149: Software Design with Scott Wlaschin

In this weeks episode we are lucky to have Scott Wlaschin back on the show to discuss design within software. We start off by highlighting leaky abstractions, adopted tool-chains and transpiling languages into JavaScript. From here we move on to talk about what makes ‘good code’, and how evaluating this is heavily reliant on the requirements and context you are in. Finally, we discuss how OO and FP software architectures differ, advantages of being explicit over implicit and information-hiding at API boundaries.


148: Site Reliability Engineering with Niall Murphy

In this week’s episode we are lucky to be joined by Niall Murphy to discuss the discipline of Site Reliability Engineering. We start off by speaking about how he got into computing, how the SRE role came to be and what drew him to it. From here, we highlight the position of an SRE within a company/group, what SLA’s are, the positives of having 50% operations work caps and blameless postmortems. This leads us to talk about the reasoning behind striving for 100% uptime is actually detrimental to the product, and the benefits of having an Error Budget. Finally, we discuss how the role has evolved since its inception, the Wheel of Misfortune and what drew him to contribute to the seminal SRE book.


147: Proof of Everything with Jay Smith

In this week’s episode we are lucky to have Jay Smith back on the show to talk all things cryptocurrency. We start off the podcast by briefly recapping what’s been happening within the space since we last spoke. This leads us to discuss the Lighting Network running on the Bitcoin Mainnet, CryptoKitties, ERC-721 tokens and Ethereum Casper. From here we chat about Proof of Work, the environmental impacts of the protocol and how Proof of Stake differs. Finally, we chat about Web3, experiences using PIVX, Steemit and IPFS.


146: EconoNAS and HTPC System Builds with Brian Moses

In this weeks episode we are joined again by Brian Moses to discuss several of his recent system builds. We start off the show delving into his recent EconoNAS, highlighting the goals behind the build and how he goes about selecting the hardware parts. We then discuss his experience using White-label HDD’s for the first time. From here, we move on to discuss his HTPC - again highlighting the goals and the experience of live-streaming the build. This leads us on to highlight the AMD Ryzen Threadripper/Intel Coffee Lake i9 series of CPU’s, Graphics card pricing and the Steam Link Box. Finally, we look at what’s in store for his upcoming DIY NAS 2018 build, FreeNAS AMD support and the different available SSD connectors.


145: The Power of Composition with Scott Wlaschin

In this weeks episode we are lucky to have Scott Wlaschin back on the show. We start of discussion by highlighting his most recent talk on composition and some useful analogies to Lego, Brio and Unix. From here we move on to investigate function and type composition, the difference between a paradigm shift compared to simply a syntax one and the advantages of an opinionated language. This leads us on to mention how within application design pushing the side-effects to the edge and keeping the core domain pure is beneficial. Finally, we touch upon testing in functional languages, experiences whilst consulting and Rich Hickey’s ‘Effective Programs’ talk.


144: Build, Provision and Deploy in the Cloud with Thijs Feryn

In this weeks episode we are joined by Thijs Feryn to discuss his upcoming PHP UK conference talk. We start of the show highlighting what drew him to a Tech. evangelist role, bridging the gap between code/infrastructure and the ideas behind ‘Infrastructure as Code’. From here we move on to discuss system and infrastructure provisioning automation tools such Ansible and Terraform. This leads on to adding Packer into the mix, moving towards immutable infrastructure, testing these automation tools and how history has a way of repeating itself. Finally, we touch upon the philosophy behind DevOps, focusing on empathy and its core values CAMS.


143: Symmetric and Asymmetric Encryption with Scott Arciszewski

In this weeks episode we are lucky to be joined again by Scott Arciszewski. We start off the show by discussing the difference between Symmetric and Asymmetric Encryption, what Authenticated Encryption is and how secret-keys are exchanged using Diffie-Hellman. From here, we move on to highlight how Elliptic-curve cryptography works, what DNSCrypt is and why prime numbers are so important in cryptography. Finally, we touch upon multi-factor authentication, how one time passwords work, SMS vulnerabilities and how to manage password recovery.


142: Domain Modeling Made Functional with Scott Wlaschin

In this weeks episode we chat to Scott Wlaschin about his new book ‘Domain Modeling Made Functional’. We start off the show discussing how the book came to be, the process of writing a book and melding the worlds of Domain Modeling/Functional Programing. This leads us on to highlight what Domain Driven Design is, the importance of communication and the difference between the solution/problem space to garner a shared model. Finally, we touch upon some of the common patterns that come out of modeling domains such as - how Entities and Value Objects provide identity, maintaing invariants using Aggregates, and communication between modals via Anti-Corruption Layers.


141: Web Application Security, Part 2 with Scott Arciszewski

In this weeks episode we continue our discussion with Scott Arciszewski about all things Security and Cryptography. We start off the show by highlighting what a SQL injection attack is and the differences between (emulated) prepared statements. This leads us on to look into how to securely handle file uploads, what a reverse shell is and how to defend yourself against XSS/CSRF attacks. From here we touch upon the recent inclusion of libsodium into PHP, why mcrypt should be avoided, and the side-channel vulnerabilities that brought way to Meltdown and Spectre. Finally, we mention how computers generate seemingly random numbers, what a Web Application Firewall (WAF) is, and how WARD goes about protecting your systems.


140: Web Application Security, Part 1 with Scott Arciszewski

In this weeks episode we chat with Scott Arciszewski about all things Security and Cryptography. We start off the show by explaining how he got interested in this field of work, correcting PHP security related answers on Stack Overflow and why he focuses on PHP security. From here, we move on to highlight what the OWASP Top Ten is, how you can distill many security principles into data/code seperation and what is involved in a software audit. This leads us on to discuss what HTTPS actually is, touching on TLS, PKI’s, Ciphersuites, and reported attacks against TLS and ECB. Finally, we highlight some important browser security features that can be used, pushing new software releases in a secure manor, thoughts on Cryptocurrencies and how everyone wants to solve their problem with a blockchain at this time.