this episode, Sven Johann hosts Sam Newman, the author of the first Microservices book, to talk about security in the world of Microservices. They discuss why and where it is different to security in a monolithic architecture and why developers must care. They start with automatically rolling out passwords, credentials and API keys in a secure way and continue with patching containers and secure base images. They then continue with automatically update (transitive) dependencies if they have vulnerabilities. They close the conversation with discussing authorisation and authentication using gateways, proxies and service meshes.
In this episode, Stefan Tilkov talks to author and microservices expert Richard Rodger about his approach to microservices, which focuses on small services that exchange messages, are built using a “generalize first” approach, and rely on content-based routing to allow for dynamic evolution of the resulting system.
In this episode, Stefan Tilkov hosts well-known distributed systems expert Steve Vinoski to talk about lessons learned in 30+ years of software engineering. In their conversation, they cover topics such as what to learn and what to avoid, how to deal with zealous and disillusioned developers, the relation of engineering to other disciplines, ethics and patents, careers and coding, publishing and presenting and the benefits of doing maintenance.
Steve Vinoski has spent most of his software development career working in the areas of middleware and distributed computing systems, using C++ and Erlang. He is also a long-time author, having written or co-authored over 100 published articles and papers covering middleware, distributed systems, and web development, as well as a couple books and dozens of columns. Steve has also given hundreds of conference and workshop presentations and tutorials on middleware, distributed systems, web development, and programming languages, and has served as chair or program committee member for many dozens of conferences and workshops.
In this conversation about software engineering, Gustaf Nilsson Kotte, web architect at IKEA, talks to host Stefan Tilkov about ways to build large web sites and applications with multiple teams. Topics covered include team organization and Conway’s law, horizontal vs. vertical splits, and options and tools for server-side and client-side integration.
Joy Clark talks with Rich Hickey about Clojure and Datomic and the reasons that Rich decided to design them the way that he did. They discuss the dependency problem and how we should change our method of developing libraries so that we do not introduce breaking changes. Rich also introduces Clojure spec and describes what it can be used for and how it differs from a static type system. To wrap up the episode, they talk about the best way to solve a problem (and know it is the right problem!) and Rich gives some advice on how to develop software and what technologies are worth looking into.
Sven Johann talks with Susan Landau about Security and Privacy. After defining those terms they proceed to find out why this important to individuals and societies. They discuss why its the job of intelligence agencies to collect data, but how we can protect us against them. Then Susan discusses the importance of Two-Factor Authentication, how wiretapping and backdoors work these days and how the FBI tries to unlock locked devices with “1984” terminology. The conversation moves from end-to-end encryption, metadata analysis and VOIP decryption to targeted attacks and political influence of security threats. They finish the conversation with what we can learn from Google and Sun Microsystems on privacy, security and the architectural requirements of anonymized test data.
Joy Clark talks with Peter Chestna about application security. The overarching topic of the podcast was what a developer can do in order to make applications more secure. This included talking about some of the most prevalent security vulnerabilities and discussing what application security is and what it entails. Peter also gave some great tips on how to integrate security into the development process.
In this second episode of a two-part interview, Stefan Tilkov talks to Bitcoin and cryptocurrency expert Andreas M. Antonopoulos about Bitcoin vs. blockchain tech, the programmable Ethereum system, alternatives to the proof of work approach, and using Bitcoin in hybrid scenarios.