Three Devs And A Maybe

In this weeks episode we are joined by Thijs Feryn to discuss his upcoming PHP UK conference talk. We start of the show highlighting what drew him to a Tech. evangelist role, bridging the gap between code/infrastructure and the ideas behind ‘Infrastructure as Code’. From here we move on to discuss system and infrastructure provisioning automation tools such Ansible and Terraform. This leads on to adding Packer into the mix, moving towards immutable infrastructure, testing these automation tools and how history has a way of repeating itself. Finally, we touch upon the philosophy behind DevOps, focusing on empathy and its core values CAMS.

In this weeks episode we are lucky to be joined again by Scott Arciszewski. We start off the show by discussing the difference between Symmetric and Asymmetric Encryption, what Authenticated Encryption is and how secret-keys are exchanged using Diffie-Hellman. From here, we move on to highlight how Elliptic-curve cryptography works, what DNSCrypt is and why prime numbers are so important in cryptography. Finally, we touch upon multi-factor authentication, how one time passwords work, SMS vulnerabilities and how to manage password recovery.

In this weeks episode we chat to Scott Wlaschin about his new book ‘Domain Modeling Made Functional’. We start off the show discussing how the book came to be, the process of writing a book and melding the worlds of Domain Modeling/Functional Programing. This leads us on to highlight what Domain Driven Design is, the importance of communication and the difference between the solution/problem space to garner a shared model. Finally, we touch upon some of the common patterns that come out of modeling domains such as - how Entities and Value Objects provide identity, maintaing invariants using Aggregates, and communication between modals via Anti-Corruption Layers.

In this weeks episode we continue our discussion with Scott Arciszewski about all things Security and Cryptography. We start off the show by highlighting what a SQL injection attack is and the differences between (emulated) prepared statements. This leads us on to look into how to securely handle file uploads, what a reverse shell is and how to defend yourself against XSS/CSRF attacks. From here we touch upon the recent inclusion of libsodium into PHP, why mcrypt should be avoided, and the side-channel vulnerabilities that brought way to Meltdown and Spectre. Finally, we mention how computers generate seemingly random numbers, what a Web Application Firewall (WAF) is, and how WARD goes about protecting your systems.

In this weeks episode we chat with Scott Arciszewski about all things Security and Cryptography. We start off the show by explaining how he got interested in this field of work, correcting PHP security related answers on Stack Overflow and why he focuses on PHP security. From here, we move on to highlight what the OWASP Top Ten is, how you can distill many security principles into data/code seperation and what is involved in a software audit. This leads us on to discuss what HTTPS actually is, touching on TLS, PKI’s, Ciphersuites, and reported attacks against TLS and ECB. Finally, we highlight some important browser security features that can be used, pushing new software releases in a secure manor, thoughts on Cryptocurrencies and how everyone wants to solve their problem with a blockchain at this time.

In this episode we catch up with Joe Watkins to discuss all things PHP. We start off discussion with his recent move to Spain, the pain of getting a good Internet connection and PHP TestFest. This leads us on to highlight some recent work he is doing with adding PHP bindings to Bicoin’s Secp256k1 library and a Generic Traits idea. From here we touch upon the additions that made it into PHP 7.2 and some that have already been accepted for 7.3. Finally, we get Joe’s opinion on a couple of RFC’s (Call-site pass-by-reference and Operator functions).

In this weeks episode we chat to Andy Raines about all things Serverless. We start off by discussing what Serverless actually means, advantages of using such a model, design constraints it employs and how it scales. From here we touch upon the history of how we got to the compute/infrastructure we use today: from on-premise servers, IaaS, PaaS and FaaS/BaaS. This leads us on to highlight the 12-factor app methodology, how immutability has vast benefits in many contexts and how FaaS platforms work under-the-hood. Finally, we mention the Serverless PHP project Andy is working on, the motivations behind it and future development he would like to see take place.

In this weeks episode Mick and Edd first touch upon the many new services/features that have been released at AWS re:Invent. We then move on to discuss Serverless architecture, Server architectural patterns, Amazon Cognito and security/encryption that is available within Amazon Web Services. This leads us on to highlight the impact of relying on a single company for all your compute/infrastructure needs and ‘putting all your fish in one basket’. Finally, Mick tells us what Santa might be bringing him for Christmas.

In this episode we are lucky to have cryptocurrency proponent and trader Jay Smith on the show. We start off by talking about how he got introduced to cryptocurrencies and trading, highlighting what trading actually is, and the two different schools of thought (fundamental vs. technical analysis). From here we move on to chat about how innovations such as Bitcoin are changing the way we view money/bank, the underlying technologies that make it possible (Blockchain), and the game-theory/incentives behind it for each participant to continue ‘playing the game’. Conversation then moves on to touch upon alternative cryptocurrencies (alt-coins) and the different use-cases/advancements they are making in the space. Finally, we highlight Bitcoins scaling dilemma, how all routes seem to effect decentralisation in some shape or form, and how he stores his private keys.

In this week’s episode Edd and Mick catch-up after another long hiatus (sorry about that). We start off by discussing principles mentioned in the Clean Coder book, gaining confidence in code by way of tests, and Elon Musk’s dream of putting a person on Mars. Leading on from this, Edd talks about his continued venture into the internals of Bitcoin, Hardware wallets, ASIC mining USB sticks and Merkle Trees. We then highlight MyBuilder’s recent switch from dedicated servers to the AWS stack, highlighting the pros n’ cons of both approaches and some gotcha’s encountered along the way. Finally, we mention some security audit and monitoring tools that have proven useful for keeping an eye on the (ever increasing) servers present in a typical setup.

After a month ‘off the airwaves’, Mick and Edd are back to delve into several topics that have been keeping them interested. We start off by going down the Cryptocurrency rabbit-hole, highlighting the internal technologies that make up Bitcoin and its practical use-cases. Edd’s ramblings touch upon Satoshi, Cypherpunks, Merkle trees, Consensus algorithms, Hard forks, Segregated witness, Mining, Peta-hashes and much more… Once Edd (finally) lets Mick talk, we move on to chat about a book Mick is reading on Scrum, and question some different Agile practises. Finally, we ask the burning question ‘What is the Internet, Anyway?’.

In this weeks episode we catch up with Joe Watkins discussing all things PHP. We start off the discussion with how his role as release-manager is going for PHP 7.1, highlighting how Security bugs are defined and handled within internals. Following this we chat about several RFC’s that are under-discussion (Retry Keyword, UUID) and accepted (Libsodium, Object Typehint) for the next release. Finally, we mention a recent small extension Joe has been working on to provide user verified types within the language.

In this weeks episode we discuss the Varnish ‘HTTP accelerator’ with Mattias Geniar. We start off the show with the problem Varnish is trying to solve, how it decides to cache content and the power within its’ request/response life-cycle. We then move on to highlight testing strategies, tools to gain insight into your Varnish instance and cache invalidation options (Purging vs. Banning). Finally, we touch upon Edge Side Includes, Mattias’s own podcast and his new DNS Spy product.

In this weeks episode we start off by discussing Edd’s recent Server build, touching upon the hardware specifications, OS/ZFS-pool choices and monitoring configuration. We then move on to highlight the value in splitting up computational intensive tasks into queued jobs, defensive programming in JavaScript and handling querying ever increasing data-sets. Finally, we talk about keeping on-top of Software/Dependency upgrades, moving over to platforms such as AWS and Ethereum.

On this weeks show we are joined by Colin Hardy to discuss all things Cyber Security. We start off by explaining what got him interested in this branch of computing, highlight what Cyber Security is, and define some of the common terminology. From here, we move on to discuss how he analyses Malware samples (using Automated, Behavioural and Static means) and the diagnostic tooling present. Finally, we mention some high-profile attacks (Stuxnet, WannaCry), motives behind creating such Malware and how he stays current in this field.

In this weeks episode we are lucky to have Liam McLennan on the show. We start off discussion with his Math background, how he got into programming and how it can be seen as Applied Mathematics. From here we move on to highlight his experiences whilst consulting, what it entailed, and the importance of ‘tact’. This leads us on to look into what drew him to Functional programming, F# and creating Pluralsight courses. Finally, we delve into the different areas of the Nokia Ringtone Composer Emulator from his F# Fundamentals course.

In this weeks episode we are joined by fellow co-host Fraser Hart. We start off by discussing what he has been upto since his last podcast appearance - ranging from completing an Ironman, to promotions at work. From here we highlight how he balances development with his new project managerial role, how his company has started to adopt React/Redux and moving over to Webpack 2. Finally, we delve into the different server stacks we are using, and how the KISS design-principle plays a key-role.

In this weeks episode we are again lucky to be joined by Brian Moses, to continue our discussion on building your own home server. We start off by highlighting what ECC memory is and its’ value in a home server setup. Following this, we chat about looking into the second-hand market for hardware components - as an option to find a good deal. This leads us on to discuss overclocking hardware, threads vs. cores within a CPU and what Hyper-threading actually is. Finally, we mention some different NAS Operating System solutions and Brain’s foray into the world of Quadcopters.

In this weeks episode we start off the podcast with discussion around Timezones, Daylight saving time and how the Year 2038 will be an interesting one. We then move on to highlight the results of our recent PHPStorm Twitter poll, End-to-end encryption and Hot Picks is back! (at least for one show). Finally, we highlight the differences between Software/Hardware video-decoding and some interesting PHP function aliases.

In this weeks episode we are joined by Brian Moses to discuss all things server development. We start off the show by highlighting how he got into computers and what drew him to blogging about DIY NAS builds. From here we touch upon the key areas of consideration when deciding on hardware (Motherboard, CPU, RAM, Storage) for a server. Finally, we discuss the concept of RAID, the FreeNAS operating system and how he performs burn-in testing on recently built systems. Note: apologies for some of the audio quality during the show.